Framework/Helpers/Helpers.ps1
using namespace Newtonsoft.Json using namespace Microsoft.Azure.Commands.Common.Authentication.Abstractions using namespace Microsoft.Azure.Commands.Common.Authentication using namespace Microsoft.Azure.Management.Storage.Models Set-StrictMode -Version Latest class Helpers { static [PSObject] $SHA256Alg = [System.Security.Cryptography.HashAlgorithm]::Create('sha256'); hidden static [PSObject] LoadOfflineConfigFile([string] $fileName, [bool] $parseJson) { $rootConfigPath = [Constants]::AzSKAppFolderPath ; return [Helpers]::LoadOfflineConfigFile($fileName, $true,$rootConfigPath); } hidden static [PSObject] LoadOfflineConfigFile([string] $fileName, [bool] $parseJson, $path) { #Load file from AzSK App folder $rootConfigPath = $path ; $extension = [System.IO.Path]::GetExtension($fileName); $filePath = $null if(Test-Path -Path $rootConfigPath) { $filePath = (Get-ChildItem $rootConfigPath -Name -Recurse -Include $fileName) | Select-Object -First 1 } #If file not present in App folder load settings from Configurations in Module folder if (!$filePath) { $rootConfigPath = Join-Path (Get-Item $PSScriptRoot).Parent.FullName "Configurations"; $filePath = (Get-ChildItem $rootConfigPath -Name -Recurse -Include $fileName) | Select-Object -First 1 } if ($filePath) { if($parseJson) { if($extension -eq ".json" -or $extension -eq ".lawsview") { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) | ConvertFrom-Json } else { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) } } else { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) } } else { throw "Unable to find the specified file '$fileName'" } if (-not $fileContent) { throw "The specified file '$fileName' is empty" } return $fileContent; } static AbstractClass($obj, $classType) { $type = $obj.GetType() if ($type -eq $classType) { throw("Class '$type' must be inherited") } } static [string] SanitizeFolderName($folderPath) { return ($folderPath -replace '[<>:"/\\\[\]|?*]', ''); } static [string] ConvertObjectToString([PSObject] $dataObject, [bool] $defaultPsOutput) { [string] $msg = ""; if ($dataObject) { if ($dataObject.GetType().FullName -eq "System.Management.Automation.ErrorRecord") { if($dataObject.Exception -is [SuppressedException]) { $msg = $dataObject.Exception.ConvertToString(); } else { if ($defaultPsOutput) { $msg = $dataObject.ToString(); } else { $msg = ($dataObject | Out-String) + "`r`nStackTrace: " + $dataObject. ScriptStackTrace } } } else { if ($defaultPsOutput -or $dataObject.GetType() -eq [string]) { $msg = $dataObject | Out-String; } else { try { #$msg = $dataObject | ConvertTo-Json -Depth 5 | Out-String; #$msg = [JsonHelper]::ConvertToJsonCustom($dataObject); $msg = [JsonHelper]::ConvertToPson($dataObject); } catch { $e = $_ $msg = $dataObject | Format-List | Out-String; } $msg = $msg.Trim(); #$msg = $msg.TrimStart("`r`n"); } } } return $msg.Trim("`r`n"); } static [bool] CompareObject($referenceObject, $differenceObject) { return [Helpers]::CompareObject($referenceObject, $differenceObject, $false) } static [bool] CompareObject($referenceObject, $differenceObject, [bool] $strictComparison) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { if ($referenceObject -is "Array") { if ($differenceObject -is "Array") { if ((-not $strictComparison) -or ($referenceObject.Count -eq $differenceObject.Count)) { foreach ($refObject in $referenceObject) { $arrayResult = $false; foreach ($diffObject in $differenceObject) { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison); if ($arrayResult) { break; } } $result = $result -and $arrayResult if (-not $arrayResult) { break; } } } else { $result = $false; } } else { $result = $false; } } # Condition for all primitive types elseif ($referenceObject -is "string" -or $referenceObject -is "ValueType") { # For primitive types, use default comparer $result = $result -and (((Compare-Object $referenceObject $differenceObject) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } else { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison) } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } hidden static [bool] CompareObjectProperties($referenceObject, $differenceObject, [bool] $strictComparison) { $result = $true; $refProps = @(); $diffProps = @(); $refProps += [Helpers]::GetProperties($referenceObject); $diffProps += [Helpers]::GetProperties($differenceObject); if ((-not $strictComparison) -or ($refProps.Count -eq $diffProps.Count)) { foreach ($propName in $refProps) { $refProp = $referenceObject.$propName; if (-not [string]::IsNullOrWhiteSpace(($diffProps | Where-Object { $_ -eq $propName } | Select-Object -First 1))) { $compareProp = $differenceObject.$propName; if ($null -ne $refProp) { if ($null -ne $compareProp) { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison); } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } if (-not $result) { break; } } } else { $result = $false; } return $result; } static [bool] CompareObject($referenceObject, $differenceObject, [bool] $strictComparison,$AttestComparisionType) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { if ($referenceObject -is "Array") { if ($differenceObject -is "Array") { if ((-not $strictComparison) -or ($referenceObject.Count -eq $differenceObject.Count)) { foreach ($refObject in $referenceObject) { $arrayResult = $false; foreach ($diffObject in $differenceObject) { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison,$AttestComparisionType); } else { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison); } if ($arrayResult) { break; } } $result = $result -and $arrayResult if (-not $arrayResult) { break; } } } else { $result = $false; } } else { $result = $false; } } # Condition for all primitive types elseif ($referenceObject -is "string" -or $referenceObject -is "ValueType") { # For primitive types, use default comparer if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and ($referenceObject -ge $differenceObject) } else { $result = $result -and (((Compare-Object $referenceObject $differenceObject) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } } else { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison,$AttestComparisionType) } else { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison) } } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } hidden static [bool] CompareObjectProperties($referenceObject, $differenceObject, [bool] $strictComparison,$AttestComparisionType) { $result = $true; $refProps = @(); $diffProps = @(); $refProps += [Helpers]::GetProperties($referenceObject); $diffProps += [Helpers]::GetProperties($differenceObject); if ((-not $strictComparison) -or ($refProps.Count -eq $diffProps.Count)) { foreach ($propName in $refProps) { $refProp = $referenceObject.$propName; if (-not [string]::IsNullOrWhiteSpace(($diffProps | Where-Object { $_ -eq $propName } | Select-Object -First 1))) { $compareProp = $differenceObject.$propName; if ($null -ne $refProp) { if ($null -ne $compareProp) { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison,$AttestComparisionType); } else { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison); } } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } if (-not $result) { break; } } } else { $result = $false; } return $result; } static [string[]] GetProperties($object) { $props = @(); if($object) { if ($object -is "Hashtable") { $object.Keys | ForEach-Object { $props += $_; }; } else { ($object | Get-Member -MemberType Properties) | ForEach-Object { $props += $_.Name; }; } } return $props; } static [bool] CompareObjectOld($referenceObject, $differenceObject) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { ($referenceObject | Get-Member -MemberType Properties) | ForEach-Object { $refProp = $referenceObject."$($_.Name)"; if ($differenceObject | Get-Member -Name $_.Name) { $compareProp = $differenceObject."$($_.Name)"; if ($null -ne $refProp) { if ($null -ne $compareProp) { if ($refProp.GetType().Name -eq "PSCustomObject") { $result = $result -and [Helpers]::CompareObjectOld($refProp, $compareProp); } else { $result = $result -and (((Compare-Object $refProp $compareProp) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } static [bool] CheckMember([PSObject] $refObject, [string] $memberPath) { return [Helpers]::CheckMember($refObject, $memberPath, $true); } static [bool] CheckMember([PSObject] $refObject, [string] $memberPath, [bool] $checkNull) { [bool]$result = $false; if ($refObject) { $properties = @(); $properties += $memberPath.Split("."); if ($properties.Count -gt 0) { $currentItem = $properties.Get(0); if (-not [string]::IsNullOrWhiteSpace($currentItem)) { if ($refObject | Get-Member -Name $currentItem) { if ($properties.Count -gt 1) { if($refObject.$currentItem) { $result = $true; $result = $result -and [Helpers]::CheckMember($refObject.$currentItem, [string]::Join(".", $properties[1..($properties.length - 1)])); } } else { if($checkNull) { if($refObject.$currentItem) { $result = $true; } } else { $result = $true; } } } } } } return $result; } static [PSObject] SelectMembers([PSObject] $refObject, [string[]] $memberPaths) { $result = $null; if ($null -ne $refObject) { if ($refObject -is "Array") { $result = @(); $refObject | ForEach-Object { $memberValue = [Helpers]::SelectMembers($_, $memberPaths); if ($null -ne $memberValue) { $result += $memberValue; } }; } else { $processedMemberPaths = @(); $objectProps = [Helpers]::GetProperties($refObject); if ($objectProps.Count -ne 0 -and $null -ne $memberPaths -and $memberPaths.Count -ne 0) { $memberPaths | Where-Object { -not [string]::IsNullOrWhiteSpace($_) } | ForEach-Object { $splitPaths = @(); $splitPaths += $_.Split("."); $firstMemberPath = $splitPaths.Get(0); if (-not [string]::IsNullOrWhiteSpace($firstMemberPath) -and $objectProps.Contains($firstMemberPath)) { $pathObject = $processedMemberPaths | Where-Object { $_.MemberPath -eq $firstMemberPath } | Select-Object -First 1; if (-not $pathObject) { $pathObject = @{ MemberPath = $firstMemberPath; ChildPaths = @(); }; $processedMemberPaths += $pathObject; } # Count > 1 indicates that it has child path if ($splitPaths.Count -gt 1) { $pathObject.ChildPaths += [string]::Join(".", $splitPaths[1..($splitPaths.length - 1)]); } } }; } if ($processedMemberPaths.Count -ne 0) { $processedMemberPaths | ForEach-Object { $memberValue = $null; if ($_.ChildPaths.Count -eq 0) { $memberValue = $refObject."$($_.MemberPath)"; } else { $memberValue = [Helpers]::SelectMembers($refObject."$($_.MemberPath)", $_.ChildPaths); } if ($null -ne $memberValue) { if ($null -eq $result) { $result = New-Object PSObject; } $result | Add-Member -MemberType NoteProperty -Name ($_.MemberPath) -Value $memberValue; } }; } else { $result = $refObject; } } } return $result; } static [string] FetchTagsString([PSObject]$TagsHashTable) { [string] $tagsString = ""; try { if(($TagsHashTable | Measure-Object).Count -gt 0) { $TagsHashTable.Keys | ForEach-Object { $key = $_; $value = $TagsHashTable[$key]; $tagsString = $tagsString + "$($key):$($value);"; } } } catch { #eat exception as if not able to fetch tags, it would return empty instead of breaking the flow } return $tagsString; } static [string] ComputeHash([String] $data) { #Call the other function but request the full 32-byte == 64 hex chars (SHA56 hash) as string return [Helpers]::ComputeHashShort($data, 64) } static [string] ComputeHashShort([String] $data, [int] $len) { $retHashSB = [System.Text.StringBuilder]::new(); $hashBytes = [Helpers]::SHA256Alg.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($data)); $usedBytes = $len/2 #If N hex chars are needed, first N/2 bytes of the hash are used. #Grab only as many bytes from hash to use for returned hashString. #We use "x2" instead of just "x" to ensure that '4' becomes '04' in the returned string (applicable to anything <16) #Overall, this ensures that the string conversion of a full SHA256 hash is *always* 64 chars long. for ($i=0;$i -lt $usedBytes; $i++) { [void]$retHashSB.Append($hashBytes[$i].ToString("x2")) } return $retHashSB.ToString() } static [VerificationResult] EvaluateVerificationResult([VerificationResult] $verificationResult, [AttestationStatus] $attestationStatus) { [VerificationResult] $result = $verificationResult; # No action required if Attestation status is None OR verification result is Passed if ($attestationStatus -ne [AttestationStatus]::None -or $verificationResult -ne [VerificationResult]::Passed) { # Changing State Machine logic #if($verificationResult -eq [VerificationResult]::Verify -or $verificationResult -eq [VerificationResult]::Manual) #{ switch ($attestationStatus) { ([AttestationStatus]::NotAnIssue) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::WillNotFix) { $result = [VerificationResult]::Exception; break; } ([AttestationStatus]::WillFixLater) { $result = [VerificationResult]::Remediate; break; } ([AttestationStatus]::NotApplicable) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::StateConfirmed) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::ApprovedException) { $result = [VerificationResult]::Passed; break; } } #} #elseif($verificationResult -eq [VerificationResult]::Failed -or $verificationResult -eq [VerificationResult]::Error) #{ # $result = [VerificationResult]::RiskAck; #} } return $result; } static [PSObject] NewSecurePassword() { #create password $randomBytes = New-Object Byte[] 32 $provider = [System.Security.Cryptography.RNGCryptoServiceProvider]::Create() $provider.GetBytes($randomBytes) $provider.Dispose() $pwstring = [System.Convert]::ToBase64String($randomBytes) $newPassword = new-object securestring $pwstring.ToCharArray() | ForEach-Object { $newPassword.AppendChar($_) } $encryptedPassword = ConvertFrom-SecureString -SecureString $newPassword -Key (1..16) $securePassword = ConvertTo-SecureString -String $encryptedPassword -Key (1..16) return $securePassword } static [PSObject] DeepCopy([PSObject] $inputObject) { $memoryStream = New-Object System.IO.MemoryStream $binaryFormatter = New-Object System.Runtime.Serialization.Formatters.Binary.BinaryFormatter $binaryFormatter.Serialize($memoryStream, $inputObject) $memoryStream.Position = 0 $dataDeep = $binaryFormatter.Deserialize($memoryStream) $memoryStream.Close() return $dataDeep } static [bool] ValidateEmail([string]$address){ $validAddress = ($address -as [System.Net.Mail.MailAddress]) return ($null -ne $validAddress -and $validAddress.Address -eq $address ) } #Returns invalid email list static [string[]] ValidateEmailList([string[]]$emailList ) { $invalidEmails = @(); $emailList | ForEach-Object { if(-not [Helpers]::ValidateEmail($_)) { $invalidEmails += $_ } } return $invalidEmails } static [Object] MergeObjects([Object] $source,[Object] $extend, [string] $idName) { $idPropName = "Id"; if(-not [string]::IsNullOrWhiteSpace($idName)) { $idPropName = $idName; } if($source.GetType().Name -eq "PSCustomObject" -and $extend.GetType().Name -eq "PSCustomObject"){ foreach($Property in $extend | Get-Member -type NoteProperty, Property){ if(-not [Helpers]::CheckMember($source,$Property.Name,$false)){ $source | Add-Member -MemberType NoteProperty -Value $extend.$($Property.Name) -Name $Property.Name ` } $source.$($Property.Name) = [Helpers]::MergeObjects($source.$($Property.Name), $extend.$($Property.Name), $idName) } } elseif($source.GetType().Name -eq "Object[]" -and $extend.GetType().Name -eq "Object[]"){ if([Helpers]::IsPSObjectArray($source) -or [Helpers]::IsPSObjectArray($extend)) { foreach($extendArrElement in $extend) { $PropertyId = $extendArrElement | Get-Member -type NoteProperty, Property | Where-Object { $_.Name -eq $idPropName} | Select-Object -First 1 if(($PropertyId | Measure-Object).Count -gt 0) { $PropertyId = $PropertyId | Select-Object -First 1 } else { $PropertyId = $extendArrElement | Get-Member -type NoteProperty, Property | Select-Object -First 1 } $sourceElement = $source | Where-Object { $_.$($PropertyId.Name) -eq $extendArrElement.$($PropertyId.Name) } if($sourceElement) { $sourceElement = [Helpers]::MergeObjects($sourceElement, $extendArrElement, $idName) } else { $source +=$extendArrElement } } } else { $source = ($source + $extend) if ($source.Count -gt 0) { $source = @($source | Select-Object -Unique) } } } else{ $source = $extend; } return $source } static [Object] MergeObjects([Object] $source,[Object] $extend) { return [Helpers]::MergeObjects($source,$extend,""); } static [Bool] IsPSObjectArray($arrayObj) { if(($arrayObj | Measure-Object).Count -gt 0) { $firstElement = $arrayObj | Select-Object -First 1 if($firstElement.GetType().Name -eq "PSCustomObject") { return $true } else { return $false } } else { return $false } } #BOM replace function static [void] RemoveUtf8BOM([System.IO.FileInfo] $file) { [Helpers]::SetUtf8Encoding($file); if($file) { $byteBuffer = New-Object System.Byte[] 3 $reader = $file.OpenRead() $bytesRead = $reader.Read($byteBuffer, 0, 3); if ($bytesRead -eq 3 -and $byteBuffer[0] -eq 239 -and $byteBuffer[1] -eq 187 -and $byteBuffer[2] -eq 191) { $tempFile = [System.IO.Path]::GetTempFileName() $writer = [System.IO.File]::OpenWrite($tempFile) $reader.CopyTo($writer) $writer.Dispose() $reader.Dispose() Move-Item -Path $tempFile -Destination $file.FullName -Force } else { $reader.Dispose() } } } static [void] SetUtf8Encoding([System.IO.FileInfo] $file) { if($file) { $fileContent = Get-Content -Path $file.FullName; if($fileContent) { Out-File -InputObject $fileContent -Force -FilePath $file.FullName -Encoding utf8 } } } static [void] CleanupLocalFolder($folderPath) { try { if(Test-Path $folderPath) { Remove-Item -Path $folderPath -Recurse -Force -ErrorAction Stop | Out-Null } } catch{ #this call happens from finally block. Try to clean the files, if it don't happen it would get cleaned in the next attempt } } static [void] CreateFolderIfNotExist($FolderPath,$MakeFolderEmpty) { if(-not (Test-Path $FolderPath)) { New-Item -ItemType Directory -Path $FolderPath -ErrorAction Stop | Out-Null } elseif($MakeFolderEmpty) { Remove-Item -Path (Join-Path $FolderPath "*") -Force -Recurse } } Static [string] GetSubString($CotentString, $Pattern) { return [regex]::match($CotentString, $pattern).Groups[1].Value } #TODO: Currently this function is specific to Org PolicyHealth Check. Need to make generic Static [string] IsStringEmpty($String) { if([string]::IsNullOrEmpty($String)) { return "Not Available" } else { $String= $String.Split("?")[0] return $String } } Static [bool] IsSASTokenUpdateRequired($policyUrl) { [System.Uri] $validatedUri = $null; $IsSASTokenUpdateRequired = $false if([System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri) -and $validatedUri.Query.Contains("&se=")) { $pattern = '&se=(.*?)T' [DateTime] $expiryDate = Get-Date if([DateTime]::TryParse([Helpers]::GetSubString($($validatedUri.Query),$pattern),[ref] $expiryDate)) { if($expiryDate.AddDays(-[Constants]::SASTokenExpiryReminderInDays) -lt [DateTime]::UtcNow) { $IsSASTokenUpdateRequired = $true } } } return $IsSASTokenUpdateRequired } Static [string] GetUriWithUpdatedSASToken($policyUrl, $updateUrl) { [System.Uri] $validatedUri = $null; $UpdatedUrl = $policyUrl if([System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri) -and $validatedUri.Query.Contains("&se=") -and [System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri)) { $UpdatedUrl = $policyUrl.Split("?")[0] + "?" + $updateUrl.Split("?")[1] } return $UpdatedUrl } static [string] ReadInput($Prompt) { return (Read-Host -Prompt $Prompt).Trim() } static [string] CreateSharedKey([string] $StringToSign,[string] $ResourceName,[string] $AccessKey) { $KeyBytes = [System.Convert]::FromBase64String($AccessKey) $HMAC = New-Object System.Security.Cryptography.HMACSHA256 $HMAC.Key = $KeyBytes $UnsignedBytes = [System.Text.Encoding]::UTF8.GetBytes($StringToSign) $KeyHash = $HMAC.ComputeHash($UnsignedBytes) $SignedString = [System.Convert]::ToBase64String($KeyHash) $sharedKey = $ResourceName+":"+$SignedString return $sharedKey } # Convert secure string to plain text static [string] ConvertToPlainText([System.Security.SecureString] $secureString) { $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secureString) $plainText = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) return $plainText } # Get object of a particular permission (which are allowed) for a group. static [object] ResolvePermissions($permissionsInBit, $actions, $permissionName) { $obj = @(); #$editPerms = @(); #check allowed permissions if($permissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($permissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += $bit | Where-Object {$_.displayName -eq $permissionName} } } } return $obj } # Resolve allowed permissions of a particular group. static [object] ResolveAllPermissions($AllowedPermissionsInBit, $InheritedAllowedPermissionsInBit, $actions) { $obj = @(); #$editPerms = @(); #check allowed permissions if($AllowedPermissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($AllowedPermissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += New-Object -TypeName psobject -Property @{Name= $bit.displayName ; Permission="Allow"} } } } if($InheritedAllowedPermissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($InheritedAllowedPermissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += New-Object -TypeName psobject -Property @{Name= $bit.displayName ; Permission="Allow (inherited)"} } } } $obj = $obj | Sort-Object -Property Name return $obj } static [System.Security.SecureString] GetVariableFromKVUrl($url){ $variable = $null; $context = @(Get-AzContext -ErrorAction SilentlyContinue ) if ($context.count -eq 0) { Write-Host "No active Azure login session found.`r`nPlease login to Azure tenant hosting the key vault..." -ForegroundColor Yellow Connect-AzAccount -ErrorAction Stop $context = @(Get-AzContext -ErrorAction SilentlyContinue) } if ($null -eq $context) { Write-Host "Login failed. Azure login context is required to use a key vault-based PAT token.`r`nStopping scan command." -ForegroundColor Red } #Parse the key-vault-URL to determine vaultname, secretname, version if ($url -match "^https://(?<kv>[\w]+)(?:[\.\w+]*)/secrets/(?<sn>[\w]+)/?(?<sv>[\w]*)") { $kvName = $Matches["kv"] $secretName = $Matches["sn"] $secretVersion = $Matches["sv"] if (-not [String]::IsNullOrEmpty($secretVersion)) { $kvSecret = Get-AzKeyVaultSecret -VaultName $kvName -SecretName $secretName -Version $secretVersion } else { $kvSecret = Get-AzKeyVaultSecret -VaultName $kvName -SecretName $secretName } if ($null -ne $kvSecret) { $variable = $kvSecret.SecretValue; } } return $variable } } # SIG # Begin signature block # MIIjiAYJKoZIhvcNAQcCoIIjeTCCI3UCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCD4fKUHQqs9fIYx # NBG9iK+4mpfdRSxGABpCEMUMMWlQ9qCCDYEwggX/MIID56ADAgECAhMzAAAB32vw # LpKnSrTQAAAAAAHfMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjAxMjE1MjEzMTQ1WhcNMjExMjAyMjEzMTQ1WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQC2uxlZEACjqfHkuFyoCwfL25ofI9DZWKt4wEj3JBQ48GPt1UsDv834CcoUUPMn # s/6CtPoaQ4Thy/kbOOg/zJAnrJeiMQqRe2Lsdb/NSI2gXXX9lad1/yPUDOXo4GNw # PjXq1JZi+HZV91bUr6ZjzePj1g+bepsqd/HC1XScj0fT3aAxLRykJSzExEBmU9eS # yuOwUuq+CriudQtWGMdJU650v/KmzfM46Y6lo/MCnnpvz3zEL7PMdUdwqj/nYhGG # 3UVILxX7tAdMbz7LN+6WOIpT1A41rwaoOVnv+8Ua94HwhjZmu1S73yeV7RZZNxoh # EegJi9YYssXa7UZUUkCCA+KnAgMBAAGjggF+MIIBejAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUOPbML8IdkNGtCfMmVPtvI6VZ8+Mw # UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1 # ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAwMTIrNDYzMDA5MB8GA1UdIwQYMBaAFEhu # ZOVQBdOCqhc3NyK1bajKdQKVMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly93d3cu # bWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY0NvZFNpZ1BDQTIwMTFfMjAxMS0w # Ny0wOC5jcmwwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3 # Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvZFNpZ1BDQTIwMTFfMjAx # MS0wNy0wOC5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAnnqH # tDyYUFaVAkvAK0eqq6nhoL95SZQu3RnpZ7tdQ89QR3++7A+4hrr7V4xxmkB5BObS # 0YK+MALE02atjwWgPdpYQ68WdLGroJZHkbZdgERG+7tETFl3aKF4KpoSaGOskZXp # TPnCaMo2PXoAMVMGpsQEQswimZq3IQ3nRQfBlJ0PoMMcN/+Pks8ZTL1BoPYsJpok # t6cql59q6CypZYIwgyJ892HpttybHKg1ZtQLUlSXccRMlugPgEcNZJagPEgPYni4 # b11snjRAgf0dyQ0zI9aLXqTxWUU5pCIFiPT0b2wsxzRqCtyGqpkGM8P9GazO8eao # mVItCYBcJSByBx/pS0cSYwBBHAZxJODUqxSXoSGDvmTfqUJXntnWkL4okok1FiCD # Z4jpyXOQunb6egIXvkgQ7jb2uO26Ow0m8RwleDvhOMrnHsupiOPbozKroSa6paFt # VSh89abUSooR8QdZciemmoFhcWkEwFg4spzvYNP4nIs193261WyTaRMZoceGun7G # CT2Rl653uUj+F+g94c63AhzSq4khdL4HlFIP2ePv29smfUnHtGq6yYFDLnT0q/Y+ # Di3jwloF8EWkkHRtSuXlFUbTmwr/lDDgbpZiKhLS7CBTDj32I0L5i532+uHczw82 # oZDmYmYmIUSMbZOgS65h797rj5JJ6OkeEUJoAVwwggd6MIIFYqADAgECAgphDpDS # AAAAAAADMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0 # ZSBBdXRob3JpdHkgMjAxMTAeFw0xMTA3MDgyMDU5MDlaFw0yNjA3MDgyMTA5MDla # MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMT # H01pY3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTEwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQCr8PpyEBwurdhuqoIQTTS68rZYIZ9CGypr6VpQqrgG # OBoESbp/wwwe3TdrxhLYC/A4wpkGsMg51QEUMULTiQ15ZId+lGAkbK+eSZzpaF7S # 35tTsgosw6/ZqSuuegmv15ZZymAaBelmdugyUiYSL+erCFDPs0S3XdjELgN1q2jz # y23zOlyhFvRGuuA4ZKxuZDV4pqBjDy3TQJP4494HDdVceaVJKecNvqATd76UPe/7 # 4ytaEB9NViiienLgEjq3SV7Y7e1DkYPZe7J7hhvZPrGMXeiJT4Qa8qEvWeSQOy2u # M1jFtz7+MtOzAz2xsq+SOH7SnYAs9U5WkSE1JcM5bmR/U7qcD60ZI4TL9LoDho33 # X/DQUr+MlIe8wCF0JV8YKLbMJyg4JZg5SjbPfLGSrhwjp6lm7GEfauEoSZ1fiOIl # XdMhSz5SxLVXPyQD8NF6Wy/VI+NwXQ9RRnez+ADhvKwCgl/bwBWzvRvUVUvnOaEP # 6SNJvBi4RHxF5MHDcnrgcuck379GmcXvwhxX24ON7E1JMKerjt/sW5+v/N2wZuLB # l4F77dbtS+dJKacTKKanfWeA5opieF+yL4TXV5xcv3coKPHtbcMojyyPQDdPweGF # RInECUzF1KVDL3SV9274eCBYLBNdYJWaPk8zhNqwiBfenk70lrC8RqBsmNLg1oiM # CwIDAQABo4IB7TCCAekwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFEhuZOVQ # BdOCqhc3NyK1bajKdQKVMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud # DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFHItOgIxkEO5FAVO # 4eqnxzHRI4k0MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwubWljcm9zb2Z0 # LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcmwwXgYIKwYBBQUHAQEEUjBQME4GCCsGAQUFBzAChkJodHRwOi8vd3d3Lm1p # Y3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcnQwgZ8GA1UdIASBlzCBlDCBkQYJKwYBBAGCNy4DMIGDMD8GCCsGAQUFBwIB # FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2RvY3MvcHJpbWFyeWNw # cy5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AcABvAGwAaQBjAHkA # XwBzAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAGfyhqWY # 4FR5Gi7T2HRnIpsLlhHhY5KZQpZ90nkMkMFlXy4sPvjDctFtg/6+P+gKyju/R6mj # 82nbY78iNaWXXWWEkH2LRlBV2AySfNIaSxzzPEKLUtCw/WvjPgcuKZvmPRul1LUd # d5Q54ulkyUQ9eHoj8xN9ppB0g430yyYCRirCihC7pKkFDJvtaPpoLpWgKj8qa1hJ # Yx8JaW5amJbkg/TAj/NGK978O9C9Ne9uJa7lryft0N3zDq+ZKJeYTQ49C/IIidYf # wzIY4vDFLc5bnrRJOQrGCsLGra7lstnbFYhRRVg4MnEnGn+x9Cf43iw6IGmYslmJ # aG5vp7d0w0AFBqYBKig+gj8TTWYLwLNN9eGPfxxvFX1Fp3blQCplo8NdUmKGwx1j # NpeG39rz+PIWoZon4c2ll9DuXWNB41sHnIc+BncG0QaxdR8UvmFhtfDcxhsEvt9B # xw4o7t5lL+yX9qFcltgA1qFGvVnzl6UJS0gQmYAf0AApxbGbpT9Fdx41xtKiop96 # eiL6SJUfq/tHI4D1nvi/a7dLl+LrdXga7Oo3mXkYS//WsyNodeav+vyL6wuA6mk7 # r/ww7QRMjt/fdW1jkT3RnVZOT7+AVyKheBEyIXrvQQqxP/uozKRdwaGIm1dxVk5I # RcBCyZt2WwqASGv9eZ/BvW1taslScxMNelDNMYIVXTCCFVkCAQEwgZUwfjELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9z # b2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAxMQITMwAAAd9r8C6Sp0q00AAAAAAB3zAN # BglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor # BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgCPwTNDlh # NrSkhzyF2XZiJLRkdiAfu21QYwpqMt65hGowRAYKKwYBBAGCNwIBDDE2MDSgFIAS # AE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3Lm1pY3Jvc29mdC5jb20g # MA0GCSqGSIb3DQEBAQUABIIBALWuDrhK9cwaOySGONlVa2vVSc/ovC+uGk/r7gAE # f0ubBorWXi339Is0GBKROHUcTc7pnueHl3qZwSqsYx8+poit0ztd5K/2FxzMlFsH # muAWayzBG0kh+G0cYTagMMnL+1UEDykIqFa3JYHcYPqC2G+k/uJjjyDDPOr4FdRc # nezYIJRYUSkO2qRJs/Rlw5OIujg8q1BNQm2oaWU07NG4qQdsnZ9n2NqpZ/HOx3WB # 4DICDPuuOYKqJMh8qzAcpLFjvsqn2/L7qn0O22BRDvOXE3MSBws5ABp8Q1ZNRX7g # oOiUkRNHrzGxhntZ1tzBZGO1+aBMLmYFqo8uFDBnDhWqyeuhghLlMIIS4QYKKwYB # BAGCNwMDATGCEtEwghLNBgkqhkiG9w0BBwKgghK+MIISugIBAzEPMA0GCWCGSAFl # AwQCAQUAMIIBUQYLKoZIhvcNAQkQAQSgggFABIIBPDCCATgCAQEGCisGAQQBhFkK # AwEwMTANBglghkgBZQMEAgEFAAQg895HpCFUWo6dVMoN/YgpfgnkwrjQYJ2+fNIx # OupWWLgCBmFDqbOlsBgTMjAyMTEwMTIxMTUzMjkuNTg5WjAEgAIB9KCB0KSBzTCB # yjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMc # TWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEmMCQGA1UECxMdVGhhbGVzIFRT # UyBFU046M0JCRC1FMzM4LUU5QTExJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0 # YW1wIFNlcnZpY2Wggg48MIIE8TCCA9mgAwIBAgITMwAAAU9kLnX2egNagwAAAAAB # TzANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu # Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv # cmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDAe # Fw0yMDExMTIxODI2MDJaFw0yMjAyMTExODI2MDJaMIHKMQswCQYDVQQGEwJVUzET # MBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMV # TWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1lcmlj # YSBPcGVyYXRpb25zMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjozQkJELUUzMzgt # RTlBMTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZTCCASIw # DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMUd7Vk9mgo7Bvk/cTv+0gdJq+K # 2F8x/ywmh3IltQsgeWtSdrFJ4LE3IUoHektxY53JAPIkJNFupGqYLRtJ4PUN9PU8 # i/r8DocOxnc2DvPdCUOD8MSVeV9BpK+nfZ19P1TvjY7R+8kLuwBMR6cFrPt+FNdC # KXCO4dV9TlaptLEedNyIVamYBslz0E+4/7ulhcxSlLdrAYlmT1wEV9Vz0LWsDlyp # PgK4gQxLDgdRCwibgQVsNMwFI9H+GktJWCgje6nVNM6nvqj2Aa0v6dBxV9VM0TZ9 # +zOkfEQID8WztevBxsQV7TTZEe9rRYE9uKRlpl4dAQcOLYRn0yWyPK0/av0CAwEA # AaOCARswggEXMB0GA1UdDgQWBBSOje7XFgYQflWTvzXCZPExX/KgoDAfBgNVHSME # GDAWgBTVYzpcijGQ80N7fEYbxTNoWoVtVTBWBgNVHR8ETzBNMEugSaBHhkVodHRw # Oi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNUaW1TdGFQ # Q0FfMjAxMC0wNy0wMS5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5o # dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1RpbVN0YVBDQV8y # MDEwLTA3LTAxLmNydDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMI # MA0GCSqGSIb3DQEBCwUAA4IBAQA8MeSrHFzkMg56ytF7PJuigV+XhDEaY0JrpG7b # 6+AvbsLrBkHRHnyQGeJaXkCaMui8mUq8l4kk9p5iFTvBUd5fDHB/6RGRBi4YUXad # GQg/x2XahvoB3jJvTB4P2jpfmFJvpJpALIP9iOhKUPkCADgoKeybYC69rvMGbkQi # Hp+J7ks6ozeueb84CXZQ6c1t98XmyDq9oXLjw8HUUwlRniCvdPbLyQReawT3v7Zm # OMlRtwTWv6+z5vW/rFnB5/V1y0FNRaRbW/9r/taoxe00iOs4eMLCyweHAB+6UXua # zgU7W/89g866wcbipsq8xGHEDgyehgPuHWHJJwp3G9Ss3eW5MIIGcTCCBFmgAwIB # AgIKYQmBKgAAAAAAAjANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzAR # BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1p # Y3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2Vy # dGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMTAwNzAxMjEzNjU1WhcNMjUwNzAx # MjE0NjU1WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G # A1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYw # JAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCASIwDQYJKoZI # hvcNAQEBBQADggEPADCCAQoCggEBAKkdDbx3EYo6IOz8E5f1+n9plGt0VBDVpQoA # goX77XxoSyxfxcPlYcJ2tz5mK1vwFVMnBDEfQRsalR3OCROOfGEwWbEwRA/xYIiE # VEMM1024OAizQt2TrNZzMFcmgqNFDdDq9UeBzb8kYDJYYEbyWEeGMoQedGFnkV+B # VLHPk0ySwcSmXdFhE24oxhr5hoC732H8RsEnHSRnEnIaIYqvS2SJUGKxXf13Hz3w # V3WsvYpCTUBR0Q+cBj5nf/VmwAOWRH7v0Ev9buWayrGo8noqCjHw2k4GkbaICDXo # eByw6ZnNPOcvRLqn9NxkvaQBwSAJk3jN/LzAyURdXhacAQVPIk0CAwEAAaOCAeYw # ggHiMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBTVYzpcijGQ80N7fEYbxTNo # WoVtVTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBW # BgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUH # AQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtp # L2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDCBoAYDVR0gAQH/BIGV # MIGSMIGPBgkrBgEEAYI3LgMwgYEwPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cubWlj # cm9zb2Z0LmNvbS9QS0kvZG9jcy9DUFMvZGVmYXVsdC5odG0wQAYIKwYBBQUHAgIw # NB4yIB0ATABlAGcAYQBsAF8AUABvAGwAaQBjAHkAXwBTAHQAYQB0AGUAbQBlAG4A # dAAuIB0wDQYJKoZIhvcNAQELBQADggIBAAfmiFEN4sbgmD+BcQM9naOhIW+z66bM # 9TG+zwXiqf76V20ZMLPCxWbJat/15/B4vceoniXj+bzta1RXCCtRgkQS+7lTjMz0 # YBKKdsxAQEGb3FwX/1z5Xhc1mCRWS3TvQhDIr79/xn/yN31aPxzymXlKkVIArzgP # F/UveYFl2am1a+THzvbKegBvSzBEJCI8z+0DpZaPWSm8tv0E4XCfMkon/VWvL/62 # 5Y4zu2JfmttXQOnxzplmkIz/amJ/3cVKC5Em4jnsGUpxY517IW3DnKOiPPp/fZZq # kHimbdLhnPkd/DjYlPTGpQqWhqS9nhquBEKDuLWAmyI4ILUl5WTs9/S/fmNZJQ96 # LjlXdqJxqgaKD4kWumGnEcua2A5HmoDF0M2n0O99g/DhO3EJ3110mCIIYdqwUB5v # vfHhAN/nMQekkzr3ZUd46PioSKv33nJ+YWtvd6mBy6cJrDm77MbL2IK0cs0d9LiF # AR6A+xuJKlQ5slvayA1VmXqHczsI5pgt6o3gMy4SKfXAL1QnIffIrE7aKLixqduW # sqdCosnPGUFN4Ib5KpqjEWYw07t0MkvfY3v1mYovG8chr1m1rtxEPJdQcdeh0sVV # 42neV8HR3jDA/czmTfsNv11P6Z0eGTgvvM9YBS7vDaBQNdrvCScc1bN+NR4Iuto2 # 29Nfj950iEkSoYICzjCCAjcCAQEwgfihgdCkgc0wgcoxCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNh # IE9wZXJhdGlvbnMxJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNOOjNCQkQtRTMzOC1F # OUExMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloiMKAQEw # BwYFKw4DAhoDFQDoIgziqtIHOpyM14dSd14peCqr6KCBgzCBgKR+MHwxCzAJBgNV # BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w # HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29m # dCBUaW1lLVN0YW1wIFBDQSAyMDEwMA0GCSqGSIb3DQEBBQUAAgUA5Q/FwzAiGA8y # MDIxMTAxMjE2Mjg1MVoYDzIwMjExMDEzMTYyODUxWjB3MD0GCisGAQQBhFkKBAEx # LzAtMAoCBQDlD8XDAgEAMAoCAQACAhlrAgH/MAcCAQACAhFMMAoCBQDlERdDAgEA # MDYGCisGAQQBhFkKBAIxKDAmMAwGCisGAQQBhFkKAwKgCjAIAgEAAgMHoSChCjAI # AgEAAgMBhqAwDQYJKoZIhvcNAQEFBQADgYEAoXOUhVKe7E1nkKMCRJwGSHTENbpG # ebnmKDcLtN3ivALuu6bzS6HKX02c+iwSPFj+Q0VMRb1GxFsRRkBG7AjsIT3rWD+F # X2lP6exWwkt0+5PLMP2m8kihn54oHmN/6tuL9xQIy98Yv7fuKgnmGBw7Mj8iZtnJ # k7eJqftecQrtLkAxggMNMIIDCQIBATCBkzB8MQswCQYDVQQGEwJVUzETMBEGA1UE # CBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z # b2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQ # Q0EgMjAxMAITMwAAAU9kLnX2egNagwAAAAABTzANBglghkgBZQMEAgEFAKCCAUow # GgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEEMC8GCSqGSIb3DQEJBDEiBCDykAln # JKAbt2+a/I6688nvsFH1Ia2tUoS0Uf39JYuZlzCB+gYLKoZIhvcNAQkQAi8xgeow # gecwgeQwgb0EIABnJhD2glikwMZyIW0YcnpDz6r4eW0wjRDFxsEAtTcCMIGYMIGA # pH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT # B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UE # AxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAFPZC519noDWoMA # AAAAAU8wIgQgzVR+qVwYJ/9COKnD8dySzRZ0NTERW0QBCICF6Jdok84wDQYJKoZI # hvcNAQELBQAEggEAY1r31M7qYUHr5PIWW+bGWTr09evAndeHYDxyo1480JL8YEyb # pwQIe4HzYInqXb72ZG2jVXSyqhZ/OoQiIpo2cXIFpxM3r3pAmPU3u/9B/pnRtf/N # 6nsu3CPKKf4eUbzYS1kFE7UZD1CeK5wwZPFlEu1YPuctVLHakobmCKihy38Ism3Y # qAdtc9aranJ+Zil+HL0ybQAzPQqbyaPU2Wlic6GmG9h7R0RPvYRVHzXWgK8oBo7V # hAmmQ/ljN4QKKkSPA3qStVzIWQSzwAVz/wisTLj3i7ldMLpqm014L4hBEUCgJsX1 # 1K3rEjZEWf2S2vMpIo7g2HIq0kycNas2SZRiCA== # SIG # End signature block |