ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-19 18:06:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f2ac1ece55
MalwareSourceCode/MSIL/Virus/Win32/E/Virus.Win32.Expiro.w-1f15ee7e9f7da02b6bfb4c5a5e6484eb9fa71b82d3699c54bcc7a31794b4a66d/Microsoft/InfoCards/RemoteCryptoRsaServiceProvider.cs
vxunderground f2ac1ece55 auto-decompiled msil via petikvx 
add
2022-08-18 06:28:56 -05:00

132 lines
5.8 KiB
C#
Raw Blame History

// Decompiled with JetBrains decompiler
// Type: Microsoft.InfoCards.RemoteCryptoRsaServiceProvider
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
// MVID: ADE0A079-11DB-4A46-8BDE-D2A592CA8DEA
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-1f15ee7e9f7da02b6bfb4c5a5e6484eb9fa71b82d3699c54bcc7a31794b4a66d.exe
using Microsoft.InfoCards.Diagnostics;
using System;
using System.Security.Cryptography;
namespace Microsoft.InfoCards
{
internal sealed class RemoteCryptoRsaServiceProvider : RSA, ICspAsymmetricAlgorithm
{
private const int CRYPT_OAEP = 64;
private X509CertificateTokenFactoryCredential m_credential;
private RpcCryptoContext m_context;
private CspKeyContainerInfo m_cspInfo;
private UIAgentRequest m_request;
private object m_sync = new object();
private bool m_disposed;
public RemoteCryptoRsaServiceProvider(
X509CertificateTokenFactoryCredential credential,
UIAgentRequest request)
{
this.m_credential = credential;
this.m_context = new RpcCryptoContext(this.m_credential.PortName, this.m_credential.ContextKey);
this.m_cspInfo = new CspKeyContainerInfo(new CspParameters()
{
KeyContainerName = "RpcCrypto",
ProviderName = "RpcCrypto",
ProviderType = 0,
KeyNumber = 1
});
this.m_request = request;
}
CspKeyContainerInfo ICspAsymmetricAlgorithm.CspKeyContainerInfo => this.m_cspInfo;
byte[] ICspAsymmetricAlgorithm.ExportCspBlob(
bool includePrivateParameters)
{
if (!(this.m_credential.Certificate.PublicKey.Key is ICspAsymmetricAlgorithm key))
throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
if (includePrivateParameters)
throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
return key.ExportCspBlob(false);
}
void ICspAsymmetricAlgorithm.ImportCspBlob(byte[] rawData) => throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
public override string KeyExchangeAlgorithm => this.m_credential != null && this.m_credential.Certificate != null && this.m_credential.Certificate.PublicKey != null && this.m_credential.Certificate.PublicKey.Key != null ? this.m_credential.Certificate.PublicKey.Key.KeyExchangeAlgorithm : (string) null;
public override string SignatureAlgorithm => this.m_credential != null && this.m_credential.Certificate != null && this.m_credential.Certificate.PublicKey != null && this.m_credential.Certificate.PublicKey.Key != null ? this.m_credential.Certificate.PublicKey.Key.SignatureAlgorithm : (string) null;
public override int KeySize
{
get => this.m_credential != null && this.m_credential.Certificate != null && this.m_credential.Certificate.PublicKey != null && this.m_credential.Certificate.PublicKey.Key != null ? this.m_credential.Certificate.PublicKey.Key.KeySize : 0;
set => throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
}
public override KeySizes[] LegalKeySizes => new KeySizes[1]
{
new KeySizes(this.KeySize, this.KeySize, 0)
};
public byte[] SignHash(int hashAlg, byte[] hash)
{
this.ThrowIfRemoteProcessDied();
RemoteCryptoSignHashRequest cryptoSignHashRequest = new RemoteCryptoSignHashRequest(this.GetContext(), hashAlg, 0, hash);
cryptoSignHashRequest.Process();
byte[] signature = cryptoSignHashRequest.GetSignature();
this.ThrowIfRemoteProcessDied();
return signature;
}
public override byte[] DecryptValue(byte[] rgb)
{
this.ThrowIfRemoteProcessDied();
byte[] numArray = new byte[rgb.Length];
Array.Copy((Array) rgb, 0, (Array) numArray, 0, rgb.Length);
RemoteCryptoDecryptRequest cryptoDecryptRequest = new RemoteCryptoDecryptRequest(this.GetContext(), 0, true, numArray, 0, numArray.Length, 0, (byte[]) null);
cryptoDecryptRequest.Process();
byte[] destinationArray = new byte[cryptoDecryptRequest.Length];
Array.Copy((Array) cryptoDecryptRequest.GetBuffer(), cryptoDecryptRequest.Index, (Array) destinationArray, 0, cryptoDecryptRequest.Length);
this.ThrowIfRemoteProcessDied();
return destinationArray;
}
public override byte[] EncryptValue(byte[] rgb) => ((RSA) this.m_credential.Certificate.PublicKey.Key).EncryptValue(rgb);
public override RSAParameters ExportParameters(bool includePrivateParameters)
{
if (includePrivateParameters || this.m_credential.Certificate.PublicKey == null)
throw InfoCardTrace.ThrowHelperError((Exception) new CryptographicException(SR.GetString("ServiceCanNotExportCertIdentityPrivateKey")));
if (this.m_credential.Certificate.PublicKey.Key is RSA)
return ((RSA) this.m_credential.Certificate.PublicKey.Key).ExportParameters(false);
throw InfoCardTrace.ThrowHelperError((Exception) new CryptographicException(SR.GetString("ServiceCanNotExportCertIdentityPrivateKey")));
}
public override void ImportParameters(RSAParameters parameters) => throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
protected override void Dispose(bool disposing)
{
if (this.m_disposed)
return;
lock (this.m_sync)
{
if (this.m_disposed)
return;
int num = disposing ? 1 : 0;
((IDisposable) this.m_context).Dispose();
this.m_disposed = true;
}
}
private RpcCryptoContext GetContext()
{
if (!this.m_context.IsOpen)
this.m_context.Open();
return this.m_context;
}
private void ThrowIfRemoteProcessDied()
{
if (!this.m_request.ParentRequest.UIAgentActive)
throw InfoCardTrace.ThrowHelperError((Exception) new CryptographicException(SR.GetString("RemoteCryptoSessionUnavailable")));
}
}
}
Reference in New Issue View Git Blame Copy Permalink