public void Read_WithTsa_ReturnsInstance() { var tsa = new BcGeneralName(new X509Name("C=US,ST=WA,L=Redmond,O=NuGet,CN=NuGet Test Certificate")); var test = new Test() { Tsa = tsa }; var bcTstInfo = test.CreateBcTstInfo(); var tstInfo = TstInfo.Read(bcTstInfo.GetDerEncoded()); Verify(test, tstInfo); Verify(bcTstInfo, tstInfo); }
public TimeStampTokenInfo( TstInfo tstInfo) { this.tstInfo = tstInfo; try { this.genTime = tstInfo.GenTime.ToDateTime(); } catch (Exception e) { throw new TspException("unable to parse genTime field: " + e.Message); } }
private static void Verify(Test test, TstInfo tstInfo) { Assert.Equal(test.Version, tstInfo.Version); Assert.Equal(test.Policy, tstInfo.Policy.Value); Assert.Equal(test.HashAlgorithm.Value, tstInfo.MessageImprint.HashAlgorithm.Algorithm.Value); Assert.Equal(test.Hash, tstInfo.MessageImprint.HashedMessage); Assert.Equal(test.SerialNumber, tstInfo.SerialNumber); Assert.Equal(test.GenTime, tstInfo.GenTime); Assert.Equal(test.Accuracy == null, tstInfo.Accuracy == null); if (test.Accuracy != null) { Assert.Equal(test.Accuracy == null, tstInfo.Accuracy == null); Assert.Equal(test.Accuracy.Seconds == null, tstInfo.Accuracy.Seconds == null); if (test.Accuracy.Seconds != null) { Assert.Equal(test.Accuracy.Seconds.Value.IntValue, tstInfo.Accuracy.Seconds.Value); } Assert.Equal(test.Accuracy.Millis == null, tstInfo.Accuracy.Milliseconds == null); if (test.Accuracy.Millis != null) { Assert.Equal(test.Accuracy.Millis.Value.IntValue, tstInfo.Accuracy.Milliseconds.Value); } Assert.Equal(test.Accuracy.Micros == null, tstInfo.Accuracy.Microseconds == null); if (test.Accuracy.Micros != null) { Assert.Equal(test.Accuracy.Micros.Value.IntValue, tstInfo.Accuracy.Microseconds.Value); } } Assert.Equal(test.Ordering ?? false, tstInfo.Ordering); Assert.Equal(test.Nonce, tstInfo.Nonce); Assert.Equal(test.Tsa == null, tstInfo.Tsa == null); if (test.Tsa != null) { Assert.Equal(test.Tsa.GetDerEncoded(), tstInfo.Tsa); } VerifyExtensions(test.Extensions, tstInfo); }
public TimeStampToken(CmsSignedData signedData) { tsToken = signedData; if (!tsToken.SignedContentType.Equals(PkcsObjectIdentifiers.IdCTTstInfo)) { throw new TspValidationException("ContentInfo object not for a time stamp."); } ICollection signers = tsToken.GetSignerInfos().GetSigners(); if (signers.Count != 1) { throw new ArgumentException("Time-stamp token signed by " + signers.Count + " signers, but it must contain just the TSA signature."); } IEnumerator enumerator = signers.GetEnumerator(); enumerator.MoveNext(); tsaSignerInfo = (SignerInformation)enumerator.Current; try { CmsProcessable signedContent = tsToken.SignedContent; MemoryStream memoryStream = new MemoryStream(); signedContent.Write(memoryStream); tstInfo = new TimeStampTokenInfo(TstInfo.GetInstance(Asn1Object.FromByteArray(memoryStream.ToArray()))); Org.BouncyCastle.Asn1.Cms.Attribute attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate]; if (attribute != null) { SigningCertificate instance = SigningCertificate.GetInstance(attribute.AttrValues[0]); certID = new CertID(EssCertID.GetInstance(instance.GetCerts()[0])); } else { attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2]; if (attribute == null) { throw new TspValidationException("no signing certificate attribute found, time stamp invalid."); } SigningCertificateV2 instance2 = SigningCertificateV2.GetInstance(attribute.AttrValues[0]); certID = new CertID(EssCertIDv2.GetInstance(instance2.GetCerts()[0])); } } catch (CmsException ex) { throw new TspException(ex.Message, ex.InnerException); } }
public TimeStampToken(CmsSignedData signedData) { //IL_0063: Unknown result type (might be due to invalid IL or missing references) //IL_0094: Unknown result type (might be due to invalid IL or missing references) //IL_009a: Expected O, but got Unknown tsToken = signedData; if (!tsToken.SignedContentType.Equals(PkcsObjectIdentifiers.IdCTTstInfo)) { throw new TspValidationException("ContentInfo object not for a time stamp."); } global::System.Collections.ICollection signers = tsToken.GetSignerInfos().GetSigners(); if (signers.get_Count() != 1) { throw new ArgumentException(string.Concat((object)"Time-stamp token signed by ", (object)signers.get_Count(), (object)" signers, but it must contain just the TSA signature.")); } global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)signers).GetEnumerator(); enumerator.MoveNext(); tsaSignerInfo = (SignerInformation)enumerator.get_Current(); try { CmsProcessable signedContent = tsToken.SignedContent; MemoryStream val = new MemoryStream(); signedContent.Write((Stream)(object)val); tstInfo = new TimeStampTokenInfo(TstInfo.GetInstance(Asn1Object.FromByteArray(val.ToArray()))); Attribute attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate]; if (attribute != null) { SigningCertificate instance = SigningCertificate.GetInstance(attribute.AttrValues[0]); certID = new CertID(EssCertID.GetInstance(instance.GetCerts()[0])); return; } attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2]; if (attribute == null) { throw new TspValidationException("no signing certificate attribute found, time stamp invalid."); } SigningCertificateV2 instance2 = SigningCertificateV2.GetInstance(attribute.AttrValues[0]); certID = new CertID(EssCertIDv2.GetInstance(instance2.GetCerts()[0])); } catch (CmsException ex) { throw new TspException(((global::System.Exception)ex).get_Message(), ((global::System.Exception)ex).get_InnerException()); } }
private static void VerifyExtensions(X509Extensions expectedExtensions, TstInfo tstInfo) { Assert.Equal(expectedExtensions == null, tstInfo.Extensions == null); if (expectedExtensions != null) { Assert.Equal(expectedExtensions.GetExtensionOids().Length, tstInfo.Extensions.Count); foreach (var extensionOid in expectedExtensions.GetExtensionOids()) { var expectedExtension = expectedExtensions.GetExtension(extensionOid); var actualExtension = tstInfo.Extensions[extensionOid.Id]; Assert.Equal(extensionOid.Id, actualExtension.Oid.Value); Assert.Equal(expectedExtension.IsCritical, actualExtension.Critical); Assert.Equal(expectedExtension.Value.GetOctets(), actualExtension.RawData); } } }
public TimeStampToken( CmsSignedData signedData) { this.tsToken = signedData; if (!this.tsToken.SignedContentType.Equals(PkcsObjectIdentifiers.IdCTTstInfo)) { throw new TspValidationException("ContentInfo object not for a time stamp."); } ICollection signers = tsToken.GetSignerInfos().GetSigners(); if (signers.Count != 1) { throw new ArgumentException("Time-stamp token signed by " + signers.Count + " signers, but it must contain just the TSA signature."); } IEnumerator signerEnum = signers.GetEnumerator(); signerEnum.MoveNext(); tsaSignerInfo = (SignerInformation)signerEnum.Current; try { CmsProcessable content = tsToken.SignedContent; MemoryStream bOut = new MemoryStream(); content.Write(bOut); this.tstInfo = new TimeStampTokenInfo( TstInfo.GetInstance( Asn1Object.FromByteArray(bOut.ToArray()))); Asn1.Cms.Attribute attr = tsaSignerInfo.SignedAttributes[ PkcsObjectIdentifiers.IdAASigningCertificate]; // if (attr == null) // { // throw new TspValidationException( // "no signing certificate attribute found, time stamp invalid."); // } // // SigningCertificate signCert = SigningCertificate.GetInstance( // attr.AttrValues[0]); // // this.certID = EssCertID.GetInstance(signCert.GetCerts()[0]); if (attr != null) { SigningCertificate signCert = SigningCertificate.GetInstance(attr.AttrValues[0]); this.certID = new CertID(EssCertID.GetInstance(signCert.GetCerts()[0])); } else { attr = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2]; if (attr == null) { throw new TspValidationException("no signing certificate attribute found, time stamp invalid."); } SigningCertificateV2 signCertV2 = SigningCertificateV2.GetInstance(attr.AttrValues[0]); this.certID = new CertID(EssCertIDv2.GetInstance(signCertV2.GetCerts()[0])); } } catch (CmsException e) { throw new TspException(e.Message, e.InnerException); } }
/// <summary> /// Verify the signature file, e.g. x.SF using the corresponding signature block, e.g. x.RSA /// </summary> /// <returns>True if the verification is successful, false otherwise.</returns> private bool VerifySignatureRsa() { Timestamps.Clear(); byte[] signatureBlockBytes = JarUtils.ReadBytes(ArchivePath, SignatureBlockFilePath); byte[] signatureFileBytes = JarUtils.ReadBytes(ArchivePath, SignatureFilePath); SHA256Managed sha = new SHA256Managed(); byte[] hash = sha.ComputeHash(signatureFileBytes); ContentInfo ci = new ContentInfo(signatureFileBytes); SignedCms cms = new SignedCms(ci, detached: true); cms.Decode(signatureBlockBytes); try { cms.CheckSignature(verifySignatureOnly: true); // See if we can retrieve a timestamp foreach (SignerInfo signerInfo in cms.SignerInfos) { foreach (CryptographicAttributeObject unsignedAttribute in signerInfo.UnsignedAttributes) { if (String.Equals(unsignedAttribute.Oid.Value, WinCrypt.szOID_SIGNATURE_TIMESTAMP_ATTRIBUTE, StringComparison.OrdinalIgnoreCase)) { Pkcs9AttributeObject timestampAttribute = new Pkcs9AttributeObject(unsignedAttribute.Values[0]); SignedCms timestampCms = new SignedCms(); timestampCms.Decode(timestampAttribute.RawData); TstInfo timestampToken = TstInfo.Read(timestampCms.ContentInfo.Content); foreach (SignerInfo timestampSigner in timestampCms.SignerInfos) { foreach (CryptographicAttributeObject sa in timestampSigner.SignedAttributes) { if (String.Equals(sa.Oid.Value, WinCrypt.szOID_RSA_signingTime, StringComparison.OrdinalIgnoreCase)) { var signingTime = (Pkcs9SigningTime)sa.Values[0]; X509Certificate2 timestampSignerCert = timestampSigner.Certificate; Timestamps.Add(new Timestamp { SignedOn = signingTime.SigningTime.ToLocalTime(), EffectiveDate = Convert.ToDateTime(timestampSignerCert.GetEffectiveDateString()).ToLocalTime(), ExpiryDate = Convert.ToDateTime(timestampSignerCert.GetExpirationDateString()).ToLocalTime(), SignatureAlgorithm = timestampSignerCert.SignatureAlgorithm.FriendlyName }); } } } } } } } catch (CryptographicException ce) { JarError.AddError(ce.Message); return(false); } // If there were no exceptions logged then signature verification should be good. return(true); }
public TimeStampToken Generate( TimeStampRequest request, BigInteger serialNumber, DateTime genTime, X509Extensions additionalExtensions) { DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid); AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DerNull.Instance); MessageImprint messageImprint = new MessageImprint(algID, request.GetMessageImprintDigest()); Accuracy accuracy = null; if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0) { DerInteger seconds = null; if (accuracySeconds > 0) { seconds = new DerInteger(accuracySeconds); } DerInteger millis = null; if (accuracyMillis > 0) { millis = new DerInteger(accuracyMillis); } DerInteger micros = null; if (accuracyMicros > 0) { micros = new DerInteger(accuracyMicros); } accuracy = new Accuracy(seconds, millis, micros); } DerBoolean derOrdering = null; if (ordering) { derOrdering = DerBoolean.GetInstance(ordering); } DerInteger nonce = null; if (request.Nonce != null) { nonce = new DerInteger(request.Nonce); } DerObjectIdentifier tsaPolicy = new DerObjectIdentifier(tsaPolicyOID); if (request.ReqPolicy != null) { tsaPolicy = new DerObjectIdentifier(request.ReqPolicy); } X509Extensions respExtensions = request.Extensions; if (additionalExtensions != null) { X509ExtensionsGenerator extGen = new X509ExtensionsGenerator(); if (respExtensions != null) { foreach (object oid in respExtensions.ExtensionOids) { DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid); extGen.AddExtension(id, respExtensions.GetExtension(DerObjectIdentifier.GetInstance(id))); } } foreach (object oid in additionalExtensions.ExtensionOids) { DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid); extGen.AddExtension(id, additionalExtensions.GetExtension(DerObjectIdentifier.GetInstance(id))); } respExtensions = extGen.Generate(); } DerGeneralizedTime generalizedTime; if (resolution != Resolution.R_SECONDS) { generalizedTime = new DerGeneralizedTime(createGeneralizedTime(genTime)); } else { generalizedTime = new DerGeneralizedTime(genTime); } TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint, new DerInteger(serialNumber), generalizedTime, accuracy, derOrdering, nonce, tsa, respExtensions); try { CmsSignedDataGenerator signedDataGenerator = new CmsSignedDataGenerator(); byte[] derEncodedTstInfo = tstInfo.GetDerEncoded(); if (request.CertReq) { signedDataGenerator.AddCertificates(x509Certs); } signedDataGenerator.AddCrls(x509Crls); signedDataGenerator.AddSignerInfoGenerator(signerInfoGenerator); CmsSignedData signedData = signedDataGenerator.Generate( PkcsObjectIdentifiers.IdCTTstInfo.Id, new CmsProcessableByteArray(derEncodedTstInfo), true); return(new TimeStampToken(signedData)); } catch (CmsException cmsEx) { throw new TspException("Error generating time-stamp token", cmsEx); } catch (IOException e) { throw new TspException("Exception encoding info", e); } catch (X509StoreException e) { throw new TspException("Exception handling CertStore", e); } // catch (InvalidAlgorithmParameterException e) // { // throw new TspException("Exception handling CertStore CRLs", e); // } }
public TimeStampToken Generate(TimeStampRequest request, BigInteger serialNumber, DateTime genTime) { DerObjectIdentifier objectID = new DerObjectIdentifier(request.MessageImprintAlgOid); AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(objectID, DerNull.Instance); MessageImprint messageImprint = new MessageImprint(hashAlgorithm, request.GetMessageImprintDigest()); Accuracy accuracy = null; if (this.accuracySeconds > 0 || this.accuracyMillis > 0 || this.accuracyMicros > 0) { DerInteger seconds = null; if (this.accuracySeconds > 0) { seconds = new DerInteger(this.accuracySeconds); } DerInteger millis = null; if (this.accuracyMillis > 0) { millis = new DerInteger(this.accuracyMillis); } DerInteger micros = null; if (this.accuracyMicros > 0) { micros = new DerInteger(this.accuracyMicros); } accuracy = new Accuracy(seconds, millis, micros); } DerBoolean derBoolean = null; if (this.ordering) { derBoolean = DerBoolean.GetInstance(this.ordering); } DerInteger nonce = null; if (request.Nonce != null) { nonce = new DerInteger(request.Nonce); } DerObjectIdentifier tsaPolicyId = new DerObjectIdentifier(this.tsaPolicyOID); if (request.ReqPolicy != null) { tsaPolicyId = new DerObjectIdentifier(request.ReqPolicy); } TstInfo tstInfo = new TstInfo(tsaPolicyId, messageImprint, new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy, derBoolean, nonce, this.tsa, request.Extensions); TimeStampToken result; try { CmsSignedDataGenerator cmsSignedDataGenerator = new CmsSignedDataGenerator(); byte[] derEncoded = tstInfo.GetDerEncoded(); if (request.CertReq) { cmsSignedDataGenerator.AddCertificates(this.x509Certs); } cmsSignedDataGenerator.AddCrls(this.x509Crls); cmsSignedDataGenerator.AddSigner(this.key, this.cert, this.digestOID, this.signedAttr, this.unsignedAttr); CmsSignedData signedData = cmsSignedDataGenerator.Generate(PkcsObjectIdentifiers.IdCTTstInfo.Id, new CmsProcessableByteArray(derEncoded), true); result = new TimeStampToken(signedData); } catch (CmsException e) { throw new TspException("Error generating time-stamp token", e); } catch (IOException e2) { throw new TspException("Exception encoding info", e2); } catch (X509StoreException e3) { throw new TspException("Exception handling CertStore", e3); } return(result); }
public void Read_WithInvalidAsn1_Throws() { Assert.Throws <CryptographicException>( () => TstInfo.Read(new byte[] { 0x30, 0x0b })); }
private CmsSignedData GenerateTimestamp( TimeStampRequest request, BigInteger serialNumber, DateTime generalizedTime) { var messageImprint = new MessageImprint( new AlgorithmIdentifier( new DerObjectIdentifier(request.MessageImprintAlgOid)), request.GetMessageImprintDigest()); DerInteger nonce = request.Nonce == null ? null : new DerInteger(request.Nonce); var tstInfo = new TstInfo( new DerObjectIdentifier(_options.Policy.Value), messageImprint, new DerInteger(serialNumber), new DerGeneralizedTime(generalizedTime), _options.Accuracy, DerBoolean.False, nonce, tsa: null, extensions: null); var content = new CmsProcessableByteArray(tstInfo.GetEncoded()); var signedAttributes = new Asn1EncodableVector(); var certificateBytes = new Lazy <byte[]>(() => Certificate.GetEncoded()); if (_options.SigningCertificateUsage.HasFlag(SigningCertificateUsage.V1)) { byte[] hash = _options.SigningCertificateV1Hash ?? DigestUtilities.CalculateDigest("SHA-1", certificateBytes.Value); var signingCertificate = new SigningCertificate(new EssCertID(hash)); var attributeValue = new DerSet(signingCertificate); var attribute = new BcAttribute(PkcsObjectIdentifiers.IdAASigningCertificate, attributeValue); signedAttributes.Add(attribute); } if (_options.SigningCertificateUsage.HasFlag(SigningCertificateUsage.V2)) { byte[] hash = DigestUtilities.CalculateDigest("SHA-256", certificateBytes.Value); var signingCertificateV2 = new SigningCertificateV2(new EssCertIDv2(hash)); var attributeValue = new DerSet(signingCertificateV2); var attribute = new BcAttribute(PkcsObjectIdentifiers.IdAASigningCertificateV2, attributeValue); signedAttributes.Add(attribute); } var generator = new CmsSignedDataGenerator(); if (_options.ReturnSigningCertificate) { var certificates = X509StoreFactory.Create( "Certificate/Collection", new X509CollectionStoreParameters(new[] { Certificate })); generator.AddCertificates(certificates); } generator.AddSigner( _keyPair.Private, Certificate, _options.SignatureHashAlgorithm.Value, new BcAttributeTable(signedAttributes), new BcAttributeTable(DerSet.Empty)); CmsSignedData signedCms = generator.Generate( PkcsObjectIdentifiers.IdCTTstInfo.Id, content, encapsulate: true); return(signedCms); }
//------------------------------------------------------------------------------ public TimeStampToken Generate( TimeStampRequest request, IBigInteger serialNumber, DateTime genTime) { DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid); AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DerNull.Instance); MessageImprint messageImprint = new MessageImprint(algID, request.GetMessageImprintDigest()); Accuracy accuracy = null; if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0) { DerInteger seconds = null; if (accuracySeconds > 0) { seconds = new DerInteger(accuracySeconds); } DerInteger millis = null; if (accuracyMillis > 0) { millis = new DerInteger(accuracyMillis); } DerInteger micros = null; if (accuracyMicros > 0) { micros = new DerInteger(accuracyMicros); } accuracy = new Accuracy(seconds, millis, micros); } DerBoolean derOrdering = null; if (ordering) { derOrdering = DerBoolean.GetInstance(ordering); } DerInteger nonce = null; if (request.Nonce != null) { nonce = new DerInteger(request.Nonce); } DerObjectIdentifier tsaPolicy = new DerObjectIdentifier(tsaPolicyOID); if (request.ReqPolicy != null) { tsaPolicy = new DerObjectIdentifier(request.ReqPolicy); } TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint, new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy, derOrdering, nonce, tsa, request.Extensions); try { CmsSignedDataGenerator signedDataGenerator = new CmsSignedDataGenerator(); byte[] derEncodedTstInfo = tstInfo.GetDerEncoded(); if (request.CertReq) { signedDataGenerator.AddCertificates(x509Certs); } signedDataGenerator.AddCrls(x509Crls); signedDataGenerator.AddSigner(key, cert, digestOID, signedAttr, unsignedAttr); CmsSignedData signedData = signedDataGenerator.Generate( PkcsObjectIdentifiers.IdCTTstInfo.Id, new CmsProcessableByteArray(derEncodedTstInfo), true); return(new TimeStampToken(signedData)); } catch (CmsException cmsEx) { throw new TspException("Error generating time-stamp token", cmsEx); } catch (IOException e) { throw new TspException("Exception encoding info", e); } catch (X509StoreException e) { throw new TspException("Exception handling CertStore", e); } // catch (InvalidAlgorithmParameterException e) // { // throw new TspException("Exception handling CertStore CRLs", e); // } }
public TimeStampToken Generate(TimeStampRequest request, BigInteger serialNumber, global::System.DateTime genTime) { //IL_01a0: Expected O, but got Unknown DerObjectIdentifier algorithm = new DerObjectIdentifier(request.MessageImprintAlgOid); AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(algorithm, DerNull.Instance); MessageImprint messageImprint = new MessageImprint(hashAlgorithm, request.GetMessageImprintDigest()); Accuracy accuracy = null; if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0) { DerInteger seconds = null; if (accuracySeconds > 0) { seconds = new DerInteger(accuracySeconds); } DerInteger millis = null; if (accuracyMillis > 0) { millis = new DerInteger(accuracyMillis); } DerInteger micros = null; if (accuracyMicros > 0) { micros = new DerInteger(accuracyMicros); } accuracy = new Accuracy(seconds, millis, micros); } DerBoolean derBoolean = null; if (ordering) { derBoolean = DerBoolean.GetInstance(ordering); } DerInteger nonce = null; if (request.Nonce != null) { nonce = new DerInteger(request.Nonce); } DerObjectIdentifier tsaPolicyId = new DerObjectIdentifier(tsaPolicyOID); if (request.ReqPolicy != null) { tsaPolicyId = new DerObjectIdentifier(request.ReqPolicy); } TstInfo tstInfo = new TstInfo(tsaPolicyId, messageImprint, new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy, derBoolean, nonce, tsa, request.Extensions); try { CmsSignedDataGenerator cmsSignedDataGenerator = new CmsSignedDataGenerator(); byte[] derEncoded = tstInfo.GetDerEncoded(); if (request.CertReq) { cmsSignedDataGenerator.AddCertificates(x509Certs); } cmsSignedDataGenerator.AddCrls(x509Crls); cmsSignedDataGenerator.AddSigner(key, cert, digestOID, signedAttr, unsignedAttr); CmsSignedData signedData = cmsSignedDataGenerator.Generate(PkcsObjectIdentifiers.IdCTTstInfo.Id, new CmsProcessableByteArray(derEncoded), encapsulate: true); return(new TimeStampToken(signedData)); } catch (CmsException e) { throw new TspException("Error generating time-stamp token", e); } catch (IOException val) { IOException e2 = val; throw new TspException("Exception encoding info", (global::System.Exception)(object) e2); } catch (X509StoreException e3) { throw new TspException("Exception handling CertStore", e3); } }