mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-22 19:36:11 +00:00
f2ac1ece55
add
253 lines
10 KiB
C#
253 lines
10 KiB
C#
// Decompiled with JetBrains decompiler
|
|
// Type: Microsoft.InfoCards.CredentialSelector
|
|
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
|
|
// MVID: 1D4D5564-A025-490C-AF1D-DF4FBB709D1F
|
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-f8f9f26e940480624825f6bddbea86e70fc4aa746c4dd8efa7d98dcb477000ed.exe
|
|
|
|
using Microsoft.InfoCards.Diagnostics;
|
|
using System;
|
|
using System.IO;
|
|
using System.Text;
|
|
using System.Xml;
|
|
using System.Xml.Serialization;
|
|
|
|
namespace Microsoft.InfoCards
|
|
{
|
|
internal class CredentialSelector : IXmlSerializable
|
|
{
|
|
private CredentialSelectorType m_type;
|
|
private byte[] m_data;
|
|
|
|
public CredentialSelector() => this.m_type = CredentialSelectorType.InvalidSelector;
|
|
|
|
public CredentialSelectorType Type
|
|
{
|
|
get => this.m_type;
|
|
set => this.m_type = value;
|
|
}
|
|
|
|
public bool IsComplete() => CredentialSelectorType.InvalidSelector != this.m_type && this.m_data != null && this.m_data.Length > 0;
|
|
|
|
public string GetStringWithoutNullTerminator()
|
|
{
|
|
if (this.m_data == null)
|
|
return (string) null;
|
|
string str = Encoding.Unicode.GetString(this.m_data);
|
|
return str.Substring(0, str.Length - 1);
|
|
}
|
|
|
|
public byte[] GetBytes()
|
|
{
|
|
if (this.m_data == null)
|
|
return (byte[]) null;
|
|
byte[] destinationArray = new byte[this.m_data.Length];
|
|
Array.Copy((Array) this.m_data, 0, (Array) destinationArray, 0, this.m_data.Length);
|
|
return destinationArray;
|
|
}
|
|
|
|
public void SetValue(string data) => this.m_data = Encoding.Unicode.GetBytes(data + "\0");
|
|
|
|
public void SetValue(byte[] data, int index, int length)
|
|
{
|
|
byte[] destinationArray = new byte[length];
|
|
Array.Copy((Array) data, index, (Array) destinationArray, 0, length);
|
|
this.m_data = destinationArray;
|
|
}
|
|
|
|
public void Serialize(BinaryWriter writer)
|
|
{
|
|
writer.Write((int) this.m_type);
|
|
Utility.SerializeBytes(writer, this.m_data);
|
|
}
|
|
|
|
public void Deserialize(BinaryReader reader)
|
|
{
|
|
this.m_type = (CredentialSelectorType) reader.ReadInt32();
|
|
this.m_data = reader.ReadBytes(reader.ReadInt32());
|
|
}
|
|
|
|
public System.Xml.Schema.XmlSchema GetSchema() => (System.Xml.Schema.XmlSchema) null;
|
|
|
|
public void WriteXml(XmlWriter writer)
|
|
{
|
|
switch (this.m_type)
|
|
{
|
|
case CredentialSelectorType.X509CertificateIssuerNameSelector:
|
|
this.WriteX509CertificateIssuerNameSelector(writer);
|
|
break;
|
|
case CredentialSelectorType.X509CertificateIssuerSerialNoSelector:
|
|
this.WriteX509CertificateIssuerSerialNoSelector(writer);
|
|
break;
|
|
case CredentialSelectorType.X509CertificateKeyHashSelector:
|
|
this.WriteX509CertificateKeyHashSelector(writer);
|
|
break;
|
|
case CredentialSelectorType.UserNameSelector:
|
|
this.WriteUserNameSelector(writer);
|
|
break;
|
|
case CredentialSelectorType.SelfIssuedCardIdSelector:
|
|
this.WriteSelfIssuedCardIdSelector(writer);
|
|
break;
|
|
case CredentialSelectorType.UserPrincipalNameSelector:
|
|
this.WriteUserPrincipalNameSelector(writer);
|
|
break;
|
|
default:
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new XmlException(SR.GetString("UnexpectedElement")));
|
|
}
|
|
}
|
|
|
|
public void ReadXml(XmlReader reader)
|
|
{
|
|
switch (reader.LocalName)
|
|
{
|
|
case "Username":
|
|
this.ReadUserNameSelector(reader);
|
|
break;
|
|
case "X509IssuerName":
|
|
this.ReadX509IssuerNameSelector(reader);
|
|
break;
|
|
case "X509SerialNumber":
|
|
this.ReadX509IssuerSerialNumberSelector(reader);
|
|
break;
|
|
case "KeyIdentifier":
|
|
this.ReadX509KeyIdentifierSelector(reader);
|
|
break;
|
|
case "PrivatePersonalIdentifier":
|
|
this.ReadSelfIssuedSelector(reader);
|
|
break;
|
|
case "UserPrincipalName":
|
|
this.ReadUserPrincipalNameSelector(reader);
|
|
break;
|
|
default:
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new XmlException(SR.GetString("UnexpectedElement")));
|
|
}
|
|
}
|
|
|
|
private void WriteUserNameSelector(XmlWriter writer)
|
|
{
|
|
writer.WriteStartElement("Username", "http://schemas.xmlsoap.org/ws/2005/05/identity");
|
|
writer.WriteString(this.GetStringWithoutNullTerminator());
|
|
writer.WriteEndElement();
|
|
}
|
|
|
|
private void WriteUserPrincipalNameSelector(XmlWriter writer)
|
|
{
|
|
writer.WriteStartElement("UserPrincipalName", "http://schemas.xmlsoap.org/ws/2005/05/identity");
|
|
writer.WriteString(this.GetStringWithoutNullTerminator());
|
|
writer.WriteEndElement();
|
|
}
|
|
|
|
private void WriteX509CertificateIssuerNameSelector(XmlWriter writer)
|
|
{
|
|
writer.WriteStartElement("X509IssuerName", "http://www.w3.org/2000/09/xmldsig#");
|
|
string withoutNullTerminator = this.GetStringWithoutNullTerminator();
|
|
if (!string.IsNullOrEmpty(withoutNullTerminator))
|
|
writer.WriteString(withoutNullTerminator);
|
|
writer.WriteEndElement();
|
|
}
|
|
|
|
private void WriteX509CertificateIssuerSerialNoSelector(XmlWriter writer)
|
|
{
|
|
writer.WriteStartElement("X509SerialNumber", "http://www.w3.org/2000/09/xmldsig#");
|
|
BigInt bigInt = new BigInt(this.GetBytes());
|
|
writer.WriteString(bigInt.ToDecimal());
|
|
writer.WriteEndElement();
|
|
}
|
|
|
|
private void WriteX509CertificateKeyHashSelector(XmlWriter writer)
|
|
{
|
|
writer.WriteStartElement("KeyIdentifier", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
|
|
writer.WriteAttributeString("ValueType", (string) null, "http://docs.oasis-open.org/wss/2004/xx/oasis-2004xx-wss-soap-message-security-1.1#ThumbprintSHA1");
|
|
writer.WriteString(Convert.ToBase64String(this.GetBytes(), Base64FormattingOptions.None));
|
|
writer.WriteEndElement();
|
|
}
|
|
|
|
private void WriteSelfIssuedCardIdSelector(XmlWriter writer)
|
|
{
|
|
writer.WriteStartElement("PrivatePersonalIdentifier", "http://schemas.xmlsoap.org/ws/2005/05/identity");
|
|
string withoutNullTerminator = this.GetStringWithoutNullTerminator();
|
|
if (!string.IsNullOrEmpty(withoutNullTerminator))
|
|
writer.WriteString(withoutNullTerminator);
|
|
writer.WriteEndElement();
|
|
}
|
|
|
|
private void ReadUserNameSelector(XmlReader reader)
|
|
{
|
|
InfoCardTrace.ThrowInvalidArgumentConditional("Username" != reader.LocalName || "http://schemas.xmlsoap.org/ws/2005/05/identity" != reader.NamespaceURI, reader.LocalName);
|
|
this.Type = CredentialSelectorType.UserNameSelector;
|
|
string data = reader.ReadElementContentAsString().Trim();
|
|
if (string.IsNullOrEmpty(data))
|
|
return;
|
|
this.SetValue(data);
|
|
}
|
|
|
|
private void ReadUserPrincipalNameSelector(XmlReader reader)
|
|
{
|
|
InfoCardTrace.ThrowInvalidArgumentConditional("UserPrincipalName" != reader.LocalName || "http://schemas.xmlsoap.org/ws/2005/05/identity" != reader.NamespaceURI, reader.LocalName);
|
|
this.Type = CredentialSelectorType.UserPrincipalNameSelector;
|
|
}
|
|
|
|
private void ReadX509IssuerNameSelector(XmlReader reader)
|
|
{
|
|
InfoCardTrace.ThrowInvalidArgumentConditional("X509IssuerName" != reader.LocalName || "http://www.w3.org/2000/09/xmldsig#" != reader.NamespaceURI, reader.LocalName);
|
|
this.Type = CredentialSelectorType.X509CertificateIssuerNameSelector;
|
|
string data = reader.ReadElementContentAsString().Trim();
|
|
if (string.IsNullOrEmpty(data))
|
|
return;
|
|
this.SetValue(data);
|
|
}
|
|
|
|
private void ReadX509IssuerSerialNumberSelector(XmlReader reader)
|
|
{
|
|
InfoCardTrace.ThrowInvalidArgumentConditional("X509SerialNumber" != reader.LocalName || "http://www.w3.org/2000/09/xmldsig#" != reader.NamespaceURI, reader.LocalName);
|
|
this.Type = CredentialSelectorType.X509CertificateIssuerSerialNoSelector;
|
|
BigInt bigInt = new BigInt();
|
|
string decNum = reader.ReadElementContentAsString().Trim();
|
|
try
|
|
{
|
|
if (string.IsNullOrEmpty(decNum))
|
|
return;
|
|
bigInt.FromDecimal(decNum);
|
|
byte[] byteArray = bigInt.ToByteArray();
|
|
this.SetValue(byteArray, 0, byteArray.Length);
|
|
}
|
|
catch (FormatException ex)
|
|
{
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new InvalidCardException(SR.GetString("ServiceInvalidSerialNumber")));
|
|
}
|
|
}
|
|
|
|
private void ReadX509KeyIdentifierSelector(XmlReader reader)
|
|
{
|
|
InfoCardTrace.ThrowInvalidArgumentConditional("KeyIdentifier" != reader.LocalName || "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" != reader.NamespaceURI, reader.LocalName);
|
|
this.Type = CredentialSelectorType.X509CertificateKeyHashSelector;
|
|
string attribute = reader.GetAttribute("ValueType");
|
|
if (string.IsNullOrEmpty(attribute))
|
|
attribute = reader.GetAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
|
|
if ("http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1" != attribute && "http://docs.oasis-open.org/wss/2004/xx/oasis-2004xx-wss-soap-message-security-1.1#ThumbprintSHA1" != attribute)
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new InvalidCardException(SR.GetString("ServiceUnsupportedKeyIdentifierType")));
|
|
try
|
|
{
|
|
MemoryStream memoryStream = Utility.ReadByteStreamFromBase64(reader);
|
|
int int32 = Convert.ToInt32(memoryStream.Length);
|
|
if (int32 <= 0)
|
|
return;
|
|
this.SetValue(memoryStream.GetBuffer(), 0, int32);
|
|
}
|
|
catch (FormatException ex)
|
|
{
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new InvalidCardException(SR.GetString("ServiceInvalidThumbPrintValue")));
|
|
}
|
|
}
|
|
|
|
private void ReadSelfIssuedSelector(XmlReader reader)
|
|
{
|
|
InfoCardTrace.ThrowInvalidArgumentConditional("PrivatePersonalIdentifier" != reader.LocalName || "http://schemas.xmlsoap.org/ws/2005/05/identity" != reader.NamespaceURI, reader.LocalName);
|
|
this.Type = CredentialSelectorType.SelfIssuedCardIdSelector;
|
|
string data = reader.ReadElementContentAsString().Trim();
|
|
if (string.IsNullOrEmpty(data))
|
|
return;
|
|
this.SetValue(data);
|
|
}
|
|
}
|
|
}
|