Combining XML Signing and XML Encryption

It is possible to combine the two cryptographic operations of XML signing and XML encryption. If you encrypt and sign an XML document, then the order of those cryptographic operations makes a big difference. An application must distinguish between the case where encryption was performed before signing and the other case where encryption is performed after signing. If encryption was performed before signing, then it requires that the document must not be decrypted before verifying the signature. This is because decryption will corrupt the unencrypted signature, and verification becomes impossible . Conversely, if encryption was performed after signing, then the document must be decrypted before the signature can be validated . See http://www.w3.org/TR/2002/PR-xmlenc-decrypt-20021003 for details.