Framework/Helpers/Helpers.ps1
using namespace Newtonsoft.Json using namespace Microsoft.Azure.Commands.Common.Authentication.Abstractions using namespace Microsoft.Azure.Commands.Common.Authentication using namespace Microsoft.Azure.Management.Storage.Models Set-StrictMode -Version Latest class Helpers { static [PSObject] $SHA256Alg = [System.Security.Cryptography.HashAlgorithm]::Create('sha256'); hidden static [PSObject] LoadOfflineConfigFile([string] $fileName, [bool] $parseJson) { $rootConfigPath = [Constants]::AzSKAppFolderPath ; return [Helpers]::LoadOfflineConfigFile($fileName, $true,$rootConfigPath); } hidden static [PSObject] LoadOfflineConfigFile([string] $fileName, [bool] $parseJson, $path) { #Load file from AzSK App folder $rootConfigPath = $path ; $extension = [System.IO.Path]::GetExtension($fileName); $filePath = $null if(Test-Path -Path $rootConfigPath) { $filePath = (Get-ChildItem $rootConfigPath -Name -Recurse -Include $fileName) | Select-Object -First 1 } #If file not present in App folder load settings from Configurations in Module folder if (!$filePath) { $rootConfigPath = Join-Path (Get-Item $PSScriptRoot).Parent.FullName "Configurations"; $filePath = (Get-ChildItem $rootConfigPath -Name -Recurse -Include $fileName) | Select-Object -First 1 } if ($filePath) { if($parseJson) { if($extension -eq ".json" -or $extension -eq ".lawsview") { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) | ConvertFrom-Json } else { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) } } else { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) } } else { throw "Unable to find the specified file '$fileName'" } if (-not $fileContent) { throw "The specified file '$fileName' is empty" } return $fileContent; } static AbstractClass($obj, $classType) { $type = $obj.GetType() if ($type -eq $classType) { throw("Class '$type' must be inherited") } } static [string] SanitizeFolderName($folderPath) { return ($folderPath -replace '[<>:"/\\\[\]|?*]', ''); } static [string] ConvertObjectToString([PSObject] $dataObject, [bool] $defaultPsOutput) { [string] $msg = ""; if ($dataObject) { if ($dataObject.GetType().FullName -eq "System.Management.Automation.ErrorRecord") { if($dataObject.Exception -is [SuppressedException]) { $msg = $dataObject.Exception.ConvertToString(); } else { if ($defaultPsOutput) { $msg = $dataObject.ToString(); } else { $msg = ($dataObject | Out-String) + "`r`nStackTrace: " + $dataObject. ScriptStackTrace } } } else { if ($defaultPsOutput -or $dataObject.GetType() -eq [string]) { $msg = $dataObject | Out-String; } else { try { #$msg = $dataObject | ConvertTo-Json -Depth 5 | Out-String; #$msg = [JsonHelper]::ConvertToJsonCustom($dataObject); $msg = [JsonHelper]::ConvertToPson($dataObject); } catch { $e = $_ $msg = $dataObject | Format-List | Out-String; } $msg = $msg.Trim(); #$msg = $msg.TrimStart("`r`n"); } } } return $msg.Trim("`r`n"); } static [bool] CompareObject($referenceObject, $differenceObject) { return [Helpers]::CompareObject($referenceObject, $differenceObject, $false) } static [bool] CompareObject($referenceObject, $differenceObject, [bool] $strictComparison) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { if ($referenceObject -is "Array") { if ($differenceObject -is "Array") { if ((-not $strictComparison) -or ($referenceObject.Count -eq $differenceObject.Count)) { foreach ($refObject in $referenceObject) { $arrayResult = $false; foreach ($diffObject in $differenceObject) { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison); if ($arrayResult) { break; } } $result = $result -and $arrayResult if (-not $arrayResult) { break; } } } else { $result = $false; } } else { $result = $false; } } # Condition for all primitive types elseif ($referenceObject -is "string" -or $referenceObject -is "ValueType") { # For primitive types, use default comparer $result = $result -and (((Compare-Object $referenceObject $differenceObject) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } else { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison) } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } hidden static [bool] CompareObjectProperties($referenceObject, $differenceObject, [bool] $strictComparison) { $result = $true; $refProps = @(); $diffProps = @(); $refProps += [Helpers]::GetProperties($referenceObject); $diffProps += [Helpers]::GetProperties($differenceObject); if ((-not $strictComparison) -or ($refProps.Count -eq $diffProps.Count)) { foreach ($propName in $refProps) { $refProp = $referenceObject.$propName; if (-not [string]::IsNullOrWhiteSpace(($diffProps | Where-Object { $_ -eq $propName } | Select-Object -First 1))) { $compareProp = $differenceObject.$propName; if ($null -ne $refProp) { if ($null -ne $compareProp) { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison); } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } if (-not $result) { break; } } } else { $result = $false; } return $result; } static [bool] CompareObject($referenceObject, $differenceObject, [bool] $strictComparison,$AttestComparisionType) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { if ($referenceObject -is "Array") { if ($differenceObject -is "Array") { if ((-not $strictComparison) -or ($referenceObject.Count -eq $differenceObject.Count)) { foreach ($refObject in $referenceObject) { $arrayResult = $false; foreach ($diffObject in $differenceObject) { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison,$AttestComparisionType); } else { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison); } if ($arrayResult) { break; } } $result = $result -and $arrayResult if (-not $arrayResult) { break; } } } else { $result = $false; } } else { $result = $false; } } # Condition for all primitive types elseif ($referenceObject -is "string" -or $referenceObject -is "ValueType") { # For primitive types, use default comparer if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and ($referenceObject -ge $differenceObject) } else { $result = $result -and (((Compare-Object $referenceObject $differenceObject) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } } else { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison,$AttestComparisionType) } else { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison) } } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } hidden static [bool] CompareObjectProperties($referenceObject, $differenceObject, [bool] $strictComparison,$AttestComparisionType) { $result = $true; $refProps = @(); $diffProps = @(); $refProps += [Helpers]::GetProperties($referenceObject); $diffProps += [Helpers]::GetProperties($differenceObject); if ((-not $strictComparison) -or ($refProps.Count -eq $diffProps.Count)) { foreach ($propName in $refProps) { $refProp = $referenceObject.$propName; if (-not [string]::IsNullOrWhiteSpace(($diffProps | Where-Object { $_ -eq $propName } | Select-Object -First 1))) { $compareProp = $differenceObject.$propName; if ($null -ne $refProp) { if ($null -ne $compareProp) { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison,$AttestComparisionType); } else { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison); } } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } if (-not $result) { break; } } } else { $result = $false; } return $result; } static [string[]] GetProperties($object) { $props = @(); if($object) { if ($object -is "Hashtable") { $object.Keys | ForEach-Object { $props += $_; }; } else { ($object | Get-Member -MemberType Properties) | ForEach-Object { $props += $_.Name; }; } } return $props; } static [bool] CompareObjectOld($referenceObject, $differenceObject) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { ($referenceObject | Get-Member -MemberType Properties) | ForEach-Object { $refProp = $referenceObject."$($_.Name)"; if ($differenceObject | Get-Member -Name $_.Name) { $compareProp = $differenceObject."$($_.Name)"; if ($null -ne $refProp) { if ($null -ne $compareProp) { if ($refProp.GetType().Name -eq "PSCustomObject") { $result = $result -and [Helpers]::CompareObjectOld($refProp, $compareProp); } else { $result = $result -and (((Compare-Object $refProp $compareProp) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } static [bool] CheckMember([PSObject] $refObject, [string] $memberPath) { return [Helpers]::CheckMember($refObject, $memberPath, $true); } static [bool] CheckMember([PSObject] $refObject, [string] $memberPath, [bool] $checkNull) { [bool]$result = $false; if ($refObject) { $properties = @(); $properties += $memberPath.Split("."); if ($properties.Count -gt 0) { $currentItem = $properties.Get(0); if (-not [string]::IsNullOrWhiteSpace($currentItem)) { if ($refObject | Get-Member -Name $currentItem) { if ($properties.Count -gt 1) { if($refObject.$currentItem) { $result = $true; $result = $result -and [Helpers]::CheckMember($refObject.$currentItem, [string]::Join(".", $properties[1..($properties.length - 1)])); } } else { if($checkNull) { if($refObject.$currentItem) { $result = $true; } } else { $result = $true; } } } } } } return $result; } static [PSObject] SelectMembers([PSObject] $refObject, [string[]] $memberPaths) { $result = $null; if ($null -ne $refObject) { if ($refObject -is "Array") { $result = @(); $refObject | ForEach-Object { $memberValue = [Helpers]::SelectMembers($_, $memberPaths); if ($null -ne $memberValue) { $result += $memberValue; } }; } else { $processedMemberPaths = @(); $objectProps = [Helpers]::GetProperties($refObject); if ($objectProps.Count -ne 0 -and $null -ne $memberPaths -and $memberPaths.Count -ne 0) { $memberPaths | Where-Object { -not [string]::IsNullOrWhiteSpace($_) } | ForEach-Object { $splitPaths = @(); $splitPaths += $_.Split("."); $firstMemberPath = $splitPaths.Get(0); if (-not [string]::IsNullOrWhiteSpace($firstMemberPath) -and $objectProps.Contains($firstMemberPath)) { $pathObject = $processedMemberPaths | Where-Object { $_.MemberPath -eq $firstMemberPath } | Select-Object -First 1; if (-not $pathObject) { $pathObject = @{ MemberPath = $firstMemberPath; ChildPaths = @(); }; $processedMemberPaths += $pathObject; } # Count > 1 indicates that it has child path if ($splitPaths.Count -gt 1) { $pathObject.ChildPaths += [string]::Join(".", $splitPaths[1..($splitPaths.length - 1)]); } } }; } if ($processedMemberPaths.Count -ne 0) { $processedMemberPaths | ForEach-Object { $memberValue = $null; if ($_.ChildPaths.Count -eq 0) { $memberValue = $refObject."$($_.MemberPath)"; } else { $memberValue = [Helpers]::SelectMembers($refObject."$($_.MemberPath)", $_.ChildPaths); } if ($null -ne $memberValue) { if ($null -eq $result) { $result = New-Object PSObject; } $result | Add-Member -MemberType NoteProperty -Name ($_.MemberPath) -Value $memberValue; } }; } else { $result = $refObject; } } } return $result; } static [string] FetchTagsString([PSObject]$TagsHashTable) { [string] $tagsString = ""; try { if(($TagsHashTable | Measure-Object).Count -gt 0) { $TagsHashTable.Keys | ForEach-Object { $key = $_; $value = $TagsHashTable[$key]; $tagsString = $tagsString + "$($key):$($value);"; } } } catch { #eat exception as if not able to fetch tags, it would return empty instead of breaking the flow } return $tagsString; } static [string] ComputeHash([String] $data) { #Call the other function but request the full 32-byte == 64 hex chars (SHA56 hash) as string return [Helpers]::ComputeHashShort($data, 64) } static [string] ComputeHashShort([String] $data, [int] $len) { $retHashSB = [System.Text.StringBuilder]::new(); $hashBytes = [Helpers]::SHA256Alg.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($data)); $usedBytes = $len/2 #If N hex chars are needed, first N/2 bytes of the hash are used. #Grab only as many bytes from hash to use for returned hashString. #We use "x2" instead of just "x" to ensure that '4' becomes '04' in the returned string (applicable to anything <16) #Overall, this ensures that the string conversion of a full SHA256 hash is *always* 64 chars long. for ($i=0;$i -lt $usedBytes; $i++) { [void]$retHashSB.Append($hashBytes[$i].ToString("x2")) } return $retHashSB.ToString() } static [VerificationResult] EvaluateVerificationResult([VerificationResult] $verificationResult, [AttestationStatus] $attestationStatus) { [VerificationResult] $result = $verificationResult; # No action required if Attestation status is None OR verification result is Passed if ($attestationStatus -ne [AttestationStatus]::None -or $verificationResult -ne [VerificationResult]::Passed) { # Changing State Machine logic #if($verificationResult -eq [VerificationResult]::Verify -or $verificationResult -eq [VerificationResult]::Manual) #{ switch ($attestationStatus) { ([AttestationStatus]::NotAnIssue) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::WillNotFix) { $result = [VerificationResult]::Exception; break; } ([AttestationStatus]::WillFixLater) { $result = [VerificationResult]::Remediate; break; } ([AttestationStatus]::NotApplicable) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::StateConfirmed) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::ApprovedException) { $result = [VerificationResult]::Passed; break; } } #} #elseif($verificationResult -eq [VerificationResult]::Failed -or $verificationResult -eq [VerificationResult]::Error) #{ # $result = [VerificationResult]::RiskAck; #} } return $result; } static [PSObject] NewSecurePassword() { #create password $randomBytes = New-Object Byte[] 32 $provider = [System.Security.Cryptography.RNGCryptoServiceProvider]::Create() $provider.GetBytes($randomBytes) $provider.Dispose() $pwstring = [System.Convert]::ToBase64String($randomBytes) $newPassword = new-object securestring $pwstring.ToCharArray() | ForEach-Object { $newPassword.AppendChar($_) } $encryptedPassword = ConvertFrom-SecureString -SecureString $newPassword -Key (1..16) $securePassword = ConvertTo-SecureString -String $encryptedPassword -Key (1..16) return $securePassword } static [PSObject] DeepCopy([PSObject] $inputObject) { $memoryStream = New-Object System.IO.MemoryStream $binaryFormatter = New-Object System.Runtime.Serialization.Formatters.Binary.BinaryFormatter $binaryFormatter.Serialize($memoryStream, $inputObject) $memoryStream.Position = 0 $dataDeep = $binaryFormatter.Deserialize($memoryStream) $memoryStream.Close() return $dataDeep } static [bool] ValidateEmail([string]$address){ $validAddress = ($address -as [System.Net.Mail.MailAddress]) return ($null -ne $validAddress -and $validAddress.Address -eq $address ) } #Returns invalid email list static [string[]] ValidateEmailList([string[]]$emailList ) { $invalidEmails = @(); $emailList | ForEach-Object { if(-not [Helpers]::ValidateEmail($_)) { $invalidEmails += $_ } } return $invalidEmails } static [Object] MergeObjects([Object] $source,[Object] $extend, [string] $idName) { $idPropName = "Id"; if(-not [string]::IsNullOrWhiteSpace($idName)) { $idPropName = $idName; } if($source.GetType().Name -eq "PSCustomObject" -and $extend.GetType().Name -eq "PSCustomObject"){ foreach($Property in $extend | Get-Member -type NoteProperty, Property){ if(-not [Helpers]::CheckMember($source,$Property.Name,$false)){ $source | Add-Member -MemberType NoteProperty -Value $extend.$($Property.Name) -Name $Property.Name ` } $source.$($Property.Name) = [Helpers]::MergeObjects($source.$($Property.Name), $extend.$($Property.Name), $idName) } } elseif($source.GetType().Name -eq "Object[]" -and $extend.GetType().Name -eq "Object[]"){ if([Helpers]::IsPSObjectArray($source) -or [Helpers]::IsPSObjectArray($extend)) { foreach($extendArrElement in $extend) { $PropertyId = $extendArrElement | Get-Member -type NoteProperty, Property | Where-Object { $_.Name -eq $idPropName} | Select-Object -First 1 if(($PropertyId | Measure-Object).Count -gt 0) { $PropertyId = $PropertyId | Select-Object -First 1 } else { $PropertyId = $extendArrElement | Get-Member -type NoteProperty, Property | Select-Object -First 1 } $sourceElement = $source | Where-Object { $_.$($PropertyId.Name) -eq $extendArrElement.$($PropertyId.Name) } if($sourceElement) { $sourceElement = [Helpers]::MergeObjects($sourceElement, $extendArrElement, $idName) } else { $source +=$extendArrElement } } } else { $source = ($source + $extend) if ($source.Count -gt 0) { $source = @($source | Select-Object -Unique) } } } else{ $source = $extend; } return $source } static [Object] MergeObjects([Object] $source,[Object] $extend) { return [Helpers]::MergeObjects($source,$extend,""); } static [Bool] IsPSObjectArray($arrayObj) { if(($arrayObj | Measure-Object).Count -gt 0) { $firstElement = $arrayObj | Select-Object -First 1 if($firstElement.GetType().Name -eq "PSCustomObject") { return $true } else { return $false } } else { return $false } } #BOM replace function static [void] RemoveUtf8BOM([System.IO.FileInfo] $file) { [Helpers]::SetUtf8Encoding($file); if($file) { $byteBuffer = New-Object System.Byte[] 3 $reader = $file.OpenRead() $bytesRead = $reader.Read($byteBuffer, 0, 3); if ($bytesRead -eq 3 -and $byteBuffer[0] -eq 239 -and $byteBuffer[1] -eq 187 -and $byteBuffer[2] -eq 191) { $tempFile = [System.IO.Path]::GetTempFileName() $writer = [System.IO.File]::OpenWrite($tempFile) $reader.CopyTo($writer) $writer.Dispose() $reader.Dispose() Move-Item -Path $tempFile -Destination $file.FullName -Force } else { $reader.Dispose() } } } static [void] SetUtf8Encoding([System.IO.FileInfo] $file) { if($file) { $fileContent = Get-Content -Path $file.FullName; if($fileContent) { Out-File -InputObject $fileContent -Force -FilePath $file.FullName -Encoding utf8 } } } static [void] CleanupLocalFolder($folderPath) { try { if(Test-Path $folderPath) { Remove-Item -Path $folderPath -Recurse -Force -ErrorAction Stop | Out-Null } } catch{ #this call happens from finally block. Try to clean the files, if it don't happen it would get cleaned in the next attempt } } static [void] CreateFolderIfNotExist($FolderPath,$MakeFolderEmpty) { if(-not (Test-Path $FolderPath)) { New-Item -ItemType Directory -Path $FolderPath -ErrorAction Stop | Out-Null } elseif($MakeFolderEmpty) { Remove-Item -Path (Join-Path $FolderPath "*") -Force -Recurse } } Static [string] GetSubString($CotentString, $Pattern) { return [regex]::match($CotentString, $pattern).Groups[1].Value } #TODO: Currently this function is specific to Org PolicyHealth Check. Need to make generic Static [string] IsStringEmpty($String) { if([string]::IsNullOrEmpty($String)) { return "Not Available" } else { $String= $String.Split("?")[0] return $String } } Static [bool] IsSASTokenUpdateRequired($policyUrl) { [System.Uri] $validatedUri = $null; $IsSASTokenUpdateRequired = $false if([System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri) -and $validatedUri.Query.Contains("&se=")) { $pattern = '&se=(.*?)T' [DateTime] $expiryDate = Get-Date if([DateTime]::TryParse([Helpers]::GetSubString($($validatedUri.Query),$pattern),[ref] $expiryDate)) { if($expiryDate.AddDays(-[Constants]::SASTokenExpiryReminderInDays) -lt [DateTime]::UtcNow) { $IsSASTokenUpdateRequired = $true } } } return $IsSASTokenUpdateRequired } Static [string] GetUriWithUpdatedSASToken($policyUrl, $updateUrl) { [System.Uri] $validatedUri = $null; $UpdatedUrl = $policyUrl if([System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri) -and $validatedUri.Query.Contains("&se=") -and [System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri)) { $UpdatedUrl = $policyUrl.Split("?")[0] + "?" + $updateUrl.Split("?")[1] } return $UpdatedUrl } static [string] ReadInput($Prompt) { return (Read-Host -Prompt $Prompt).Trim() } static [string] CreateSharedKey([string] $StringToSign,[string] $ResourceName,[string] $AccessKey) { $KeyBytes = [System.Convert]::FromBase64String($AccessKey) $HMAC = New-Object System.Security.Cryptography.HMACSHA256 $HMAC.Key = $KeyBytes $UnsignedBytes = [System.Text.Encoding]::UTF8.GetBytes($StringToSign) $KeyHash = $HMAC.ComputeHash($UnsignedBytes) $SignedString = [System.Convert]::ToBase64String($KeyHash) $sharedKey = $ResourceName+":"+$SignedString return $sharedKey } # Convert secure string to plain text static [string] ConvertToPlainText([System.Security.SecureString] $secureString) { $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secureString) $plainText = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) return $plainText } # Get object of a particular permission (which are allowed) for a group. static [object] ResolvePermissions($permissionsInBit, $actions, $permissionName) { $obj = @(); #$editPerms = @(); #check allowed permissions if($permissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($permissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += $bit | Where-Object {$_.displayName -eq $permissionName} } } } return $obj } # Resolve allowed permissions of a particular group. static [object] ResolveAllPermissions($AllowedPermissionsInBit, $InheritedAllowedPermissionsInBit, $actions) { $obj = @(); #$editPerms = @(); #check allowed permissions if($AllowedPermissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($AllowedPermissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += New-Object -TypeName psobject -Property @{Name= $bit.displayName ; Permission="Allow"} } } } if($InheritedAllowedPermissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($InheritedAllowedPermissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += New-Object -TypeName psobject -Property @{Name= $bit.displayName ; Permission="Allow (inherited)"} } } } $obj = $obj | Sort-Object -Property Name return $obj } static [System.Security.SecureString] GetVariableFromKVUrl($url){ $variable = $null; $context = @(Get-AzContext -ErrorAction SilentlyContinue ) if ($context.count -eq 0) { Write-Host "No active Azure login session found.`r`nPlease login to Azure tenant hosting the key vault..." -ForegroundColor Yellow Connect-AzAccount -ErrorAction Stop $context = @(Get-AzContext -ErrorAction SilentlyContinue) } if ($null -eq $context) { Write-Host "Login failed. Azure login context is required to use a key vault-based PAT token.`r`nStopping scan command." -ForegroundColor Red } #Parse the key-vault-URL to determine vaultname, secretname, version if ($url -match "^https://(?<kv>[\w]+)(?:[\.\w+]*)/secrets/(?<sn>[\w]+)/?(?<sv>[\w]*)") { $kvName = $Matches["kv"] $secretName = $Matches["sn"] $secretVersion = $Matches["sv"] if (-not [String]::IsNullOrEmpty($secretVersion)) { $kvSecret = Get-AzKeyVaultSecret -VaultName $kvName -SecretName $secretName -Version $secretVersion } else { $kvSecret = Get-AzKeyVaultSecret -VaultName $kvName -SecretName $secretName } if ($null -ne $kvSecret) { $variable = $kvSecret.SecretValue; } } return $variable } } # SIG # Begin signature block # MIInvwYJKoZIhvcNAQcCoIInsDCCJ6wCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCD4fKUHQqs9fIYx # NBG9iK+4mpfdRSxGABpCEMUMMWlQ9qCCDXYwggX0MIID3KADAgECAhMzAAADrzBA # DkyjTQVBAAAAAAOvMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjMxMTE2MTkwOTAwWhcNMjQxMTE0MTkwOTAwWjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDOS8s1ra6f0YGtg0OhEaQa/t3Q+q1MEHhWJhqQVuO5amYXQpy8MDPNoJYk+FWA # hePP5LxwcSge5aen+f5Q6WNPd6EDxGzotvVpNi5ve0H97S3F7C/axDfKxyNh21MG # 0W8Sb0vxi/vorcLHOL9i+t2D6yvvDzLlEefUCbQV/zGCBjXGlYJcUj6RAzXyeNAN # xSpKXAGd7Fh+ocGHPPphcD9LQTOJgG7Y7aYztHqBLJiQQ4eAgZNU4ac6+8LnEGAL # go1ydC5BJEuJQjYKbNTy959HrKSu7LO3Ws0w8jw6pYdC1IMpdTkk2puTgY2PDNzB # tLM4evG7FYer3WX+8t1UMYNTAgMBAAGjggFzMIIBbzAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQURxxxNPIEPGSO8kqz+bgCAQWGXsEw # RQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEW # MBQGA1UEBRMNMjMwMDEyKzUwMTgyNjAfBgNVHSMEGDAWgBRIbmTlUAXTgqoXNzci # tW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3JsMGEG # CCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3J0 # MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAISxFt/zR2frTFPB45Yd # mhZpB2nNJoOoi+qlgcTlnO4QwlYN1w/vYwbDy/oFJolD5r6FMJd0RGcgEM8q9TgQ # 2OC7gQEmhweVJ7yuKJlQBH7P7Pg5RiqgV3cSonJ+OM4kFHbP3gPLiyzssSQdRuPY # 1mIWoGg9i7Y4ZC8ST7WhpSyc0pns2XsUe1XsIjaUcGu7zd7gg97eCUiLRdVklPmp # XobH9CEAWakRUGNICYN2AgjhRTC4j3KJfqMkU04R6Toyh4/Toswm1uoDcGr5laYn # TfcX3u5WnJqJLhuPe8Uj9kGAOcyo0O1mNwDa+LhFEzB6CB32+wfJMumfr6degvLT # e8x55urQLeTjimBQgS49BSUkhFN7ois3cZyNpnrMca5AZaC7pLI72vuqSsSlLalG # OcZmPHZGYJqZ0BacN274OZ80Q8B11iNokns9Od348bMb5Z4fihxaBWebl8kWEi2O # PvQImOAeq3nt7UWJBzJYLAGEpfasaA3ZQgIcEXdD+uwo6ymMzDY6UamFOfYqYWXk # ntxDGu7ngD2ugKUuccYKJJRiiz+LAUcj90BVcSHRLQop9N8zoALr/1sJuwPrVAtx # HNEgSW+AKBqIxYWM4Ev32l6agSUAezLMbq5f3d8x9qzT031jMDT+sUAoCw0M5wVt # CUQcqINPuYjbS1WgJyZIiEkBMIIHejCCBWKgAwIBAgIKYQ6Q0gAAAAAAAzANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5WjB+MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQg # Q29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC # CgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4BjgaBEm6f8MMHt03 # a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe0t+bU7IKLMOv2akr # rnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato88tt8zpcoRb0Rrrg # OGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v++MrWhAfTVYoonpy # 4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDstrjNYxbc+/jLTswM9 # sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN91/w0FK/jJSHvMAh # dCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4jiJV3TIUs+UsS1Vz8k # A/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmhD+kjSbwYuER8ReTB # w3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbiwZeBe+3W7UvnSSmn # Eyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8HhhUSJxAlMxdSlQy90 # lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaIjAsCAwEAAaOCAe0w # ggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTlUAXTgqoXNzcitW2o # ynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBa # BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsG # AQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MIGfBgNV # HSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcCARYzaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnljcHMuaHRtMEAGCCsG # AQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5AF8AcwB0AGEAdABl # AG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oalmOBUeRou09h0ZyKb # C5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0epo/Np22O/IjWll11l # hJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1HXeUOeLpZMlEPXh6 # I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtYSWMfCWluWpiW5IP0 # wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInWH8MyGOLwxS3OW560 # STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZiWhub6e3dMNABQam # ASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMdYzaXht/a8/jyFqGa # J+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7fQccOKO7eZS/sl/ah # XJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKfenoi+kiVH6v7RyOA # 9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOppO6/8MO0ETI7f33Vt # Y5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZOSEXAQsmbdlsKgEhr # /Xmfwb1tbWrJUnMTDXpQzTGCGZ8wghmbAgEBMIGVMH4xCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNp # Z25pbmcgUENBIDIwMTECEzMAAAOvMEAOTKNNBUEAAAAAA68wDQYJYIZIAWUDBAIB # BQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEO # MAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIAj8EzQ5YTa0pIc8hdl2YiS0 # ZHYgH7ttUGMKajLeuYRqMEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8A # cwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEB # BQAEggEAXiE917UWDCXjCck1mH1z3cLjkxgLCRgv4DD/IhabnVJkqDH8e93p0S5O # 6h1Hi6oQ2B8k2Nca/jyiN6A7jG74nfpA7TjdRe8oiOSgi+ZU2KifQnW5afd3r6ip # 6qIdbpFlNuLdNZY61iDA/pgvOwC8DLkdo+8gi+C9HWa5SU1GahMbeqRnf6VLN809 # PYcGxflURGivs4STKQsfgYU79o3H400TSGEBYnKuiQMRtkv0qatRgc4sqFjHvW4H # R72pNTI7BakJUrXIW4yGuXMg2dhHhHzonZfitKcoSfNK790SD1BfPJkOH5wUIOe3 # MnG/ZKYUuTWeFIpcqtpqnV++BqbJTqGCFykwghclBgorBgEEAYI3AwMBMYIXFTCC # FxEGCSqGSIb3DQEHAqCCFwIwghb+AgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFZBgsq # hkiG9w0BCRABBKCCAUgEggFEMIIBQAIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFl # AwQCAQUABCBQLW9/G630cVf7xFIk9Cy1cC0cfpICzl99kjQbZlZd5AIGZbqeI5Da # GBMyMDI0MDIwOTA1MTQwMy42MDJaMASAAgH0oIHYpIHVMIHSMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQLEyRNaWNyb3NvZnQgSXJl # bGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNO # OjA4NDItNEJFNi1DMjlBMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBT # ZXJ2aWNloIIReDCCBycwggUPoAMCAQICEzMAAAHajtXJWgDREbEAAQAAAdowDQYJ # KoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwHhcNMjMx # MDEyMTkwNjU5WhcNMjUwMTEwMTkwNjU5WjCB0jELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0IElyZWxhbmQgT3Bl # cmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjowODQyLTRC # RTYtQzI5QTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZTCC # AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJOQBgh2tVFR1j8jQA4NDf8b # cVrXSN080CNKPSQo7S57sCnPU0FKF47w2L6qHtwm4EnClF2cruXFp/l7PpMQg25E # 7X8xDmvxr8BBE6iASAPCfrTebuvAsZWcJYhy7prgCuBf7OidXpgsW1y8p6Vs7sD2 # aup/0uveYxeXlKtsPjMCplHkk0ba+HgLho0J68Kdji3DM2K59wHy9xrtsYK+X9er # bDGZ2mmX3765aS5Q7/ugDxMVgzyj80yJn6ULnknD9i4kUQxVhqV1dc/DF6UBeuzf # ukkMed7trzUEZMRyla7qhvwUeQlgzCQhpZjz+zsQgpXlPczvGd0iqr7lACwfVGog # 5plIzdExvt1TA8Jmef819aTKwH1IVEIwYLA6uvS8kRdA6RxvMcb//ulNjIuGceyy # kMAXEynVrLG9VvK4rfrCsGL3j30Lmidug+owrcCjQagYmrGk1hBykXilo9YB8Qyy # 5Q1KhGuH65V3zFy8a0kwbKBRs8VR4HtoPYw9z1DdcJfZBO2dhzX3yAMipCGm6Smv # mvavRsXhy805jiApDyN+s0/b7os2z8iRWGJk6M9uuT2493gFV/9JLGg5YJJCJXI+ # yxkO/OXnZJsuGt0+zWLdHS4XIXBG17oPu5KsFfRTHREloR2dI6GwaaxIyDySHYOt # vIydla7u4lfnfCjY/qKTAgMBAAGjggFJMIIBRTAdBgNVHQ4EFgQUoXyNyVE9ZhOV # izEUVwhNgL8PX0UwHwYDVR0jBBgwFoAUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXwYD # VR0fBFgwVjBUoFKgUIZOaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9j # cmwvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3JsMGwG # CCsGAQUFBwEBBGAwXjBcBggrBgEFBQcwAoZQaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIw # MjAxMCgxKS5jcnQwDAYDVR0TAQH/BAIwADAWBgNVHSUBAf8EDDAKBggrBgEFBQcD # CDAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggIBALmDVdTtuI0jAEt4 # 1O2OM8CU237TGMyhrGr7FzKCEFaXxtoqk/IObQriq1caHVh2vyuQ24nz3TdOBv7r # cs/qnPjOxnXFLyZPeaWLsNuARVmUViyVYXjXYB5DwzaWZgScY8GKL7yGjyWrh78W # JUgh7rE1+5VD5h0/6rs9dBRqAzI9fhZz7spsjt8vnx50WExbBSSH7rfabHendpeq # bTmW/RfcaT+GFIsT+g2ej7wRKIq/QhnsoF8mpFNPHV1q/WK/rF/ChovkhJMDvlqt # ETWi97GolOSKamZC9bYgcPKfz28ed25WJy10VtQ9P5+C/2dOfDaz1RmeOb27Kbeg # ha0SfPcriTfORVvqPDSa3n9N7dhTY7+49I8evoad9hdZ8CfIOPftwt3xTX2RhMZJ # CVoFlabHcvfb84raFM6cz5EYk+x1aVEiXtgK6R0xn1wjMXHf0AWlSjqRkzvSnRKz # FsZwEl74VahlKVhI+Ci9RT9+6Gc0xWzJ7zQIUFE3Jiix5+7KL8ArHfBY9UFLz4sn # boJ7Qip3IADbkU4ZL0iQ8j8Ixra7aSYfToUefmct3dM69ff4Eeh2Kh9NsKiiph58 # 9Ap/xS1jESlrfjL/g/ZboaS5d9a2fA598mubDvLD5x5PP37700vm/Y+PIhmp2fTv # uS2sndeZBmyTqcUNHRNmCk+njV3nMIIHcTCCBVmgAwIBAgITMwAAABXF52ueAptJ # mQAAAAAAFTANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT # Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m # dCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNh # dGUgQXV0aG9yaXR5IDIwMTAwHhcNMjEwOTMwMTgyMjI1WhcNMzAwOTMwMTgzMjI1 # WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQD # Ex1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCAiIwDQYJKoZIhvcNAQEB # BQADggIPADCCAgoCggIBAOThpkzntHIhC3miy9ckeb0O1YLT/e6cBwfSqWxOdcjK # NVf2AX9sSuDivbk+F2Az/1xPx2b3lVNxWuJ+Slr+uDZnhUYjDLWNE893MsAQGOhg # fWpSg0S3po5GawcU88V29YZQ3MFEyHFcUTE3oAo4bo3t1w/YJlN8OWECesSq/XJp # rx2rrPY2vjUmZNqYO7oaezOtgFt+jBAcnVL+tuhiJdxqD89d9P6OU8/W7IVWTe/d # vI2k45GPsjksUZzpcGkNyjYtcI4xyDUoveO0hyTD4MmPfrVUj9z6BVWYbWg7mka9 # 7aSueik3rMvrg0XnRm7KMtXAhjBcTyziYrLNueKNiOSWrAFKu75xqRdbZ2De+JKR # Hh09/SDPc31BmkZ1zcRfNN0Sidb9pSB9fvzZnkXftnIv231fgLrbqn427DZM9itu # qBJR6L8FA6PRc6ZNN3SUHDSCD/AQ8rdHGO2n6Jl8P0zbr17C89XYcz1DTsEzOUyO # ArxCaC4Q6oRRRuLRvWoYWmEBc8pnol7XKHYC4jMYctenIPDC+hIK12NvDMk2ZItb # oKaDIV1fMHSRlJTYuVD5C4lh8zYGNRiER9vcG9H9stQcxWv2XFJRXRLbJbqvUAV6 # bMURHXLvjflSxIUXk8A8FdsaN8cIFRg/eKtFtvUeh17aj54WcmnGrnu3tz5q4i6t # AgMBAAGjggHdMIIB2TASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQW # BBQqp1L+ZMSavoKRPEY1Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cVXQBeYl2D9OXSZacb # UzUZ6XIwXAYDVR0gBFUwUzBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYz # aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnku # aHRtMBMGA1UdJQQMMAoGCCsGAQUFBwMIMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIA # QwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2 # VsuP6KJcYmjRPZSQW9fOmhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwu # bWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEw # LTA2LTIzLmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93 # d3cubWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYt # MjMuY3J0MA0GCSqGSIb3DQEBCwUAA4ICAQCdVX38Kq3hLB9nATEkW+Geckv8qW/q # XBS2Pk5HZHixBpOXPTEztTnXwnE2P9pkbHzQdTltuw8x5MKP+2zRoZQYIu7pZmc6 # U03dmLq2HnjYNi6cqYJWAAOwBb6J6Gngugnue99qb74py27YP0h1AdkY3m2CDPVt # I1TkeFN1JFe53Z/zjj3G82jfZfakVqr3lbYoVSfQJL1AoL8ZthISEV09J+BAljis # 9/kpicO8F7BUhUKz/AyeixmJ5/ALaoHCgRlCGVJ1ijbCHcNhcy4sa3tuPywJeBTp # kbKpW99Jo3QMvOyRgNI95ko+ZjtPu4b6MhrZlvSP9pEB9s7GdP32THJvEKt1MMU0 # sHrYUP4KWN1APMdUbZ1jdEgssU5HLcEUBHG/ZPkkvnNtyo4JvbMBV0lUZNlz138e # W0QBjloZkWsNn6Qo3GcZKCS6OEuabvshVGtqRRFHqfG3rsjoiV5PndLQTHa1V1QJ # sWkBRH58oWFsc/4Ku+xBZj1p/cvBQUl+fpO+y/g75LcVv7TOPqUxUYS8vwLBgqJ7 # Fx0ViY1w/ue10CgaiQuPNtq6TPmb/wrpNPgkNWcr4A245oyZ1uEi6vAnQj0llOZ0 # dFtq0Z4+7X6gMTN9vMvpe784cETRkPHIqzqKOghif9lwY1NNje6CbaUFEMFxBmoQ # tB1VM1izoXBm8qGCAtQwggI9AgEBMIIBAKGB2KSB1TCB0jELMAkGA1UEBhMCVVMx # EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT # FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0IElyZWxh # bmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjow # ODQyLTRCRTYtQzI5QTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2Vy # dmljZaIjCgEBMAcGBSsOAwIaAxUAQqIfIYljHUbNoY0/wjhXRn/sSA2ggYMwgYCk # fjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQD # Ex1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIF # AOlvp5QwIhgPMjAyNDAyMDkwMzE4NDRaGA8yMDI0MDIxMDAzMTg0NFowdDA6Bgor # BgEEAYRZCgQBMSwwKjAKAgUA6W+nlAIBADAHAgEAAgILczAHAgEAAgJA+DAKAgUA # 6XD5FAIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAID # B6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBBQUAA4GBAC8QbEUDAGq3MWSFKroU # dxnYa0N+Q1PhssrOup+d4QL4R+5FiWRwTISJHwJyDEE5VU4AXFvP68mJZUq5+IWw # PK5ljOdkeL+PWPFpjNBhjX/tdqD4lKMqI0Vcdc73hC8ZyRTadth+NNeGGxsZ8zpS # AmiJQMoXwCM8VLcIAHadstkxMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMx # EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT # FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUt # U3RhbXAgUENBIDIwMTACEzMAAAHajtXJWgDREbEAAQAAAdowDQYJYIZIAWUDBAIB # BQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQx # IgQgbsoH1HAzCrwgM8m3ZS+iWpVYr+D8L4cZWQx5vmnXXh4wgfoGCyqGSIb3DQEJ # EAIvMYHqMIHnMIHkMIG9BCAipaNpYsDvnqTe95Dj1C09020I5ljibrW/ndICOxg9 # xjCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAw # DgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24x # JjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB2o7V # yVoA0RGxAAEAAAHaMCIEIAp7kNr7744DshtHGoPpYpWDidMQgh8aIKOhsHGinB5I # MA0GCSqGSIb3DQEBCwUABIICAGzntdMD/n3EyjjVjWSptcn+Ch3jVNOYnACmw027 # 0z1dhhEy1Odp7sEigASGyhVP2tSEHOjL2tdWJWPUBQ+svYqA2YjsU90ys820s4iL # M0SW8zLtBZb6h7dzMLnmBhsDC3wEkRJPOm9gsaD8v5I3tUjeK4d8TB2rjjbOknhz # TIinA8lOIF0Nao31Vzwq5SKVs8kWnWbWCOQTjMb4e/rk5IsZoXrHA53uv+ofzGUz # PNgPQwGUrpydD35l83g4dilxpbAud8th2rg2H740jcjAToFg8RceQz42IhhMit3N # 81WZSHWNJXK813dSpU6YGJaq3HkqKDQxIlw0BZgWGHp6Z8xmdsKcNbKRqwcumh2A # WkDW9rH4iM3tlktd/7jZfsPToBDRXpdLejB6iFdPC0CL/7n94xdOGFdJ1g7u90Co # 86piNPiOKMSkqa0awk4s3U8UwHg5vkEXSlVXpElYj1Us8dt4fyt5+GvfBN8zaiaC # ziNGJNeiXkDo5cYEAE/fFKG0YBr2UCKJYNLrvNfbNC9eDa+7PWtZDOqS5fj24XrZ # R6iTYnYcORpdpF33q9aU9o2FEIlZhswNYEfMphQmu7JmXo26gpJoOwYKbVUpToTC # R6TifZ8i01tPfbCOcBLk9M8g8yyDAk4jmt2cZScrJTnmlIxUFKrOfUWMY/fjSqm5 # ogdX # SIG # End signature block |