// Decompiled with JetBrains decompiler // Type: Microsoft.InfoCards.DecryptRequest // Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 // MVID: 1D4D5564-A025-490C-AF1D-DF4FBB709D1F // Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-f8f9f26e940480624825f6bddbea86e70fc4aa746c4dd8efa7d98dcb477000ed.exe using Microsoft.InfoCards.Diagnostics; using System; using System.Diagnostics; using System.IO; using System.Security.Principal; namespace Microsoft.InfoCards { internal class DecryptRequest : ClientRequest { private int m_cryptoSession; private bool m_useOAEP; private byte[] m_encrypted; private byte[] m_decrypted; public DecryptRequest( Process callingProcess, WindowsIdentity callingIdentity, IntPtr rpcHandle, Stream inArgs, Stream outArgs) : base(callingProcess, callingIdentity, rpcHandle, inArgs, outArgs) { this.m_cryptoSession = 0; this.m_useOAEP = false; this.m_encrypted = (byte[]) null; this.m_decrypted = (byte[]) null; } protected override void OnMarshalInArgs() { BinaryReader binaryReader = (BinaryReader) new InfoCardBinaryReader(this.InArgs); this.m_cryptoSession = binaryReader.ReadInt32(); this.m_useOAEP = binaryReader.ReadBoolean(); int count = binaryReader.ReadInt32(); this.m_encrypted = binaryReader.ReadBytes(count); InfoCardTrace.ThrowInvalidArgumentConditional(0 == this.m_cryptoSession, "cryptoSession"); InfoCardTrace.ThrowInvalidArgumentConditional(this.m_encrypted == null || 0 == this.m_encrypted.Length, "encrypted"); } protected override void OnProcess() => this.m_decrypted = ((AsymmetricCryptoSession) CryptoSession.Find(this.m_cryptoSession, this.CallerPid, this.RequestorIdentity.User)).Decrypt(this.m_useOAEP, this.m_encrypted); protected override void OnMarshalOutArgs() { try { Utility.SerializeBytes(new BinaryWriter(this.OutArgs), this.m_decrypted); } finally { Array.Clear((Array) this.m_decrypted, 0, this.m_decrypted.Length); } } } }