// Decompiled with JetBrains decompiler // Type: Microsoft.InfoCards.SignHashRequest // Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 // MVID: ADE0A079-11DB-4A46-8BDE-D2A592CA8DEA // Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.Expiro.w-67b630ead60119692b9abbdfd8717c96904ef041127c2cae033c86b718eaa61e.exe using System; using System.Diagnostics; using System.IO; using System.Security.Principal; using System.Text; namespace Microsoft.InfoCards { internal class SignHashRequest : ClientRequest { private int m_sessionId; private byte[] m_hash; private string m_hashAlgOid; private byte[] m_sig; public SignHashRequest( Process callingProcess, WindowsIdentity callingIdentity, IntPtr rpcHandle, Stream inArgs, Stream outArgs) : base(callingProcess, callingIdentity, rpcHandle, inArgs, outArgs) { this.m_sig = (byte[]) null; } protected override void OnMarshalInArgs() { BinaryReader reader = (BinaryReader) new InfoCardBinaryReader(this.InArgs, Encoding.Unicode); this.m_sessionId = reader.ReadInt32(); int count = reader.ReadInt32(); this.m_hash = reader.ReadBytes(count); this.m_hashAlgOid = Utility.DeserializeString(reader); } protected override void OnProcess() => this.m_sig = ((AsymmetricCryptoSession) CryptoSession.Find(this.m_sessionId, this.CallerPid, this.RequestorIdentity.User)).SignHash(this.m_hash, this.m_hashAlgOid); protected override void OnMarshalOutArgs() { BinaryWriter binaryWriter = new BinaryWriter(this.OutArgs, Encoding.Unicode); binaryWriter.Write(this.m_sig.Length); binaryWriter.Write(this.m_sig); } } }