Framework/Helpers/Helpers.ps1
|
using namespace Newtonsoft.Json using namespace Microsoft.Azure.Commands.Common.Authentication.Abstractions using namespace Microsoft.Azure.Commands.Common.Authentication using namespace Microsoft.Azure.Management.Storage.Models Set-StrictMode -Version Latest class Helpers { static [PSObject] $SHA256Alg = [System.Security.Cryptography.HashAlgorithm]::Create('sha256'); hidden static [PSObject] LoadOfflineConfigFile([string] $fileName, [bool] $parseJson) { $rootConfigPath = [Constants]::AzSKAppFolderPath ; return [Helpers]::LoadOfflineConfigFile($fileName, $true,$rootConfigPath); } hidden static [PSObject] LoadOfflineConfigFile([string] $fileName, [bool] $parseJson, $path) { #Load file from AzSK App folder $rootConfigPath = $path ; $extension = [System.IO.Path]::GetExtension($fileName); $filePath = $null if(Test-Path -Path $rootConfigPath) { $filePath = (Get-ChildItem $rootConfigPath -Name -Recurse -Include $fileName) | Select-Object -First 1 } #If file not present in App folder load settings from Configurations in Module folder if (!$filePath) { $rootConfigPath = Join-Path (Get-Item $PSScriptRoot).Parent.FullName "Configurations"; $filePath = (Get-ChildItem $rootConfigPath -Name -Recurse -Include $fileName) | Select-Object -First 1 } if ($filePath) { if($parseJson) { if($extension -eq ".json" -or $extension -eq ".lawsview") { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) | ConvertFrom-Json } else { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) } } else { $fileContent = (Get-Content -Raw -Path (Join-Path $rootConfigPath $filePath)) } } else { throw "Unable to find the specified file '$fileName'" } if (-not $fileContent) { throw "The specified file '$fileName' is empty" } return $fileContent; } static AbstractClass($obj, $classType) { $type = $obj.GetType() if ($type -eq $classType) { throw("Class '$type' must be inherited") } } static [string] SanitizeFolderName($folderPath) { return ($folderPath -replace '[<>:"/\\\[\]|?*]', ''); } static [string] ConvertObjectToString([PSObject] $dataObject, [bool] $defaultPsOutput) { [string] $msg = ""; if ($dataObject) { if ($dataObject.GetType().FullName -eq "System.Management.Automation.ErrorRecord") { if($dataObject.Exception -is [SuppressedException]) { $msg = $dataObject.Exception.ConvertToString(); } else { if ($defaultPsOutput) { $msg = $dataObject.ToString(); } else { $msg = ($dataObject | Out-String) + "`r`nStackTrace: " + $dataObject. ScriptStackTrace } } } else { if ($defaultPsOutput -or $dataObject.GetType() -eq [string]) { $msg = $dataObject | Out-String; } else { try { #$msg = $dataObject | ConvertTo-Json -Depth 5 | Out-String; #$msg = [JsonHelper]::ConvertToJsonCustom($dataObject); $msg = [JsonHelper]::ConvertToPson($dataObject); } catch { $e = $_ $msg = $dataObject | Format-List | Out-String; } $msg = $msg.Trim(); #$msg = $msg.TrimStart("`r`n"); } } } return $msg.Trim("`r`n"); } static [bool] CompareObject($referenceObject, $differenceObject) { return [Helpers]::CompareObject($referenceObject, $differenceObject, $false) } static [bool] CompareObject($referenceObject, $differenceObject, [bool] $strictComparison) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { if ($referenceObject -is "Array") { if ($differenceObject -is "Array") { if ((-not $strictComparison) -or ($referenceObject.Count -eq $differenceObject.Count)) { foreach ($refObject in $referenceObject) { $arrayResult = $false; foreach ($diffObject in $differenceObject) { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison); if ($arrayResult) { break; } } $result = $result -and $arrayResult if (-not $arrayResult) { break; } } } else { $result = $false; } } else { $result = $false; } } # Condition for all primitive types elseif ($referenceObject -is "string" -or $referenceObject -is "ValueType") { # For primitive types, use default comparer $result = $result -and (((Compare-Object $referenceObject $differenceObject) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } else { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison) } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } hidden static [bool] CompareObjectProperties($referenceObject, $differenceObject, [bool] $strictComparison) { $result = $true; $refProps = @(); $diffProps = @(); $refProps += [Helpers]::GetProperties($referenceObject); $diffProps += [Helpers]::GetProperties($differenceObject); if ((-not $strictComparison) -or ($refProps.Count -eq $diffProps.Count)) { foreach ($propName in $refProps) { $refProp = $referenceObject.$propName; if (-not [string]::IsNullOrWhiteSpace(($diffProps | Where-Object { $_ -eq $propName } | Select-Object -First 1))) { $compareProp = $differenceObject.$propName; if ($null -ne $refProp) { if ($null -ne $compareProp) { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison); } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } if (-not $result) { break; } } } else { $result = $false; } return $result; } static [bool] CompareObject($referenceObject, $differenceObject, [bool] $strictComparison,$AttestComparisionType) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { if ($referenceObject -is "Array") { if ($differenceObject -is "Array") { if ((-not $strictComparison) -or ($referenceObject.Count -eq $differenceObject.Count)) { foreach ($refObject in $referenceObject) { $arrayResult = $false; foreach ($diffObject in $differenceObject) { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison,$AttestComparisionType); } else { $arrayResult = [Helpers]::CompareObject($refObject, $diffObject, $strictComparison); } if ($arrayResult) { break; } } $result = $result -and $arrayResult if (-not $arrayResult) { break; } } } else { $result = $false; } } else { $result = $false; } } # Condition for all primitive types elseif ($referenceObject -is "string" -or $referenceObject -is "ValueType") { # For primitive types, use default comparer if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and ($referenceObject -ge $differenceObject) } else { $result = $result -and (((Compare-Object $referenceObject $differenceObject) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } } else { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison,$AttestComparisionType) } else { $result = $result -and [Helpers]::CompareObjectProperties($referenceObject, $differenceObject, $strictComparison) } } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } hidden static [bool] CompareObjectProperties($referenceObject, $differenceObject, [bool] $strictComparison,$AttestComparisionType) { $result = $true; $refProps = @(); $diffProps = @(); $refProps += [Helpers]::GetProperties($referenceObject); $diffProps += [Helpers]::GetProperties($differenceObject); if ((-not $strictComparison) -or ($refProps.Count -eq $diffProps.Count)) { foreach ($propName in $refProps) { $refProp = $referenceObject.$propName; if (-not [string]::IsNullOrWhiteSpace(($diffProps | Where-Object { $_ -eq $propName } | Select-Object -First 1))) { $compareProp = $differenceObject.$propName; if ($null -ne $refProp) { if ($null -ne $compareProp) { if($AttestComparisionType -eq [ComparisionType]::NumLesserOrEqual) { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison,$AttestComparisionType); } else { $result = $result -and [Helpers]::CompareObject($refProp, $compareProp, $strictComparison); } } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } if (-not $result) { break; } } } else { $result = $false; } return $result; } static [string[]] GetProperties($object) { $props = @(); if($object) { if ($object -is "Hashtable") { $object.Keys | ForEach-Object { $props += $_; }; } else { ($object | Get-Member -MemberType Properties) | ForEach-Object { $props += $_.Name; }; } } return $props; } static [bool] CompareObjectOld($referenceObject, $differenceObject) { $result = $true; if ($null -ne $referenceObject) { if ($null -ne $differenceObject) { ($referenceObject | Get-Member -MemberType Properties) | ForEach-Object { $refProp = $referenceObject."$($_.Name)"; if ($differenceObject | Get-Member -Name $_.Name) { $compareProp = $differenceObject."$($_.Name)"; if ($null -ne $refProp) { if ($null -ne $compareProp) { if ($refProp.GetType().Name -eq "PSCustomObject") { $result = $result -and [Helpers]::CompareObjectOld($refProp, $compareProp); } else { $result = $result -and (((Compare-Object $refProp $compareProp) | Where-Object { $_.SideIndicator -eq "<=" } | Measure-Object).Count -eq 0) } } else { $result = $result -and $false; } } elseif ($null -eq $compareProp) { $result = $result -and $true; } else { $result = $result -and $false; } } else { $result = $false; } } } else { $result = $false; } } elseif ($null -eq $differenceObject) { $result = $true; } else { $result = $false; } return $result; } static [bool] CheckMember([PSObject] $refObject, [string] $memberPath) { return [Helpers]::CheckMember($refObject, $memberPath, $true); } static [bool] CheckMember([PSObject] $refObject, [string] $memberPath, [bool] $checkNull) { [bool]$result = $false; if ($refObject) { $properties = @(); $properties += $memberPath.Split("."); if ($properties.Count -gt 0) { $currentItem = $properties.Get(0); if (-not [string]::IsNullOrWhiteSpace($currentItem)) { if ($refObject | Get-Member -Name $currentItem) { if ($properties.Count -gt 1) { if($refObject.$currentItem) { $result = $true; $result = $result -and [Helpers]::CheckMember($refObject.$currentItem, [string]::Join(".", $properties[1..($properties.length - 1)])); } } else { if($checkNull) { if($refObject.$currentItem) { $result = $true; } } else { $result = $true; } } } } } } return $result; } static [PSObject] SelectMembers([PSObject] $refObject, [string[]] $memberPaths) { $result = $null; if ($null -ne $refObject) { if ($refObject -is "Array") { $result = @(); $refObject | ForEach-Object { $memberValue = [Helpers]::SelectMembers($_, $memberPaths); if ($null -ne $memberValue) { $result += $memberValue; } }; } else { $processedMemberPaths = @(); $objectProps = [Helpers]::GetProperties($refObject); if ($objectProps.Count -ne 0 -and $null -ne $memberPaths -and $memberPaths.Count -ne 0) { $memberPaths | Where-Object { -not [string]::IsNullOrWhiteSpace($_) } | ForEach-Object { $splitPaths = @(); $splitPaths += $_.Split("."); $firstMemberPath = $splitPaths.Get(0); if (-not [string]::IsNullOrWhiteSpace($firstMemberPath) -and $objectProps.Contains($firstMemberPath)) { $pathObject = $processedMemberPaths | Where-Object { $_.MemberPath -eq $firstMemberPath } | Select-Object -First 1; if (-not $pathObject) { $pathObject = @{ MemberPath = $firstMemberPath; ChildPaths = @(); }; $processedMemberPaths += $pathObject; } # Count > 1 indicates that it has child path if ($splitPaths.Count -gt 1) { $pathObject.ChildPaths += [string]::Join(".", $splitPaths[1..($splitPaths.length - 1)]); } } }; } if ($processedMemberPaths.Count -ne 0) { $processedMemberPaths | ForEach-Object { $memberValue = $null; if ($_.ChildPaths.Count -eq 0) { $memberValue = $refObject."$($_.MemberPath)"; } else { $memberValue = [Helpers]::SelectMembers($refObject."$($_.MemberPath)", $_.ChildPaths); } if ($null -ne $memberValue) { if ($null -eq $result) { $result = New-Object PSObject; } $result | Add-Member -MemberType NoteProperty -Name ($_.MemberPath) -Value $memberValue; } }; } else { $result = $refObject; } } } return $result; } static [string] FetchTagsString([PSObject]$TagsHashTable) { [string] $tagsString = ""; try { if(($TagsHashTable | Measure-Object).Count -gt 0) { $TagsHashTable.Keys | ForEach-Object { $key = $_; $value = $TagsHashTable[$key]; $tagsString = $tagsString + "$($key):$($value);"; } } } catch { #eat exception as if not able to fetch tags, it would return empty instead of breaking the flow } return $tagsString; } static [string] ComputeHash([String] $data) { #Call the other function but request the full 32-byte == 64 hex chars (SHA56 hash) as string return [Helpers]::ComputeHashShort($data, 64) } static [string] ComputeHashShort([String] $data, [int] $len) { $retHashSB = [System.Text.StringBuilder]::new(); $hashBytes = [Helpers]::SHA256Alg.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($data)); $usedBytes = $len/2 #If N hex chars are needed, first N/2 bytes of the hash are used. #Grab only as many bytes from hash to use for returned hashString. #We use "x2" instead of just "x" to ensure that '4' becomes '04' in the returned string (applicable to anything <16) #Overall, this ensures that the string conversion of a full SHA256 hash is *always* 64 chars long. for ($i=0;$i -lt $usedBytes; $i++) { [void]$retHashSB.Append($hashBytes[$i].ToString("x2")) } return $retHashSB.ToString() } static [VerificationResult] EvaluateVerificationResult([VerificationResult] $verificationResult, [AttestationStatus] $attestationStatus) { [VerificationResult] $result = $verificationResult; # No action required if Attestation status is None OR verification result is Passed if ($attestationStatus -ne [AttestationStatus]::None -or $verificationResult -ne [VerificationResult]::Passed) { # Changing State Machine logic #if($verificationResult -eq [VerificationResult]::Verify -or $verificationResult -eq [VerificationResult]::Manual) #{ switch ($attestationStatus) { ([AttestationStatus]::NotAnIssue) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::WillNotFix) { $result = [VerificationResult]::Exception; break; } ([AttestationStatus]::WillFixLater) { $result = [VerificationResult]::Remediate; break; } ([AttestationStatus]::NotApplicable) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::StateConfirmed) { $result = [VerificationResult]::Passed; break; } ([AttestationStatus]::ApprovedException) { $result = [VerificationResult]::Passed; break; } } #} #elseif($verificationResult -eq [VerificationResult]::Failed -or $verificationResult -eq [VerificationResult]::Error) #{ # $result = [VerificationResult]::RiskAck; #} } return $result; } static [PSObject] NewSecurePassword() { #create password $randomBytes = New-Object Byte[] 32 $provider = [System.Security.Cryptography.RNGCryptoServiceProvider]::Create() $provider.GetBytes($randomBytes) $provider.Dispose() $pwstring = [System.Convert]::ToBase64String($randomBytes) $newPassword = new-object securestring $pwstring.ToCharArray() | ForEach-Object { $newPassword.AppendChar($_) } $encryptedPassword = ConvertFrom-SecureString -SecureString $newPassword -Key (1..16) $securePassword = ConvertTo-SecureString -String $encryptedPassword -Key (1..16) return $securePassword } static [PSObject] DeepCopy([PSObject] $inputObject) { $memoryStream = New-Object System.IO.MemoryStream $binaryFormatter = New-Object System.Runtime.Serialization.Formatters.Binary.BinaryFormatter $binaryFormatter.Serialize($memoryStream, $inputObject) $memoryStream.Position = 0 $dataDeep = $binaryFormatter.Deserialize($memoryStream) $memoryStream.Close() return $dataDeep } static [bool] ValidateEmail([string]$address){ $validAddress = ($address -as [System.Net.Mail.MailAddress]) return ($null -ne $validAddress -and $validAddress.Address -eq $address ) } #Returns invalid email list static [string[]] ValidateEmailList([string[]]$emailList ) { $invalidEmails = @(); $emailList | ForEach-Object { if(-not [Helpers]::ValidateEmail($_)) { $invalidEmails += $_ } } return $invalidEmails } static [Object] MergeObjects([Object] $source,[Object] $extend, [string] $idName) { $idPropName = "Id"; if(-not [string]::IsNullOrWhiteSpace($idName)) { $idPropName = $idName; } if($source.GetType().Name -eq "PSCustomObject" -and $extend.GetType().Name -eq "PSCustomObject"){ foreach($Property in $extend | Get-Member -type NoteProperty, Property){ if(-not [Helpers]::CheckMember($source,$Property.Name,$false)){ $source | Add-Member -MemberType NoteProperty -Value $extend.$($Property.Name) -Name $Property.Name ` } $source.$($Property.Name) = [Helpers]::MergeObjects($source.$($Property.Name), $extend.$($Property.Name), $idName) } } elseif($source.GetType().Name -eq "Object[]" -and $extend.GetType().Name -eq "Object[]"){ if([Helpers]::IsPSObjectArray($source) -or [Helpers]::IsPSObjectArray($extend)) { foreach($extendArrElement in $extend) { $PropertyId = $extendArrElement | Get-Member -type NoteProperty, Property | Where-Object { $_.Name -eq $idPropName} | Select-Object -First 1 if(($PropertyId | Measure-Object).Count -gt 0) { $PropertyId = $PropertyId | Select-Object -First 1 } else { $PropertyId = $extendArrElement | Get-Member -type NoteProperty, Property | Select-Object -First 1 } $sourceElement = $source | Where-Object { $_.$($PropertyId.Name) -eq $extendArrElement.$($PropertyId.Name) } if($sourceElement) { $sourceElement = [Helpers]::MergeObjects($sourceElement, $extendArrElement, $idName) } else { $source +=$extendArrElement } } } else { $source = ($source + $extend) if ($source.Count -gt 0) { $source = @($source | Select-Object -Unique) } } } else{ $source = $extend; } return $source } static [Object] MergeObjects([Object] $source,[Object] $extend) { return [Helpers]::MergeObjects($source,$extend,""); } static [Bool] IsPSObjectArray($arrayObj) { if(($arrayObj | Measure-Object).Count -gt 0) { $firstElement = $arrayObj | Select-Object -First 1 if($firstElement.GetType().Name -eq "PSCustomObject") { return $true } else { return $false } } else { return $false } } #BOM replace function static [void] RemoveUtf8BOM([System.IO.FileInfo] $file) { [Helpers]::SetUtf8Encoding($file); if($file) { $byteBuffer = New-Object System.Byte[] 3 $reader = $file.OpenRead() $bytesRead = $reader.Read($byteBuffer, 0, 3); if ($bytesRead -eq 3 -and $byteBuffer[0] -eq 239 -and $byteBuffer[1] -eq 187 -and $byteBuffer[2] -eq 191) { $tempFile = [System.IO.Path]::GetTempFileName() $writer = [System.IO.File]::OpenWrite($tempFile) $reader.CopyTo($writer) $writer.Dispose() $reader.Dispose() Move-Item -Path $tempFile -Destination $file.FullName -Force } else { $reader.Dispose() } } } static [void] SetUtf8Encoding([System.IO.FileInfo] $file) { if($file) { $fileContent = Get-Content -Path $file.FullName; if($fileContent) { Out-File -InputObject $fileContent -Force -FilePath $file.FullName -Encoding utf8 } } } static [void] CleanupLocalFolder($folderPath) { try { if(Test-Path $folderPath) { Remove-Item -Path $folderPath -Recurse -Force -ErrorAction Stop | Out-Null } } catch{ #this call happens from finally block. Try to clean the files, if it don't happen it would get cleaned in the next attempt } } static [void] CreateFolderIfNotExist($FolderPath,$MakeFolderEmpty) { if(-not (Test-Path $FolderPath)) { New-Item -ItemType Directory -Path $FolderPath -ErrorAction Stop | Out-Null } elseif($MakeFolderEmpty) { Remove-Item -Path (Join-Path $FolderPath "*") -Force -Recurse } } Static [string] GetSubString($CotentString, $Pattern) { return [regex]::match($CotentString, $pattern).Groups[1].Value } #TODO: Currently this function is specific to Org PolicyHealth Check. Need to make generic Static [string] IsStringEmpty($String) { if([string]::IsNullOrEmpty($String)) { return "Not Available" } else { $String= $String.Split("?")[0] return $String } } Static [bool] IsSASTokenUpdateRequired($policyUrl) { [System.Uri] $validatedUri = $null; $IsSASTokenUpdateRequired = $false if([System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri) -and $validatedUri.Query.Contains("&se=")) { $pattern = '&se=(.*?)T' [DateTime] $expiryDate = Get-Date if([DateTime]::TryParse([Helpers]::GetSubString($($validatedUri.Query),$pattern),[ref] $expiryDate)) { if($expiryDate.AddDays(-[Constants]::SASTokenExpiryReminderInDays) -lt [DateTime]::UtcNow) { $IsSASTokenUpdateRequired = $true } } } return $IsSASTokenUpdateRequired } Static [string] GetUriWithUpdatedSASToken($policyUrl, $updateUrl) { [System.Uri] $validatedUri = $null; $UpdatedUrl = $policyUrl if([System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri) -and $validatedUri.Query.Contains("&se=") -and [System.Uri]::TryCreate($policyUrl, [System.UriKind]::Absolute, [ref] $validatedUri)) { $UpdatedUrl = $policyUrl.Split("?")[0] + "?" + $updateUrl.Split("?")[1] } return $UpdatedUrl } static [string] ReadInput($Prompt) { return (Read-Host -Prompt $Prompt).Trim() } static [string] CreateSharedKey([string] $StringToSign,[string] $ResourceName,[string] $AccessKey) { $KeyBytes = [System.Convert]::FromBase64String($AccessKey) $HMAC = New-Object System.Security.Cryptography.HMACSHA256 $HMAC.Key = $KeyBytes $UnsignedBytes = [System.Text.Encoding]::UTF8.GetBytes($StringToSign) $KeyHash = $HMAC.ComputeHash($UnsignedBytes) $SignedString = [System.Convert]::ToBase64String($KeyHash) $sharedKey = $ResourceName+":"+$SignedString return $sharedKey } # Convert secure string to plain text static [string] ConvertToPlainText([System.Security.SecureString] $secureString) { $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secureString) $plainText = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) return $plainText } # Get object of a particular permission (which are allowed) for a group. static [object] ResolvePermissions($permissionsInBit, $actions, $permissionName) { $obj = @(); #$editPerms = @(); #check allowed permissions if($permissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($permissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += $bit | Where-Object {$_.displayName -eq $permissionName} } } } return $obj } # Resolve allowed permissions of a particular group. static [object] ResolveAllPermissions($AllowedPermissionsInBit, $InheritedAllowedPermissionsInBit, $actions) { $obj = @(); #$editPerms = @(); #check allowed permissions if($AllowedPermissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($AllowedPermissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += New-Object -TypeName psobject -Property @{Name= $bit.displayName ; Permission="Allow"} } } } if($InheritedAllowedPermissionsInBit -gt 0 ) { $permissionsInBinary = [convert]::ToString($InheritedAllowedPermissionsInBit,2) # to binary # loop thru the decoded base 2 number and check the bit. if 1(on) then that permission is set for ($a = 0 ; $a -lt $permissionsInBinary.Length; $a++) { if( $permissionsInBinary.Substring($permissionsInBinary.Length-$a-1,1) -ge 1) # each binary digit { # find bit in action list $raise = [Math]::Pow(2, $a) $bit = $actions | Where-Object {$_.bit -eq $raise } $obj += New-Object -TypeName psobject -Property @{Name= $bit.displayName ; Permission="Allow (inherited)"} } } } $obj = $obj | Sort-Object -Property Name return $obj } static [System.Security.SecureString] GetVariableFromKVUrl($url){ $variable = $null; $context = @(Get-AzContext -ErrorAction SilentlyContinue ) if ($context.count -eq 0) { Write-Host "No active Azure login session found.`r`nPlease login to Azure tenant hosting the key vault..." -ForegroundColor Yellow Connect-AzAccount -ErrorAction Stop $context = @(Get-AzContext -ErrorAction SilentlyContinue) } if ($null -eq $context) { Write-Host "Login failed. Azure login context is required to use a key vault-based PAT token.`r`nStopping scan command." -ForegroundColor Red } #Parse the key-vault-URL to determine vaultname, secretname, version if ($url -match "^https://(?<kv>[\w]+)(?:[\.\w+]*)/secrets/(?<sn>[\w]+)/?(?<sv>[\w]*)") { $kvName = $Matches["kv"] $secretName = $Matches["sn"] $secretVersion = $Matches["sv"] if (-not [String]::IsNullOrEmpty($secretVersion)) { $kvSecret = Get-AzKeyVaultSecret -VaultName $kvName -SecretName $secretName -Version $secretVersion } else { $kvSecret = Get-AzKeyVaultSecret -VaultName $kvName -SecretName $secretName } if ($null -ne $kvSecret) { $variable = $kvSecret.SecretValue; } } return $variable } } # SIG # Begin signature block # MIIoPAYJKoZIhvcNAQcCoIIoLTCCKCkCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCD4fKUHQqs9fIYx # NBG9iK+4mpfdRSxGABpCEMUMMWlQ9qCCDYUwggYDMIID66ADAgECAhMzAAADri01 # UchTj1UdAAAAAAOuMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjMxMTE2MTkwODU5WhcNMjQxMTE0MTkwODU5WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQD0IPymNjfDEKg+YyE6SjDvJwKW1+pieqTjAY0CnOHZ1Nj5irGjNZPMlQ4HfxXG # yAVCZcEWE4x2sZgam872R1s0+TAelOtbqFmoW4suJHAYoTHhkznNVKpscm5fZ899 # QnReZv5WtWwbD8HAFXbPPStW2JKCqPcZ54Y6wbuWV9bKtKPImqbkMcTejTgEAj82 # 6GQc6/Th66Koka8cUIvz59e/IP04DGrh9wkq2jIFvQ8EDegw1B4KyJTIs76+hmpV # M5SwBZjRs3liOQrierkNVo11WuujB3kBf2CbPoP9MlOyyezqkMIbTRj4OHeKlamd # WaSFhwHLJRIQpfc8sLwOSIBBAgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUhx/vdKmXhwc4WiWXbsf0I53h8T8w # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzUwMTgzNjAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AGrJYDUS7s8o0yNprGXRXuAnRcHKxSjFmW4wclcUTYsQZkhnbMwthWM6cAYb/h2W # 5GNKtlmj/y/CThe3y/o0EH2h+jwfU/9eJ0fK1ZO/2WD0xi777qU+a7l8KjMPdwjY # 0tk9bYEGEZfYPRHy1AGPQVuZlG4i5ymJDsMrcIcqV8pxzsw/yk/O4y/nlOjHz4oV # APU0br5t9tgD8E08GSDi3I6H57Ftod9w26h0MlQiOr10Xqhr5iPLS7SlQwj8HW37 # ybqsmjQpKhmWul6xiXSNGGm36GarHy4Q1egYlxhlUnk3ZKSr3QtWIo1GGL03hT57 # xzjL25fKiZQX/q+II8nuG5M0Qmjvl6Egltr4hZ3e3FQRzRHfLoNPq3ELpxbWdH8t # Nuj0j/x9Crnfwbki8n57mJKI5JVWRWTSLmbTcDDLkTZlJLg9V1BIJwXGY3i2kR9i # 5HsADL8YlW0gMWVSlKB1eiSlK6LmFi0rVH16dde+j5T/EaQtFz6qngN7d1lvO7uk # 6rtX+MLKG4LDRsQgBTi6sIYiKntMjoYFHMPvI/OMUip5ljtLitVbkFGfagSqmbxK # 7rJMhC8wiTzHanBg1Rrbff1niBbnFbbV4UDmYumjs1FIpFCazk6AADXxoKCo5TsO # zSHqr9gHgGYQC2hMyX9MGLIpowYCURx3L7kUiGbOiMwaMIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCGg0wghoJAgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAAOuLTVRyFOPVR0AAAAA # A64wDQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIAj8 # EzQ5YTa0pIc8hdl2YiS0ZHYgH7ttUGMKajLeuYRqMEIGCisGAQQBgjcCAQwxNDAy # oBSAEgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20wDQYJKoZIhvcNAQEBBQAEggEASUpHerEc+MO/sXbYerNSOe43xoZjPstDHaD/ # feyunTymzMRS+wPj4YjkQaRs43sn6KmH7YzCQA6nDo+S33L2gUShq0xscf5WfAgD # qUPVN4SbGIaU+LIbg3ci59RR+7RJaUJR8+M01guGst/rhvtt2/ZghzJOy3/0Kg5v # isBQ8CTcIHu0nng0Qy4gwqZ9no5gt45nN4JgRc31RAhe/0N4QHDORUPxUWGVVywJ # FcwacXuBkUIUT0SGOpz9+cZPyiR7UpIdgm47Fz9+sMktQA5dT5nxSZP7fA6mp5nf # FNPmDnk5Y4XScOwHV900ORfrXW1YI0JRjU2HHVb4p9FiWsOvu6GCF5cwgheTBgor # BgEEAYI3AwMBMYIXgzCCF38GCSqGSIb3DQEHAqCCF3AwghdsAgEDMQ8wDQYJYIZI # AWUDBAIBBQAwggFSBgsqhkiG9w0BCRABBKCCAUEEggE9MIIBOQIBAQYKKwYBBAGE # WQoDATAxMA0GCWCGSAFlAwQCAQUABCAIIOiI/v2giUDS79C4MdYPeLf+XftbjGzv # rUz2wc5XeQIGZbwTTY8XGBMyMDI0MDIxMzEyMjQ1My4xMzlaMASAAgH0oIHRpIHO # MIHLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQL # ExxNaWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25zMScwJQYDVQQLEx5uU2hpZWxk # IFRTUyBFU046RjAwMi0wNUUwLUQ5NDcxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1l # LVN0YW1wIFNlcnZpY2WgghHtMIIHIDCCBQigAwIBAgITMwAAAfI+MtdkrHCRlAAB # AAAB8jANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAx # MDAeFw0yMzEyMDYxODQ1NThaFw0yNTAzMDUxODQ1NThaMIHLMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1l # cmljYSBPcGVyYXRpb25zMScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046RjAwMi0w # NUUwLUQ5NDcxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2Uw # ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC85fPLFwppYgxwYxkSEeYv # QBtnYJTtKKj2FKxzHx0fgV6XgIIrmCWmpKl9IOzvOfJ/k6iP0RnoRo5F89Ad29ed # zGdlWbCj1Qyx5HUHNY8yu9ElJOmdgeuNvTK4RW4wu9iB5/z2SeCuYqyX/v8z6Ppv # 29h1ttNWsSc/KPOeuhzSAXqkA265BSFT5kykxvzB0LxoxS6oWoXWK6wx172NRJRY # cINfXDhURvUfD70jioE92rW/OgjcOKxZkfQxLlwaFSrSnGs7XhMrp9TsUgmwsycT # EOBdGVmf1HCD7WOaz5EEcQyIS2BpRYYwsPMbB63uHiJ158qNh1SJXuoL5wGDu/bZ # UzN+BzcLj96ixC7wJGQMBixWH9d++V8bl10RYdXDZlljRAvS6iFwNzrahu4DrYb7 # b8M7vvwhEL0xCOvb7WFMsstscXfkdE5g+NSacphgFfcoftQ5qPD2PNVmrG38DmHD # oYhgj9uqPLP7vnoXf7j6+LW8Von158D0Wrmk7CumucQTiHRyepEaVDnnA2GkiJoe # h/r3fShL6CHgPoTB7oYU/d6JOncRioDYqqRfV2wlpKVO8b+VYHL8hn11JRFx6p69 # mL8BRtSZ6dG/GFEVE+fVmgxYfICUrpghyQlETJPITEBS15IsaUuW0GvXlLSofGf2 # t5DAoDkuKCbC+3VdPmlYVQIDAQABo4IBSTCCAUUwHQYDVR0OBBYEFJVbhwAm6tAx # BM5cH8Bg0+Y64oZ5MB8GA1UdIwQYMBaAFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMF8G # A1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMv # Y3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNybDBs # BggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cubWljcm9zb2Z0 # LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUy # MDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwFgYDVR0lAQH/BAwwCgYIKwYBBQUH # AwgwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4ICAQA9S6eO4HsfB00X # pOgPabcN3QZeyipgilcQSDZ8g6VCv9FVHzdSq9XpAsljZSKNWSClhJEz5Oo3Um/t # aPnobF+8CkAdkcLQhLdkShfr91kzy9vDPrOmlCA2FQ9jVhFaat2QM33z1p+GCP5t # uvirFaUWzUWVDFOpo/O5zDpzoPYtTr0cFg3uXaRLT54UQ3Y4uPYXqn6wunZtUQRM # iJMzxpUlvdfWGUtCvnW3eDBikDkix1XE98VcYIz2+5fdcvrHVeUarGXy4LRtwzmw # psCtUh7tR6whCrVYkb6FudBdWM7TVvji7pGgfjesgnASaD/ChLux66PGwaIaF+xL # zk0bNxsAj0uhd6QdWr6TT39m/SNZ1/UXU7kzEod0vAY3mIn8X5A4I+9/e1nBNpUR # J6YiDKQd5YVgxsuZCWv4Qwb0mXhHIe9CubfSqZjvDawf2I229N3LstDJUSr1vGFB # 8iQ5W8ZLM5PwT8vtsKEBwHEYmwsuWmsxkimIF5BQbSzg9wz1O6jdWTxGG0OUt1cX # WOMJUJzyEH4WSKZHOx53qcAvD9h0U6jEF2fuBjtJ/QDrWbb4urvAfrvqNn9lH7gV # PplqNPDIvQ8DkZ3lvbQsYqlz617e76ga7SY0w71+QP165CPdzUY36et2Sm4pvspE # K8hllq3IYcyX0v897+X9YeecM1Pb1jCCB3EwggVZoAMCAQICEzMAAAAVxedrngKb # SZkAAAAAABUwDQYJKoZIhvcNAQELBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQI # EwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv # ZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBSb290IENlcnRpZmlj # YXRlIEF1dGhvcml0eSAyMDEwMB4XDTIxMDkzMDE4MjIyNVoXDTMwMDkzMDE4MzIy # NVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT # B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UE # AxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQDk4aZM57RyIQt5osvXJHm9DtWC0/3unAcH0qlsTnXI # yjVX9gF/bErg4r25PhdgM/9cT8dm95VTcVrifkpa/rg2Z4VGIwy1jRPPdzLAEBjo # YH1qUoNEt6aORmsHFPPFdvWGUNzBRMhxXFExN6AKOG6N7dcP2CZTfDlhAnrEqv1y # aa8dq6z2Nr41JmTamDu6GnszrYBbfowQHJ1S/rboYiXcag/PXfT+jlPP1uyFVk3v # 3byNpOORj7I5LFGc6XBpDco2LXCOMcg1KL3jtIckw+DJj361VI/c+gVVmG1oO5pG # ve2krnopN6zL64NF50ZuyjLVwIYwXE8s4mKyzbnijYjklqwBSru+cakXW2dg3viS # kR4dPf0gz3N9QZpGdc3EXzTdEonW/aUgfX782Z5F37ZyL9t9X4C626p+Nuw2TPYr # bqgSUei/BQOj0XOmTTd0lBw0gg/wEPK3Rxjtp+iZfD9M269ewvPV2HM9Q07BMzlM # jgK8QmguEOqEUUbi0b1qGFphAXPKZ6Je1yh2AuIzGHLXpyDwwvoSCtdjbwzJNmSL # W6CmgyFdXzB0kZSU2LlQ+QuJYfM2BjUYhEfb3BvR/bLUHMVr9lxSUV0S2yW6r1AF # emzFER1y7435UsSFF5PAPBXbGjfHCBUYP3irRbb1Hode2o+eFnJpxq57t7c+auIu # rQIDAQABo4IB3TCCAdkwEgYJKwYBBAGCNxUBBAUCAwEAATAjBgkrBgEEAYI3FQIE # FgQUKqdS/mTEmr6CkTxGNSnPEP8vBO4wHQYDVR0OBBYEFJ+nFV0AXmJdg/Tl0mWn # G1M1GelyMFwGA1UdIARVMFMwUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEW # M2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5 # Lmh0bTATBgNVHSUEDDAKBggrBgEFBQcDCDAZBgkrBgEEAYI3FAIEDB4KAFMAdQBi # AEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV # 9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3Js # Lm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAx # MC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2 # LTIzLmNydDANBgkqhkiG9w0BAQsFAAOCAgEAnVV9/Cqt4SwfZwExJFvhnnJL/Klv # 6lwUtj5OR2R4sQaTlz0xM7U518JxNj/aZGx80HU5bbsPMeTCj/ts0aGUGCLu6WZn # OlNN3Zi6th542DYunKmCVgADsAW+iehp4LoJ7nvfam++Kctu2D9IdQHZGN5tggz1 # bSNU5HhTdSRXud2f8449xvNo32X2pFaq95W2KFUn0CS9QKC/GbYSEhFdPSfgQJY4 # rPf5KYnDvBewVIVCs/wMnosZiefwC2qBwoEZQhlSdYo2wh3DYXMuLGt7bj8sCXgU # 6ZGyqVvfSaN0DLzskYDSPeZKPmY7T7uG+jIa2Zb0j/aRAfbOxnT99kxybxCrdTDF # NLB62FD+CljdQDzHVG2dY3RILLFORy3BFARxv2T5JL5zbcqOCb2zAVdJVGTZc9d/ # HltEAY5aGZFrDZ+kKNxnGSgkujhLmm77IVRrakURR6nxt67I6IleT53S0Ex2tVdU # CbFpAUR+fKFhbHP+CrvsQWY9af3LwUFJfn6Tvsv4O+S3Fb+0zj6lMVGEvL8CwYKi # excdFYmNcP7ntdAoGokLjzbaukz5m/8K6TT4JDVnK+ANuOaMmdbhIurwJ0I9JZTm # dHRbatGePu1+oDEzfbzL6Xu/OHBE0ZDxyKs6ijoIYn/ZcGNTTY3ugm2lBRDBcQZq # ELQdVTNYs6FwZvKhggNQMIICOAIBATCB+aGB0aSBzjCByzELMAkGA1UEBhMCVVMx # EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT # FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJp # Y2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOkYwMDItMDVF # MC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloiMK # AQEwBwYFKw4DAhoDFQBri943cFLH2TfQEfB05SLICg74CKCBgzCBgKR+MHwxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jv # c29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMA0GCSqGSIb3DQEBCwUAAgUA6XW6HDAi # GA8yMDI0MDIxMzA5NTEyNFoYDzIwMjQwMjE0MDk1MTI0WjB3MD0GCisGAQQBhFkK # BAExLzAtMAoCBQDpdbocAgEAMAoCAQACAhvrAgH/MAcCAQACAhQpMAoCBQDpdwuc # AgEAMDYGCisGAQQBhFkKBAIxKDAmMAwGCisGAQQBhFkKAwKgCjAIAgEAAgMHoSCh # CjAIAgEAAgMBhqAwDQYJKoZIhvcNAQELBQADggEBADyEe3v8j6qWDL/TfdLlGo3h # 7UF7HGIwsvqP1lAXWGK1/J4i0TeQoqZfJErhTPsuimD5vyNpu+4Oe/Kdjm48AK49 # D67EWrTJ3wYRFJB6lEm956Ypil7m6DJFE9Pnl3CqwdTV3vbIUFQM37JI3No14jOk # 37BARqSBu8NMPaNt4qxmT3UFBCO2zE5W2S7KzuKZZwBqSC9zbc7pQP+TlpqcmTzc # AujslBlL8VYizp97F3SD9VwqLtyJLw8dSz1e37abyDPlrdlW9r54Xgakimw6DbMS # Wv6DAm5BL9REhOAR0EH1DlEseG2i0lmlPv8PIEzr7wO+hoiFX0FPUDe8L4sQp+Mx # ggQNMIIECQIBATCBkzB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAA # AfI+MtdkrHCRlAABAAAB8jANBglghkgBZQMEAgEFAKCCAUowGgYJKoZIhvcNAQkD # MQ0GCyqGSIb3DQEJEAEEMC8GCSqGSIb3DQEJBDEiBCCrOFpU8Q+tp4qdqM6UWytq # cyYePSUlOvDgzi9LPiVOLDCB+gYLKoZIhvcNAQkQAi8xgeowgecwgeQwgb0EIPja # Ph0uMVJc04+Y4Ru5BUUbHE4suZ6nRHSUu0XXSkNEMIGYMIGApH4wfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAHyPjLXZKxwkZQAAQAAAfIwIgQgXc6j # fpHF+SRnElNcnNrLctrVa5z9PfeXcEz3ItpEDLUwDQYJKoZIhvcNAQELBQAEggIA # H6lWokfHkfSnp/nPZzCTWqMYAJFhWIb4Q9Rp6HkA32fitDQ/ebXp4DgBDH0CbpF0 # hl7768mBCbZ6x4JgcvTWysc7U50wPVMsLxTNjtaTX5/Rfw66JjD0zqm+A3dUpsOS # jS02oaC4Am+RCP/kN/FDz4qIDQY0F2za11XwploF55QDdWuP+cpLEA3yfS6IjiM4 # grvaZHtLK1DGGfzbNIqapRB2B1EjQqySkjJDIpBFtgg3D7prYohAr+aWunP7CmhT # CKFoghWXrr0Szyje7XIb+k/RtYCnRzXlZOTAyz6Ie0/Yg0afq3S2pBUJCwJ/vNG1 # TG6TpefLuAYCrRSCQAyfTTefgm/5KvhH9Is/0k1UFPUY2e0TT4CeC7IOZaSGymO9 # ppezkeaznQZYBFoMSnV8TpH7Vn4qRQhWWaU9xMSgk/bUcEtKU2WdOYEzUrqBKwpD # +bBmyGBmawTDRUIaLdfJfT6LODqRwf0aG4dhj+yKn45TTFnKowlfvtIrusta3ub/ # r4PGJakaQUxB0rUHfPP0WIKp6gcsI+G9mMxLkqN45eWVlApisgq7bMth2y2LTkNG # 2kj5C48u7hOr+XaTlrz0KTYF5K+e03FNH8I6/+yq/HWzb244cZ1itofkmOnm6f/p # Xk5+AsRsdxqC7M8clJ/HWHM5WJZZhdpWDawOMCuYQ9Y= # SIG # End signature block |