private SignatureData getFromXmlDigSigSignature(
      SignatureVerificationRequest signatureVerificationRequest,
      SignatureVerificationResponse response)
      throws ParserConfigurationException, SAXException, IOException, MarshalException,
          SignatureException {
    String signature = new String(Base64.decode(signatureVerificationRequest.getSignature()));

    InputStream is = new ByteArrayInputStream(signature.getBytes());

    Document document = createDocument(is, true);

    XMLSignature xmlSignature =
        XMLSignatureFactory.getInstance().unmarshalXMLSignature(new DOMStructure(document));

    List contentList = xmlSignature.getKeyInfo().getContent();

    for (Object content : contentList) {
      if (content instanceof X509Data) {
        List certificateList = ((X509Data) content).getContent();
        for (Object certificateObject : certificateList) {
          if (certificateObject instanceof X509Certificate) {
            X509Certificate cert = (X509Certificate) certificateObject;
            CertificateInfo ci = new CertificateInfo();
            ci.setSubjectDn(cert.getSubjectDN().getName());
            ci.setValidTo(simpleDateFormat.format(cert.getNotAfter()));
            response.getCertificateInfos().getCertificateInfo().add(ci);
          }
        }
      }
    }

    return createSignatureDataFromXmlDigSig(signature);
  }
  private SignatureData getFromCmsSignature(
      SignatureVerificationRequest signatureVerificationRequest,
      SignatureVerificationResponse response)
      throws CMSException {
    String signature = signatureVerificationRequest.getSignature();
    byte[] decoded = Base64.decode(signature);
    CMSSignedData cmsSignedData = new CMSSignedData(decoded);
    String encodedSignedData = new String((byte[]) cmsSignedData.getSignedContent().getContent());

    // Fetch information about the issuers
    List<String> certInfos = new ArrayList<String>();
    Collection certificates = cmsSignedData.getCertificates().getMatches(null);
    for (Object certificate : certificates) {
      X509CertificateHolder holder = (X509CertificateHolder) certificate;
      certInfos.add(holder.getSubject().toString());
      CertificateInfo ci = new CertificateInfo();
      ci.setSubjectDn(holder.getSubject().toString());
      ci.setValidTo(simpleDateFormat.format(holder.getNotAfter()));
      response.getCertificateInfos().getCertificateInfo().add(ci);
    }

    // Fetch timestamp
    Date signingDate = findTimestamp(cmsSignedData);
    String dateString = simpleDateFormat.format(signingDate);
    response.setSignatureDate(dateString);

    // Create the SignatureData to be verified
    SignatureData signData = new SignatureData();
    signData.setEncodedTbs(encodedSignedData);
    signData.setSignature(signature);
    ELegType clientType = new ELegType("test", "test", PkiClient.NETMAKER_NETID_4);
    signData.setClientType(clientType);
    return signData;
  }
  /**
   * Method that verifies an incoming signature and returns the response as application/xml.
   *
   * @param signatureVerificationRequest the request which is converted to a {@link
   *     SignatureVerificationRequest} from xml
   * @return the {@link SignatureVerificationResponse} as application/xml
   */
  @POST
  @Path("/verifySignature")
  @Consumes("application/xml")
  @Produces("application/xml")
  public SignatureVerificationResponse verifySignature(
      SignatureVerificationRequest signatureVerificationRequest) {

    SignatureVerificationResponse response = new SignatureVerificationResponse();
    response.setCertificateInfos(new CertificateInfos());

    boolean verified = false;
    String message = null;

    try {

      SignatureFormat format = signatureVerificationRequest.getSignatureFormat();
      if (SignatureFormat.XMLDIGSIG.equals(format)) {
        try {
          SignatureData signatureData =
              getFromXmlDigSigSignature(signatureVerificationRequest, response);

          verified = super.verifySignature(signatureData);
        } catch (SignatureException e) {
          e.printStackTrace();
          message = e.getMessage();
        }
      } else if (SignatureFormat.CMS.equals(format)) {
        SignatureData signData = getFromCmsSignature(signatureVerificationRequest, response);

        try {
          // Verify
          verified = super.verifySignature(signData);
        } catch (SignatureException e) {
          e.printStackTrace();
          message = e.getMessage();
        }
      }

      response.setStatus(verified ? SignatureStatus.SUCCESS : SignatureStatus.FAILURE);
      if (message != null) {
        response.setMessage(message);
      }

    } catch (IOException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    } catch (MarshalException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    } catch (ParserConfigurationException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    } catch (SAXException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    } catch (CMSException ex) {
      throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
    }

    return response;
  }