Due to the nature of both digital signature formats XML and PKCS#7, it is not possible to convert from one to the other.

In a very simplified explanation, the signature in PKCS#7 format contains, among other stuff, some specific data structure called DigestInfo that contains the data digest and an OID (object identifier), and has been ciphered with the user’s private key. The XML-Dsig format applies the final step of the cryptographic algorithm (again with the user’s private key) to a different data value calculated from digesting the original XML data and some specific XML-DSig data structures. Therefore, since both ciphered values will not be the same, it is only possible to generate the XML-DSig signature by signing the data with the user’s private key, which you will not have access to (thus the name private).

From that explanation, the answer to your first question is "No, there is no smooth option, it is not possible at all".

Therefore the only option is to generate the XML-DSig directly at the client side. That is not possible using standard Javascript, definitely not with Firefox’s window.crypto (which only generates PKCS7 detached signatures). At my company (http://www.isigma.es), we solve that by using an applet, it is a common solution in the digital signature industry (there are many commercial and also some open source solutions). That may not be an option in your case, if you do not want browser plugins.

CAPICOM (the windows-based active/X component that you may use in a Microsoft setup) also does not generate XML-DSig, only CMS/PKCS7.