I want to sign the xml document which will be validated at server. i dont know how to sign and encrypt the xml file using digital certificates such as .cer and .pfx files. i googled out & found various examples but could not understand the standard way i.e.
What are the step by step process to sign and encrypt the xml file
One catch here is,
i want to sign and encrypt the file on client(.net c# code) in such a way that it could be validated and decrypt at server(java code)
If you want to do this both in C# and in Java, you might want to take a look at BouncyCastle. This is a popular library for working with encryption and it supports C# and Java.
Resource: http://www.bouncycastle.org/
What you need is called XMLDSig and XMLEnc (these are names of corresponding standards for signing and encryption of XML in XML way in opposite to PKCS7/CMS which encrypts and signs data as opaque blobs).
Java has built-in XMLDSig API (read the article here) though there seems to be no native way for XMLEnc.
.NET Framework 4.0 also has built-in mechanisms for XML signing and encryption, yet they are not so obvious. See how-tos here.
Our company offers extensive library for security tasks named SecureBlackbox, and SecureBlackbox includes flexible and easy to use support for XMLDSig, XMLEnc and XAdES. Both .NET and Java editions are available. Read details about XMLBlackbox package of SecureBlackbox.
Update: If you don't care about format and the only route of your XML data is from one particular place to another, then you can use PKCS#7/CMS instead of XMLDSig and XMLEnc. As said above, CMS treats your data as opaque blob and wraps it into binary data. BouncyCastle is one of options then and SecureBlackbox can also be of use.
