AppHandling/Sign-NavContainerApp.ps1
|
<#
.Synopsis Uses a NAV/BC Container to sign an App .Description appFile must be shared with the container Copies the pfxFile to the container if necessary Creates a session to the container and Signs the App using the provided certificate and password .Parameter containerName Name of the container in which you want to publish an app .Parameter appFile Path of the app you want to sign .Parameter pfxFile Path/Url of the certificate pfx file to use for signing .Parameter pfxPassword Password of the certificate pfx file .Parameter timeStampServer Specifies the URL of the time stamp server. Default is $bcContainerHelperConfig.timeStampServer, which defaults to http://timestamp.digicert.com .Example Sign-BcContainerApp -appFile c:\programdata\bccontainerhelper\myapp.app -pfxFile http://my.secure.url/mycert.pfx -pfxPassword $securePassword .Example Sign-BcContainerApp -appFile c:\programdata\bccontainerhelper\myapp.app -pfxFile c:\programdata\bccontainerhelper\mycert.pfx -pfxPassword $securePassword #> function Sign-BcContainerApp { Param ( [string] $containerName = $bcContainerHelperConfig.defaultContainerName, [Parameter(Mandatory=$true)] [string] $appFile, [Parameter(Mandatory=$true)] [string] $pfxFile, [Parameter(Mandatory=$true)] [SecureString] $pfxPassword, [Parameter(Mandatory=$false)] [string] $timeStampServer = $bcContainerHelperConfig.timeStampServer, [Parameter(Mandatory=$false)] [string] $digestAlgorithm = $bcContainerHelperConfig.digestAlgorithm, [switch] $importCertificate ) $telemetryScope = InitTelemetryScope -name $MyInvocation.InvocationName -parameterValues $PSBoundParameters -includeParameters @() try { $containerAppFile = Get-BcContainerPath -containerName $containerName -path $appFile if ("$containerAppFile" -eq "") { throw "The app ($appFile)needs to be in a folder, which is shared with the container $containerName" } $sharedPfxFile = Join-Path $bcContainerHelperConfig.hostHelperFolder "Extensions\$containerName\my\$([GUID]::NewGuid().ToString()).pfx" $removeSharedPfxFile = $true if ($pfxFile -like "https://*" -or $pfxFile -like "http://*") { Write-Host "Downloading certificate file to container" Download-File -sourceUrl $pfxFile -destinationFile $sharedPfxFile } else { if (Get-BcContainerPath -containerName $containerName -path $pfxFile) { $sharedPfxFile = $pfxFile $removeSharedPfxFile = $false } else { Write-Host "Copying certificate file to container" Copy-Item -Path $pfxFile -Destination $sharedPfxFile -Force } } try { TestPfxCertificate -pfxFile $sharedPfxFile -pfxPassword $pfxPassword -certkind "Codesign" Invoke-ScriptInBcContainer -containerName $containerName -useSession:$false -ScriptBlock { Param($appFile, $pfxFile, $pfxPassword, $timeStampServer, $digestAlgorithm, $importCertificate) function GetExtendedErrorMessage { Param( $errorRecord ) $exception = $errorRecord.Exception $message = $exception.Message try { $errorDetails = $errorRecord.ErrorDetails | ConvertFrom-Json $message += " $($errorDetails.error)`r`n$($errorDetails.error_description)" } catch {} try { if ($exception -is [System.Management.Automation.MethodInvocationException]) { $exception = $exception.InnerException } $webException = [System.Net.WebException]$exception $webResponse = $webException.Response try { if ($webResponse.StatusDescription) { $message += "`r`n$($webResponse.StatusDescription)" } } catch {} $reqstream = $webResponse.GetResponseStream() $sr = new-object System.IO.StreamReader $reqstream $result = $sr.ReadToEnd() try { $json = $result | ConvertFrom-Json $message += "`r`n$($json.Message)" } catch { $message += "`r`n$result" } try { $correlationX = $webResponse.GetResponseHeader('ms-correlation-x') if ($correlationX) { $message += " (ms-correlation-x = $correlationX)" } } catch {} } catch{} $message } if ($importCertificate) { Import-PfxCertificate -FilePath $pfxFile -Password $pfxPassword -CertStoreLocation "cert:\localMachine\root" | Out-Null Import-PfxCertificate -FilePath $pfxFile -Password $pfxPassword -CertStoreLocation "cert:\localMachine\my" | Out-Null } if (!(Test-Path "C:\Windows\System32\msvcr120.dll")) { Write-Host "Downloading vcredist_x86" (New-Object System.Net.WebClient).DownloadFile('https://bcartifacts-exdbf9fwegejdqak.b02.azurefd.net/prerequisites/vcredist_x86.exe','c:\run\install\vcredist_x86.exe') Write-Host "Installing vcredist_x86" start-process -Wait -FilePath c:\run\install\vcredist_x86.exe -ArgumentList /q, /norestart Write-Host "Downloading vcredist_x64" (New-Object System.Net.WebClient).DownloadFile('https://bcartifacts-exdbf9fwegejdqak.b02.azurefd.net/prerequisites/vcredist_x64.exe','c:\run\install\vcredist_x64.exe') Write-Host "Installing vcredist_x64" start-process -Wait -FilePath c:\run\install\vcredist_x64.exe -ArgumentList /q, /norestart } if (!(Test-Path "C:\Windows\System32\vcruntime140_1.dll")) { Write-Host "Downloading vcredist_x64 (version 140)" (New-Object System.Net.WebClient).DownloadFile('https://aka.ms/vs/17/release/vc_redist.x64.exe','c:\run\install\vcredist_x64-140.exe') Write-Host "Installing vcredist_x64 (version 140)" start-process -Wait -FilePath c:\run\install\vcredist_x64-140.exe -ArgumentList /q, /norestart } if (Test-Path "C:\Program Files (x86)\Windows Kits\10\bin\*\x64\SignTool.exe") { $signToolExe = (get-item "C:\Program Files (x86)\Windows Kits\10\bin\*\x64\SignTool.exe").FullName } else { Write-Host "Downloading Signing Tools" $winSdkSetupExe = "c:\run\install\winsdksetup.exe" $winSdkSetupUrl = "https://bcartifacts-exdbf9fwegejdqak.b02.azurefd.net/prerequisites/winsdksetup.exe" (New-Object System.Net.WebClient).DownloadFile($winSdkSetupUrl,$winSdkSetupExe) Write-Host "Installing Signing Tools" Start-Process $winSdkSetupExe -ArgumentList "/features OptionId.SigningTools /q" -Wait if (!(Test-Path "C:\Program Files (x86)\Windows Kits\10\bin\*\x64\SignTool.exe")) { throw "Cannot locate signtool.exe after installation" } $signToolExe = (get-item "C:\Program Files (x86)\Windows Kits\10\bin\*\x64\SignTool.exe").FullName } Write-Host "Signing $appFile" $unsecurepassword = ([System.Runtime.InteropServices.Marshal]::PtrToStringBSTR([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pfxPassword))) $attempt = 1 $maxAttempts = 5 do { try { if ($digestAlgorithm) { & "$signtoolexe" @("sign", "/f", "$pfxFile", "/p","$unsecurepassword", "/fd", $digestAlgorithm, "/td", $digestAlgorithm, "/tr", "$timeStampServer", "$appFile") | Write-Host } else { & "$signtoolexe" @("sign", "/f", "$pfxFile", "/p","$unsecurepassword", "/t", "$timeStampServer", "$appFile") | Write-Host } break } catch { if ($attempt -ge $maxAttempts) { throw } else { $seconds = [Math]::Pow(4,$attempt) Write-Host "Signing failed, retrying in $seconds seconds" $attempt++ Start-Sleep -Seconds $seconds } } } while ($attempt -le $maxAttempts) } -ArgumentList $containerAppFile, (Get-BcContainerPath -containerName $containerName -path $sharedPfxFile), $pfxPassword, $timeStampServer, $digestAlgorithm, $importCertificate } finally { if ($removeSharedPfxFile -and (Test-Path $sharedPfxFile)) { Remove-Item -Path $sharedPfxFile -Force } } } catch { TrackException -telemetryScope $telemetryScope -errorRecord $_ throw } finally { TrackTrace -telemetryScope $telemetryScope } } Set-Alias -Name Sign-NavContainerApp -Value Sign-BcContainerApp Export-ModuleMember -Function Sign-BcContainerApp -Alias Sign-NavContainerApp # SIG # Begin signature block # MIIoGwYJKoZIhvcNAQcCoIIoDDCCKAgCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCB9h1ZXV0/ww8e7 # c5IvLpTm8xp00oKz7Xz+Q6peDCsYK6CCDYUwggYDMIID66ADAgECAhMzAAAEhJji # EuB4ozFdAAAAAASEMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjUwNjE5MTgyMTM1WhcNMjYwNjE3MTgyMTM1WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDtekqMKDnzfsyc1T1QpHfFtr+rkir8ldzLPKmMXbRDouVXAsvBfd6E82tPj4Yz # aSluGDQoX3NpMKooKeVFjjNRq37yyT/h1QTLMB8dpmsZ/70UM+U/sYxvt1PWWxLj # MNIXqzB8PjG6i7H2YFgk4YOhfGSekvnzW13dLAtfjD0wiwREPvCNlilRz7XoFde5 # KO01eFiWeteh48qUOqUaAkIznC4XB3sFd1LWUmupXHK05QfJSmnei9qZJBYTt8Zh # ArGDh7nQn+Y1jOA3oBiCUJ4n1CMaWdDhrgdMuu026oWAbfC3prqkUn8LWp28H+2S # LetNG5KQZZwvy3Zcn7+PQGl5AgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUBN/0b6Fh6nMdE4FAxYG9kWCpbYUw # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzUwNTM2MjAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AGLQps1XU4RTcoDIDLP6QG3NnRE3p/WSMp61Cs8Z+JUv3xJWGtBzYmCINmHVFv6i # 8pYF/e79FNK6P1oKjduxqHSicBdg8Mj0k8kDFA/0eU26bPBRQUIaiWrhsDOrXWdL # m7Zmu516oQoUWcINs4jBfjDEVV4bmgQYfe+4/MUJwQJ9h6mfE+kcCP4HlP4ChIQB # UHoSymakcTBvZw+Qst7sbdt5KnQKkSEN01CzPG1awClCI6zLKf/vKIwnqHw/+Wvc # Ar7gwKlWNmLwTNi807r9rWsXQep1Q8YMkIuGmZ0a1qCd3GuOkSRznz2/0ojeZVYh # ZyohCQi1Bs+xfRkv/fy0HfV3mNyO22dFUvHzBZgqE5FbGjmUnrSr1x8lCrK+s4A+ # bOGp2IejOphWoZEPGOco/HEznZ5Lk6w6W+E2Jy3PHoFE0Y8TtkSE4/80Y2lBJhLj # 27d8ueJ8IdQhSpL/WzTjjnuYH7Dx5o9pWdIGSaFNYuSqOYxrVW7N4AEQVRDZeqDc # fqPG3O6r5SNsxXbd71DCIQURtUKss53ON+vrlV0rjiKBIdwvMNLQ9zK0jy77owDy # XXoYkQxakN2uFIBO1UNAvCYXjs4rw3SRmBX9qiZ5ENxcn/pLMkiyb68QdwHUXz+1 # fI6ea3/jjpNPz6Dlc/RMcXIWeMMkhup/XEbwu73U+uz/MIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCGewwghnoAgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAASEmOIS4HijMV0AAAAA # BIQwDQYJYIZIAWUDBAIBBQCggZAwGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # LwYJKoZIhvcNAQkEMSIEIMAG6uYcFLMAQXFbVJQ+jygOsf5/ptQPOfcMODHCc2Lp # MEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRw # Oi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEBBQAEggEARePdUpZhPFa+ # XJUlanWqgMEh+LWjnWKagcLXIngLXf1vaeFW3D2WGy1tpY+IGTt7qGXOvB4Tank2 # n4uAiQ2ibjPZQeXg3kD2h/1sU8nXcJNEWZNmizcrjENrLvQyF51GU2XmM4WKZsMR # EXlyPY3SjUDch4LnxSePpHRbZMnUiFRJhVEyo0MfDQPS24VN3k+IpxS58gPQE+2S # uoN1D5GIiy8gfBvHhVpwHXIXTDhl8vWG4IWvZ6+xJbWtCFUzKZcvtxyJ/aAqlIXb # 56rlycx0Zj7alK7OUMSJRD2VIekYk+zEcyixdJyAPrXGjWtlFyrAcUq1IUQSFZSV # /qcrk1YKYaGCF5QwgheQBgorBgEEAYI3AwMBMYIXgDCCF3wGCSqGSIb3DQEHAqCC # F20wghdpAgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFSBgsqhkiG9w0BCRABBKCCAUEE # ggE9MIIBOQIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFlAwQCAQUABCBTYGAQNnfe # Q14AjK/h1zeasBnWmMz6vc5WjZ4YuXXROQIGaSTl6Yk4GBMyMDI1MTIwODEyNDgw # OS43MjlaMASAAgH0oIHRpIHOMIHLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25z # MScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046QTAwMC0wNUUwLUQ5NDcxJTAjBgNV # BAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2WgghHqMIIHIDCCBQigAwIB # AgITMwAAAgh4nVhdksfZUgABAAACCDANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQg # VGltZS1TdGFtcCBQQ0EgMjAxMDAeFw0yNTAxMzAxOTQyNTNaFw0yNjA0MjIxOTQy # NTNaMIHLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYD # VQQLExxNaWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25zMScwJQYDVQQLEx5uU2hp # ZWxkIFRTUyBFU046QTAwMC0wNUUwLUQ5NDcxJTAjBgNVBAMTHE1pY3Jvc29mdCBU # aW1lLVN0YW1wIFNlcnZpY2UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC # AQC1y3AI5lIz3Ip1nK5BMUUbGRsjSnCz/VGs33zvY0NeshsPgfld3/Z3/3dS8WKB # LlDlosmXJOZlFSiNXUd6DTJxA9ik/ZbCdWJ78LKjbN3tFkX2c6RRpRMpA8sq/oBb # RryP3c8Q/gxpJAKHHz8cuSn7ewfCLznNmxqliTk3Q5LHqz2PjeYKD/dbKMBT2TAA # WAvum4z/HXIJ6tFdGoNV4WURZswCSt6ROwaqQ1oAYGvEndH+DXZq1+bHsgvcPNCd # TSIpWobQiJS/UKLiR02KNCqB4I9yajFTSlnMIEMz/Ni538oGI64phcvNpUe2+qaK # WHZ8d4T1KghvRmSSF4YF5DNEJbxaCUwsy7nULmsFnTaOjVOoTFWWfWXvBuOKkBcQ # KWGKvrki976j4x+5ezAP36fq3u6dHRJTLZAu4dEuOooU3+kMZr+RBYWjTHQCKV+y # Z1ST0eGkbHXoA2lyyRDlNjBQcoeZIxWCZts/d3+nf1jiSLN6f6wdHaUz0ADwOTQ/ # aEo1IC85eFePvyIKaxFJkGU2Mqa6Xzq3qCq5tokIHtjhogsrEgfDKTeFXTtdhl1I # PtLcCfMcWOGGAXosVUU7G948F6W96424f2VHD8L3FoyAI9+r4zyIQUmqiESzuQWe # WpTTjFYwCmgXaGOuSDV8cNOVQB6IPzPneZhVTjwxbAZlaQIDAQABo4IBSTCCAUUw # HQYDVR0OBBYEFKMx4vfOqcUTgYOVB9f18/mhegFNMB8GA1UdIwQYMBaAFJ+nFV0A # XmJdg/Tl0mWnG1M1GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWlj # cm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQ # Q0ElMjAyMDEwKDEpLmNybDBsBggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0 # dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIw # VGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwFgYD # VR0lAQH/BAwwCgYIKwYBBQUHAwgwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEB # CwUAA4ICAQBRszKJKwAfswqdaQPFiaYB/ZNAYWDa040XTcQsCaCua5nsG1IslYaS # pH7miTLr6eQEqXczZoqeOa/xvDnMGifGNda0CHbQwtpnIhsutrKO2jhjEaGwlJgO # Mql21r7Ik6XnBza0e3hBOu4UBkMl/LEX+AURt7i7+RTNsGN0cXPwPSbTFE+9z7Wa # gGbY9pwUo/NxkGJseqGCQ/9K2VMU74bw5e7+8IGUhM2xspJPqnSeHPhYmcB0WclO # xcVIfj/ZuQvworPbTEEYDVCzSN37c0yChPMY7FJ+HGFBNJxwd5lKIr7GYfq8a0gO # iC2ljGYlc4rt4cCed1XKg83f0l9aUVimWBYXtfNebhpfr6Lc3jD8NgsrDhzt0Wgn # IdnTZCi7jxjsIBilH99pY5/h6bQcLKK/E6KCP9E1YN78fLaOXkXMyO6xLrvQZ+uC # Si1hdTufFC7oSB/CU5RbfIVHXG0j1o2n1tne4eCbNfKqUPTE31tNbWBR23Yiy0r3 # kQmHeYE1GLbL4pwknqaip1BRn6WIUMJtgncawEN33f8AYGZ4a3NnHopzGVV6neff # GVag4Tduy+oy1YF+shChoXdMqfhPWFpHe3uJGT4GJEiNs4+28a/wHUuF+aRaR0cN # 5P7XlOwU1360iUCJtQdvKQaNAwGI29KOwS3QGriR9F2jOGPUAlpeEzCCB3EwggVZ # oAMCAQICEzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZIhvcNAQELBQAwgYgxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jv # c29mdCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTIxMDkzMDE4 # MjIyNVoXDTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh # c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD # b3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIw # MTAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDk4aZM57RyIQt5osvX # JHm9DtWC0/3unAcH0qlsTnXIyjVX9gF/bErg4r25PhdgM/9cT8dm95VTcVrifkpa # /rg2Z4VGIwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPFdvWGUNzBRMhxXFExN6AK # OG6N7dcP2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6GnszrYBbfowQHJ1S/rbo # YiXcag/PXfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBpDco2LXCOMcg1KL3jtIck # w+DJj361VI/c+gVVmG1oO5pGve2krnopN6zL64NF50ZuyjLVwIYwXE8s4mKyzbni # jYjklqwBSru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3EXzTdEonW/aUgfX782Z5F # 37ZyL9t9X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0lBw0gg/wEPK3Rxjtp+iZ # fD9M269ewvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1qGFphAXPKZ6Je1yh2AuIz # GHLXpyDwwvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ+QuJYfM2BjUYhEfb3BvR # /bLUHMVr9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PAPBXbGjfHCBUYP3irRbb1 # Hode2o+eFnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkwEgYJKwYBBAGCNxUBBAUC # AwEAATAjBgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxGNSnPEP8vBO4wHQYDVR0O # BBYEFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARVMFMwUQYMKwYBBAGCN0yD # fQEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lv # cHMvRG9jcy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAKBggrBgEFBQcDCDAZBgkr # BgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw # AwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNVHR8ETzBN # MEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0 # cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEETjBMMEoG # CCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01p # Y1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG9w0BAQsFAAOCAgEAnVV9 # /Cqt4SwfZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0xM7U518JxNj/aZGx80HU5 # bbsPMeTCj/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmCVgADsAW+iehp4LoJ7nvf # am++Kctu2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449xvNo32X2pFaq95W2KFUn # 0CS9QKC/GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wMnosZiefwC2qBwoEZQhlS # dYo2wh3DYXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDSPeZKPmY7T7uG+jIa2Zb0 # j/aRAfbOxnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2dY3RILLFORy3BFARxv2T5 # JL5zbcqOCb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxnGSgkujhLmm77IVRrakUR # R6nxt67I6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+CrvsQWY9af3LwUFJfn6Tvsv4 # O+S3Fb+0zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokLjzbaukz5m/8K6TT4JDVn # K+ANuOaMmdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL6Xu/OHBE0ZDxyKs6ijoI # Yn/ZcGNTTY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggNNMIICNQIBATCB+aGB0aSB # zjCByzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT # B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UE # CxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVs # ZCBUU1MgRVNOOkEwMDAtMDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGlt # ZS1TdGFtcCBTZXJ2aWNloiMKAQEwBwYFKw4DAhoDFQCNkvu0NKcSjdYKyrhJZcsy # XOUTNKCBgzCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u # MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRp # b24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMA0GCSqG # SIb3DQEBCwUAAgUA7OEvBDAiGA8yMDI1MTIwODExMDMzMloYDzIwMjUxMjA5MTEw # MzMyWjB0MDoGCisGAQQBhFkKBAExLDAqMAoCBQDs4S8EAgEAMAcCAQACAg+xMAcC # AQACAhNjMAoCBQDs4oCEAgEAMDYGCisGAQQBhFkKBAIxKDAmMAwGCisGAQQBhFkK # AwKgCjAIAgEAAgMHoSChCjAIAgEAAgMBhqAwDQYJKoZIhvcNAQELBQADggEBADl5 # jPKQCGZwoSLVgAK4gUi0B/OuyfmdVJ93ttFzzSapSLOCq4fRYxAgwTkGl/fd41bo # HfGNRVQGhnLarrjCQR5lofX8mLNZGHfjtOAI9+bCQ6tcu4q7wJDqr1XAwjxyK3qC # wHoW90XlmwWYDGjfMwvtcEFVFc0XJkLOrr4VdyzpWMnuO3Tdu4NA0ZOjnhCr8Bvb # ru/ozJBFAP1/GB9fLQvXgbeFQ/XZvbrT4PDzTlFVGVYSbL5HkRCOA/Wd5JYanK8S # 63i0ZLjC+2XCnUrERArUI6IavxXPqLlvryRL4Psd4d77AqcfF2FVc8EUWvVUDBuu # wq7gXufxGZhwMp+n1OMxggQNMIIECQIBATCBkzB8MQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFt # cCBQQ0EgMjAxMAITMwAAAgh4nVhdksfZUgABAAACCDANBglghkgBZQMEAgEFAKCC # AUowGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEEMC8GCSqGSIb3DQEJBDEiBCCL # hmrGReADz3wP8TKfXbItRtN0YMb65hd4sv+RfVRnyTCB+gYLKoZIhvcNAQkQAi8x # geowgecwgeQwgb0EII//jm8JHa2W1O9778t9+Ft2Z5NmKqttPk6Q+9RRpmepMIGY # MIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNV # BAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQG # A1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAIIeJ1YXZLH # 2VIAAQAAAggwIgQgPDGZkRQZZkms2YXZeRmlFFIFic4WjD3QRGwR36V9F/kwDQYJ # KoZIhvcNAQELBQAEggIAYGlpIb8ifDuO4HD24DvmmrHLGBvHetrzvZn78YD8a5xY # ufu5B2S14kBVK0VMLGaGbmtRLxayoASz6iJVhLeNavTMMhG0dmXwCRY3TtVFefz3 # LrSXSLC1OKi7Eg4DEf7XP+QK72ZUAi+E0IX+mWa8ckuggtYc9aPeFgul1a/Vniqt # 8Co+GAEdNXwLD0AGJGACWZGn/9uzDybCGqn06aUxClT7nFUf7xxv5XQY7xU43cWk # ClEs9biE8pLtHP+NeHBK/kUp1tn58N0xeojYwPQIkKjg8bgrEAYK+5ZSyY+kutGD # tpTFpKMM15k7g6QoSQ7VW6XDKk7UeARmAh/WiCu5TrdOMsIFKXfK+uZKT0mJyksL # qLjdUb6faNIpoSjlrt0QXXdhswuZZza1vnBaN83eIiVtAEhBe2QL2LEncjeb4gOj # MHgoUSMkzJqE3qdU31D96CqmpeKBTIJ1ZdhIU6Xs+H6U8p2HouWW+WjdVAm7EXUO # NtsCcNOXy9bSrln7sUNfd8FfPssJ9Mkj7ObeZFYJvWBqa4f3d3bFI/NHpYHyo+Ee # H5YxWnvegosGiIUizOaLcWp0Ud9BcpxU65pHQFsNzijB8KTb41OJxl0I8Q0Lc6Vt # jZIx8jkYlXYa06NTMwlYN0Tkg+t2vtNZ+qIcBcezF2v0msqH3piNO7F2LMy6A7k= # SIG # End signature block |