Framework/Abstracts/CommandBase.ps1
|
<#
.Description Base class for all command classes. Provides functionality to fire events/operations at command levels like command started, command completed and perform operation like generate run-identifier, invoke auto module update, open log folder at the end of commmand execution etc #> using namespace System.Management.Automation Set-StrictMode -Version Latest class CommandBase: AzSKRoot { #Region: Properties [string[]] $FilterTags = @(); [bool] $DoNotOpenOutputFolder = $false; [bool] $Force = $false #EndRegion #Region: Constructor CommandBase([string] $organizationName, [InvocationInfo] $invocationContext): Base($organizationName) { [Helpers]::AbstractClass($this, [CommandBase]); if (-not $invocationContext) { throw [System.ArgumentException] ("The argument 'invocationContext' is null. Pass the `$PSCmdlet.MyInvocation from PowerShell command."); } $this.InvocationContext = $invocationContext; #Validate if privacy is accepted by user #Ensure that AzSKSettings statics are setup at this point (before calling Privacy notice) [AzSKSettings]::InitContexts($this.OrganizationContext, $this.InvocationContext); [PrivacyNotice]::ValidatePrivacyAcceptance() #Initialize common parameter sets if($null -ne $this.InvocationContext.BoundParameters["DoNotOpenOutputFolder"]) { $this.DoNotOpenOutputFolder = $this.InvocationContext.BoundParameters["DoNotOpenOutputFolder"]; } if($null -ne $this.InvocationContext.BoundParameters["Force"]) { $this.Force = $this.InvocationContext.BoundParameters["Force"]; } #Check multiple AzSK* module should not be loaded in same session $this.CheckMultipleAzSKModuleLoaded(); } #EndRegion #Region: Command level listerner events [void] CommandStarted() { $this.PublishAzSKRootEvent([AzSKRootEvent]::CommandStarted, $this.CheckModuleVersion()); } [void] PostCommandStartedAction() { } [void] CommandError([System.Management.Automation.ErrorRecord] $exception) { [AzSKRootEventArgument] $arguments = $this.CreateRootEventArgumentObject(); $arguments.ExceptionMessage = $exception; $this.PublishEvent([AzSKRootEvent]::CommandError, $arguments); } [void] CommandCompleted([MessageData[]] $messages) { $this.PublishAzSKRootEvent([AzSKRootEvent]::CommandCompleted, $messages); } [void] CommandProgress([int] $totalItems, [int] $currentItem) { $this.CommandProgress($totalItems, $currentItem, 1); } [void] CommandProgress([int] $totalItems, [int] $currentItem, [int] $granularity) { if ($totalItems -gt 0) { # $granularity indicates the number of items after which percentage progress will be printed # Set the max granularity to total items if ($granularity -gt $totalItems) { $granularity = $totalItems; } # Conditions for posting progress: 0%, 100% and based on granularity if ($currentItem -eq 0 -or $currentItem -eq $totalItems -or (($currentItem % $granularity) -eq 0)) { $this.PublishCustomMessage("$([int](($currentItem / $totalItems) * 100))% Completed"); } } } # Dummy function declaration to define the function signature [void] PostCommandCompletedAction([SVTEventContext[]] $arguments) { } [void] PostCommandCompletedAction([MessageData[]] $messages) { } #EndRegion #Region: Helper function to invoke function based on method name. # This is method called from command(GRS/GSS etc) files and resposinble for printing command start/end messages using listeners [string] InvokeFunction([PSMethod] $methodToCall) { return $this.InvokeFunction($methodToCall, @()); } [string] InvokeFunction([PSMethod] $methodToCall, [System.Object[]] $arguments) { if (-not $methodToCall) { throw [System.ArgumentException] ("The argument 'methodToCall' is null. Pass the reference of method to call. e.g.: [YourClass]::new().YourMethod"); } #if attestation then rescan the controls if ($null -eq $arguments) { $folderPath = $this.GetOutputFolderPath(); $methodResult = $methodToCall.Invoke(@()); #$this.CommandCompleted($methodResult); this will update CSV but issue is there will be duplicate entries if(-not $this.DoNotOpenOutputFolder) { if (Test-Path $folderPath) { Invoke-Item -Path $folderPath; } } } else { # Publish runidentifier(YYYYMMDD_HHMMSS) used by all listener as identifier for scan,creating log folder $this.PublishRunIdentifier($this.InvocationContext); # <TODO Framework: Move command time calculation methods to AIOrgTelmetry Listener> [AIOrgTelemetryHelper]::TrackCommandExecution("Command Started", @{"RunIdentifier" = $this.RunIdentifier}, @{}, $this.InvocationContext); $sw = [System.Diagnostics.Stopwatch]::StartNew(); # Publish command init events $this.CommandStarted(); $this.PostCommandStartedAction(); # Invoke method with arguments $methodResult = @(); try { $methodResult = $methodToCall.Invoke($arguments); } catch { # Unwrapping the first layer of exception which is added by Invoke function [AIOrgTelemetryHelper]::TrackCommandExecution("Command Errored", @{"RunIdentifier" = $this.RunIdentifier; "ErrorRecord"= $_.Exception.InnerException.ErrorRecord}, @{"TimeTakenInMs" = $sw.ElapsedMilliseconds; "SuccessCount" = 0}, $this.InvocationContext); $this.CommandError($_.Exception.InnerException.ErrorRecord); } $folderPath = $this.GetOutputFolderPath(); #the next two bug log classes have been called here as we need all the control results at one place for #dumping them in json file and auto closing them(to minimize api calls and auto close them in batches) #if bug logging is enabled and path is valid, create the JSON file for bugs if($this.InvocationContext.BoundParameters["AutoBugLog"] -and [BugLogPathManager]::GetIsPathValid()){ if (([PartialScanManager]::ControlResultsWithBugSummary| Measure-Object).Count -gt 0) { $methodResult = [PartialScanManager]::ControlResultsWithBugSummary } [PublishToJSON]::new($methodResult,$folderPath) } #auto close passed bugs if($this.InvocationContext.BoundParameters["AutoBugLog"]){ if (([PartialScanManager]::ControlResultsWithBugSummary| Measure-Object).Count -gt 0) { $methodResult = [PartialScanManager]::ControlResultsWithBugSummary } #call the AutoCloseBugManager $AutoClose=[AutoCloseBugManager]::new($this.OrganizationContext.OrganizationName); $AutoClose.AutoCloseBug($methodResult) } # Publish command complete events $this.CommandCompleted($methodResult); [AIOrgTelemetryHelper]::TrackCommandExecution("Command Completed", @{"RunIdentifier" = $this.RunIdentifier}, @{"TimeTakenInMs" = $sw.ElapsedMilliseconds; "SuccessCount" = 1}, $this.InvocationContext) $this.PostCommandCompletedAction($methodResult); # <TODO Framework: Move PDF generation method based on listener> #Generate PDF report $GeneratePDFReport = $this.InvocationContext.BoundParameters["GeneratePDF"]; try { if (-not [string]::IsNullOrEmpty($folderpath)) { switch ($GeneratePDFReport) { None { # Do nothing } Landscape { [AzSKPDFExtension]::GeneratePDF($folderpath, $this.OrganizationContext, $this.InvocationContext, $true); } Portrait { [AzSKPDFExtension]::GeneratePDF($folderpath, $this.OrganizationContext, $this.InvocationContext, $false); } } } } catch { # Unwrapping the first layer of exception which is added by Invoke function $this.CommandError($_); } # $AttestControlParamFound = $this.InvocationContext.BoundParameters["AttestControls"]; if($null -eq $AttestControlParamFound) { #If controls are attested then open folder when rescan of attested controls is complete $controlAttested = $false if( ([FeatureFlightingManager]::GetFeatureStatus("EnableScanAfterAttestation","*"))) { #Global variable "AttestationValue" is set to true when one or more controls are attested in current scan #Ignore if variable AttestationValue is not found if (Get-Variable AttestationValue -Scope Global -ErrorAction Ignore){ if ( $Global:AttestationValue){ $controlAttested = $true } } } if ( !$controlAttested){ if((-not $this.DoNotOpenOutputFolder) -and (-not [string]::IsNullOrEmpty($folderPath))) { try { Invoke-Item -Path $folderPath; } catch { #ignore if any exception occurs } } } } } return $folderPath; } #EndRegion # Function to get output log folder from WriteFolder listener [string] GetOutputFolderPath() { return [WriteFolderPath]::GetInstance().FolderPath; } # <TODO Framework: Move to module helper class> # Function to validate module version based on Org policy and showcase warning for update or block commands if version is less than last two minor version [void] CheckModuleVersion() { $serverVersion = [System.Version] ([ConfigurationManager]::GetAzSKConfigData().GetLatestAzSKVersion($this.GetModuleName())); $currentModuleVersion = [System.Version] $this.GetCurrentModuleVersion() if($currentModuleVersion -ne "0.0.0.0" -and $currentModuleVersion -ne "1.0.0.0" -and $serverVersion -gt $currentModuleVersion) { $this.RunningLatestPSModule = $false; $this.InvokeAutoUpdate() $this.PublishCustomMessage(([Constants]::VersionCheckMessage -f $serverVersion), [MessageType]::Warning); $this.PublishCustomMessage(([ConfigurationManager]::GetAzSKConfigData().InstallationCommand + "`r`n"), [MessageType]::Update); $this.PublishCustomMessage([Constants]::VersionWarningMessage, [MessageType]::Warning); $serverVersions = @() [ConfigurationManager]::GetAzSKConfigData().GetAzSKVersionList($this.GetModuleName()) | ForEach-Object { #Take major and minor version and ignore build version for comparision $serverVersions+= [System.Version] ("$($_.Major)" +"." + "$($_.Minor)") } $serverVersions = $serverVersions | Select-Object -Unique $latestVersionList = $serverVersions | Where-Object {$_ -gt $currentModuleVersion} if(($latestVersionList | Measure-Object).Count -gt [ConfigurationManager]::GetAzSKConfigData().BackwardCompatibleVersionCount) { throw ([SuppressedException]::new(("Your version of $([Constants]::AzSKModuleName) is too old. Please update now!"),[SuppressedExceptionType]::Generic)) } } $psGalleryVersion = [System.Version] ([ConfigurationManager]::GetAzSKConfigData().GetAzSKLatestPSGalleryVersion($this.GetModuleName())); if($psGalleryVersion -ne $serverVersion) { $serverVersions = @() [ConfigurationManager]::GetAzSKConfigData().GetAzSKVersionList($this.GetModuleName()) | ForEach-Object { #Take major and minor version and ignore build version for comparision $serverVersions+= [System.Version] ("$($_.Major)" +"." + "$($_.Minor)") } $serverVersions = $serverVersions | Select-Object -Unique $latestVersionAvailableFromGallery = $serverVersions | Where-Object {$_ -gt $serverVersion} if(($latestVersionAvailableFromGallery | Measure-Object).Count -gt [ConfigurationManager]::GetAzSKConfigData().BackwardCompatibleVersionCount) { $this.PublishCustomMessage("Your Org AzSK.ADO version [$serverVersion] is too old. It must be updated to latest available version [$psGalleryVersion].",[MessageType]::Error); } } #Validate if detailed scan results is required in control evaluation $this.CheckDetailedScanStatus(); } # <TODO Framework: Move to module helper class> # Funtion to execute module auto update flow based on switch [void] InvokeAutoUpdate() { $AutoUpdateSwitch= [ConfigurationManager]::GetAzSKSettings().AutoUpdateSwitch; $AutoUpdateCommand = [ConfigurationManager]::GetAzSKSettings().AutoUpdateCommand; if($AutoUpdateSwitch -ne [AutoUpdate]::On) { if($AutoUpdateSwitch -eq [AutoUpdate]::NotSet) { $AutoUpdateMsg = [Constants]::AutoUpdateMessage Write-Host $AutoUpdateMsg -ForegroundColor Yellow } return; } #Step 1: Get the list of active running powershell prcesses including the current running PS Session $PSProcesses = Get-Process | Where-Object { ($_.Name -eq 'powershell' -or $_.Name -eq 'powershell_ise' -or $_.Name -eq 'powershelltoolsprocesshost')} $userChoice = "" if(($PSProcesses | Measure-Object).Count -ge 1) { Write-Host([Constants]::ModuleAutoUpdateAvailableMsg) -ForegroundColor Cyan; } #User choice that captures the decision to close the active PS Sessions $secondUserChoice ="" $InvalidOption = $true; while($InvalidOption) { if([string]::IsNullOrWhiteSpace($userChoice) -or ($userChoice.Trim() -ne 'y' -and $userChoice.Trim() -ne 'n')) { $userChoice = Read-Host "Continue (Y/N)" if([string]::IsNullOrWhiteSpace($userChoice) -or ($userChoice.Trim() -ne 'y' -and $userChoice.Trim() -ne 'n')) { Write-Host "Enter the valid option." -ForegroundColor Yellow } continue; } elseif($userChoice.Trim() -eq 'n') { $InvalidOption = $false; } elseif($userChoice.Trim() -eq 'y') { #Get the number of PS active sessions $PSProcesses = Get-Process | Where-Object { ($_.Name -eq 'powershell' -or $_.Name -eq 'powershell_ise' -or $_.Name -eq 'powershelltoolsprocesshost') -and $_.Id -ne $PID} if(($PSProcesses | Measure-Object).Count -gt 0) { Write-Host "`nThe following other PS sessions are still active. Please save your work and close them. You can also use Task Manager to close these sessions." -ForegroundColor Yellow Write-Host ($PSProcesses | Select-Object Id, ProcessName, Path | Out-String) $secondUserChoice = Read-Host "Continue (Y/N)" } elseif(($PSProcesses | Measure-Object).Count -eq 0) { Write-Host "`nThe current PS session will be closed now. Have you saved your work?" -ForegroundColor Yellow $secondUserChoice = Read-Host "Continue (Y/N)" } if(-not [string]::IsNullOrWhiteSpace($secondUserChoice) -and ` (($PSProcesses | Measure-Object).Count -eq 0 -and $secondUserChoice.Trim() -eq 'y') -or ` $secondUserChoice.Trim() -eq 'n') { $InvalidOption = $false; } } } #Check if the first user want to continue with auto-update using userChoice field and then check if user still wants to continue with auto-update after finding the active PS sessions. #In either case it is no it would exit the auto-update process if($userChoice.Trim() -eq "n" -or $secondUserChoice.Trim() -eq 'n') { Write-Host "Exiting auto-update workflow. To disable auto-update permanently, run the command below:" -ForegroundColor Yellow Write-Host "Set-AzSKADOPolicySettings -AutoUpdate Off`n" -ForegroundColor Green return } $AzSKTemp = Join-Path $([Constants]::AzSKAppFolderPath) "Temp"; try { $fileName = "au_" + $(get-date).ToUniversalTime().ToString("yyyyMMdd_HHmmss") + ".ps1"; $autoUpdateContent = [ConfigurationHelper]::LoadOfflineConfigFile("ModuleAutoUpdate.ps1"); if(-not (Test-Path -Path $AzSKTemp)) { New-Item -Path $AzSKTemp -ItemType Directory -Force } Remove-Item -Path (Join-Path $AzSKTemp "au_*") -Force -Recurse -ErrorAction SilentlyContinue $autoUpdateContent = $autoUpdateContent.Replace("##installurl##",$AutoUpdateCommand); $autoUpdateContent | Out-File (Join-Path $AzSKTemp $fileName) -Force Start-Process -WindowStyle Normal -FilePath "powershell.exe" -ArgumentList (Join-Path $AzSKTemp $fileName) } catch { $this.CommandError($_.Exception.InnerException.ErrorRecord); } } [void] CheckMultipleAzSKModuleLoaded(){ $loadedAzSKModules= Get-Module | Where-Object { $_.Name -like "AzSK*"}; if($env:AzSKSkipMultiModuleCheck -ne $true -and $null -ne $loadedAzSKModules -and ($loadedAzSKModules| Measure-Object).Count -gt 1){ throw [SuppressedException]::new("ERROR: Multiple AzSK modules loaded in same session, this will lead to issues when running AzSK cmdlets.",[SuppressedExceptionType]::Generic) } } [void] CheckDetailedScanStatus(){ if(-not([string]::IsNullOrEmpty($this.InvocationContext.BoundParameters['ControlIds'])) -or -not([string]::IsNullOrEmpty($this.InvocationContext.BoundParameters['DetailedScan'])) -or -not( [string]::IsNullOrEmpty($this.InvocationContext.BoundParameters['ControlsToAttest'])) ) { [AzSKRoot]::IsDetailedScanRequired = $true } else { [AzSKRoot]::IsDetailedScanRequired = $false } } } # SIG # Begin signature block # MIIjoQYJKoZIhvcNAQcCoIIjkjCCI44CAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCB1rYhUP+qoQ9TC # Xc4XRuhi3H5tsWRyKGh6OiNtGdPwnaCCDYEwggX/MIID56ADAgECAhMzAAAB32vw # LpKnSrTQAAAAAAHfMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjAxMjE1MjEzMTQ1WhcNMjExMjAyMjEzMTQ1WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQC2uxlZEACjqfHkuFyoCwfL25ofI9DZWKt4wEj3JBQ48GPt1UsDv834CcoUUPMn # s/6CtPoaQ4Thy/kbOOg/zJAnrJeiMQqRe2Lsdb/NSI2gXXX9lad1/yPUDOXo4GNw # PjXq1JZi+HZV91bUr6ZjzePj1g+bepsqd/HC1XScj0fT3aAxLRykJSzExEBmU9eS # yuOwUuq+CriudQtWGMdJU650v/KmzfM46Y6lo/MCnnpvz3zEL7PMdUdwqj/nYhGG # 3UVILxX7tAdMbz7LN+6WOIpT1A41rwaoOVnv+8Ua94HwhjZmu1S73yeV7RZZNxoh # EegJi9YYssXa7UZUUkCCA+KnAgMBAAGjggF+MIIBejAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUOPbML8IdkNGtCfMmVPtvI6VZ8+Mw # UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1 # ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAwMTIrNDYzMDA5MB8GA1UdIwQYMBaAFEhu # ZOVQBdOCqhc3NyK1bajKdQKVMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly93d3cu # bWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY0NvZFNpZ1BDQTIwMTFfMjAxMS0w # Ny0wOC5jcmwwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3 # Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvZFNpZ1BDQTIwMTFfMjAx # MS0wNy0wOC5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAnnqH # tDyYUFaVAkvAK0eqq6nhoL95SZQu3RnpZ7tdQ89QR3++7A+4hrr7V4xxmkB5BObS # 0YK+MALE02atjwWgPdpYQ68WdLGroJZHkbZdgERG+7tETFl3aKF4KpoSaGOskZXp # TPnCaMo2PXoAMVMGpsQEQswimZq3IQ3nRQfBlJ0PoMMcN/+Pks8ZTL1BoPYsJpok # t6cql59q6CypZYIwgyJ892HpttybHKg1ZtQLUlSXccRMlugPgEcNZJagPEgPYni4 # b11snjRAgf0dyQ0zI9aLXqTxWUU5pCIFiPT0b2wsxzRqCtyGqpkGM8P9GazO8eao # mVItCYBcJSByBx/pS0cSYwBBHAZxJODUqxSXoSGDvmTfqUJXntnWkL4okok1FiCD # Z4jpyXOQunb6egIXvkgQ7jb2uO26Ow0m8RwleDvhOMrnHsupiOPbozKroSa6paFt # VSh89abUSooR8QdZciemmoFhcWkEwFg4spzvYNP4nIs193261WyTaRMZoceGun7G # CT2Rl653uUj+F+g94c63AhzSq4khdL4HlFIP2ePv29smfUnHtGq6yYFDLnT0q/Y+ # Di3jwloF8EWkkHRtSuXlFUbTmwr/lDDgbpZiKhLS7CBTDj32I0L5i532+uHczw82 # oZDmYmYmIUSMbZOgS65h797rj5JJ6OkeEUJoAVwwggd6MIIFYqADAgECAgphDpDS # AAAAAAADMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0 # ZSBBdXRob3JpdHkgMjAxMTAeFw0xMTA3MDgyMDU5MDlaFw0yNjA3MDgyMTA5MDla # MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMT # H01pY3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTEwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQCr8PpyEBwurdhuqoIQTTS68rZYIZ9CGypr6VpQqrgG # OBoESbp/wwwe3TdrxhLYC/A4wpkGsMg51QEUMULTiQ15ZId+lGAkbK+eSZzpaF7S # 35tTsgosw6/ZqSuuegmv15ZZymAaBelmdugyUiYSL+erCFDPs0S3XdjELgN1q2jz # y23zOlyhFvRGuuA4ZKxuZDV4pqBjDy3TQJP4494HDdVceaVJKecNvqATd76UPe/7 # 4ytaEB9NViiienLgEjq3SV7Y7e1DkYPZe7J7hhvZPrGMXeiJT4Qa8qEvWeSQOy2u # M1jFtz7+MtOzAz2xsq+SOH7SnYAs9U5WkSE1JcM5bmR/U7qcD60ZI4TL9LoDho33 # X/DQUr+MlIe8wCF0JV8YKLbMJyg4JZg5SjbPfLGSrhwjp6lm7GEfauEoSZ1fiOIl # XdMhSz5SxLVXPyQD8NF6Wy/VI+NwXQ9RRnez+ADhvKwCgl/bwBWzvRvUVUvnOaEP # 6SNJvBi4RHxF5MHDcnrgcuck379GmcXvwhxX24ON7E1JMKerjt/sW5+v/N2wZuLB # l4F77dbtS+dJKacTKKanfWeA5opieF+yL4TXV5xcv3coKPHtbcMojyyPQDdPweGF # RInECUzF1KVDL3SV9274eCBYLBNdYJWaPk8zhNqwiBfenk70lrC8RqBsmNLg1oiM # CwIDAQABo4IB7TCCAekwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFEhuZOVQ # BdOCqhc3NyK1bajKdQKVMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud # DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFHItOgIxkEO5FAVO # 4eqnxzHRI4k0MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwubWljcm9zb2Z0 # LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcmwwXgYIKwYBBQUHAQEEUjBQME4GCCsGAQUFBzAChkJodHRwOi8vd3d3Lm1p # Y3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcnQwgZ8GA1UdIASBlzCBlDCBkQYJKwYBBAGCNy4DMIGDMD8GCCsGAQUFBwIB # FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2RvY3MvcHJpbWFyeWNw # cy5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AcABvAGwAaQBjAHkA # XwBzAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAGfyhqWY # 4FR5Gi7T2HRnIpsLlhHhY5KZQpZ90nkMkMFlXy4sPvjDctFtg/6+P+gKyju/R6mj # 82nbY78iNaWXXWWEkH2LRlBV2AySfNIaSxzzPEKLUtCw/WvjPgcuKZvmPRul1LUd # d5Q54ulkyUQ9eHoj8xN9ppB0g430yyYCRirCihC7pKkFDJvtaPpoLpWgKj8qa1hJ # Yx8JaW5amJbkg/TAj/NGK978O9C9Ne9uJa7lryft0N3zDq+ZKJeYTQ49C/IIidYf # wzIY4vDFLc5bnrRJOQrGCsLGra7lstnbFYhRRVg4MnEnGn+x9Cf43iw6IGmYslmJ # aG5vp7d0w0AFBqYBKig+gj8TTWYLwLNN9eGPfxxvFX1Fp3blQCplo8NdUmKGwx1j # NpeG39rz+PIWoZon4c2ll9DuXWNB41sHnIc+BncG0QaxdR8UvmFhtfDcxhsEvt9B # xw4o7t5lL+yX9qFcltgA1qFGvVnzl6UJS0gQmYAf0AApxbGbpT9Fdx41xtKiop96 # eiL6SJUfq/tHI4D1nvi/a7dLl+LrdXga7Oo3mXkYS//WsyNodeav+vyL6wuA6mk7 # r/ww7QRMjt/fdW1jkT3RnVZOT7+AVyKheBEyIXrvQQqxP/uozKRdwaGIm1dxVk5I # RcBCyZt2WwqASGv9eZ/BvW1taslScxMNelDNMYIVdjCCFXICAQEwgZUwfjELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9z # b2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAxMQITMwAAAd9r8C6Sp0q00AAAAAAB3zAN # BglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor # BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgvzAFNMb1 # l5lTxa8J429cdD0p4o5k903V6keCQ+kV9l8wRAYKKwYBBAGCNwIBDDE2MDSgFIAS # AE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3Lm1pY3Jvc29mdC5jb20g # MA0GCSqGSIb3DQEBAQUABIIBAAGu8FzPz33jPB2e9nj+43sfQ9F1ncAXCxp1eWS2 # tWXHnVnhfYUROuj0Cyr0ftCvSNlgEbC6eqdFC3CEQaMPh+08ogQSeL7JgtZIfGxl # ITS+yXNgIrNBJ3SvdSqCDL+Xil7RXSqr5eXP1o/5KRR95toEV1V0uHdr39h5KquK # ETylNqNS+PvQnZ/v8ZndFrfv3vKUc6hqxhcIIYVrLyRO4AI6stUhOokdp+Qj16G1 # 2AmhMG5T+GEmUB65WR2pzdXNdfiAqJXl58HNT8XCrRdeyiUhjvwhiE9qDybv4spi # tvOicgLTOJIHKfzLN7MlVSlwmJf514KI0oSyocNum3RHe3ehghL+MIIS+gYKKwYB # BAGCNwMDATGCEuowghLmBgkqhkiG9w0BBwKgghLXMIIS0wIBAzEPMA0GCWCGSAFl # AwQCAQUAMIIBWQYLKoZIhvcNAQkQAQSgggFIBIIBRDCCAUACAQEGCisGAQQBhFkK # AwEwMTANBglghkgBZQMEAgEFAAQguD7V6aGMAOZNpf1XcOxnZPYyeEtFF5BXjI6i # uS9n9l4CBmA9EF8J7hgTMjAyMTAzMTUxMDU5MzkuMTY4WjAEgAIB9KCB2KSB1TCB # 0jELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMk # TWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1U # aGFsZXMgVFNTIEVTTjoxNzlFLTRCQjAtODI0NjElMCMGA1UEAxMcTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgU2VydmljZaCCDk0wggT5MIID4aADAgECAhMzAAABPIv9ubM/ # R5f9AAAAAAE8MA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQI # EwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv # ZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBD # QSAyMDEwMB4XDTIwMTAxNTE3MjgyM1oXDTIyMDExMjE3MjgyM1owgdIxCzAJBgNV # BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w # HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jvc29m # dCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQGA1UECxMdVGhhbGVzIFRT # UyBFU046MTc5RS00QkIwLTgyNDYxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0 # YW1wIFNlcnZpY2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYECrp # aQOq9jkOBpC345fQ0IvOpRqK8nEe+jopJc/5XNNqzanq5hrd9wib4RdvpuPj68n5 # Dm/XZu2vCqnWoxhy3ixrbgS/rg3CS3bqp8Ag1UQg/xAz32TueeTOY1cOelcXRaho # sIcjlrrkv13AacFXm4AbYMCgYM6BzdZKARebc6zEv+4QCy4+1AV8RHQHEOdoj42O # JpbFWlHvYKzXuM1AH4vmjT9o/fCq2mWD7Ig2/CpaId2gHK6R+S909iK27uVkjVap # 2/Sb4ATOLJbaVQ+X0+hYbEcCesf93g+tAQXuvA8dH63doK5I5zdZCF5U/3Dibfl7 # ZCFsU6ks+ph4jJrbAgMBAAGjggEbMIIBFzAdBgNVHQ4EFgQU4aFn4soS+jazYT8l # GOoYvyZnPEYwHwYDVR0jBBgwFoAU1WM6XIoxkPNDe3xGG8UzaFqFbVUwVgYDVR0f # BE8wTTBLoEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJv # ZHVjdHMvTWljVGltU3RhUENBXzIwMTAtMDctMDEuY3JsMFoGCCsGAQUFBwEBBE4w # TDBKBggrBgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0 # cy9NaWNUaW1TdGFQQ0FfMjAxMC0wNy0wMS5jcnQwDAYDVR0TAQH/BAIwADATBgNV # HSUEDDAKBggrBgEFBQcDCDANBgkqhkiG9w0BAQsFAAOCAQEAMvcQjJTdl3luSMzF # qRkxRklJ+KWRUUlB3I2KJVWb4Gn6eWdJTiWdC1uxejF2oPX0b+X9QIhi8u1AaV79 # 2eEit2lQzqVgPifyTZGLjzK2Oou4Pj/F58Pp2m6HupGfuNAehln+hSvvIE5ggEnC # iv9lVkAJOMlLHF38DbPv7pyWs0Lzv2sjZwPHvdhtV8lBtOYsE8Nxznlbsyc80vRn # Reqm8JQK6Z8xAD4SeY8duFFXhciETG2E0bh+/N3mwGnzXJzMbSKAKkzIw6Yxqf+z # HzWPFim9DGZwmchq+6JBKtb4EGT0EFtfqGCrOPD5O7uPwSdj1apgXqo7Hctx7hcs # 5qjpwjCCBnEwggRZoAMCAQICCmEJgSoAAAAAAAIwDQYJKoZIhvcNAQELBQAwgYgx # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1p # Y3Jvc29mdCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTEwMDcw # MTIxMzY1NVoXDTI1MDcwMTIxNDY1NVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgT # Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m # dCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENB # IDIwMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpHQ28dxGKOiDs # /BOX9fp/aZRrdFQQ1aUKAIKF++18aEssX8XD5WHCdrc+Zitb8BVTJwQxH0EbGpUd # zgkTjnxhMFmxMEQP8WCIhFRDDNdNuDgIs0Ldk6zWczBXJoKjRQ3Q6vVHgc2/JGAy # WGBG8lhHhjKEHnRhZ5FfgVSxz5NMksHEpl3RYRNuKMYa+YaAu99h/EbBJx0kZxJy # GiGKr0tkiVBisV39dx898Fd1rL2KQk1AUdEPnAY+Z3/1ZsADlkR+79BL/W7lmsqx # qPJ6Kgox8NpOBpG2iAg16HgcsOmZzTznL0S6p/TcZL2kAcEgCZN4zfy8wMlEXV4W # nAEFTyJNAgMBAAGjggHmMIIB4jAQBgkrBgEEAYI3FQEEAwIBADAdBgNVHQ4EFgQU # 1WM6XIoxkPNDe3xGG8UzaFqFbVUwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEw # CwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU1fZWy4/o # olxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5taWNy # b3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYt # MjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDovL3d3dy5t # aWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5j # cnQwgaAGA1UdIAEB/wSBlTCBkjCBjwYJKwYBBAGCNy4DMIGBMD0GCCsGAQUFBwIB # FjFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vUEtJL2RvY3MvQ1BTL2RlZmF1bHQu # aHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAFAAbwBsAGkAYwB5AF8A # UwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQAH5ohRDeLG # 4Jg/gXEDPZ2joSFvs+umzPUxvs8F4qn++ldtGTCzwsVmyWrf9efweL3HqJ4l4/m8 # 7WtUVwgrUYJEEvu5U4zM9GASinbMQEBBm9xcF/9c+V4XNZgkVkt070IQyK+/f8Z/ # 8jd9Wj8c8pl5SpFSAK84Dxf1L3mBZdmptWvkx872ynoAb0swRCQiPM/tA6WWj1kp # vLb9BOFwnzJKJ/1Vry/+tuWOM7tiX5rbV0Dp8c6ZZpCM/2pif93FSguRJuI57BlK # cWOdeyFtw5yjojz6f32WapB4pm3S4Zz5Hfw42JT0xqUKloakvZ4argRCg7i1gJsi # OCC1JeVk7Pf0v35jWSUPei45V3aicaoGig+JFrphpxHLmtgOR5qAxdDNp9DvfYPw # 4TtxCd9ddJgiCGHasFAeb73x4QDf5zEHpJM692VHeOj4qEir995yfmFrb3epgcun # Caw5u+zGy9iCtHLNHfS4hQEegPsbiSpUObJb2sgNVZl6h3M7COaYLeqN4DMuEin1 # wC9UJyH3yKxO2ii4sanblrKnQqLJzxlBTeCG+SqaoxFmMNO7dDJL32N79ZmKLxvH # Ia9Zta7cRDyXUHHXodLFVeNp3lfB0d4wwP3M5k37Db9dT+mdHhk4L7zPWAUu7w2g # UDXa7wknHNWzfjUeCLraNtvTX4/edIhJEqGCAtcwggJAAgEBMIIBAKGB2KSB1TCB # 0jELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMk # TWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1U # aGFsZXMgVFNTIEVTTjoxNzlFLTRCQjAtODI0NjElMCMGA1UEAxMcTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgU2VydmljZaIjCgEBMAcGBSsOAwIaAxUAHUt0elneaPLba16K # e63RR3B65OaggYMwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu # Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv # cmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDAN # BgkqhkiG9w0BAQUFAAIFAOP5WoswIhgPMjAyMTAzMTUxMjAxMTVaGA8yMDIxMDMx # NjEyMDExNVowdzA9BgorBgEEAYRZCgQBMS8wLTAKAgUA4/laiwIBADAKAgEAAgIL # vQIB/zAHAgEAAgIRejAKAgUA4/qsCwIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgor # BgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBBQUA # A4GBAGh/dBayLOOoGO0I3H5jRjsM8O1BHdJNe1oahMR6PZA+Wq5u/75HRvnxCWOx # 2vJ2PVlcI11PAF6E6/F6ILdPEk46yyOBnqZiSPGEW5UMzdcDLr/97slPL4EDrOK7 # 6S3vFeG/XQzmp5gMWNBG1Wdo76gfaVoYJnDMrN+ZdY+gJqppMYIDDTCCAwkCAQEw # gZMwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT # B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UE # AxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAE8i/25sz9Hl/0A # AAAAATwwDQYJYIZIAWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0B # CRABBDAvBgkqhkiG9w0BCQQxIgQgGkHyqBN56XOf1dze8A4KjJBbROmWEQNJfOr3 # Xwup2/MwgfoGCyqGSIb3DQEJEAIvMYHqMIHnMIHkMIG9BCCgSQK6TSS/wOc6qbfU # fBGv7YhsPfGYhbgVIYrhJuhaRjCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1w # IFBDQSAyMDEwAhMzAAABPIv9ubM/R5f9AAAAAAE8MCIEIAfCTuwOHo5III7ad6as # FLQM7t3dgviJyZPOckabfVbxMA0GCSqGSIb3DQEBCwUABIIBADq3d0J9M2CPOK8x # ZCYmzHd854IjFK/Vj1xf9YB/8ZTzdorAzH+xz6PkF7okEvdHxsBCKH0uyc/npcyJ # Nrs5yaStjhR2KEg7Ai5gvdAhyk4CROpZCdnVHK67rf8Yg34uJ8774Mts96Cmmnuh # FdSgrVrWU0nTCY+2f+E97Op9eWQ/uSkixkBTvDwhSRWMsayN0J7OIUF4UjVXial5 # NT64AyA857lOGVSWP4XHnDnN4yYzpFpg2ny6/SBmycV+5lGPPiB8lIa8cisLDOoo # CUDx3epowJ4gSWnMOEYoLehFe/udvEcz5DyzOtovr70XMjdxXMBrhdA3DrTRMdXD # z/+WEm0= # SIG # End signature block |