// Decompiled with JetBrains decompiler // Type: Microsoft.InfoCards.SignHashRequest // Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 // MVID: 1D4D5564-A025-490C-AF1D-DF4FBB709D1F // Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-f8f9f26e940480624825f6bddbea86e70fc4aa746c4dd8efa7d98dcb477000ed.exe using System; using System.Diagnostics; using System.IO; using System.Security.Principal; using System.Text; namespace Microsoft.InfoCards { internal class SignHashRequest : ClientRequest { private int m_sessionId; private byte[] m_hash; private string m_hashAlgOid; private byte[] m_sig; public SignHashRequest( Process callingProcess, WindowsIdentity callingIdentity, IntPtr rpcHandle, Stream inArgs, Stream outArgs) : base(callingProcess, callingIdentity, rpcHandle, inArgs, outArgs) { this.m_sig = (byte[]) null; } protected override void OnMarshalInArgs() { BinaryReader reader = (BinaryReader) new InfoCardBinaryReader(this.InArgs, Encoding.Unicode); this.m_sessionId = reader.ReadInt32(); int count = reader.ReadInt32(); this.m_hash = reader.ReadBytes(count); this.m_hashAlgOid = Utility.DeserializeString(reader); } protected override void OnProcess() => this.m_sig = ((AsymmetricCryptoSession) CryptoSession.Find(this.m_sessionId, this.CallerPid, this.RequestorIdentity.User)).SignHash(this.m_hash, this.m_hashAlgOid); protected override void OnMarshalOutArgs() { BinaryWriter binaryWriter = new BinaryWriter(this.OutArgs, Encoding.Unicode); binaryWriter.Write(this.m_sig.Length); binaryWriter.Write(this.m_sig); } } }