ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-19 09:56:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4b9382ddbc
MalwareSourceCode/MSIL/Virus/Win32/E/Virus.Win32.Expiro.w-1f15ee7e9f7da02b6bfb4c5a5e6484eb9fa71b82d3699c54bcc7a31794b4a66d/Microsoft/InfoCards/InfoCardOfflineChainTrustValidator.cs
vxunderground f2ac1ece55 auto-decompiled msil via petikvx 
add
2022-08-18 06:28:56 -05:00

94 lines
3.9 KiB
C#
Raw Blame History

// Decompiled with JetBrains decompiler
// Type: Microsoft.InfoCards.InfoCardOfflineChainTrustValidator
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
// MVID: ADE0A079-11DB-4A46-8BDE-D2A592CA8DEA
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-1f15ee7e9f7da02b6bfb4c5a5e6484eb9fa71b82d3699c54bcc7a31794b4a66d.exe
using Microsoft.InfoCards.Diagnostics;
using System;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Security.Cryptography.X509Certificates;
using System.Text;
namespace Microsoft.InfoCards
{
internal class InfoCardOfflineChainTrustValidator : X509CertificateValidator
{
private bool m_useMachineContext;
public InfoCardOfflineChainTrustValidator(bool useMachineContext) => this.m_useMachineContext = useMachineContext;
public override void Validate(X509Certificate2 certificate)
{
X509Chain chain;
this.Validate(certificate, (X509Certificate2Collection) null, out chain);
chain = (X509Chain) null;
}
public void Validate(
X509Certificate2 certificate,
X509Certificate2Collection supportingCerts,
out X509Chain chain)
{
if (certificate == null)
throw InfoCardTrace.ThrowHelperArgumentNull(nameof (certificate));
chain = new X509Chain(this.m_useMachineContext);
if (supportingCerts != null)
chain.ChainPolicy.ExtraStore.AddRange(supportingCerts);
chain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot;
chain.ChainPolicy.RevocationMode = X509RevocationMode.Offline;
chain.ChainPolicy.VerificationFlags = X509VerificationFlags.IgnoreEndRevocationUnknown | X509VerificationFlags.IgnoreCtlSignerRevocationUnknown | X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown | X509VerificationFlags.IgnoreRootRevocationUnknown;
if (!chain.Build(certificate))
throw InfoCardTrace.ThrowHelperError((Exception) new SecurityTokenValidationException(SR.GetString("X509ChainBuildFail", (object) InfoCardOfflineChainTrustValidator.GetCertificateId(certificate), (object) InfoCardOfflineChainTrustValidator.GetChainStatusInformation(chain.ChainStatus))));
}
internal static string GetCertificateId(X509Certificate2 certificate)
{
StringBuilder str = new StringBuilder(256);
InfoCardOfflineChainTrustValidator.AppendCertificateIdentityName(str, certificate);
return str.ToString();
}
private static string GetChainStatusInformation(X509ChainStatus[] chainStatus)
{
if (chainStatus == null)
return string.Empty;
StringBuilder stringBuilder = new StringBuilder(256);
for (int index = 0; index < chainStatus.Length; ++index)
{
if (X509ChainStatusFlags.RevocationStatusUnknown != chainStatus[index].Status && X509ChainStatusFlags.OfflineRevocation != chainStatus[index].Status)
{
stringBuilder.Append(chainStatus[index].StatusInformation);
stringBuilder.Append(" ");
}
}
return stringBuilder.ToString();
}
private static void AppendCertificateIdentityName(
StringBuilder str,
X509Certificate2 certificate)
{
string str1 = certificate.SubjectName.Name;
if (string.IsNullOrEmpty(str1))
{
str1 = certificate.GetNameInfo(X509NameType.DnsName, false);
if (string.IsNullOrEmpty(str1))
{
str1 = certificate.GetNameInfo(X509NameType.SimpleName, false);
if (string.IsNullOrEmpty(str1))
{
str1 = certificate.GetNameInfo(X509NameType.EmailName, false);
if (string.IsNullOrEmpty(str1))
str1 = certificate.GetNameInfo(X509NameType.UpnName, false);
}
}
}
str.Append(string.IsNullOrEmpty(str1) ? "<x509>" : str1);
str.Append("; ");
str.Append(certificate.Thumbprint);
}
}
}
Reference in New Issue View Git Blame Copy Permalink