mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-22 19:36:11 +00:00
f2ac1ece55
add
52 lines
1.7 KiB
C#
52 lines
1.7 KiB
C#
// Decompiled with JetBrains decompiler
|
|
// Type: Microsoft.InfoCards.SignHashRequest
|
|
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
|
|
// MVID: ADE0A079-11DB-4A46-8BDE-D2A592CA8DEA
|
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.Expiro.w-67b630ead60119692b9abbdfd8717c96904ef041127c2cae033c86b718eaa61e.exe
|
|
|
|
using System;
|
|
using System.Diagnostics;
|
|
using System.IO;
|
|
using System.Security.Principal;
|
|
using System.Text;
|
|
|
|
namespace Microsoft.InfoCards
|
|
{
|
|
internal class SignHashRequest : ClientRequest
|
|
{
|
|
private int m_sessionId;
|
|
private byte[] m_hash;
|
|
private string m_hashAlgOid;
|
|
private byte[] m_sig;
|
|
|
|
public SignHashRequest(
|
|
Process callingProcess,
|
|
WindowsIdentity callingIdentity,
|
|
IntPtr rpcHandle,
|
|
Stream inArgs,
|
|
Stream outArgs)
|
|
: base(callingProcess, callingIdentity, rpcHandle, inArgs, outArgs)
|
|
{
|
|
this.m_sig = (byte[]) null;
|
|
}
|
|
|
|
protected override void OnMarshalInArgs()
|
|
{
|
|
BinaryReader reader = (BinaryReader) new InfoCardBinaryReader(this.InArgs, Encoding.Unicode);
|
|
this.m_sessionId = reader.ReadInt32();
|
|
int count = reader.ReadInt32();
|
|
this.m_hash = reader.ReadBytes(count);
|
|
this.m_hashAlgOid = Utility.DeserializeString(reader);
|
|
}
|
|
|
|
protected override void OnProcess() => this.m_sig = ((AsymmetricCryptoSession) CryptoSession.Find(this.m_sessionId, this.CallerPid, this.RequestorIdentity.User)).SignHash(this.m_hash, this.m_hashAlgOid);
|
|
|
|
protected override void OnMarshalOutArgs()
|
|
{
|
|
BinaryWriter binaryWriter = new BinaryWriter(this.OutArgs, Encoding.Unicode);
|
|
binaryWriter.Write(this.m_sig.Length);
|
|
binaryWriter.Write(this.m_sig);
|
|
}
|
|
}
|
|
}
|