Inheritance: Org.BouncyCastle.X509.X509ExtensionBase
Esempio n. 1
0
        public TimeStampResponse GenerateGrantedResponse(
            TimeStampRequest request,
            BigInteger serialNumber,
            DateTimeObject genTime,
            String statusString,
            X509Extensions additionalExtensions)
        {
            TimeStampResp resp;

            try
            {
                if (genTime == null)
                {
                    throw new TspValidationException("The time source is not available.",
                                                     PkiFailureInfo.TimeNotAvailable);
                }

                request.Validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions);

                this.status = PkiStatus.Granted;
                this.AddStatusString(statusString);

                PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();

                ContentInfo tstTokenContentInfo;
                try
                {
                    TimeStampToken token   = tokenGenerator.Generate(request, serialNumber, genTime.Value, additionalExtensions);
                    byte[]         encoded = token.ToCmsSignedData().GetEncoded();

                    tstTokenContentInfo = ContentInfo.GetInstance(Asn1Object.FromByteArray(encoded));
                }
                catch (IOException e)
                {
                    throw new TspException("Timestamp token received cannot be converted to ContentInfo", e);
                }

                resp = new TimeStampResp(pkiStatusInfo, tstTokenContentInfo);
            }
            catch (TspValidationException e)
            {
                status = PkiStatus.Rejection;

                this.SetFailInfoField(e.FailureCode);
                this.AddStatusString(e.Message);

                PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();

                resp = new TimeStampResp(pkiStatusInfo, null);
            }

            try
            {
                return(new TimeStampResponse(resp));
            }
            catch (IOException e)
            {
                throw new TspException("created badly formatted response!", e);
            }
        }
Esempio n. 2
0
        //------------------------------------------------------------------------------

        public TimeStampToken Generate(
            TimeStampRequest request,
            BigInteger serialNumber,
            DateTime genTime)
        {
            return(Generate(request, serialNumber, genTime, null));
        }
 public TimeStampResponse Generate(
     TimeStampRequest request,
     BigInteger serialNumber,
     DateTime genTime)
 {
     return(Generate(request, serialNumber, new DateTimeObject(genTime)));
 }
 public TimeStampResponse Generate(
     TimeStampRequest request,
     IBigInteger serialNumber,
     DateTime genTime)
 {
     return Generate(request, serialNumber, new DateTimeObject(genTime));
 }
Esempio n. 5
0
        /**
         * Check this response against to see if it a well formed response for
         * the passed in request. Validation will include checking the time stamp
         * token if the response status is GRANTED or GRANTED_WITH_MODS.
         *
         * @param request the request to be checked against
         * @throws TspException if the request can not match this response.
         */
        public void Validate(
            TimeStampRequest request)
        {
            TimeStampToken tok = this.TimeStampToken;

            if (tok != null)
            {
                TimeStampTokenInfo tstInfo = tok.TimeStampInfo;

                if (request.Nonce != null && !request.Nonce.Equals(tstInfo.Nonce))
                {
                    throw new TspValidationException("response contains wrong nonce value.");
                }

                if (this.Status != (int)PkiStatus.Granted && this.Status != (int)PkiStatus.GrantedWithMods)
                {
                    throw new TspValidationException("time stamp token found in failed request.");
                }

                if (!Arrays.ConstantTimeAreEqual(request.GetMessageImprintDigest(), tstInfo.GetMessageImprintDigest()))
                {
                    throw new TspValidationException("response for different message imprint digest.");
                }

                if (!tstInfo.MessageImprintAlgOid.Equals(request.MessageImprintAlgOid))
                {
                    throw new TspValidationException("response for different message imprint algorithm.");
                }

                Asn1.Cms.Attribute scV1 = tok.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate];
                Asn1.Cms.Attribute scV2 = tok.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2];

                if (scV1 == null && scV2 == null)
                {
                    throw new TspValidationException("no signing certificate attribute present.");
                }

                if (scV1 != null && scV2 != null)
                {
                    /*
                     * RFC 5035 5.4. If both attributes exist in a single message,
                     * they are independently evaluated.
                     */
                }

                if (request.ReqPolicy != null && !request.ReqPolicy.Equals(tstInfo.Policy))
                {
                    throw new TspValidationException("TSA policy wrong for request.");
                }
            }
            else if (this.Status == (int)PkiStatus.Granted || this.Status == (int)PkiStatus.GrantedWithMods)
            {
                throw new TspValidationException("no time stamp token found and one expected.");
            }
        }
Esempio n. 6
0
        public TimeStampResponse Generate(
            TimeStampRequest request,
            BigInteger serialNumber,
            DateTime genTime)
        {
            TimeStampResp resp;

            try
            {
                request.Validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions);

                status = PkiStatus.Granted;
                this.addStatusString("Operation Okay");

                PkiStatusInfo pkiStatusInfo = getPkiStatusInfo();

                ContentInfo tstTokenContentInfo;
                try
                {
                    TimeStampToken token   = tokenGenerator.Generate(request, serialNumber, genTime);
                    byte[]         encoded = token.ToCmsSignedData().GetEncoded();

                    tstTokenContentInfo = ContentInfo.GetInstance(Asn1Object.FromByteArray(encoded));
                }
                catch (IOException ioEx)
                {
                    throw new TspException(
                              "Timestamp token received cannot be converted to ContentInfo", ioEx);
                }

                resp = new TimeStampResp(pkiStatusInfo, tstTokenContentInfo);
            }
            catch (TspValidationException e)
            {
                status = PkiStatus.Rejection;

                this.setFailInfoField(e.FailureCode);
                this.addStatusString(e.Message);

                PkiStatusInfo pkiStatusInfo = getPkiStatusInfo();

                resp = new TimeStampResp(pkiStatusInfo, null);
            }

            try
            {
                return(new TimeStampResponse(resp));
            }
            catch (IOException)
            {
                throw new TspException("created badly formatted response!");
            }
        }
Esempio n. 7
0
        public TimeStampResponse Generate(TimeStampRequest request, BigInteger serialNumber, DateTimeObject genTime)
        {
            //IL_0076: Expected O, but got Unknown
            //IL_00cf: Expected O, but got Unknown
            TimeStampResp resp;

            try
            {
                if (genTime == null)
                {
                    throw new TspValidationException("The time source is not available.", 512);
                }
                request.Validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions);
                status = PkiStatus.Granted;
                AddStatusString("Operation Okay");
                PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();
                ContentInfo   instance;
                try
                {
                    TimeStampToken timeStampToken = tokenGenerator.Generate(request, serialNumber, genTime.Value);
                    byte[]         encoded        = timeStampToken.ToCmsSignedData().GetEncoded();
                    instance = ContentInfo.GetInstance(Asn1Object.FromByteArray(encoded));
                }
                catch (IOException val)
                {
                    IOException e = val;
                    throw new TspException("Timestamp token received cannot be converted to ContentInfo", (global::System.Exception)(object) e);
                }
                resp = new TimeStampResp(pkiStatusInfo, instance);
            }
            catch (TspValidationException ex)
            {
                status = PkiStatus.Rejection;
                SetFailInfoField(ex.FailureCode);
                AddStatusString(((global::System.Exception)ex).get_Message());
                PkiStatusInfo pkiStatusInfo2 = GetPkiStatusInfo();
                resp = new TimeStampResp(pkiStatusInfo2, null);
            }
            try
            {
                return(new TimeStampResponse(resp));
            }
            catch (IOException val2)
            {
                IOException e2 = val2;
                throw new TspException("created badly formatted response!", (global::System.Exception)(object) e2);
            }
        }
Esempio n. 8
0
        public TimeStampResponse Generate(TimeStampRequest request, BigInteger serialNumber, DateTimeObject genTime)
        {
            TimeStampResp resp;

            try
            {
                if (genTime == null)
                {
                    throw new TspValidationException("The time source is not available.", 512);
                }
                request.Validate(this.acceptedAlgorithms, this.acceptedPolicies, this.acceptedExtensions);
                this.status = PkiStatus.Granted;
                this.AddStatusString("Operation Okay");
                PkiStatusInfo pkiStatusInfo = this.GetPkiStatusInfo();
                ContentInfo   instance;
                try
                {
                    TimeStampToken timeStampToken = this.tokenGenerator.Generate(request, serialNumber, genTime.Value);
                    byte[]         encoded        = timeStampToken.ToCmsSignedData().GetEncoded();
                    instance = ContentInfo.GetInstance(Asn1Object.FromByteArray(encoded));
                }
                catch (IOException e)
                {
                    throw new TspException("Timestamp token received cannot be converted to ContentInfo", e);
                }
                resp = new TimeStampResp(pkiStatusInfo, instance);
            }
            catch (TspValidationException ex)
            {
                this.status = PkiStatus.Rejection;
                this.SetFailInfoField(ex.FailureCode);
                this.AddStatusString(ex.Message);
                PkiStatusInfo pkiStatusInfo2 = this.GetPkiStatusInfo();
                resp = new TimeStampResp(pkiStatusInfo2, null);
            }
            TimeStampResponse result;

            try
            {
                result = new TimeStampResponse(resp);
            }
            catch (IOException e2)
            {
                throw new TspException("created badly formatted response!", e2);
            }
            return(result);
        }
Esempio n. 9
0
        public void Validate(TimeStampRequest request)
        {
            TimeStampToken timeStampToken = this.TimeStampToken;

            if (timeStampToken != null)
            {
                TimeStampTokenInfo timeStampInfo = timeStampToken.TimeStampInfo;
                if (request.Nonce != null && !request.Nonce.Equals(timeStampInfo.Nonce))
                {
                    throw new TspValidationException("response contains wrong nonce value.");
                }
                if (this.Status != 0 && this.Status != 1)
                {
                    throw new TspValidationException("time stamp token found in failed request.");
                }
                if (!Arrays.ConstantTimeAreEqual(request.GetMessageImprintDigest(), timeStampInfo.GetMessageImprintDigest()))
                {
                    throw new TspValidationException("response for different message imprint digest.");
                }
                if (!timeStampInfo.MessageImprintAlgOid.Equals(request.MessageImprintAlgOid))
                {
                    throw new TspValidationException("response for different message imprint algorithm.");
                }
                Org.BouncyCastle.Asn1.Cms.Attribute attribute  = timeStampToken.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate];
                Org.BouncyCastle.Asn1.Cms.Attribute attribute2 = timeStampToken.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2];
                if (attribute == null && attribute2 == null)
                {
                    throw new TspValidationException("no signing certificate attribute present.");
                }
                if (attribute != null)
                {
                }
                if (request.ReqPolicy != null && !request.ReqPolicy.Equals(timeStampInfo.Policy))
                {
                    throw new TspValidationException("TSA policy wrong for request.");
                }
            }
            else if (this.Status == 0 || this.Status == 1)
            {
                throw new TspValidationException("no time stamp token found and one expected.");
            }
        }
		/**
		 * Check this response against to see if it a well formed response for
		 * the passed in request. Validation will include checking the time stamp
		 * token if the response status is GRANTED or GRANTED_WITH_MODS.
		 *
		 * @param request the request to be checked against
		 * @throws TspException if the request can not match this response.
		 */
		public void Validate(
			TimeStampRequest request)
		{
			TimeStampToken tok = this.TimeStampToken;

			if (tok != null)
			{
				TimeStampTokenInfo tstInfo = tok.TimeStampInfo;

				if (request.Nonce != null && !request.Nonce.Equals(tstInfo.Nonce))
				{
					throw new TspValidationException("response contains wrong nonce value.");
				}

				if (this.Status != (int) PkiStatus.Granted && this.Status != (int) PkiStatus.GrantedWithMods)
				{
					throw new TspValidationException("time stamp token found in failed request.");
				}

				if (!Arrays.ConstantTimeAreEqual(request.GetMessageImprintDigest(), tstInfo.GetMessageImprintDigest()))
				{
					throw new TspValidationException("response for different message imprint digest.");
				}

				if (!tstInfo.MessageImprintAlgOid.Equals(request.MessageImprintAlgOid))
				{
					throw new TspValidationException("response for different message imprint algorithm.");
				}

				Asn1.Cms.Attribute scV1 = tok.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate];
				Asn1.Cms.Attribute scV2 = tok.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2];

				if (scV1 == null && scV2 == null)
				{
					throw new TspValidationException("no signing certificate attribute present.");
				}

				if (scV1 != null && scV2 != null)
				{
					throw new TspValidationException("conflicting signing certificate attributes present.");
				}

				if (request.ReqPolicy != null && !request.ReqPolicy.Equals(tstInfo.Policy))
				{
					throw new TspValidationException("TSA policy wrong for request.");
				}
			}
			else if (this.Status == (int) PkiStatus.Granted || this.Status == (int) PkiStatus.GrantedWithMods)
			{
				throw new TspValidationException("no time stamp token found and one expected.");
			}
		}
Esempio n. 11
0
        public TimeStampToken Generate(
            TimeStampRequest request,
            BigInteger serialNumber,
            DateTime genTime, X509Extensions additionalExtensions)
        {
            DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid);

            AlgorithmIdentifier algID          = new AlgorithmIdentifier(digestAlgOID, DerNull.Instance);
            MessageImprint      messageImprint = new MessageImprint(algID, request.GetMessageImprintDigest());

            Accuracy accuracy = null;

            if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0)
            {
                DerInteger seconds = null;
                if (accuracySeconds > 0)
                {
                    seconds = new DerInteger(accuracySeconds);
                }

                DerInteger millis = null;
                if (accuracyMillis > 0)
                {
                    millis = new DerInteger(accuracyMillis);
                }

                DerInteger micros = null;
                if (accuracyMicros > 0)
                {
                    micros = new DerInteger(accuracyMicros);
                }

                accuracy = new Accuracy(seconds, millis, micros);
            }

            DerBoolean derOrdering = null;

            if (ordering)
            {
                derOrdering = DerBoolean.GetInstance(ordering);
            }

            DerInteger nonce = null;

            if (request.Nonce != null)
            {
                nonce = new DerInteger(request.Nonce);
            }

            DerObjectIdentifier tsaPolicy = new DerObjectIdentifier(tsaPolicyOID);

            if (request.ReqPolicy != null)
            {
                tsaPolicy = new DerObjectIdentifier(request.ReqPolicy);
            }


            X509Extensions respExtensions = request.Extensions;

            if (additionalExtensions != null)
            {
                X509ExtensionsGenerator extGen = new X509ExtensionsGenerator();

                if (respExtensions != null)
                {
                    foreach (object oid in respExtensions.ExtensionOids)
                    {
                        DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid);
                        extGen.AddExtension(id, respExtensions.GetExtension(DerObjectIdentifier.GetInstance(id)));
                    }
                }

                foreach (object oid in additionalExtensions.ExtensionOids)
                {
                    DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid);
                    extGen.AddExtension(id, additionalExtensions.GetExtension(DerObjectIdentifier.GetInstance(id)));
                }

                respExtensions = extGen.Generate();
            }



            DerGeneralizedTime generalizedTime;

            if (resolution != Resolution.R_SECONDS)
            {
                generalizedTime = new DerGeneralizedTime(createGeneralizedTime(genTime));
            }
            else
            {
                generalizedTime = new DerGeneralizedTime(genTime);
            }


            TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint,
                                          new DerInteger(serialNumber), generalizedTime, accuracy,
                                          derOrdering, nonce, tsa, respExtensions);

            try
            {
                CmsSignedDataGenerator signedDataGenerator = new CmsSignedDataGenerator();

                byte[] derEncodedTstInfo = tstInfo.GetDerEncoded();

                if (request.CertReq)
                {
                    signedDataGenerator.AddCertificates(x509Certs);
                }

                signedDataGenerator.AddCrls(x509Crls);

                signedDataGenerator.AddSignerInfoGenerator(signerInfoGenerator);

                CmsSignedData signedData = signedDataGenerator.Generate(
                    PkcsObjectIdentifiers.IdCTTstInfo.Id,
                    new CmsProcessableByteArray(derEncodedTstInfo),
                    true);

                return(new TimeStampToken(signedData));
            }
            catch (CmsException cmsEx)
            {
                throw new TspException("Error generating time-stamp token", cmsEx);
            }
            catch (IOException e)
            {
                throw new TspException("Exception encoding info", e);
            }
            catch (X509StoreException e)
            {
                throw new TspException("Exception handling CertStore", e);
            }
            //			catch (InvalidAlgorithmParameterException e)
            //			{
            //				throw new TspException("Exception handling CertStore CRLs", e);
            //			}
        }
Esempio n. 12
0
        public TimeStampToken Generate(TimeStampRequest request, BigInteger serialNumber, DateTime genTime)
        {
            DerObjectIdentifier objectID       = new DerObjectIdentifier(request.MessageImprintAlgOid);
            AlgorithmIdentifier hashAlgorithm  = new AlgorithmIdentifier(objectID, DerNull.Instance);
            MessageImprint      messageImprint = new MessageImprint(hashAlgorithm, request.GetMessageImprintDigest());
            Accuracy            accuracy       = null;

            if (this.accuracySeconds > 0 || this.accuracyMillis > 0 || this.accuracyMicros > 0)
            {
                DerInteger seconds = null;
                if (this.accuracySeconds > 0)
                {
                    seconds = new DerInteger(this.accuracySeconds);
                }
                DerInteger millis = null;
                if (this.accuracyMillis > 0)
                {
                    millis = new DerInteger(this.accuracyMillis);
                }
                DerInteger micros = null;
                if (this.accuracyMicros > 0)
                {
                    micros = new DerInteger(this.accuracyMicros);
                }
                accuracy = new Accuracy(seconds, millis, micros);
            }
            DerBoolean derBoolean = null;

            if (this.ordering)
            {
                derBoolean = DerBoolean.GetInstance(this.ordering);
            }
            DerInteger nonce = null;

            if (request.Nonce != null)
            {
                nonce = new DerInteger(request.Nonce);
            }
            DerObjectIdentifier tsaPolicyId = new DerObjectIdentifier(this.tsaPolicyOID);

            if (request.ReqPolicy != null)
            {
                tsaPolicyId = new DerObjectIdentifier(request.ReqPolicy);
            }
            TstInfo        tstInfo = new TstInfo(tsaPolicyId, messageImprint, new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy, derBoolean, nonce, this.tsa, request.Extensions);
            TimeStampToken result;

            try
            {
                CmsSignedDataGenerator cmsSignedDataGenerator = new CmsSignedDataGenerator();
                byte[] derEncoded = tstInfo.GetDerEncoded();
                if (request.CertReq)
                {
                    cmsSignedDataGenerator.AddCertificates(this.x509Certs);
                }
                cmsSignedDataGenerator.AddCrls(this.x509Crls);
                cmsSignedDataGenerator.AddSigner(this.key, this.cert, this.digestOID, this.signedAttr, this.unsignedAttr);
                CmsSignedData signedData = cmsSignedDataGenerator.Generate(PkcsObjectIdentifiers.IdCTTstInfo.Id, new CmsProcessableByteArray(derEncoded), true);
                result = new TimeStampToken(signedData);
            }
            catch (CmsException e)
            {
                throw new TspException("Error generating time-stamp token", e);
            }
            catch (IOException e2)
            {
                throw new TspException("Exception encoding info", e2);
            }
            catch (X509StoreException e3)
            {
                throw new TspException("Exception handling CertStore", e3);
            }
            return(result);
        }
        /**
         * Return an appropriate TimeStampResponse.
         * <p>
         * If genTime is null a timeNotAvailable error response will be returned.
         *
         * @param request the request this response is for.
         * @param serialNumber serial number for the response token.
         * @param genTime generation time for the response token.
         * @param provider provider to use for signature calculation.
         * @return
         * @throws NoSuchAlgorithmException
         * @throws NoSuchProviderException
         * @throws TSPException
         * </p>
         */
        public TimeStampResponse Generate(
            TimeStampRequest request,
            IBigInteger serialNumber,
            DateTimeObject genTime)
        {
            TimeStampResp resp;

            try
            {
                if (genTime == null)
                    throw new TspValidationException("The time source is not available.",
                        PkiFailureInfo.TimeNotAvailable);

                request.Validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions);

                this.status = PkiStatus.Granted;
                this.AddStatusString("Operation Okay");

                PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();

                ContentInfo tstTokenContentInfo;
                try
                {
                    TimeStampToken token = tokenGenerator.Generate(request, serialNumber, genTime.Value);
                    byte[] encoded = token.ToCmsSignedData().GetEncoded();

                    tstTokenContentInfo = ContentInfo.GetInstance(Asn1Object.FromByteArray(encoded));
                }
                catch (IOException e)
                {
                    throw new TspException("Timestamp token received cannot be converted to ContentInfo", e);
                }

                resp = new TimeStampResp(pkiStatusInfo, tstTokenContentInfo);
            }
            catch (TspValidationException e)
            {
                status = PkiStatus.Rejection;

                this.SetFailInfoField(e.FailureCode);
                this.AddStatusString(e.Message);

                PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();

                resp = new TimeStampResp(pkiStatusInfo, null);
            }

            try
            {
                return new TimeStampResponse(resp);
            }
            catch (IOException e)
            {
                throw new TspException("created badly formatted response!", e);
            }
        }
		//------------------------------------------------------------------------------

		public TimeStampToken Generate(
			TimeStampRequest	request,
			BigInteger			serialNumber,
			DateTime			genTime)
		{
			DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid);

			AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DerNull.Instance);
			MessageImprint messageImprint = new MessageImprint(algID, request.GetMessageImprintDigest());

			Accuracy accuracy = null;
			if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0)
			{
				DerInteger seconds = null;
				if (accuracySeconds > 0)
				{
					seconds = new DerInteger(accuracySeconds);
				}

				DerInteger millis = null;
				if (accuracyMillis > 0)
				{
					millis = new DerInteger(accuracyMillis);
				}

				DerInteger micros = null;
				if (accuracyMicros > 0)
				{
					micros = new DerInteger(accuracyMicros);
				}

				accuracy = new Accuracy(seconds, millis, micros);
			}

			DerBoolean derOrdering = null;
			if (ordering)
			{
				derOrdering = DerBoolean.GetInstance(ordering);
			}

			DerInteger nonce = null;
			if (request.Nonce != null)
			{
				nonce = new DerInteger(request.Nonce);
			}

			DerObjectIdentifier tsaPolicy = new DerObjectIdentifier(tsaPolicyOID);
			if (request.ReqPolicy != null)
			{
				tsaPolicy = new DerObjectIdentifier(request.ReqPolicy);
			}

			TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint,
				new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy,
				derOrdering, nonce, tsa, request.Extensions);

			try
			{
				CmsSignedDataGenerator signedDataGenerator = new CmsSignedDataGenerator();

				byte[] derEncodedTstInfo = tstInfo.GetDerEncoded();

				if (request.CertReq)
				{
					signedDataGenerator.AddCertificates(x509Certs);
				}

				signedDataGenerator.AddCrls(x509Crls);
				signedDataGenerator.AddSigner(key, cert, digestOID, signedAttr, unsignedAttr);

				CmsSignedData signedData = signedDataGenerator.Generate(
					PkcsObjectIdentifiers.IdCTTstInfo.Id,
					new CmsProcessableByteArray(derEncodedTstInfo),
					true);

				return new TimeStampToken(signedData);
			}
			catch (CmsException cmsEx)
			{
				throw new TspException("Error generating time-stamp token", cmsEx);
			}
			catch (IOException e)
			{
				throw new TspException("Exception encoding info", e);
			}
			catch (X509StoreException e)
			{
				throw new TspException("Exception handling CertStore", e);
			}
//			catch (InvalidAlgorithmParameterException e)
//			{
//				throw new TspException("Exception handling CertStore CRLs", e);
//			}
		}
        //------------------------------------------------------------------------------

        public TimeStampToken Generate(
            TimeStampRequest request,
            IBigInteger serialNumber,
            DateTime genTime)
        {
            DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid);

            AlgorithmIdentifier algID          = new AlgorithmIdentifier(digestAlgOID, DerNull.Instance);
            MessageImprint      messageImprint = new MessageImprint(algID, request.GetMessageImprintDigest());

            Accuracy accuracy = null;

            if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0)
            {
                DerInteger seconds = null;
                if (accuracySeconds > 0)
                {
                    seconds = new DerInteger(accuracySeconds);
                }

                DerInteger millis = null;
                if (accuracyMillis > 0)
                {
                    millis = new DerInteger(accuracyMillis);
                }

                DerInteger micros = null;
                if (accuracyMicros > 0)
                {
                    micros = new DerInteger(accuracyMicros);
                }

                accuracy = new Accuracy(seconds, millis, micros);
            }

            DerBoolean derOrdering = null;

            if (ordering)
            {
                derOrdering = DerBoolean.GetInstance(ordering);
            }

            DerInteger nonce = null;

            if (request.Nonce != null)
            {
                nonce = new DerInteger(request.Nonce);
            }

            DerObjectIdentifier tsaPolicy = new DerObjectIdentifier(tsaPolicyOID);

            if (request.ReqPolicy != null)
            {
                tsaPolicy = new DerObjectIdentifier(request.ReqPolicy);
            }

            TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint,
                                          new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy,
                                          derOrdering, nonce, tsa, request.Extensions);

            try
            {
                CmsSignedDataGenerator signedDataGenerator = new CmsSignedDataGenerator();

                byte[] derEncodedTstInfo = tstInfo.GetDerEncoded();

                if (request.CertReq)
                {
                    signedDataGenerator.AddCertificates(x509Certs);
                }

                signedDataGenerator.AddCrls(x509Crls);
                signedDataGenerator.AddSigner(key, cert, digestOID, signedAttr, unsignedAttr);

                CmsSignedData signedData = signedDataGenerator.Generate(
                    PkcsObjectIdentifiers.IdCTTstInfo.Id,
                    new CmsProcessableByteArray(derEncodedTstInfo),
                    true);

                return(new TimeStampToken(signedData));
            }
            catch (CmsException cmsEx)
            {
                throw new TspException("Error generating time-stamp token", cmsEx);
            }
            catch (IOException e)
            {
                throw new TspException("Exception encoding info", e);
            }
            catch (X509StoreException e)
            {
                throw new TspException("Exception handling CertStore", e);
            }
//			catch (InvalidAlgorithmParameterException e)
//			{
//				throw new TspException("Exception handling CertStore CRLs", e);
//			}
        }
        public TimeStampToken Generate(TimeStampRequest request, BigInteger serialNumber, global::System.DateTime genTime)
        {
            //IL_01a0: Expected O, but got Unknown
            DerObjectIdentifier algorithm      = new DerObjectIdentifier(request.MessageImprintAlgOid);
            AlgorithmIdentifier hashAlgorithm  = new AlgorithmIdentifier(algorithm, DerNull.Instance);
            MessageImprint      messageImprint = new MessageImprint(hashAlgorithm, request.GetMessageImprintDigest());
            Accuracy            accuracy       = null;

            if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0)
            {
                DerInteger seconds = null;
                if (accuracySeconds > 0)
                {
                    seconds = new DerInteger(accuracySeconds);
                }
                DerInteger millis = null;
                if (accuracyMillis > 0)
                {
                    millis = new DerInteger(accuracyMillis);
                }
                DerInteger micros = null;
                if (accuracyMicros > 0)
                {
                    micros = new DerInteger(accuracyMicros);
                }
                accuracy = new Accuracy(seconds, millis, micros);
            }
            DerBoolean derBoolean = null;

            if (ordering)
            {
                derBoolean = DerBoolean.GetInstance(ordering);
            }
            DerInteger nonce = null;

            if (request.Nonce != null)
            {
                nonce = new DerInteger(request.Nonce);
            }
            DerObjectIdentifier tsaPolicyId = new DerObjectIdentifier(tsaPolicyOID);

            if (request.ReqPolicy != null)
            {
                tsaPolicyId = new DerObjectIdentifier(request.ReqPolicy);
            }
            TstInfo tstInfo = new TstInfo(tsaPolicyId, messageImprint, new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy, derBoolean, nonce, tsa, request.Extensions);

            try
            {
                CmsSignedDataGenerator cmsSignedDataGenerator = new CmsSignedDataGenerator();
                byte[] derEncoded = tstInfo.GetDerEncoded();
                if (request.CertReq)
                {
                    cmsSignedDataGenerator.AddCertificates(x509Certs);
                }
                cmsSignedDataGenerator.AddCrls(x509Crls);
                cmsSignedDataGenerator.AddSigner(key, cert, digestOID, signedAttr, unsignedAttr);
                CmsSignedData signedData = cmsSignedDataGenerator.Generate(PkcsObjectIdentifiers.IdCTTstInfo.Id, new CmsProcessableByteArray(derEncoded), encapsulate: true);
                return(new TimeStampToken(signedData));
            }
            catch (CmsException e)
            {
                throw new TspException("Error generating time-stamp token", e);
            }
            catch (IOException val)
            {
                IOException e2 = val;
                throw new TspException("Exception encoding info", (global::System.Exception)(object) e2);
            }
            catch (X509StoreException e3)
            {
                throw new TspException("Exception handling CertStore", e3);
            }
        }