XML Security Library

XML Security Library is a C library based on LibXML2. The library supports major XML security standards:

• XML Signature
• XML Encryption
• Canonical XML (part of the LibXML2)
• Exclusive Canonical XML (part of the LibXML2)

XML Security Library is released under the MIT Licence see the Copyright file in the distribution for details.

News

• September 12 2017
  The XML Security Library 1.2.25 release includes the following changes:
  • Removed OpenSSL 0.9.8 support and several previously deprecated functions.
  • Added SHA224 support for xmlsec-nss (vmiklos).
  • Added configurable default linefeed for xmltree module (pablogallardo).
  • Several other small fixes (more details).


• April 20 2017
  The XML Security Library 1.2.24 release includes the following changes:
  • Added ECDSA-SHA1, ECDSA-SHA256, ECDSA-SHA512 support for xmlsec-nss (vmiklos).
  • Fixed XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS handling (vmiklos).
  • Disabled external entities loading by xmlsec utility app by default to prevent XXE attacks (d-hat).
  • Improved OpenSSL version and features detection.
  • Cleaned up, simplified, and standardized internal error reporting.
  • Fixed a few Coverity-discovered bugs (report).
  • Marked as deprecated all the functions in xmlsec/soap.h file and a couple other functions no longer required by xmlsec. These functions will be removed in the future releases.
  • Several other small fixes (more details).
  Please note that OpenSSL 0.9.8 support will be removed in the next release of XMLSec library.


• October 16 2016
  The XML Security Library 1.2.23 release includes the following changes:
  • Full support for OpenSSL 1.1.0.
  • Several other small fixes (more details).


• April 20 2016
  The XML Security Library 1.2.22 release includes the following changes:
  • Restored SOAP parser to support backward compatibility for Lasso project.


• April 12 2016
  The XML Security Library 1.2.21 release includes the following changes:
  • Added OOXML Relationships Transform Algorithm (patch from Miklos Vajna).
  • Added experimental GOST2012 support for xmlsec-openssl (patch from Nikolay Shaplov).
  • Migrated XMLSec to GitHub.
  • Added OpenSSL 1.1.0 (pre 2) API support (major re-factoring for all OpenSSL based implementations of the block ciphers and the DSA/ECDSA signatures).
  • Removed support for legacy OpenSSL 0.9.6 (last release: March, 2004) and 0.9.7 (last release: February, 2007).
  • Completely revamped manpages/documentation build to completely pass 'make distcheck' tests.
  • Deprecated XMLSEC_CRYPTO define in favor of xmlSecGetDefaultCrypto() function.
  • Implemented several other smaller features; fixed several other minor bugs, code cleanups: (more details).