mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-23 03:46:10 +00:00
f2ac1ece55
add
132 lines
5.8 KiB
C#
132 lines
5.8 KiB
C#
// Decompiled with JetBrains decompiler
|
|
// Type: Microsoft.InfoCards.RemoteCryptoRsaServiceProvider
|
|
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
|
|
// MVID: 1D4D5564-A025-490C-AF1D-DF4FBB709D1F
|
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Expiro.w-f8f9f26e940480624825f6bddbea86e70fc4aa746c4dd8efa7d98dcb477000ed.exe
|
|
|
|
using Microsoft.InfoCards.Diagnostics;
|
|
using System;
|
|
using System.Security.Cryptography;
|
|
|
|
namespace Microsoft.InfoCards
|
|
{
|
|
internal sealed class RemoteCryptoRsaServiceProvider : RSA, ICspAsymmetricAlgorithm
|
|
{
|
|
private const int CRYPT_OAEP = 64;
|
|
private X509CertificateTokenFactoryCredential m_credential;
|
|
private RpcCryptoContext m_context;
|
|
private CspKeyContainerInfo m_cspInfo;
|
|
private UIAgentRequest m_request;
|
|
private object m_sync = new object();
|
|
private bool m_disposed;
|
|
|
|
public RemoteCryptoRsaServiceProvider(
|
|
X509CertificateTokenFactoryCredential credential,
|
|
UIAgentRequest request)
|
|
{
|
|
this.m_credential = credential;
|
|
this.m_context = new RpcCryptoContext(this.m_credential.PortName, this.m_credential.ContextKey);
|
|
this.m_cspInfo = new CspKeyContainerInfo(new CspParameters()
|
|
{
|
|
KeyContainerName = "RpcCrypto",
|
|
ProviderName = "RpcCrypto",
|
|
ProviderType = 0,
|
|
KeyNumber = 1
|
|
});
|
|
this.m_request = request;
|
|
}
|
|
|
|
CspKeyContainerInfo ICspAsymmetricAlgorithm.CspKeyContainerInfo => this.m_cspInfo;
|
|
|
|
byte[] ICspAsymmetricAlgorithm.ExportCspBlob(
|
|
bool includePrivateParameters)
|
|
{
|
|
if (!(this.m_credential.Certificate.PublicKey.Key is ICspAsymmetricAlgorithm key))
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
|
|
if (includePrivateParameters)
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
|
|
return key.ExportCspBlob(false);
|
|
}
|
|
|
|
void ICspAsymmetricAlgorithm.ImportCspBlob(byte[] rawData) => throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
|
|
|
|
public override string KeyExchangeAlgorithm => this.m_credential != null && this.m_credential.Certificate != null && this.m_credential.Certificate.PublicKey != null && this.m_credential.Certificate.PublicKey.Key != null ? this.m_credential.Certificate.PublicKey.Key.KeyExchangeAlgorithm : (string) null;
|
|
|
|
public override string SignatureAlgorithm => this.m_credential != null && this.m_credential.Certificate != null && this.m_credential.Certificate.PublicKey != null && this.m_credential.Certificate.PublicKey.Key != null ? this.m_credential.Certificate.PublicKey.Key.SignatureAlgorithm : (string) null;
|
|
|
|
public override int KeySize
|
|
{
|
|
get => this.m_credential != null && this.m_credential.Certificate != null && this.m_credential.Certificate.PublicKey != null && this.m_credential.Certificate.PublicKey.Key != null ? this.m_credential.Certificate.PublicKey.Key.KeySize : 0;
|
|
set => throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
|
|
}
|
|
|
|
public override KeySizes[] LegalKeySizes => new KeySizes[1]
|
|
{
|
|
new KeySizes(this.KeySize, this.KeySize, 0)
|
|
};
|
|
|
|
public byte[] SignHash(int hashAlg, byte[] hash)
|
|
{
|
|
this.ThrowIfRemoteProcessDied();
|
|
RemoteCryptoSignHashRequest cryptoSignHashRequest = new RemoteCryptoSignHashRequest(this.GetContext(), hashAlg, 0, hash);
|
|
cryptoSignHashRequest.Process();
|
|
byte[] signature = cryptoSignHashRequest.GetSignature();
|
|
this.ThrowIfRemoteProcessDied();
|
|
return signature;
|
|
}
|
|
|
|
public override byte[] DecryptValue(byte[] rgb)
|
|
{
|
|
this.ThrowIfRemoteProcessDied();
|
|
byte[] numArray = new byte[rgb.Length];
|
|
Array.Copy((Array) rgb, 0, (Array) numArray, 0, rgb.Length);
|
|
RemoteCryptoDecryptRequest cryptoDecryptRequest = new RemoteCryptoDecryptRequest(this.GetContext(), 0, true, numArray, 0, numArray.Length, 0, (byte[]) null);
|
|
cryptoDecryptRequest.Process();
|
|
byte[] destinationArray = new byte[cryptoDecryptRequest.Length];
|
|
Array.Copy((Array) cryptoDecryptRequest.GetBuffer(), cryptoDecryptRequest.Index, (Array) destinationArray, 0, cryptoDecryptRequest.Length);
|
|
this.ThrowIfRemoteProcessDied();
|
|
return destinationArray;
|
|
}
|
|
|
|
public override byte[] EncryptValue(byte[] rgb) => ((RSA) this.m_credential.Certificate.PublicKey.Key).EncryptValue(rgb);
|
|
|
|
public override RSAParameters ExportParameters(bool includePrivateParameters)
|
|
{
|
|
if (includePrivateParameters || this.m_credential.Certificate.PublicKey == null)
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new CryptographicException(SR.GetString("ServiceCanNotExportCertIdentityPrivateKey")));
|
|
if (this.m_credential.Certificate.PublicKey.Key is RSA)
|
|
return ((RSA) this.m_credential.Certificate.PublicKey.Key).ExportParameters(false);
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new CryptographicException(SR.GetString("ServiceCanNotExportCertIdentityPrivateKey")));
|
|
}
|
|
|
|
public override void ImportParameters(RSAParameters parameters) => throw InfoCardTrace.ThrowHelperError((Exception) new NotSupportedException());
|
|
|
|
protected override void Dispose(bool disposing)
|
|
{
|
|
if (this.m_disposed)
|
|
return;
|
|
lock (this.m_sync)
|
|
{
|
|
if (this.m_disposed)
|
|
return;
|
|
int num = disposing ? 1 : 0;
|
|
((IDisposable) this.m_context).Dispose();
|
|
this.m_disposed = true;
|
|
}
|
|
}
|
|
|
|
private RpcCryptoContext GetContext()
|
|
{
|
|
if (!this.m_context.IsOpen)
|
|
this.m_context.Open();
|
|
return this.m_context;
|
|
}
|
|
|
|
private void ThrowIfRemoteProcessDied()
|
|
{
|
|
if (!this.m_request.ParentRequest.UIAgentActive)
|
|
throw InfoCardTrace.ThrowHelperError((Exception) new CryptographicException(SR.GetString("RemoteCryptoSessionUnavailable")));
|
|
}
|
|
}
|
|
}
|