Framework/Abstracts/CommandBase.ps1
|
<#
.Description Base class for all command classes. Provides functionality to fire events/operations at command levels like command started, command completed and perform operation like generate run-identifier, invoke auto module update, open log folder at the end of commmand execution etc #> using namespace System.Management.Automation Set-StrictMode -Version Latest class CommandBase: AzSKRoot { #Region: Properties [string[]] $FilterTags = @(); [bool] $DoNotOpenOutputFolder = $false; [bool] $Force = $false #EndRegion #Region: Constructor CommandBase([string] $organizationName, [InvocationInfo] $invocationContext): Base($organizationName) { [Helpers]::AbstractClass($this, [CommandBase]); if (-not $invocationContext) { throw [System.ArgumentException] ("The argument 'invocationContext' is null. Pass the `$PSCmdlet.MyInvocation from PowerShell command."); } $this.InvocationContext = $invocationContext; #Validate if privacy is accepted by user #Ensure that AzSKSettings statics are setup at this point (before calling Privacy notice) [AzSKSettings]::InitContexts($this.OrganizationContext, $this.InvocationContext); [PrivacyNotice]::ValidatePrivacyAcceptance() #Initialize common parameter sets if($null -ne $this.InvocationContext.BoundParameters["DoNotOpenOutputFolder"]) { $this.DoNotOpenOutputFolder = $this.InvocationContext.BoundParameters["DoNotOpenOutputFolder"]; } if($null -ne $this.InvocationContext.BoundParameters["Force"]) { $this.Force = $this.InvocationContext.BoundParameters["Force"]; } #Check multiple AzSK* module should not be loaded in same session $this.CheckMultipleAzSKModuleLoaded(); } #EndRegion #Region: Command level listerner events [void] CommandStarted() { $this.PublishAzSKRootEvent([AzSKRootEvent]::CommandStarted, $this.CheckModuleVersion()); } [void] PostCommandStartedAction() { } [void] CommandError([System.Management.Automation.ErrorRecord] $exception) { [AzSKRootEventArgument] $arguments = $this.CreateRootEventArgumentObject(); $arguments.ExceptionMessage = $exception; $this.PublishEvent([AzSKRootEvent]::CommandError, $arguments); } [void] CommandCompleted([MessageData[]] $messages) { $this.PublishAzSKRootEvent([AzSKRootEvent]::CommandCompleted, $messages); } [void] CommandProgress([int] $totalItems, [int] $currentItem) { $this.CommandProgress($totalItems, $currentItem, 1); } [void] CommandProgress([int] $totalItems, [int] $currentItem, [int] $granularity) { if ($totalItems -gt 0) { # $granularity indicates the number of items after which percentage progress will be printed # Set the max granularity to total items if ($granularity -gt $totalItems) { $granularity = $totalItems; } # Conditions for posting progress: 0%, 100% and based on granularity if ($currentItem -eq 0 -or $currentItem -eq $totalItems -or (($currentItem % $granularity) -eq 0)) { $this.PublishCustomMessage("$([int](($currentItem / $totalItems) * 100))% Completed"); } } } # Dummy function declaration to define the function signature [void] PostCommandCompletedAction([SVTEventContext[]] $arguments) { } [void] PostCommandCompletedAction([MessageData[]] $messages) { } #EndRegion #Region: Helper function to invoke function based on method name. # This is method called from command(GRS/GSS etc) files and resposinble for printing command start/end messages using listeners [string] InvokeFunction([PSMethod] $methodToCall) { return $this.InvokeFunction($methodToCall, @()); } [string] InvokeFunction([PSMethod] $methodToCall, [System.Object[]] $arguments) { if (-not $methodToCall) { throw [System.ArgumentException] ("The argument 'methodToCall' is null. Pass the reference of method to call. e.g.: [YourClass]::new().YourMethod"); } #if attestation then rescan the controls if ($null -eq $arguments) { $folderPath = $this.GetOutputFolderPath(); $methodResult = $methodToCall.Invoke(@()); #$this.CommandCompleted($methodResult); this will update CSV but issue is there will be duplicate entries if(-not $this.DoNotOpenOutputFolder) { if (Test-Path $folderPath) { Invoke-Item -Path $folderPath; } } } else { # Publish runidentifier(YYYYMMDD_HHMMSS) used by all listener as identifier for scan,creating log folder $this.PublishRunIdentifier($this.InvocationContext); # <TODO Framework: Move command time calculation methods to AIOrgTelmetry Listener> [AIOrgTelemetryHelper]::TrackCommandExecution("Command Started", @{"RunIdentifier" = $this.RunIdentifier}, @{}, $this.InvocationContext); $sw = [System.Diagnostics.Stopwatch]::StartNew(); # Publish command init events $this.CommandStarted(); $this.PostCommandStartedAction(); # Invoke method with arguments $methodResult = @(); try { $methodResult = $methodToCall.Invoke($arguments); } catch { # Unwrapping the first layer of exception which is added by Invoke function [AIOrgTelemetryHelper]::TrackCommandExecution("Command Errored", @{"RunIdentifier" = $this.RunIdentifier; "ErrorRecord"= $_.Exception.InnerException.ErrorRecord}, @{"TimeTakenInMs" = $sw.ElapsedMilliseconds; "SuccessCount" = 0}, $this.InvocationContext); $this.CommandError($_.Exception.InnerException.ErrorRecord); } $folderPath = $this.GetOutputFolderPath(); #the next two bug log classes have been called here as we need all the control results at one place for #dumping them in json file and auto closing them(to minimize api calls and auto close them in batches) #if bug logging is enabled and path is valid, create the JSON file for bugs #AutoBugLog and AutoCloseBug Conditions # $isPartialScan=$false # $bugsClosed=$null if($this.InvocationContext.BoundParameters["AutoBugLog"] -or $this.InvocationContext.BoundParameters["AutoCloseBugs"]){ $this.sendBugInfo($methodResult,$folderPath) #sendBugInfo } #SARIF Logs generation.Note if upc with Auto Bug Log we have controls available in ControlResultsWithBugSummary static variable. if($this.InvocationContext.BoundParameters["GenerateSarifLogs"]){ $sarifMethodResults=$methodResult if(!$sarifMethodResults){ if(([PartialScanManager]::ControlResultsWithBugSummary| Measure-Object).Count -gt 0){ $sarifMethodResults=[PartialScanManager]::ControlResultsWithBugSummary } else{ $sarifMethodResults=[PartialScanManager]::ControlResultsWithSARIFSummary } } if($sarifMethodResults){ [SARIFLogsGenerator]::new($sarifMethodResults,$folderPath,$this.RunIdentifier) } [PartialScanManager]::ControlResultsWithSARIFSummary=@() } # Publish command complete events $this.CommandCompleted($methodResult); [AIOrgTelemetryHelper]::TrackCommandExecution("Command Completed", @{"RunIdentifier" = $this.RunIdentifier}, @{"TimeTakenInMs" = $sw.ElapsedMilliseconds; "SuccessCount" = 1}, $this.InvocationContext) $this.PostCommandCompletedAction($methodResult); # <TODO Framework: Move PDF generation method based on listener> #Generate PDF report $GeneratePDFReport = $this.InvocationContext.BoundParameters["GeneratePDF"]; try { if (-not [string]::IsNullOrEmpty($folderpath)) { switch ($GeneratePDFReport) { None { # Do nothing } Landscape { [AzSKPDFExtension]::GeneratePDF($folderpath, $this.OrganizationContext, $this.InvocationContext, $true); } Portrait { [AzSKPDFExtension]::GeneratePDF($folderpath, $this.OrganizationContext, $this.InvocationContext, $false); } } } } catch { # Unwrapping the first layer of exception which is added by Invoke function $this.CommandError($_); } # $AttestControlParamFound = $this.InvocationContext.BoundParameters["AttestControls"]; if($null -eq $AttestControlParamFound) { #If controls are attested then open folder when rescan of attested controls is complete $controlAttested = $false if( ([FeatureFlightingManager]::GetFeatureStatus("EnableScanAfterAttestation","*"))) { #Global variable "AttestationValue" is set to true when one or more controls are attested in current scan #Ignore if variable AttestationValue is not found if (Get-Variable AttestationValue -Scope Global -ErrorAction Ignore){ if ( $Global:AttestationValue){ $controlAttested = $true } } } if ( !$controlAttested){ if((-not $this.DoNotOpenOutputFolder) -and (-not [string]::IsNullOrEmpty($folderPath))) { try { Invoke-Item -Path $folderPath; } catch { #ignore if any exception occurs } } } } } return $folderPath; } #EndRegion # Function to get output log folder from WriteFolder listener [string] GetOutputFolderPath() { return [WriteFolderPath]::GetInstance().FolderPath; } #Sends bug information to Json and CSV. In non upc scan closes bugs and sends info to LA as well. [void] sendBugInfo([SVTEventContext[]] $methodResult, [string] $folderPath){ [SVTEventContext[]] $bugsClosed=$null if ($this.InvocationContext.BoundParameters["UsePartialCommits"]) { $methodResult = [PartialScanManager]::ControlResultsWithBugSummary $bugsClosed=[PartialScanManager]::ControlResultsWithClosedBugSummary } else { $AutoClose=[AutoCloseBugManager]::new($this.OrganizationContext.OrganizationName); $AutoClose.AutoCloseBug($methodResult) $bugsClosed=[AutoCloseBugManager]::ClosedBugs if($bugsClosed){ $laInstance= [LogAnalyticsOutput]::Instance $laInstance.WriteControlResult($bugsClosed) } } #If condition publishes information about New, Active and Closed bugs if($this.InvocationContext.BoundParameters["AutoBugLog"]){ if([BugLogPathManager]::GetIsPathValid()){ [PublishToJSONAndCSV]::new($methodResult,$folderPath,$bugsClosed) } } #condition publishes only closed bugs. $null is passed instead of $methodResult to avoid performance slow down in PublishToJSONAndCSV else{ if($bugsClosed){ [PublishToJSONAndCSV]::new($null,$folderPath,$bugsClosed) } } } # <TODO Framework: Move to module helper class> # Function to validate module version based on Org policy and showcase warning for update or block commands if version is less than last two minor version [void] CheckModuleVersion() { $serverVersion = [System.Version] ([ConfigurationManager]::GetAzSKConfigData().GetLatestAzSKVersion($this.GetModuleName())); $currentModuleVersion = [System.Version] $this.GetCurrentModuleVersion() if($currentModuleVersion -ne "0.0.0.0" -and $currentModuleVersion -ne "1.0.0.0" -and $serverVersion -gt $currentModuleVersion) { $this.RunningLatestPSModule = $false; $this.InvokeAutoUpdate() $this.PublishCustomMessage(([Constants]::VersionCheckMessage -f $serverVersion), [MessageType]::Warning); $this.PublishCustomMessage(([ConfigurationManager]::GetAzSKConfigData().InstallationCommand + "`r`n"), [MessageType]::Update); $this.PublishCustomMessage([Constants]::VersionWarningMessage, [MessageType]::Warning); $serverVersions = @() [ConfigurationManager]::GetAzSKConfigData().GetAzSKVersionList($this.GetModuleName()) | ForEach-Object { #Take major and minor version and ignore build version for comparision $serverVersions+= [System.Version] ("$($_.Major)" +"." + "$($_.Minor)") } $serverVersions = $serverVersions | Select-Object -Unique $latestVersionList = $serverVersions | Where-Object {$_ -gt $currentModuleVersion} if(($latestVersionList | Measure-Object).Count -gt [ConfigurationManager]::GetAzSKConfigData().BackwardCompatibleVersionCount) { throw ([SuppressedException]::new(("Your version of $([Constants]::AzSKModuleName) is too old. Please update now!"),[SuppressedExceptionType]::Generic)) } } $psGalleryVersion = [System.Version] ([ConfigurationManager]::GetAzSKConfigData().GetAzSKLatestPSGalleryVersion($this.GetModuleName())); if($psGalleryVersion -ne $serverVersion) { $serverVersions = @() [ConfigurationManager]::GetAzSKConfigData().GetAzSKVersionList($this.GetModuleName()) | ForEach-Object { #Take major and minor version and ignore build version for comparision $serverVersions+= [System.Version] ("$($_.Major)" +"." + "$($_.Minor)") } $serverVersions = $serverVersions | Select-Object -Unique $latestVersionAvailableFromGallery = $serverVersions | Where-Object {$_ -gt $serverVersion} if(($latestVersionAvailableFromGallery | Measure-Object).Count -gt [ConfigurationManager]::GetAzSKConfigData().BackwardCompatibleVersionCount) { $this.PublishCustomMessage("Your Org AzSK.ADO version [$serverVersion] is too old. It must be updated to latest available version [$psGalleryVersion].",[MessageType]::Error); } } #Validate if detailed scan results is required in control evaluation $this.CheckDetailedScanStatus(); } # <TODO Framework: Move to module helper class> # Funtion to execute module auto update flow based on switch [void] InvokeAutoUpdate() { $AutoUpdateSwitch= [ConfigurationManager]::GetAzSKSettings().AutoUpdateSwitch; $AutoUpdateCommand = [ConfigurationManager]::GetAzSKSettings().AutoUpdateCommand; if($AutoUpdateSwitch -ne [AutoUpdate]::On) { if($AutoUpdateSwitch -eq [AutoUpdate]::NotSet) { $AutoUpdateMsg = [Constants]::AutoUpdateMessage Write-Host $AutoUpdateMsg -ForegroundColor Yellow } return; } #Step 1: Get the list of active running powershell prcesses including the current running PS Session $PSProcesses = Get-Process | Where-Object { ($_.Name -eq 'powershell' -or $_.Name -eq 'powershell_ise' -or $_.Name -eq 'powershelltoolsprocesshost')} $userChoice = "" if(($PSProcesses | Measure-Object).Count -ge 1) { Write-Host([Constants]::ModuleAutoUpdateAvailableMsg) -ForegroundColor Cyan; } #User choice that captures the decision to close the active PS Sessions $secondUserChoice ="" $InvalidOption = $true; while($InvalidOption) { if([string]::IsNullOrWhiteSpace($userChoice) -or ($userChoice.Trim() -ne 'y' -and $userChoice.Trim() -ne 'n')) { $userChoice = Read-Host "Continue (Y/N)" if([string]::IsNullOrWhiteSpace($userChoice) -or ($userChoice.Trim() -ne 'y' -and $userChoice.Trim() -ne 'n')) { Write-Host "Enter the valid option." -ForegroundColor Yellow } continue; } elseif($userChoice.Trim() -eq 'n') { $InvalidOption = $false; } elseif($userChoice.Trim() -eq 'y') { #Get the number of PS active sessions $PSProcesses = Get-Process | Where-Object { ($_.Name -eq 'powershell' -or $_.Name -eq 'powershell_ise' -or $_.Name -eq 'powershelltoolsprocesshost') -and $_.Id -ne $PID} if(($PSProcesses | Measure-Object).Count -gt 0) { Write-Host "`nThe following other PS sessions are still active. Please save your work and close them. You can also use Task Manager to close these sessions." -ForegroundColor Yellow Write-Host ($PSProcesses | Select-Object Id, ProcessName, Path | Out-String) $secondUserChoice = Read-Host "Continue (Y/N)" } elseif(($PSProcesses | Measure-Object).Count -eq 0) { Write-Host "`nThe current PS session will be closed now. Have you saved your work?" -ForegroundColor Yellow $secondUserChoice = Read-Host "Continue (Y/N)" } if(-not [string]::IsNullOrWhiteSpace($secondUserChoice) -and ` (($PSProcesses | Measure-Object).Count -eq 0 -and $secondUserChoice.Trim() -eq 'y') -or ` $secondUserChoice.Trim() -eq 'n') { $InvalidOption = $false; } } } #Check if the first user want to continue with auto-update using userChoice field and then check if user still wants to continue with auto-update after finding the active PS sessions. #In either case it is no it would exit the auto-update process if($userChoice.Trim() -eq "n" -or $secondUserChoice.Trim() -eq 'n') { Write-Host "Exiting auto-update workflow. To disable auto-update permanently, run the command below:" -ForegroundColor Yellow Write-Host "Set-AzSKADOPolicySettings -AutoUpdate Off`n" -ForegroundColor Green return } $AzSKTemp = Join-Path $([Constants]::AzSKAppFolderPath) "Temp"; try { $fileName = "au_" + $(get-date).ToUniversalTime().ToString("yyyyMMdd_HHmmss") + ".ps1"; $autoUpdateContent = [ConfigurationHelper]::LoadOfflineConfigFile("ModuleAutoUpdate.ps1"); if(-not (Test-Path -Path $AzSKTemp)) { New-Item -Path $AzSKTemp -ItemType Directory -Force } Remove-Item -Path (Join-Path $AzSKTemp "au_*") -Force -Recurse -ErrorAction SilentlyContinue $autoUpdateContent = $autoUpdateContent.Replace("##installurl##",$AutoUpdateCommand); $autoUpdateContent | Out-File (Join-Path $AzSKTemp $fileName) -Force Start-Process -WindowStyle Normal -FilePath "powershell.exe" -ArgumentList (Join-Path $AzSKTemp $fileName) } catch { $this.CommandError($_.Exception.InnerException.ErrorRecord); } } [void] CheckMultipleAzSKModuleLoaded(){ $loadedAzSKModules= Get-Module | Where-Object { $_.Name -like "AzSK*"}; if($env:AzSKSkipMultiModuleCheck -ne $true -and $null -ne $loadedAzSKModules -and ($loadedAzSKModules| Measure-Object).Count -gt 1){ throw [SuppressedException]::new("ERROR: Multiple AzSK modules loaded in same session, this will lead to issues when running AzSK cmdlets.",[SuppressedExceptionType]::Generic) } } [void] CheckDetailedScanStatus(){ if(-not([string]::IsNullOrEmpty($this.InvocationContext.BoundParameters['ControlIds'])) -or -not([string]::IsNullOrEmpty($this.InvocationContext.BoundParameters['DetailedScan'])) -or -not( [string]::IsNullOrEmpty($this.InvocationContext.BoundParameters['ControlsToAttest'])) ) { [AzSKRoot]::IsDetailedScanRequired = $true } else { [AzSKRoot]::IsDetailedScanRequired = $false } } } # SIG # Begin signature block # MIIjjAYJKoZIhvcNAQcCoIIjfTCCI3kCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCAsDCLx4mSzrh0X # My0wLX2Xd+jPWRDgwoW4s89nCVtfQaCCDYUwggYDMIID66ADAgECAhMzAAAB4HFz # JMpcmPgZAAAAAAHgMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjAxMjE1MjEzMTQ2WhcNMjExMjAyMjEzMTQ2WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDRXpc9eiGRI/2BlmU7OMiQPTKpNlluodjT2rltPO/Gk47bH4gBShPMD4BX/4sg # NvvBun6ZOG2dxUW30myWoUJJ0iRbTAv2JFzjSpVQvPE+D5vtmdu6WlOR2ahF4leF # 5Vvk4lPg2ZFrqg5LNwT9gjwuYgmih+G2KwT8NMWusBhO649F4Ku6B6QgA+vZld5S # G2XWIdvS0pmpmn/HFrV4eYTsl9HYgjn/bPsAlfWolLlEXYTaCljK7q7bQHDBrzlR # ukyyryFpPOR9Wx1cxFJ6KBqg2jlJpzxjN3udNJPOqarnQIVgB8DUm3I5g2v5xTHK # Ovz9ucN21467cYcIxjPC4UkDAgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUVBWIZHrG4UIX3uX4142l+8GsPXAw # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzQ2MzAxMDAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AE5msNzmYzYbNgpnhya6YsrM+CIC8CXDu10nwzZtkgQciPOOqAYmFcWJCwD5VZzs # qFwad8XIOrfCylWf4hzn09mD87yuazpuCstLSqfDLNd3740+254vEZqdGxOglAGU # ih2IiF8S0GDwucpLGzt/OLXPFr/d4MWxPuX0L+HB5lA3Y/CJE673dHGQW2DELdqt # ohtkhp+oWFn1hNDDZ3LP++HEZvA7sI/o/981Sh4kaGayOp6oEiQuGeCXyfrIC9KX # eew0UlYX/NHVDqr4ykKkqpHtzbUbuo7qovUHPbYKcRGWrrEtBS5SPLFPumqsRtzb # LgU9HqfRAN36bMsd2qynGyWBVFOM7NMs2lTCGM85Z/Fdzv/8tnYT36Cmbue+IM+6 # kS86j6Ztmx0VIFWbOvNsASPT6yrmYiecJiP6H0TrYXQK5B3jE8s53l+t61ab0Eul # 7DAxNWX3lAiUlzKs3qZYQEK1LFvgbdTXtBRnHgBdABALK3RPrieIYqPln9sAmg3/ # zJZi4C/c2cWGF6WwK/w1Nzw08pj7jaaZZVBpCeDe+y7oM26QIXxracot7zJ21/TL # 70biK36YybSUDkjhQPP/uxT0yebLNBKk7g8V98Wna2MsHWwk0sgqpkjIp02TrkVz # 26tcF2rml2THRSDrwpBa4x9c8rM8Qomiyeh2tEJnsx2LMIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCFV0wghVZAgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAAHgcXMkylyY+BkAAAAA # AeAwDQYJYIZIAWUDBAIBBQCggbAwGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIFb/ # r/T02LVOSs66Hl6z9DRBbdReXHh52+mZIYNcNOzNMEQGCisGAQQBgjcCAQwxNjA0 # oBSAEgBNAGkAYwByAG8AcwBvAGYAdKEcgBpodHRwczovL3d3dy5taWNyb3NvZnQu # Y29tIDANBgkqhkiG9w0BAQEFAASCAQDQAbtg4caUX+QEpybZZbj+QrNbKpOV4RAL # 9mhKJc6oBtHnACOp+4CgTS0p2XUxVGglg/fc1ai8sD+mj+UsAC88wd2Z1arML5Bw # lEQ3pl7MkUX/7Mze1VXUWnyX9C8aWzwK9qx24+CZMqksbcr3Np9XQsrgr+8hlNou # KX7l7Dsou5d2zxt1rhVJhwPUVRB6H8iK2yS8c+HU6S6I/CPJc7VYnnDclwMtZTTO # HxLiOsXvNlmLVRXW0FXSjTlp3THaabIkjEvECBaLeKZ7CmuXvQIqYIrUOyKuX1K/ # KC4Jwrrgp8DAelfOzXACsmzfZe90+TH2KY41t3JaSbS4pFKYkH4woYIS5TCCEuEG # CisGAQQBgjcDAwExghLRMIISzQYJKoZIhvcNAQcCoIISvjCCEroCAQMxDzANBglg # hkgBZQMEAgEFADCCAVEGCyqGSIb3DQEJEAEEoIIBQASCATwwggE4AgEBBgorBgEE # AYRZCgMBMDEwDQYJYIZIAWUDBAIBBQAEIHcxqzw0NCUgm0oZhIpWCXnq4tXISqyX # WUhQQEuUKgV8AgZg+Zx28z4YEzIwMjEwODE2MDU1MzQzLjEyNFowBIACAfSggdCk # gc0wgcoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH # EwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNV # BAsTHE1pY3Jvc29mdCBBbWVyaWNhIE9wZXJhdGlvbnMxJjAkBgNVBAsTHVRoYWxl # cyBUU1MgRVNOOjdCRjEtRTNFQS1CODA4MSUwIwYDVQQDExxNaWNyb3NvZnQgVGlt # ZS1TdGFtcCBTZXJ2aWNloIIOPDCCBPEwggPZoAMCAQICEzMAAAFRw1DnWWyqxqcA # AAAAAVEwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh # c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD # b3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIw # MTAwHhcNMjAxMTEyMTgyNjA0WhcNMjIwMjExMTgyNjA0WjCByjELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFt # ZXJpY2EgT3BlcmF0aW9uczEmMCQGA1UECxMdVGhhbGVzIFRTUyBFU046N0JGMS1F # M0VBLUI4MDgxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2Uw # ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf0ofvqoSuO+84iSNZsem0 # yRgOOYb4kSbOC7Kv9XGNmBn+KDwyTjuOpIk/lHEf+wPKqFi7uM9I7zqyJmHy7sMF # f0vwj4AH7x88+8Pi6gsoPbYGmgWXgHwXDkrtK6Ju9vEY3tp0vX/Nb6xZeVW+kOEQ # 8goMgK8R02MZMuGS19+2N5+D2W6YExQEnYbj+Dhp3R0O9E2YqIxldd78uXhCD+g9 # LNcJQRihJKprkP7kxGKZV7n9hMuPSNWvyIXjlXSFPtUfw4k7hgiZydmGroPDUb7D # oAJEZ48WY5apby0RnXdIyY6q4mtOTDLLzPI21W20kBft2IUttHRK8yVsllYrQod3 # AgMBAAGjggEbMIIBFzAdBgNVHQ4EFgQUxXf/42hQYpM0aDo4zITp83VE6m0wHwYD # VR0jBBgwFoAU1WM6XIoxkPNDe3xGG8UzaFqFbVUwVgYDVR0fBE8wTTBLoEmgR4ZF # aHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljVGlt # U3RhUENBXzIwMTAtMDctMDEuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcw # AoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNUaW1TdGFQ # Q0FfMjAxMC0wNy0wMS5jcnQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEF # BQcDCDANBgkqhkiG9w0BAQsFAAOCAQEAK/31wBWDmfHRKqO8t9DOa6AyPlwn00Tr # R25IfUunEdiKb0uzdR+Jh3u3Qm/ITD+tFMQodvOdXosUuVf76UckwYrNmce1N7Y4 # jpkcWc2IWG2DJa5gMmubspDKQ2LUbUtu5WJ70x6Gagr6EGJmeetx9lKcFKiSu87Z # ARYcLXGdnnAzzZQSOmsVg6RyFT7pFygKOOYgUZ+BLM2PUwht/iVwnkWhXUyDoXAX # jkKKM5cdVevOSKwxn2m4OkWOMRXpMBjog2AySEt6/8BWjDSwXwx9DO0kiUVh0USR # nk0X8jLOgLZhv2LDhsIp0Gt0PcCzqa+gZI2MILqU53PoR6skrc2EWDCCBnEwggRZ # oAMCAQICCmEJgSoAAAAAAAIwDQYJKoZIhvcNAQELBQAwgYgxCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBSb290 # IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTEwMDcwMTIxMzY1NVoXDTI1 # MDcwMTIxNDY1NVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwggEiMA0G # CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpHQ28dxGKOiDs/BOX9fp/aZRrdFQQ # 1aUKAIKF++18aEssX8XD5WHCdrc+Zitb8BVTJwQxH0EbGpUdzgkTjnxhMFmxMEQP # 8WCIhFRDDNdNuDgIs0Ldk6zWczBXJoKjRQ3Q6vVHgc2/JGAyWGBG8lhHhjKEHnRh # Z5FfgVSxz5NMksHEpl3RYRNuKMYa+YaAu99h/EbBJx0kZxJyGiGKr0tkiVBisV39 # dx898Fd1rL2KQk1AUdEPnAY+Z3/1ZsADlkR+79BL/W7lmsqxqPJ6Kgox8NpOBpG2 # iAg16HgcsOmZzTznL0S6p/TcZL2kAcEgCZN4zfy8wMlEXV4WnAEFTyJNAgMBAAGj # ggHmMIIB4jAQBgkrBgEEAYI3FQEEAwIBADAdBgNVHQ4EFgQU1WM6XIoxkPNDe3xG # G8UzaFqFbVUwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGG # MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186a # GMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3Br # aS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsG # AQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcnQwgaAGA1UdIAEB # /wSBlTCBkjCBjwYJKwYBBAGCNy4DMIGBMD0GCCsGAQUFBwIBFjFodHRwOi8vd3d3 # Lm1pY3Jvc29mdC5jb20vUEtJL2RvY3MvQ1BTL2RlZmF1bHQuaHRtMEAGCCsGAQUF # BwICMDQeMiAdAEwAZQBnAGEAbABfAFAAbwBsAGkAYwB5AF8AUwB0AGEAdABlAG0A # ZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQAH5ohRDeLG4Jg/gXEDPZ2joSFv # s+umzPUxvs8F4qn++ldtGTCzwsVmyWrf9efweL3HqJ4l4/m87WtUVwgrUYJEEvu5 # U4zM9GASinbMQEBBm9xcF/9c+V4XNZgkVkt070IQyK+/f8Z/8jd9Wj8c8pl5SpFS # AK84Dxf1L3mBZdmptWvkx872ynoAb0swRCQiPM/tA6WWj1kpvLb9BOFwnzJKJ/1V # ry/+tuWOM7tiX5rbV0Dp8c6ZZpCM/2pif93FSguRJuI57BlKcWOdeyFtw5yjojz6 # f32WapB4pm3S4Zz5Hfw42JT0xqUKloakvZ4argRCg7i1gJsiOCC1JeVk7Pf0v35j # WSUPei45V3aicaoGig+JFrphpxHLmtgOR5qAxdDNp9DvfYPw4TtxCd9ddJgiCGHa # sFAeb73x4QDf5zEHpJM692VHeOj4qEir995yfmFrb3epgcunCaw5u+zGy9iCtHLN # HfS4hQEegPsbiSpUObJb2sgNVZl6h3M7COaYLeqN4DMuEin1wC9UJyH3yKxO2ii4 # sanblrKnQqLJzxlBTeCG+SqaoxFmMNO7dDJL32N79ZmKLxvHIa9Zta7cRDyXUHHX # odLFVeNp3lfB0d4wwP3M5k37Db9dT+mdHhk4L7zPWAUu7w2gUDXa7wknHNWzfjUe # CLraNtvTX4/edIhJEqGCAs4wggI3AgEBMIH4oYHQpIHNMIHKMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1l # cmljYSBPcGVyYXRpb25zMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjo3QkYxLUUz # RUEtQjgwODElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaIj # CgEBMAcGBSsOAwIaAxUAoKKvc/E/pEILJUwlIBWgxXrXI16ggYMwgYCkfjB8MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNy # b3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIFAOTEZuww # IhgPMjAyMTA4MTYxMjI0MTJaGA8yMDIxMDgxNzEyMjQxMlowdzA9BgorBgEEAYRZ # CgQBMS8wLTAKAgUA5MRm7AIBADAKAgEAAgINjQIB/zAHAgEAAgIRRjAKAgUA5MW4 # bAIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6Eg # oQowCAIBAAIDAYagMA0GCSqGSIb3DQEBBQUAA4GBAAOcPMi7mb3pX28GdWJ+Hxo7 # Kw6endNsNGmF0aHSptGkgeUye+3Fzyf4hEdGFJkxs8VURBrL4anFyMsGTpY5VTd9 # jvNxe534Ca38TeLg6bwYO1joPPPDOrMoOHlQiSNl/BmURkpyOTpUiIAgF0byxZux # F/wskD+S7cBkYtCn2dejMYIDDTCCAwkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzAR # BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1p # Y3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3Rh # bXAgUENBIDIwMTACEzMAAAFRw1DnWWyqxqcAAAAAAVEwDQYJYIZIAWUDBAIBBQCg # ggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQg # 9goS60Q0+hSbp1pDhjcgFMLwFrRN6i/sVL6Z4uYGyrUwgfoGCyqGSIb3DQEJEAIv # MYHqMIHnMIHkMIG9BCAuzVyZiPjWwVkHAKYW+/1Jw/m265SHGy/+3QH1cXrlQTCB # mDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYD # VQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAk # BgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABUcNQ51ls # qsanAAAAAAFRMCIEILOMpy1baJ49SuxXwSBxdEBR+PCKEaPe5b7+7YkbjAlXMA0G # CSqGSIb3DQEBCwUABIIBAAcPi26+5VWpau96SkK97rutd2uiLiEUINikeFT0BRKW # VVU3TnZxtspa8iIRIZ/7zqJfynFstWph7kiR+PD4Bpz15qVrxhKeNonZyBv1PjIV # iTvyXHBaHIbDQEi7zY4LiERiJWeSf4WrIRTwQIi9x9bsfLQ35H5AcnKa7eJI364Z # Kc/n3pvV8JnVHUhuDxBCodLtlvz0nx4630kmzAUh665AH2+2HDalHJafl6IKrdrr # lUjATrIh/a6y3AxJm3Qfj79fTR3ommSxPSNgWlllcAiOKEfpMYJgD+XgOCV4gnZz # /d2lA6iPyJvwXlNAbrkdDGFklKtEtnRSyPYXDyXhSGw= # SIG # End signature block |