Download
Stable releases.
The latest stable XML Security Library version is 1.3.1:
The previous releases are also
available.
GIT
XML Security Library is available from the GitHub.
Requirements
The XML Security Library requires LibXML library,
LibXSLT library (optional) and one of the
following cryptographic libraries:
XMLSec library |
Cryptographic library |
Supported formats |
Notes |
xmlsec-openssl |
|
- Private keys: pkcs12, pkcs8 (pem/der), unencrypted keys (pem/der)
- Public keys: x509 certificates (pem/der), standalone keys (pem/der)
- x509 certificates: pem/der
- x509 CRLs: pem/der
|
-
xmlsec-openssl with OpenSSL 3.0.0 or greater is recommended (supports all REQUIRED and all RECOMMENDED
XML Digital Signature 1.1 and XML Encryption 1.1 algorithms).
- BoringSSL API is unstable and the latest versions might not work with XMLSec Library.
|
xmlsec-gnutls |
GnuTLS 3.6.13 or above |
- Private keys: pkcs12, pkcs8 (pem/der), unencrypted keys (pem/der)
- Public keys: x509 certificates (pem/der), standalone keys (pem/der)
|
Supports multiple cryptographic backends, the exact features set for xmlsec-gnutls
depends on the backend in use. |
xmlsec-nss |
NSS
(Mozilla cryptographic library) 3.35 or above
|
- Private keys: pkcs12
- Public keys: x509 certificates (der), standalone keys (der)
- x509 certificates: der
- x509 CRLs: der
|
Requires NSPR 4.25.0 or above |
xmlsec-mscng |
Microsoft
Cryptography API: Next Generation (requires Windows 7, Windows Server 2008 R2, or above)
|
- Private keys: pkcs12
- Public keys: x509 certificates (der)
- x509 certificates: der
- x509 CRLs: none
|
xmlsec-mscng is the recommended version on Windows platform.
|
xmlsec-mscrypto |
Microsoft
CryptogAPI: (MSCrypto) (requires Windows XP, Windows Server 2003, or above)
|
- Private keys: pkcs12
- Public keys: x509 certificates (der)
- x509 certificates: der
- x509 CRLs: none
|
In maintenance mode starting from xmlsec 1.3.0, April 2023. |
xmlsec-gcrypt |
LibGCrypt 1.4.0 or above
|
- Private keys: limited unencrypted keys (der)
- Public keys: limited standalone keys (der)
- x509 certificates: none
- x509 CRLs: none
|
Limited functionality without built-in x509 certificates support in LibGCrypt. In maintenance
mode starting from xmlsec 1.3.0, April 2023. |
The XML Digital Signature Interoperability report and XML Encryption
Interoperability report provide detailed information about the features supported by each library.
Installation (source archive)
All steps are usual:
gunzip -c xmlsec1-xxx.tar.gz | tar xvf -
cd xmlsec1-xxxx
./configure --help
./configure [possible options]
make
make install
make check
The last step is optional and requires Internet connection to execute some tests.
|