XML Security Library

XML Security Library is a C library based on LibXML2. The library supports major XML security standards:

• XML Signature
• XML Encryption
• Canonical XML (part of the LibXML2)
• Exclusive Canonical XML (part of the LibXML2)

XML Security Library is released under the MIT Licence see the Copyright file in the distribution for details.

News

• November 30 2022
  The XML Security Library 1.2.37 release includes the following changes:
  • Fixed two regressions from 1.2.36 release: issue #437 and issue #449.


• October 31 2022
  The XML Security Library 1.2.36 release includes the following changes:
  • Retired the XMLSec mailing list "xmlsec@aleksey.com" and the XMLSec Online Signature Verifier.
  • Several other small fixes (more details).


• October 25 2022
  The XML Security Library 1.2.35 release includes the following changes:
  • Migration to OpenSSL 3.0 API (based on PR by @snargit). Note that OpenSSL engines are disabled by default when XMLSec library is compiled against OpenSSL 3.0. To re-enable OpenSSL engines, use "--enable-openssl3-engines" configure flag (there will be a lot of deprecation warnings).
  • The OpenSSL before 1.1.0 and LibreSSL before 2.7.0 are now deprecated and will be removed in the future versions of XMLSec Library.
  • Refactored all the integer casts to ensure cast-safety. Fixed all warnings and enabled "-Werror" and "-pedantic" flags on CI builds.
  • Added configure flag to use size_t for xmlSecSize (currently disabled by default for backward compatibility).
  • Moved all CI builds to GitHub actions.
  • Several other small fixes (more details).


• May 3 2022
  The XML Security Library 1.2.34 release includes the following changes:
  • Support for OpenSSL compiled with OPENSSL_NO_ERR.
  • Full support for LibreSSL 3.5.0 and above (@vishwin).
  • Several other small fixes (more details).


• October 25 2021
  The XML Security Library 1.2.33 release includes the following changes:
  • Added --privkey-openssl-engine option to enhance openssl engine support (Leonardo Secci).
  • Fixed decrypting session key for two recipients.
  • Several other small fixes (more details).


• April 21 2021
  The XML Security Library 1.2.32 release includes the following changes:
  • Several small fixes (more details).


• October 29 2020
  The XML Security Library 1.2.31 release includes the following changes:
  • Added configure option to ensure memset() securely erases memory (gcc).
  • Several other small fixes (more details).


• See News page for older announcements.