ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-19 09:56:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4b9382ddbc
MalwareSourceCode/MSIL/Virus/Win32/E/Virus.Win32.Expiro.w-1f15ee7e9f7da02b6bfb4c5a5e6484eb9fa71b82d3699c54bcc7a31794b4a66d/Microsoft/InfoCards/EncryptionUtility.cs
vxunderground f2ac1ece55 auto-decompiled msil via petikvx 
add
2022-08-18 06:28:56 -05:00

117 lines
6.0 KiB
C#
Raw Blame History

// Decompiled with JetBrains decompiler
// Type: Microsoft.InfoCards.EncryptionUtility
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
// MVID: ADE0A079-11DB-4A46-8BDE-D2A592CA8DEA
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-1f15ee7e9f7da02b6bfb4c5a5e6484eb9fa71b82d3699c54bcc7a31794b4a66d.exe
using Microsoft.InfoCards.Diagnostics;
using System;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.IO;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel.Security;
using System.ServiceModel.Security.Tokens;
using System.Xml;
namespace Microsoft.InfoCards
{
internal sealed class EncryptionUtility
{
private EncryptionUtility()
{
}
public static XmlElement EncryptSecurityToken(
SecurityToken tokenToBeEncrypted,
X509Certificate2 cert,
string encryptingAlgorithm,
string asymmetricKeyWrapAlgorithm,
ProtocolProfile profile)
{
MemoryStream streamToBeEncrypted = new MemoryStream();
XmlDictionaryWriter dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter((XmlWriter) new XmlTextWriter((TextWriter) new StreamWriter((Stream) streamToBeEncrypted)));
profile.TokenSerializer.WriteToken((XmlWriter) dictionaryWriter, tokenToBeEncrypted);
dictionaryWriter.Flush();
streamToBeEncrypted.Seek(0L, SeekOrigin.Begin);
return EncryptionUtility.EncryptToken(streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile);
}
public static XmlElement EncryptSecurityToken(
XmlElement elem,
X509Certificate2 cert,
string encryptingAlgorithm,
string asymmetricKeyWrapAlgorithm,
ProtocolProfile profile)
{
MemoryStream streamToBeEncrypted = new MemoryStream();
XmlDictionaryWriter dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter((XmlWriter) new XmlTextWriter((TextWriter) new StreamWriter((Stream) streamToBeEncrypted)));
elem.WriteTo((XmlWriter) dictionaryWriter);
dictionaryWriter.Flush();
streamToBeEncrypted.Seek(0L, SeekOrigin.Begin);
return EncryptionUtility.EncryptToken(streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile);
}
private static XmlElement EncryptToken(
MemoryStream streamToBeEncrypted,
X509Certificate2 cert,
string encryptingAlgorithm,
string asymmetricKeyWrapAlgorithm,
ProtocolProfile profile)
{
InfoCardTrace.ThrowInvalidArgumentConditional(string.IsNullOrEmpty(encryptingAlgorithm), nameof (encryptingAlgorithm));
InfoCardTrace.ThrowInvalidArgumentConditional(null == cert, nameof (cert));
SecurityToken wrappingToken = (SecurityToken) new X509SecurityToken(cert, "id");
SecurityAlgorithmSuite securityAlgorithmSuite1 = SecurityAlgorithmSuite.Default;
SecurityAlgorithmSuite securityAlgorithmSuite2;
switch (encryptingAlgorithm)
{
case "http://www.w3.org/2001/04/xmlenc#aes128-cbc":
securityAlgorithmSuite2 = SecurityAlgorithmSuite.Basic128;
break;
case "http://www.w3.org/2001/04/xmlenc#aes192-cbc":
securityAlgorithmSuite2 = SecurityAlgorithmSuite.Basic192;
break;
case "http://www.w3.org/2001/04/xmlenc#aes256-cbc":
securityAlgorithmSuite2 = SecurityAlgorithmSuite.Basic256;
break;
case "http://www.w3.org/2001/04/xmlenc#tripledes-cbc":
securityAlgorithmSuite2 = SecurityAlgorithmSuite.TripleDes;
break;
default:
throw InfoCardTrace.ThrowHelperError((Exception) new TokenCreationException(SR.GetString("UnsupportedEncryptionAlgorithm", (object) encryptingAlgorithm)));
}
SecurityKeyIdentifier wrappingTokenReference = new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[1]
{
(SecurityKeyIdentifierClause) wrappingToken.CreateKeyIdentifierClause<X509ThumbprintKeyIdentifierClause>()
});
byte[] numArray = new byte[securityAlgorithmSuite2.DefaultEncryptionKeyDerivationLength / 8];
new RNGCryptoServiceProvider().GetNonZeroBytes(numArray);
WrappedKeySecurityToken keySecurityToken = new WrappedKeySecurityToken(string.Empty, numArray, asymmetricKeyWrapAlgorithm, wrappingToken, wrappingTokenReference);
SecurityKeyIdentifier securityKeyIdentifier = new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[1]
{
(SecurityKeyIdentifierClause) new EncryptedKeyIdentifierClause(keySecurityToken.GetWrappedKey(), keySecurityToken.WrappingAlgorithm, keySecurityToken.WrappingTokenReference)
});
SymmetricAlgorithm symmetricAlgorithm = ((SymmetricSecurityKey) keySecurityToken.SecurityKeys[0]).GetSymmetricAlgorithm(encryptingAlgorithm);
EncryptedData encryptedData = new EncryptedData();
encryptedData.TokenSerializer = (SecurityTokenSerializer) profile.TokenSerializer;
encryptedData.KeyIdentifier = securityKeyIdentifier;
encryptedData.EncryptionMethod = encryptingAlgorithm;
encryptedData.Type = "http://www.w3.org/2001/04/xmlenc#Element";
encryptedData.SetUpEncryption(symmetricAlgorithm, streamToBeEncrypted.GetBuffer(), 0, Convert.ToInt32(streamToBeEncrypted.Length));
MemoryStream input = new MemoryStream();
XmlDictionaryWriter dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter((XmlWriter) new XmlTextWriter((TextWriter) new StreamWriter((Stream) input)));
encryptedData.WriteTo((XmlWriter) dictionaryWriter);
dictionaryWriter.Flush();
input.Seek(0L, SeekOrigin.Begin);
XmlElement xmlElement = (XmlElement) new XmlDocument().ReadNode((XmlReader) Utility.CreateReaderWithQuotas((Stream) input));
Array.Clear((Array) streamToBeEncrypted.GetBuffer(), 0, Convert.ToInt32(streamToBeEncrypted.Length));
Array.Clear((Array) input.GetBuffer(), 0, Convert.ToInt32(input.Length));
streamToBeEncrypted.Close();
input.Close();
return xmlElement;
}
}
}
Reference in New Issue View Git Blame Copy Permalink