// Decompiled with JetBrains decompiler // Type: Microsoft.InfoCards.RsaKeyGen // Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 // MVID: 1D4D5564-A025-490C-AF1D-DF4FBB709D1F // Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-f8f9f26e940480624825f6bddbea86e70fc4aa746c4dd8efa7d98dcb477000ed.exe using Microsoft.InfoCards.Diagnostics; using System; using System.IO; using System.Security.Cryptography; namespace Microsoft.InfoCards { internal sealed class RsaKeyGen { private const int Xpq12Length = 14; private const int XpqLength = 128; private const int NumberOfSha1Hashes = 16; private const int InfoCardKeyLength = 2048; private const int HnLength = 20; private const int PublicExponentValue = 65537; private const string Aes128EncryptionKey = "f561e58b-3ebc-4e0c-940d-0a6ddc219dfd"; private const int ByteForHundredthBit = 12; private static int[] hashesToWriteP = new int[8] { 2, 12, 11, 10, 0, 6, 5, 4 }; private static int[] numBytesToWriteP = new int[8] { 4, 20, 20, 20, 4, 20, 20, 20 }; private static int[] srcIndexBytesToWriteP = new int[8] { 16, 0, 0, 0, 16, 0, 0, 0 }; private static int[] hashesToWriteQ = new int[8] { 3, 15, 14, 13, 1, 9, 8, 7 }; private static int[] numBytesToWriteQ = RsaKeyGen.numBytesToWriteP; private static int[] srcIndexBytesToWriteQ = RsaKeyGen.srcIndexBytesToWriteP; private static RijndaelManaged s_rjAes128 = new RijndaelManaged(); static RsaKeyGen() { RsaKeyGen.s_rjAes128.Mode = CipherMode.ECB; RsaKeyGen.s_rjAes128.Padding = PaddingMode.Zeros; RsaKeyGen.s_rjAes128.Key = new Guid("f561e58b-3ebc-4e0c-940d-0a6ddc219dfd").ToByteArray(); } public static byte[] CreateRsaKeyPairX931(byte[] masterKey, byte[] targetId) { InfoCardTrace.Assert(true, "Only 2048 bit key sizes supported"); byte[][] hn = RsaKeyGen.CalculateHn(masterKey, targetId); byte[] rsaKeyPairX931 = (byte[]) null; byte[] numArray1 = new byte[14]; byte[] numArray2 = new byte[14]; byte[] numArray3 = new byte[14]; byte[] numArray4 = new byte[14]; byte[] numArray5 = new byte[128]; byte[] numArray6 = new byte[128]; Array.Copy((Array) hn[0], 0, (Array) numArray1, 0, numArray1.Length); Array.Copy((Array) hn[1], 0, (Array) numArray2, 0, numArray2.Length); Array.Copy((Array) hn[2], 0, (Array) numArray3, 0, numArray3.Length); Array.Copy((Array) hn[3], 0, (Array) numArray4, 0, numArray4.Length); RsaKeyGen.WriteToArray(RsaKeyGen.hashesToWriteP, RsaKeyGen.numBytesToWriteP, RsaKeyGen.srcIndexBytesToWriteP, hn, numArray5); RsaKeyGen.WriteToArray(RsaKeyGen.hashesToWriteQ, RsaKeyGen.numBytesToWriteQ, RsaKeyGen.srcIndexBytesToWriteQ, hn, numArray6); try { KeyGenRestartCodes restartCode = KeyGenRestartCodes.X931RestartNone; do { numArray5[(int) sbyte.MaxValue] |= (byte) 192; numArray6[(int) sbyte.MaxValue] |= (byte) 192; numArray1[12] |= (byte) 16; numArray2[12] |= (byte) 16; numArray3[12] |= (byte) 16; numArray4[12] |= (byte) 16; rsaKeyPairX931 = NativeMcppMethods.X931KeyGenWrapper(numArray1, numArray2, numArray3, numArray4, numArray5, numArray6, 65537, ref restartCode); switch (restartCode) { case KeyGenRestartCodes.X931RestartNone: InfoCardTrace.Assert(null != rsaKeyPairX931, "Cryptoblob should not be null since API succeeded"); break; case KeyGenRestartCodes.X931RestartDTooSmall: InfoCardTrace.Assert(null == rsaKeyPairX931, "Cryptoblob should be null"); InfoCardTrace.Assert(false, "Not expected for d < 2^1024 with e = 65537"); RsaKeyGen.InfoCardRegenerateParam(numArray3); RsaKeyGen.InfoCardRegenerateParam(numArray4); RsaKeyGen.InfoCardRegenerateParam(numArray6); break; case KeyGenRestartCodes.X931RestartNonTrivialGcd: InfoCardTrace.Assert(null == rsaKeyPairX931, "Cryptoblob should be null"); RsaKeyGen.InfoCardRegenerateParam(numArray1); RsaKeyGen.InfoCardRegenerateParam(numArray2); RsaKeyGen.InfoCardRegenerateParam(numArray3); RsaKeyGen.InfoCardRegenerateParam(numArray4); break; case KeyGenRestartCodes.X931RestartPQOverflow: InfoCardTrace.Assert(null == rsaKeyPairX931, "Cryptoblob should be null"); RsaKeyGen.InfoCardRegenerateParam(numArray5); RsaKeyGen.InfoCardRegenerateParam(numArray6); break; case KeyGenRestartCodes.X931RestartPQ12OverFlow: InfoCardTrace.Assert(null == rsaKeyPairX931, "Cryptoblob should be null"); RsaKeyGen.InfoCardRegenerateParam(numArray1); RsaKeyGen.InfoCardRegenerateParam(numArray2); RsaKeyGen.InfoCardRegenerateParam(numArray3); RsaKeyGen.InfoCardRegenerateParam(numArray4); break; case KeyGenRestartCodes.X931RestartXpXqClose: InfoCardTrace.Assert(null == rsaKeyPairX931, "Cryptoblob should be null"); RsaKeyGen.InfoCardRegenerateParam(numArray6); break; } } while (restartCode != KeyGenRestartCodes.X931RestartNone); InfoCardTrace.Assert(null != rsaKeyPairX931, "Cryptoblob should NOT be null outside while loop"); } finally { Array.Clear((Array) numArray1, 0, numArray1.Length); Array.Clear((Array) numArray2, 0, numArray2.Length); Array.Clear((Array) numArray3, 0, numArray3.Length); Array.Clear((Array) numArray4, 0, numArray4.Length); Array.Clear((Array) numArray5, 0, numArray5.Length); Array.Clear((Array) numArray6, 0, numArray6.Length); } return rsaKeyPairX931; } private static void WriteToArray( int[] hashesToWrite, int[] numBytesToWrite, int[] srcIndexBytesToWrite, byte[][] sourceArrayOfHashes, byte[] destArray) { InfoCardTrace.Assert(hashesToWrite.Length == numBytesToWrite.Length, "Size must be equal"); InfoCardTrace.Assert(numBytesToWrite.Length == srcIndexBytesToWrite.Length, "Size must be equal"); int destinationIndex = 0; for (int index1 = 0; index1 < hashesToWrite.Length; ++index1) { int index2 = hashesToWrite[index1]; Array.Copy((Array) sourceArrayOfHashes[index2], srcIndexBytesToWrite[index1], (Array) destArray, destinationIndex, numBytesToWrite[index1]); destinationIndex += numBytesToWrite[index1]; } } private static byte[][] CalculateHn(byte[] masterKey, byte[] subjectEntropy) { byte[][] hn = new byte[16][]; byte[] numArray = new byte[masterKey.Length + subjectEntropy.Length + 4]; Array.Copy((Array) masterKey, 0, (Array) numArray, 0, masterKey.Length); Array.Copy((Array) subjectEntropy, 0, (Array) numArray, masterKey.Length, subjectEntropy.Length); for (uint index = 0; (long) index < (long) hn.Length; ++index) { InfoCardTrace.Assert(index <= (uint) byte.MaxValue, "n must fit in a byte."); InfoCardTrace.Assert(numArray.Length - 1 == masterKey.Length + subjectEntropy.Length + 3, "Index location of n must be last element of array."); numArray[numArray.Length - 1] = (byte) index; hn[(IntPtr) index] = SHA1.Create().ComputeHash(numArray); Array.Reverse((Array) hn[(IntPtr) index]); } Array.Clear((Array) numArray, 0, numArray.Length); return hn; } private static void InfoCardRegenerateParam(byte[] prevBytes) { byte[] sourceArray = RsaKeyGen.AESEncryptECB(prevBytes); Array.Copy((Array) sourceArray, 0, (Array) prevBytes, 0, prevBytes.Length); Array.Clear((Array) sourceArray, 0, sourceArray.Length); } private static byte[] AESEncryptECB(byte[] plaintextbyte) { MemoryStream memoryStream = new MemoryStream(); CryptoStream cryptoStream = new CryptoStream((Stream) memoryStream, RsaKeyGen.s_rjAes128.CreateEncryptor(), CryptoStreamMode.Write); cryptoStream.Write(plaintextbyte, 0, plaintextbyte.Length); cryptoStream.Close(); byte[] array = memoryStream.ToArray(); memoryStream.Close(); return array; } private RsaKeyGen() { } } }