MalwareSourceCode/MSIL/Virus/Win32/E/Virus.Win32.Expiro.w-1f15ee7e9f7da02b6bfb4c5a5e6484eb9fa71b82d3699c54bcc7a31794b4a66d/Microsoft/InfoCards/UIAgentRequest.cs

// Decompiled with JetBrains decompiler
// Type: Microsoft.InfoCards.UIAgentRequest
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
// MVID: ADE0A079-11DB-4A46-8BDE-D2A592CA8DEA
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-1f15ee7e9f7da02b6bfb4c5a5e6484eb9fa71b82d3699c54bcc7a31794b4a66d.exe

using Microsoft.InfoCards.Diagnostics;
using Microsoft.Win32.SafeHandles;
using System;
using System.ComponentModel;
using System.IO;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Principal;

namespace Microsoft.InfoCards
{
  internal abstract class UIAgentRequest : Request
  {
    private ClientUIRequest m_parentRequest;

    public UIAgentRequest(IntPtr rpcHandle, Stream inArgs, Stream outArgs, ClientUIRequest parent)
      : this(rpcHandle, inArgs, outArgs, parent, ExceptionList.Empty)
    {
    }

    public UIAgentRequest(
      IntPtr rpcHandle,
      Stream inArgs,
      Stream outArgs,
      ClientUIRequest parent,
      ExceptionList exceptionList)
      : base(rpcHandle, inArgs, outArgs, exceptionList)
    {
      this.m_parentRequest = parent;
    }

    public ClientUIRequest ParentRequest => this.m_parentRequest;

    protected InfoCardUIAgent UIAgent => this.ParentRequest != null ? this.ParentRequest.UIAgent : (InfoCardUIAgent) null;

    public static uint Authorize(IntPtr rpcIfHandle, IntPtr context)
    {
      uint num = 5;
      if (IntPtr.Zero == rpcIfHandle)
        throw InfoCardTrace.ThrowHelperArgumentNull(nameof (rpcIfHandle));
      if (IntPtr.Zero == context)
        throw InfoCardTrace.ThrowHelperArgumentNull(nameof (context));
      try
      {
        WindowsIdentity windowsIdentity = Utility.GetWindowsIdentity(context);
        try
        {
          NativeMcppMethods.CheckSIDAgainstCurrentRpcUser((InfoCardUIAgent.FindByPid(Utility.GetRpcClientPid(context)) ?? throw InfoCardTrace.ThrowHelperError((Exception) new SecurityException())).TrustedUserSid);
          num = 0U;
        }
        finally
        {
          windowsIdentity.Dispose();
        }
      }
      catch (SecurityException ex)
      {
        InfoCardTrace.Assert(5U == num, "Unexpected value for err!");
      }
      catch (Exception ex)
      {
        InfoCardService.Crash(ex);
      }
      return num;
    }

    public static void BindToService(
      IntPtr uiagentRpcHandle,
      IntPtr nativeDesktopName,
      int cbUserSid,
      IntPtr pUserSid,
      int cbTrustedSid,
      IntPtr pTrustedSid,
      out IntPtr nativeStartEventHandle,
      out IntPtr nativeCompleteEventHandle,
      out RpcUIAgentGetWorkCallback callback)
    {
      string stringUni = Marshal.PtrToStringUni(nativeDesktopName);
      callback = (RpcUIAgentGetWorkCallback) null;
      nativeStartEventHandle = IntPtr.Zero;
      nativeCompleteEventHandle = IntPtr.Zero;
      using (WindowsIdentity windowsIdentity = Utility.GetWindowsIdentity(uiagentRpcHandle))
      {
        WindowsImpersonationContext impersonationContext = windowsIdentity.Impersonate();
        try
        {
          uint pid;
          if (NativeMethods.I_RpcBindingInqLocalClientPID(uiagentRpcHandle, out pid) != 0U)
            throw InfoCardTrace.ThrowHelperError((Exception) new CommunicationException(SR.GetString("FailedToBindToService")));
          InfoCardUIAgent byPid = InfoCardUIAgent.FindByPid(pid);
          if (byPid == null)
            return;
          SecurityIdentifier userSid;
          SafeWaitHandle hStartEvent;
          SafeWaitHandle hCompleteEvent;
          callback = byPid.Bind(stringUni, out userSid, out hStartEvent, out hCompleteEvent);
          byte[] numArray = new byte[Math.Max(cbUserSid, cbTrustedSid)];
          windowsIdentity.User.GetBinaryForm(numArray, 0);
          Marshal.Copy(numArray, 0, pUserSid, cbUserSid);
          userSid.GetBinaryForm(numArray, 0);
          Marshal.Copy(numArray, 0, pTrustedSid, cbTrustedSid);
          nativeStartEventHandle = hStartEvent.DangerousGetHandle();
          nativeCompleteEventHandle = hCompleteEvent.DangerousGetHandle();
        }
        finally
        {
          impersonationContext.Undo();
        }
      }
    }

    public override WindowsIdentity RequestorIdentity => this.ParentRequest.RequestorIdentity;

    protected override void OnInitializeAsSystem()
    {
      try
      {
        NativeMcppMethods.CheckSIDAgainstCurrentRpcUser(this.ParentRequest.UIAgentLogonSid);
      }
      catch (Win32Exception ex)
      {
        throw InfoCardTrace.ThrowHelperError((Exception) new InfoCardArgumentException(SR.GetString("UnableToAuthenticateUIAgent"), (Exception) ex));
      }
      catch (SecurityException ex)
      {
        throw InfoCardTrace.ThrowHelperError((Exception) new InfoCardArgumentException(SR.GetString("UnableToAuthenticateUIAgent"), (Exception) ex));
      }
    }

    protected InfoCardPolicy GetPolicy() => !(this.ParentRequest is GetTokenRequest parentRequest) ? (InfoCardPolicy) null : parentRequest.Policy;
  }
}