Framework/Helpers/Helpers.ps1
|
using namespace Newtonsoft.Json using namespace Microsoft.Azure.Commands.Common.Authentication.Abstractions using namespace Microsoft.Azure.Commands.Common.Authentication using namespace Microsoft.Azure.Management.Storage.Models Set-StrictMode -Version Latest class Helpers { static [PSObject] $SHA256Alg = [System.Security.Cryptography.HashAlgorithm]::Create('sha256'); hidden static [PSObject] LoadOfflineConfigFile([string] $fileName, [bool] $parseJson) { $rootConfigPath = [Constants]::AzSKAppFolderPath ; return [Helpers]::LoadOfflineConfigFile($fileName, $true,$rootConfigPath); } hidden static [PSObject] LoadOfflineConfigFile([string] $fileName, [bool] $parseJson, $path) { #Load file from AzSK App folder $rootConfigPath = $path ; $extension = [System.IO.Path]::GetExtension($fileName); $filePath = $null if(Test-Path -Path $rootConfigPath) { $filePath = (Get-ChildItem $rootConfigPath -Name -Recurse -Include $fileName) | Select-Object -First 1 } #If file not present in App folder load settings from Configurations in Module folder if (!$filePath) { $rootConfigPath = Join-Path (Get-Item $PSScriptRoot).Parent.FullName "Configurations"; $filePath = (Get-ChildItem $rootConfigPath -Name -Recurse -Include $fileName) | Select-Object -First 1 } if ($filePath) { if($parseJson) { if($extension -eq ".json" -or $extension -eq ".lawsview") { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) | ConvertFrom-Json } else { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) } } else { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) } } else { throw "Unable to find the specified file '$fileName'" } if (-not $fileContent) { throw "The specified file '$fileName' is empty" } return $fileContent; } static AbstractClass($obj, $classType) { $type = $obj.GetType() if ($type -eq $classType) { throw("Class '$type' must be inherited") } } static [string] SanitizeFolderName($folderPath) { return ($folderPath -replace '[<>:"/\\\[\]|?*]', ''); } static [string] ConvertObjectToString([PSObject] $dataObject, [bool] $defaultPsOutput) { [string] $msg = ""; if ($dataObject) { if ($dataObject.GetType().FullName -eq "System.Management.Automation.ErrorRecord") { if($dataObject.Exception -is [SuppressedException]) { $msg = $dataObject.Exception.ConvertToString(); } else { if ($defaultPsOutput) { $msg = $dataObject.ToString(); } else { $msg = ($dataObject | Out-String) + "`r`nStackTrace: " + $dataObject. ScriptStackTrace } } } else { if ($defaultPsOutput -or $dataObject.GetType() -eq [string]) { $msg = $dataObject | Out-String; } else { try { #$msg = $dataObject | ConvertTo-Json -Depth 5 | Out-String; #$msg = [JsonHelper]::ConvertToJsonCustom($dataObject); $msg = [JsonHelper]::ConvertToPson($dataObject); } catch { $e = $_ $msg = $dataObject | Format-List | Out-String; } $msg = $msg.Trim(); #$msg = $msg.TrimStart("`r`n"); } } } return $msg.Trim("`r`n"); } static [bool] CompareObject($referenceObject, $differenceObject) { return [Helpers]::CompareObject($referenceObject, $differenceObject, $false) } static [bool] CompareObject($referenceObject, $differenceObject, [bool] $strictComparison) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { if ($referenceObject -is "Array") { if ($differenceObject -is "Array") { if ((-not $strictComparison) -or ($referenceObject.Count -eq $differenceObject.Count)) { foreach ($refObject in $referenceObject) { $arrayResult = $false; foreach ($diffObject in $differenceObject) { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison); if ($arrayResult) { break; } } $result = $result -and $arrayResult if (-not $arrayResult) { break; } } } else { $result = $false; } } else { $result = $false; } } # Condition for all primitive types elseif ($referenceObject -is "string" -or $referenceObject -is "ValueType") { # For primitive types, use default comparer $result = $result -and (((Compare-Object $referenceObject $differenceObject) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } else { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison) } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } hidden static [bool] CompareObjectProperties($referenceObject, $differenceObject, [bool] $strictComparison) { $result = $true; $refProps = @(); $diffProps = @(); $refProps += [Helpers]::GetProperties($referenceObject); $diffProps += [Helpers]::GetProperties($differenceObject); if ((-not $strictComparison) -or ($refProps.Count -eq $diffProps.Count)) { foreach ($propName in $refProps) { $refProp = $referenceObject.$propName; if (-not [string]::IsNullOrWhiteSpace(($diffProps | Where-Object { $_ -eq $propName } | Select-Object -First 1))) { $compareProp = $differenceObject.$propName; if ($null -ne $refProp) { if ($null -ne $compareProp) { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison); } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } if (-not $result) { break; } } } else { $result = $false; } return $result; } static [bool] CompareObject($referenceObject, $differenceObject, [bool] $strictComparison,$AttestComparisionType) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { if ($referenceObject -is "Array") { if ($differenceObject -is "Array") { if ((-not $strictComparison) -or ($referenceObject.Count -eq $differenceObject.Count)) { foreach ($refObject in $referenceObject) { $arrayResult = $false; foreach ($diffObject in $differenceObject) { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison,$AttestComparisionType); } else { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison); } if ($arrayResult) { break; } } $result = $result -and $arrayResult if (-not $arrayResult) { break; } } } else { $result = $false; } } else { $result = $false; } } # Condition for all primitive types elseif ($referenceObject -is "string" -or $referenceObject -is "ValueType") { # For primitive types, use default comparer if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and ($referenceObject -ge $differenceObject) } else { $result = $result -and (((Compare-Object $referenceObject $differenceObject) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } } else { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison,$AttestComparisionType) } else { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison) } } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } hidden static [bool] CompareObjectProperties($referenceObject, $differenceObject, [bool] $strictComparison,$AttestComparisionType) { $result = $true; $refProps = @(); $diffProps = @(); $refProps += [Helpers]::GetProperties($referenceObject); $diffProps += [Helpers]::GetProperties($differenceObject); if ((-not $strictComparison) -or ($refProps.Count -eq $diffProps.Count)) { foreach ($propName in $refProps) { $refProp = $referenceObject.$propName; if (-not [string]::IsNullOrWhiteSpace(($diffProps | Where-Object { $_ -eq $propName } | Select-Object -First 1))) { $compareProp = $differenceObject.$propName; if ($null -ne $refProp) { if ($null -ne $compareProp) { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison,$AttestComparisionType); } else { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison); } } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } if (-not $result) { break; } } } else { $result = $false; } return $result; } static [string[]] GetProperties($object) { $props = @(); if($object) { if ($object -is "Hashtable") { $object.Keys | ForEach-Object { $props += $_; }; } else { ($object | Get-Member -MemberType Properties) | ForEach-Object { $props += $_.Name; }; } } return $props; } static [bool] CompareObjectOld($referenceObject, $differenceObject) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { ($referenceObject | Get-Member -MemberType Properties) | ForEach-Object { $refProp = $referenceObject."$($_.Name)"; if ($differenceObject | Get-Member -Name $_.Name) { $compareProp = $differenceObject."$($_.Name)"; if ($null -ne $refProp) { if ($null -ne $compareProp) { if ($refProp.GetType().Name -eq "PSCustomObject") { $result = $result -and [Helpers]::CompareObjectOld($refProp, $compareProp); } else { $result = $result -and (((Compare-Object $refProp $compareProp) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } static [bool] CheckMember([PSObject] $refObject, [string] $memberPath) { return [Helpers]::CheckMember($refObject, $memberPath, $true); } static [bool] CheckMember([PSObject] $refObject, [string] $memberPath, [bool] $checkNull) { [bool]$result = $false; if ($refObject) { $properties = @(); $properties += $memberPath.Split("."); if ($properties.Count -gt 0) { $currentItem = $properties.Get(0); if (-not [string]::IsNullOrWhiteSpace($currentItem)) { if ($refObject | Get-Member -Name $currentItem) { if ($properties.Count -gt 1) { if($refObject.$currentItem) { $result = $true; $result = $result -and [Helpers]::CheckMember($refObject.$currentItem, [string]::Join(".", $properties[1..($properties.length - 1)])); } } else { if($checkNull) { if($refObject.$currentItem) { $result = $true; } } else { $result = $true; } } } } } } return $result; } static [PSObject] SelectMembers([PSObject] $refObject, [string[]] $memberPaths) { $result = $null; if ($null -ne $refObject) { if ($refObject -is "Array") { $result = @(); $refObject | ForEach-Object { $memberValue = [Helpers]::SelectMembers($_, $memberPaths); if ($null -ne $memberValue) { $result += $memberValue; } }; } else { $processedMemberPaths = @(); $objectProps = [Helpers]::GetProperties($refObject); if ($objectProps.Count -ne 0 -and $null -ne $memberPaths -and $memberPaths.Count -ne 0) { $memberPaths | Where-Object { -not [string]::IsNullOrWhiteSpace($_) } | ForEach-Object { $splitPaths = @(); $splitPaths += $_.Split("."); $firstMemberPath = $splitPaths.Get(0); if (-not [string]::IsNullOrWhiteSpace($firstMemberPath) -and $objectProps.Contains($firstMemberPath)) { $pathObject = $processedMemberPaths | Where-Object { $_.MemberPath -eq $firstMemberPath } | Select-Object -First 1; if (-not $pathObject) { $pathObject = @{ MemberPath = $firstMemberPath; ChildPaths = @(); }; $processedMemberPaths += $pathObject; } # Count > 1 indicates that it has child path if ($splitPaths.Count -gt 1) { $pathObject.ChildPaths += [string]::Join(".", $splitPaths[1..($splitPaths.length - 1)]); } } }; } if ($processedMemberPaths.Count -ne 0) { $processedMemberPaths | ForEach-Object { $memberValue = $null; if ($_.ChildPaths.Count -eq 0) { $memberValue = $refObject."$($_.MemberPath)"; } else { $memberValue = [Helpers]::SelectMembers($refObject."$($_.MemberPath)", $_.ChildPaths); } if ($null -ne $memberValue) { if ($null -eq $result) { $result = New-Object PSObject; } $result | Add-Member -MemberType NoteProperty -Name ($_.MemberPath) -Value $memberValue; } }; } else { $result = $refObject; } } } return $result; } static [string] FetchTagsString([PSObject]$TagsHashTable) { [string] $tagsString = ""; try { if(($TagsHashTable | Measure-Object).Count -gt 0) { $TagsHashTable.Keys | ForEach-Object { $key = $_; $value = $TagsHashTable[$key]; $tagsString = $tagsString + "$($key):$($value);"; } } } catch { #eat exception as if not able to fetch tags, it would return empty instead of breaking the flow } return $tagsString; } static [string] ComputeHash([String] $data) { #Call the other function but request the full 32-byte == 64 hex chars (SHA56 hash) as string return [Helpers]::ComputeHashShort($data, 64) } static [string] ComputeHashShort([String] $data, [int] $len) { $retHashSB = [System.Text.StringBuilder]::new(); $hashBytes = [Helpers]::SHA256Alg.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($data)); $usedBytes = $len/2 #If N hex chars are needed, first N/2 bytes of the hash are used. #Grab only as many bytes from hash to use for returned hashString. #We use "x2" instead of just "x" to ensure that '4' becomes '04' in the returned string (applicable to anything <16) #Overall, this ensures that the string conversion of a full SHA256 hash is *always* 64 chars long. for ($i=0;$i -lt $usedBytes; $i++) { [void]$retHashSB.Append($hashBytes[$i].ToString("x2")) } return $retHashSB.ToString() } static [VerificationResult] EvaluateVerificationResult([VerificationResult] $verificationResult, [AttestationStatus] $attestationStatus) { [VerificationResult] $result = $verificationResult; # No action required if Attestation status is None OR verification result is Passed if ($attestationStatus -ne [AttestationStatus]::None -or $verificationResult -ne [VerificationResult]::Passed) { # Changing State Machine logic #if($verificationResult -eq [VerificationResult]::Verify -or $verificationResult -eq [VerificationResult]::Manual) #{ switch ($attestationStatus) { ([AttestationStatus]::NotAnIssue) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::WillNotFix) { $result = [VerificationResult]::Exception; break; } ([AttestationStatus]::WillFixLater) { $result = [VerificationResult]::Remediate; break; } ([AttestationStatus]::NotApplicable) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::StateConfirmed) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::ApprovedException) { $result = [VerificationResult]::Passed; break; } } #} #elseif($verificationResult -eq [VerificationResult]::Failed -or $verificationResult -eq [VerificationResult]::Error) #{ # $result = [VerificationResult]::RiskAck; #} } return $result; } static [PSObject] NewSecurePassword() { #create password $randomBytes = New-Object Byte[] 32 $provider = [System.Security.Cryptography.RNGCryptoServiceProvider]::Create() $provider.GetBytes($randomBytes) $provider.Dispose() $pwstring = [System.Convert]::ToBase64String($randomBytes) $newPassword = new-object securestring $pwstring.ToCharArray() | ForEach-Object { $newPassword.AppendChar($_) } $encryptedPassword = ConvertFrom-SecureString -SecureString $newPassword -Key (1..16) $securePassword = ConvertTo-SecureString -String $encryptedPassword -Key (1..16) return $securePassword } static [PSObject] DeepCopy([PSObject] $inputObject) { $memoryStream = New-Object System.IO.MemoryStream $binaryFormatter = New-Object System.Runtime.Serialization.Formatters.Binary.BinaryFormatter $binaryFormatter.Serialize($memoryStream, $inputObject) $memoryStream.Position = 0 $dataDeep = $binaryFormatter.Deserialize($memoryStream) $memoryStream.Close() return $dataDeep } static [bool] ValidateEmail([string]$address){ $validAddress = ($address -as [System.Net.Mail.MailAddress]) return ($null -ne $validAddress -and $validAddress.Address -eq $address ) } #Returns invalid email list static [string[]] ValidateEmailList([string[]]$emailList ) { $invalidEmails = @(); $emailList | ForEach-Object { if(-not [Helpers]::ValidateEmail($_)) { $invalidEmails += $_ } } return $invalidEmails } static [Object] MergeObjects([Object] $source,[Object] $extend, [string] $idName) { $idPropName = "Id"; if(-not [string]::IsNullOrWhiteSpace($idName)) { $idPropName = $idName; } if($source.GetType().Name -eq "PSCustomObject" -and $extend.GetType().Name -eq "PSCustomObject"){ foreach($Property in $extend | Get-Member -type NoteProperty, Property){ if(-not [Helpers]::CheckMember($source,$Property.Name,$false)){ $source | Add-Member -MemberType NoteProperty -Value $extend.$($Property.Name) -Name $Property.Name ` } $source.$($Property.Name) = [Helpers]::MergeObjects($source.$($Property.Name), $extend.$($Property.Name), $idName) } } elseif($source.GetType().Name -eq "Object[]" -and $extend.GetType().Name -eq "Object[]"){ if([Helpers]::IsPSObjectArray($source) -or [Helpers]::IsPSObjectArray($extend)) { foreach($extendArrElement in $extend) { $PropertyId = $extendArrElement | Get-Member -type NoteProperty, Property | Where-Object { $_.Name -eq $idPropName} | Select-Object -First 1 if(($PropertyId | Measure-Object).Count -gt 0) { $PropertyId = $PropertyId | Select-Object -First 1 } else { $PropertyId = $extendArrElement | Get-Member -type NoteProperty, Property | Select-Object -First 1 } $sourceElement = $source | Where-Object { $_.$($PropertyId.Name) -eq $extendArrElement.$($PropertyId.Name) } if($sourceElement) { $sourceElement = [Helpers]::MergeObjects($sourceElement, $extendArrElement, $idName) } else { $source +=$extendArrElement } } } else { $source = ($source + $extend) if ($source.Count -gt 0) { $source = @($source | Select-Object -Unique) } } } else{ $source = $extend; } return $source } static [Object] MergeObjects([Object] $source,[Object] $extend) { return [Helpers]::MergeObjects($source,$extend,""); } static [Bool] IsPSObjectArray($arrayObj) { if(($arrayObj | Measure-Object).Count -gt 0) { $firstElement = $arrayObj | Select-Object -First 1 if($firstElement.GetType().Name -eq "PSCustomObject") { return $true } else { return $false } } else { return $false } } #BOM replace function static [void] RemoveUtf8BOM([System.IO.FileInfo] $file) { [Helpers]::SetUtf8Encoding($file); if($file) { $byteBuffer = New-Object System.Byte[] 3 $reader = $file.OpenRead() $bytesRead = $reader.Read($byteBuffer, 0, 3); if ($bytesRead -eq 3 -and $byteBuffer[0] -eq 239 -and $byteBuffer[1] -eq 187 -and $byteBuffer[2] -eq 191) { $tempFile = [System.IO.Path]::GetTempFileName() $writer = [System.IO.File]::OpenWrite($tempFile) $reader.CopyTo($writer) $writer.Dispose() $reader.Dispose() Move-Item -Path $tempFile -Destination $file.FullName -Force } else { $reader.Dispose() } } } static [void] SetUtf8Encoding([System.IO.FileInfo] $file) { if($file) { $fileContent = Get-Content -Path $file.FullName; if($fileContent) { Out-File -InputObject $fileContent -Force -FilePath $file.FullName -Encoding utf8 } } } static [void] CleanupLocalFolder($folderPath) { try { if(Test-Path $folderPath) { Remove-Item -Path $folderPath -Recurse -Force -ErrorAction Stop | Out-Null } } catch{ #this call happens from finally block. Try to clean the files, if it don't happen it would get cleaned in the next attempt } } static [void] CreateFolderIfNotExist($FolderPath,$MakeFolderEmpty) { if(-not (Test-Path $FolderPath)) { New-Item -ItemType Directory -Path $FolderPath -ErrorAction Stop | Out-Null } elseif($MakeFolderEmpty) { Remove-Item -Path (Join-Path $FolderPath "*") -Force -Recurse } } Static [string] GetSubString($CotentString, $Pattern) { return [regex]::match($CotentString, $pattern).Groups[1].Value } #TODO: Currently this function is specific to Org PolicyHealth Check. Need to make generic Static [string] IsStringEmpty($String) { if([string]::IsNullOrEmpty($String)) { return "Not Available" } else { $String= $String.Split("?")[0] return $String } } Static [bool] IsSASTokenUpdateRequired($policyUrl) { [System.Uri] $validatedUri = $null; $IsSASTokenUpdateRequired = $false if([System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri) -and $validatedUri.Query.Contains("&se=")) { $pattern = '&se=(.*?)T' [DateTime] $expiryDate = Get-Date if([DateTime]::TryParse([Helpers]::GetSubString($($validatedUri.Query),$pattern),[ref] $expiryDate)) { if($expiryDate.AddDays(-[Constants]::SASTokenExpiryReminderInDays) -lt [DateTime]::UtcNow) { $IsSASTokenUpdateRequired = $true } } } return $IsSASTokenUpdateRequired } Static [string] GetUriWithUpdatedSASToken($policyUrl, $updateUrl) { [System.Uri] $validatedUri = $null; $UpdatedUrl = $policyUrl if([System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri) -and $validatedUri.Query.Contains("&se=") -and [System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri)) { $UpdatedUrl = $policyUrl.Split("?")[0] + "?" + $updateUrl.Split("?")[1] } return $UpdatedUrl } static [string] ReadInput($Prompt) { return (Read-Host -Prompt $Prompt).Trim() } static [string] CreateSharedKey([string] $StringToSign,[string] $ResourceName,[string] $AccessKey) { $KeyBytes = [System.Convert]::FromBase64String($AccessKey) $HMAC = New-Object System.Security.Cryptography.HMACSHA256 $HMAC.Key = $KeyBytes $UnsignedBytes = [System.Text.Encoding]::UTF8.GetBytes($StringToSign) $KeyHash = $HMAC.ComputeHash($UnsignedBytes) $SignedString = [System.Convert]::ToBase64String($KeyHash) $sharedKey = $ResourceName+":"+$SignedString return $sharedKey } # Convert secure string to plain text static [string] ConvertToPlainText([System.Security.SecureString] $secureString) { $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secureString) $plainText = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) return $plainText } # Get object of a particular permission (which are allowed) for a group. static [object] ResolvePermissions($permissionsInBit, $actions, $permissionName) { $obj = @(); #$editPerms = @(); #check allowed permissions if($permissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($permissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += $bit | Where-Object {$_.displayName -eq $permissionName} } } } return $obj } # Resolve allowed permissions of a particular group. static [object] ResolveAllPermissions($AllowedPermissionsInBit, $InheritedAllowedPermissionsInBit, $actions) { $obj = @(); #$editPerms = @(); #check allowed permissions if($AllowedPermissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($AllowedPermissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += New-Object -TypeName psobject -Property @{Name= $bit.displayName ; Permission="Allow"} } } } if($InheritedAllowedPermissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($InheritedAllowedPermissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += New-Object -TypeName psobject -Property @{Name= $bit.displayName ; Permission="Allow (inherited)"} } } } $obj = $obj | Sort-Object -Property Name return $obj } static [System.Security.SecureString] GetVariableFromKVUrl($url){ $variable = $null; $context = @(Get-AzContext -ErrorAction SilentlyContinue ) if ($context.count -eq 0) { Write-Host "No active Azure login session found.`r`nPlease login to Azure tenant hosting the key vault..." -ForegroundColor Yellow Connect-AzAccount -ErrorAction Stop $context = @(Get-AzContext -ErrorAction SilentlyContinue) } if ($null -eq $context) { Write-Host "Login failed. Azure login context is required to use a key vault-based PAT token.`r`nStopping scan command." -ForegroundColor Red } #Parse the key-vault-URL to determine vaultname, secretname, version if ($url -match "^https://(?<kv>[\w]+)(?:[\.\w+]*)/secrets/(?<sn>[\w]+)/?(?<sv>[\w]*)") { $kvName = $Matches["kv"] $secretName = $Matches["sn"] $secretVersion = $Matches["sv"] if (-not [String]::IsNullOrEmpty($secretVersion)) { $kvSecret = Get-AzKeyVaultSecret -VaultName $kvName -SecretName $secretName -Version $secretVersion } else { $kvSecret = Get-AzKeyVaultSecret -VaultName $kvName -SecretName $secretName } if ($null -ne $kvSecret) { $variable = $kvSecret.SecretValue; } } return $variable } } # SIG # Begin signature block # MIInlgYJKoZIhvcNAQcCoIInhzCCJ4MCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCD4fKUHQqs9fIYx # NBG9iK+4mpfdRSxGABpCEMUMMWlQ9qCCDXYwggX0MIID3KADAgECAhMzAAADTrU8 # esGEb+srAAAAAANOMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjMwMzE2MTg0MzI5WhcNMjQwMzE0MTg0MzI5WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDdCKiNI6IBFWuvJUmf6WdOJqZmIwYs5G7AJD5UbcL6tsC+EBPDbr36pFGo1bsU # p53nRyFYnncoMg8FK0d8jLlw0lgexDDr7gicf2zOBFWqfv/nSLwzJFNP5W03DF/1 # 1oZ12rSFqGlm+O46cRjTDFBpMRCZZGddZlRBjivby0eI1VgTD1TvAdfBYQe82fhm # WQkYR/lWmAK+vW/1+bO7jHaxXTNCxLIBW07F8PBjUcwFxxyfbe2mHB4h1L4U0Ofa # +HX/aREQ7SqYZz59sXM2ySOfvYyIjnqSO80NGBaz5DvzIG88J0+BNhOu2jl6Dfcq # jYQs1H/PMSQIK6E7lXDXSpXzAgMBAAGjggFzMIIBbzAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUnMc7Zn/ukKBsBiWkwdNfsN5pdwAw # RQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEW # MBQGA1UEBRMNMjMwMDEyKzUwMDUxNjAfBgNVHSMEGDAWgBRIbmTlUAXTgqoXNzci # tW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3JsMGEG # CCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3J0 # MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAD21v9pHoLdBSNlFAjmk # mx4XxOZAPsVxxXbDyQv1+kGDe9XpgBnT1lXnx7JDpFMKBwAyIwdInmvhK9pGBa31 # TyeL3p7R2s0L8SABPPRJHAEk4NHpBXxHjm4TKjezAbSqqbgsy10Y7KApy+9UrKa2 # kGmsuASsk95PVm5vem7OmTs42vm0BJUU+JPQLg8Y/sdj3TtSfLYYZAaJwTAIgi7d # hzn5hatLo7Dhz+4T+MrFd+6LUa2U3zr97QwzDthx+RP9/RZnur4inzSQsG5DCVIM # pA1l2NWEA3KAca0tI2l6hQNYsaKL1kefdfHCrPxEry8onJjyGGv9YKoLv6AOO7Oh # JEmbQlz/xksYG2N/JSOJ+QqYpGTEuYFYVWain7He6jgb41JbpOGKDdE/b+V2q/gX # UgFe2gdwTpCDsvh8SMRoq1/BNXcr7iTAU38Vgr83iVtPYmFhZOVM0ULp/kKTVoir # IpP2KCxT4OekOctt8grYnhJ16QMjmMv5o53hjNFXOxigkQWYzUO+6w50g0FAeFa8 # 5ugCCB6lXEk21FFB1FdIHpjSQf+LP/W2OV/HfhC3uTPgKbRtXo83TZYEudooyZ/A # Vu08sibZ3MkGOJORLERNwKm2G7oqdOv4Qj8Z0JrGgMzj46NFKAxkLSpE5oHQYP1H # tPx1lPfD7iNSbJsP6LiUHXH1MIIHejCCBWKgAwIBAgIKYQ6Q0gAAAAAAAzANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5WjB+MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQg # Q29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC # CgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4BjgaBEm6f8MMHt03 # a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe0t+bU7IKLMOv2akr # rnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato88tt8zpcoRb0Rrrg # OGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v++MrWhAfTVYoonpy # 4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDstrjNYxbc+/jLTswM9 # sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN91/w0FK/jJSHvMAh # dCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4jiJV3TIUs+UsS1Vz8k # A/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmhD+kjSbwYuER8ReTB # w3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbiwZeBe+3W7UvnSSmn # Eyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8HhhUSJxAlMxdSlQy90 # lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaIjAsCAwEAAaOCAe0w # ggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTlUAXTgqoXNzcitW2o # ynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBa # BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsG # AQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MIGfBgNV # HSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcCARYzaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnljcHMuaHRtMEAGCCsG # AQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5AF8AcwB0AGEAdABl # AG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oalmOBUeRou09h0ZyKb # C5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0epo/Np22O/IjWll11l # hJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1HXeUOeLpZMlEPXh6 # I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtYSWMfCWluWpiW5IP0 # wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInWH8MyGOLwxS3OW560 # STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZiWhub6e3dMNABQam # ASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMdYzaXht/a8/jyFqGa # J+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7fQccOKO7eZS/sl/ah # XJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKfenoi+kiVH6v7RyOA # 9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOppO6/8MO0ETI7f33Vt # Y5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZOSEXAQsmbdlsKgEhr # /Xmfwb1tbWrJUnMTDXpQzTGCGXYwghlyAgEBMIGVMH4xCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNp # Z25pbmcgUENBIDIwMTECEzMAAANOtTx6wYRv6ysAAAAAA04wDQYJYIZIAWUDBAIB # BQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEO # MAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIAj8EzQ5YTa0pIc8hdl2YiS0 # ZHYgH7ttUGMKajLeuYRqMEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8A # cwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEB # BQAEggEA2qS0s3XU24BtfjyGlyCs8TRjekOSXnvCUblgnaH1P1erTR37KQ00lF7K # w0qZBo4NTwKt7o8XrYRtIX+Gq5oVSbf3AkaxoP9ai8rlNPNMXl4nbwrMYgx5bFFd # +wgtTzwQXNPgY3JjyGH+bjWltp5GggLgqib+kJSkcu1FILLmFikTF6Qt46t5OLLi # ZdQQ8xQZafHRiF1tUs/1cPIyYZGDj0wtVuBRrA+OLBsjWfZwjfJQIQ1CLsAWvH2I # 3ABvyOo340HIUyYmNY9VoGA1i7gIBT3l06AWTsRgN3Eu7cOsiv0xo9oPfXfVb+X0 # B1L81zUS2Ktbs+U+ePswvI+aKK6PzqGCFwAwghb8BgorBgEEAYI3AwMBMYIW7DCC # FugGCSqGSIb3DQEHAqCCFtkwghbVAgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFRBgsq # hkiG9w0BCRABBKCCAUAEggE8MIIBOAIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFl # AwQCAQUABCDeWdfItRtxm2Vl8lHhxuwwKDpt2SjRro78ewi4PPtJsQIGZIr4riZ1 # GBMyMDIzMDYyMTExNDEyOS45NDlaMASAAgH0oIHQpIHNMIHKMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1l # cmljYSBPcGVyYXRpb25zMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjpERDhDLUUz # MzctMkZBRTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaCC # EVcwggcMMIIE9KADAgECAhMzAAABxQPNzSGh9O85AAEAAAHFMA0GCSqGSIb3DQEB # CwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH # EwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNV # BAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMB4XDTIyMTEwNDE5MDEz # MloXDTI0MDIwMjE5MDEzMlowgcoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNhIE9wZXJhdGlvbnMx # JjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNOOkREOEMtRTMzNy0yRkFFMSUwIwYDVQQD # ExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNlMIICIjANBgkqhkiG9w0BAQEF # AAOCAg8AMIICCgKCAgEAq0hds70eX23J7pappaKXRhz+TT7JJ3OvVf3+N8fNpxRs # 5jY4hEv3BV/w5EWXbZdO4m3xj01lTI/xDkq+ytjuiPe8xGXsZxDntv7L1EzMd5jI # SqJ+eYu8kgV056mqs8dBo55xZPPPcxf5u19zn04aMQF5PXV/C4ZLSjFa9IFNcrib # dOm3lGW1rQRFa2jUsup6gv634q5UwH09WGGu0z89RbtbyM55vmBgWV8ed6bZCZrc # oYIjML8FRTvGlznqm6HtwZdXMwKHT3a/kLUSPiGAsrIgEzz7NpBpeOsgs9TrwyWT # ZBNbBwyIACmQ34j+uR4et2hZk+NH49KhEJyYD2+dOIaDGB2EUNFSYcy1MkgtZt1e # RqBB0m+YPYz7HjocPykKYNQZ7Tv+zglOffCiax1jOb0u6IYC5X1Jr8AwTcsaDyu3 # qAhx8cFQN9DDgiVZw+URFZ8oyoDk6sIV1nx5zZLy+hNtakePX9S7Y8n1qWfAjoXP # E6K0/dbTw87EOJL/BlJGcKoFTytr0zPg/MNJSb6f2a/wDkXoGCGWJiQrGTxjOP+R # 96/nIIG05eE1Lpky2FOdYMPB4DhW7tBdZautepTTuShmgn+GKER8AoA1gSSk1EC5 # ZX4cppVngJpblMBu8r/tChfHVdXviY6hDShHwQCmZqZebgSYHnHl4urE+4K6ZC8C # AwEAAaOCATYwggEyMB0GA1UdDgQWBBRU6rs4v1mxNYG/rtpLwrVwek0FazAfBgNV # HSMEGDAWgBSfpxVdAF5iXYP05dJlpxtTNRnpcjBfBgNVHR8EWDBWMFSgUqBQhk5o # dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBU # aW1lLVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcmwwbAYIKwYBBQUHAQEEYDBeMFwG # CCsGAQUFBzAChlBodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRz # L01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNydDAMBgNV # HRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMIMA0GCSqGSIb3DQEBCwUAA4IC # AQCMqN58frMHOScciK+Cdnr6dK8fTsgQDeZ9bvQjCuxNIJZJ92+xpeKRCf3Xq47q # dRykkKUnZC6dHhLwt1fhwyiy/LfdVQ9yf1hYZ/RpTS+z0hnaoK+P/IDAiUNm32NX # LhDBu0P4Sb/uCV4jOuNUcmJhppBQgQVhFx/57JYk1LCdjIee//GrcfbkQtiYob9O # a93DSjbsD1jqaicEnkclUN/mEm9ZsnCnA1+/OQDp/8Q4cPfH94LM4J6X0NtNBeVy # wvWH0wuMaOJzHgDLCeJUkFE9HE8sBDVedmj6zPJAI+7ozLjYqw7i4RFbiStfWZSG # jwt+lLJQZRWUCcT3aHYvTo1YWDZskohWg77w9fF2QbiO9DfnqoZ7QozHi7RiPpbj # gkJMAhrhpeTf/at2e9+HYkKObUmgPArH1Wjivwm1d7PYWsarL7u5qZuk36Gb1mET # S1oA2XX3+C3rgtzRohP89qZVf79lVvjmg34NtICK/pMk99SButghtipFSMQdbXUn # S2oeLt9cKuv1MJu+gJ83qXTNkQ2QqhxtNRvbE9QqmqJQw5VW/4SZze1pPXxyOTO5 # yDq+iRIUubqeQzmUcCkiyNuCLHWh8OLCI5mIOC1iLtVDf2lw9eWropwu5SDJtT/Z # wqIU1qb2U+NjkNcj1hbODBRELaTTWd91RJiUI9ncJkGg/jCCB3EwggVZoAMCAQIC # EzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZIhvcNAQELBQAwgYgxCzAJBgNVBAYT # AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD # VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBS # b290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTIxMDkzMDE4MjIyNVoX # DTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0 # b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh # dGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwggIi # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDk4aZM57RyIQt5osvXJHm9DtWC # 0/3unAcH0qlsTnXIyjVX9gF/bErg4r25PhdgM/9cT8dm95VTcVrifkpa/rg2Z4VG # Iwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPFdvWGUNzBRMhxXFExN6AKOG6N7dcP # 2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6GnszrYBbfowQHJ1S/rboYiXcag/P # XfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBpDco2LXCOMcg1KL3jtIckw+DJj361 # VI/c+gVVmG1oO5pGve2krnopN6zL64NF50ZuyjLVwIYwXE8s4mKyzbnijYjklqwB # Sru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3EXzTdEonW/aUgfX782Z5F37ZyL9t9 # X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0lBw0gg/wEPK3Rxjtp+iZfD9M269e # wvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1qGFphAXPKZ6Je1yh2AuIzGHLXpyDw # wvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ+QuJYfM2BjUYhEfb3BvR/bLUHMVr # 9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PAPBXbGjfHCBUYP3irRbb1Hode2o+e # FnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkwEgYJKwYBBAGCNxUBBAUCAwEAATAj # BgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxGNSnPEP8vBO4wHQYDVR0OBBYEFJ+n # FV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARVMFMwUQYMKwYBBAGCN0yDfQEBMEEw # PwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9j # cy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAKBggrBgEFBQcDCDAZBgkrBgEEAYI3 # FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAf # BgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNVHR8ETzBNMEugSaBH # hkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNS # b29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUF # BzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0Nl # ckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG9w0BAQsFAAOCAgEAnVV9/Cqt4Swf # ZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0xM7U518JxNj/aZGx80HU5bbsPMeTC # j/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmCVgADsAW+iehp4LoJ7nvfam++Kctu # 2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449xvNo32X2pFaq95W2KFUn0CS9QKC/ # GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wMnosZiefwC2qBwoEZQhlSdYo2wh3D # YXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDSPeZKPmY7T7uG+jIa2Zb0j/aRAfbO # xnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2dY3RILLFORy3BFARxv2T5JL5zbcqO # Cb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxnGSgkujhLmm77IVRrakURR6nxt67I # 6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+CrvsQWY9af3LwUFJfn6Tvsv4O+S3Fb+0 # zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokLjzbaukz5m/8K6TT4JDVnK+ANuOaM # mdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL6Xu/OHBE0ZDxyKs6ijoIYn/ZcGNT # TY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggLOMIICNwIBATCB+KGB0KSBzTCByjEL # MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v # bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWlj # cm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEmMCQGA1UECxMdVGhhbGVzIFRTUyBF # U046REQ4Qy1FMzM3LTJGQUUxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1w # IFNlcnZpY2WiIwoBATAHBgUrDgMCGgMVACEAGvYXZJK7cUo62+LvEYQEx7/noIGD # MIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNV # BAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQG # A1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwDQYJKoZIhvcNAQEF # BQACBQDoPV85MCIYDzIwMjMwNjIxMTkzNjI1WhgPMjAyMzA2MjIxOTM2MjVaMHcw # PQYKKwYBBAGEWQoEATEvMC0wCgIFAOg9XzkCAQAwCgIBAAICHRsCAf8wBwIBAAIC # EgkwCgIFAOg+sLkCAQAwNgYKKwYBBAGEWQoEAjEoMCYwDAYKKwYBBAGEWQoDAqAK # MAgCAQACAwehIKEKMAgCAQACAwGGoDANBgkqhkiG9w0BAQUFAAOBgQDnXabzzlyw # 7LhhIeLUqcv+ul1OiIhzVcYti5bBh+rl3OiCup72pou3mhggp0+itWjnBYM2Rxn5 # Sp56CgYjSjQyA/+hHw7t1IwTn/kAB/8dzfhtiPHT7196d2IAPLuR5Ley6UAQjr4Y # 5yIxupb3IXHibcqzNQmhiGEJQCYxw0zy6zGCBA0wggQJAgEBMIGTMHwxCzAJBgNV # BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w # HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29m # dCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABxQPNzSGh9O85AAEAAAHFMA0GCWCG # SAFlAwQCAQUAoIIBSjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwLwYJKoZI # hvcNAQkEMSIEIGjA3NyFsuMg9z6hNOfqyj77IMOcFsCOVlITdGil2iI3MIH6Bgsq # hkiG9w0BCRACLzGB6jCB5zCB5DCBvQQgGQGxkfYkd0wK+V09wO0sO+sm8gAMyj5E # uKPqvNQ/fLEwgZgwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu # Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv # cmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAIT # MwAAAcUDzc0hofTvOQABAAABxTAiBCB/WZcWsLHt6dSWbK5swc3ICgTio+8q+U9C # I3GVlRn0hjANBgkqhkiG9w0BAQsFAASCAgAmCfMJJnuWWhSP2fZb1+0T4hisPjU6 # 8ofv8V0u3iPJsSYrf/C4aEQcGVFhxiKTY+OpfxheXcXVx0l24+zGNsuAq1165+P3 # dioQVIDZirDOGddKhGbnIlNZ4vX3Wp32qzI1izpilsYFWv3RXLw/1idUR6rstqpw # 0T4Qwl8XmmAGVoHEgs7xlfXFZ1QYtCYrmeM0qNw2qLl4W5mY7lMmWwrkiwLowXMN # B4GqImLBDKh1+dPwpB9GL0HfRfhxU5FHDUxbBygqNF5cwjZvZrOSLZFa/alYa47v # ChNa89lnaXieFl4+Op4vnQJ78nEZIjvEbgH8GLxS8Ju5lmh2ucyzusI+enYLrdmV # akGXRoDcofZTroLKrXm1orA3BfIk9Wsiy4uAaOiO556BHplARIc9V8JOXPzKkYXE # 2jj/zm29w0nUKRPLJgHyas6oXW49Mtx21Qfkcjn4BCjlm4KVG7837cZzhnUlfPFm # tbRdF/pgpTPBcu+e9YOmnc/owNr0mOZT8w7Cuy0Wki6I0eTuNIs4OuaQw6oHGrhX # gkXIageo1A8SmHZB7i9uQ/DrxmSooXrUY0QSFt+45nqBTujtiQDWjS1Ccx7q21E8 # r6oNNFIVI7L/vtKEKmJTjxP47pZdkLqZ9Tj93Jn01lUCPO7z8lAjQelQg0TkbT6O # dCjnefPp3eeKwQ== # SIG # End signature block |