mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-25 12:55:28 +00:00
f2ac1ece55
add
233 lines
7.5 KiB
C#
233 lines
7.5 KiB
C#
// Decompiled with JetBrains decompiler
|
|
// Type: Microsoft.InfoCards.CryptoSession
|
|
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
|
|
// MVID: 1D4D5564-A025-490C-AF1D-DF4FBB709D1F
|
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-f8f9f26e940480624825f6bddbea86e70fc4aa746c4dd8efa7d98dcb477000ed.exe
|
|
|
|
using Microsoft.InfoCards.Diagnostics;
|
|
using System;
|
|
using System.Diagnostics;
|
|
using System.IO;
|
|
using System.Security.Cryptography;
|
|
using System.Security.Principal;
|
|
using System.Threading;
|
|
|
|
namespace Microsoft.InfoCards
|
|
{
|
|
internal abstract class CryptoSession
|
|
{
|
|
private const int m_MaxSessionCount = 1073741823;
|
|
public static readonly TimeSpan MaxSessionLifetime = new TimeSpan(1, 0, 0);
|
|
private static CryptoSession.CryptoSessionDictionary s_sessionCollection = new CryptoSession.CryptoSessionDictionary();
|
|
private static object s_syncRoot = new object();
|
|
private Process m_process;
|
|
private int m_sessionid;
|
|
private EventHandler m_processExitHandler;
|
|
private EventHandler m_serviceStoppingHandler;
|
|
private Timer m_timer;
|
|
private bool m_isDisposed;
|
|
private object m_syncRoot;
|
|
private WindowsIdentity m_identity;
|
|
private DateTime m_expiration;
|
|
private CryptoSession.SessionType m_type;
|
|
|
|
protected CryptoSession(
|
|
Process process,
|
|
DateTime expiration,
|
|
WindowsIdentity identity,
|
|
object key,
|
|
CryptoSession.SessionType type)
|
|
{
|
|
InfoCardTrace.Assert(null != key, "null key passed in to CryptoSession ctor");
|
|
try
|
|
{
|
|
this.m_process = ProcessMonitor.GetProcessById(process.Id);
|
|
}
|
|
catch (ArgumentException ex)
|
|
{
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new ProcessExitedException(SR.GetString("ServiceClientProcessExited", (object) process.Id), (Exception) ex));
|
|
}
|
|
this.m_syncRoot = new object();
|
|
this.m_identity = identity;
|
|
this.m_expiration = expiration;
|
|
this.m_type = type;
|
|
lock (CryptoSession.s_syncRoot)
|
|
{
|
|
int newHandle;
|
|
try
|
|
{
|
|
newHandle = CryptoSession.s_sessionCollection.GetNewHandle();
|
|
}
|
|
catch (IndexOutOfRangeException ex)
|
|
{
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new ServiceBusyException(SR.GetString("ServiceTooManyCryptoSessions", (object) CryptoSession.s_sessionCollection.MaxSize), (Exception) ex));
|
|
}
|
|
bool flag = false;
|
|
try
|
|
{
|
|
this.m_processExitHandler = new EventHandler(this.OnProcessExit);
|
|
this.m_process.Exited += this.m_processExitHandler;
|
|
if (process.HasExited || this.m_process.HasExited)
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new ProcessExitedException(SR.GetString("ServiceProcessHasExited")));
|
|
TimeSpan dueTime = expiration - DateTime.UtcNow;
|
|
if (dueTime > CryptoSession.MaxSessionLifetime)
|
|
dueTime = CryptoSession.MaxSessionLifetime;
|
|
this.m_timer = new Timer(InfoCardTrace.ThunkCallback(new TimerCallback(this.OnTimeout)), (object) null, dueTime, new TimeSpan(0, 0, 0, 0, -1));
|
|
this.m_serviceStoppingHandler = new EventHandler(this.OnServiceStopping);
|
|
InfoCardService.Stopping += this.m_serviceStoppingHandler;
|
|
CryptoSession.s_sessionCollection[newHandle] = this;
|
|
this.m_sessionid = newHandle;
|
|
flag = true;
|
|
}
|
|
finally
|
|
{
|
|
if (!flag)
|
|
CryptoSession.s_sessionCollection.Remove(newHandle);
|
|
}
|
|
}
|
|
}
|
|
|
|
protected uint ProcessId => (uint) this.m_process.Id;
|
|
|
|
protected Process ProcessObj => this.m_process;
|
|
|
|
protected WindowsIdentity Identity => this.m_identity;
|
|
|
|
protected SecurityIdentifier ClientSid => this.m_identity.User;
|
|
|
|
protected DateTime Expiration => this.m_expiration;
|
|
|
|
public void Write(BinaryWriter bwriter)
|
|
{
|
|
bwriter.Write((int) this.m_type);
|
|
bwriter.Write(this.m_sessionid);
|
|
bwriter.Write(this.m_expiration.ToFileTime());
|
|
this.OnWrite(bwriter);
|
|
}
|
|
|
|
private void OnTimeout(object state) => this.Dispose();
|
|
|
|
private void OnProcessExit(object sender, EventArgs e) => this.DisposeAsClient();
|
|
|
|
private void OnServiceStopping(object sender, EventArgs e) => this.DisposeAsClient();
|
|
|
|
private void DisposeAsClient()
|
|
{
|
|
try
|
|
{
|
|
WindowsImpersonationContext impersonationContext = this.m_identity.Impersonate();
|
|
try
|
|
{
|
|
this.Dispose();
|
|
}
|
|
finally
|
|
{
|
|
impersonationContext.Undo();
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
throw;
|
|
}
|
|
}
|
|
|
|
protected void ThrowIfDisposed()
|
|
{
|
|
if (this.m_isDisposed)
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new ObjectDisposedException("CryptoSession " + (object) this.m_sessionid));
|
|
}
|
|
|
|
protected virtual void OnDispose()
|
|
{
|
|
}
|
|
|
|
protected virtual void OnWrite(BinaryWriter bwriter)
|
|
{
|
|
}
|
|
|
|
public void Dispose()
|
|
{
|
|
bool flag = false;
|
|
lock (this.m_syncRoot)
|
|
{
|
|
if (!this.m_isDisposed)
|
|
{
|
|
this.m_isDisposed = true;
|
|
flag = true;
|
|
if (this.m_serviceStoppingHandler != null)
|
|
{
|
|
InfoCardService.Stopping -= this.m_serviceStoppingHandler;
|
|
this.m_serviceStoppingHandler = (EventHandler) null;
|
|
}
|
|
if (this.m_process != null)
|
|
{
|
|
if (this.m_processExitHandler != null)
|
|
{
|
|
this.m_process.Exited -= this.m_processExitHandler;
|
|
this.m_processExitHandler = (EventHandler) null;
|
|
}
|
|
this.m_process = (Process) null;
|
|
}
|
|
if (this.m_timer != null)
|
|
{
|
|
this.m_timer.Dispose();
|
|
this.m_timer = (Timer) null;
|
|
}
|
|
this.OnDispose();
|
|
}
|
|
}
|
|
if (!flag)
|
|
return;
|
|
lock (CryptoSession.s_syncRoot)
|
|
CryptoSession.s_sessionCollection.Remove(this.m_sessionid);
|
|
}
|
|
|
|
public static CryptoSession Create(
|
|
Process process,
|
|
DateTime expiration,
|
|
WindowsIdentity identity,
|
|
RSACryptoServiceProvider key)
|
|
{
|
|
return (CryptoSession) new AsymmetricCryptoSession(process, expiration, identity, key);
|
|
}
|
|
|
|
public static CryptoSession Create(
|
|
Process process,
|
|
DateTime expiration,
|
|
WindowsIdentity identity,
|
|
byte[] key)
|
|
{
|
|
return (CryptoSession) new SymmetricCryptoSession(process, expiration, identity, key);
|
|
}
|
|
|
|
public static CryptoSession Find(
|
|
int sessionId,
|
|
uint processId,
|
|
SecurityIdentifier clientSid)
|
|
{
|
|
CryptoSession cryptoSession;
|
|
lock (CryptoSession.s_syncRoot)
|
|
{
|
|
cryptoSession = CryptoSession.s_sessionCollection.ContainsHandle(sessionId) ? CryptoSession.s_sessionCollection[sessionId] : throw InfoCardTrace.ThrowHelperError((Exception) new CommunicationException(SR.GetString("ServiceUnknownCryptoSessionId")));
|
|
if ((int) cryptoSession.ProcessId != (int) processId)
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new CommunicationException(SR.GetString("ServiceUnknownCryptoSessionId")));
|
|
if (cryptoSession.ClientSid != clientSid)
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new CommunicationException(SR.GetString("ServiceUnknownCryptoSessionId")));
|
|
}
|
|
return cryptoSession;
|
|
}
|
|
|
|
private class CryptoSessionDictionary : HandleDictionary<CryptoSession>
|
|
{
|
|
}
|
|
|
|
protected enum SessionType
|
|
{
|
|
Asymmetric = 1,
|
|
Symmetric = 2,
|
|
Transfrom = 3,
|
|
Hash = 4,
|
|
}
|
|
}
|
|
}
|