Download

Stable releases.

The latest stable XML Security Library version is 1.3.1:

• Sources and signature for the latest version (Coverity report).
• WIN64 binaries for XMLSec Library (as well as LibXML2, LibXSLT and OpenSSL) (old Windows binaries from Igor Zlatkovic).
• XMLSec Library is included as part of Debian GNU/Linux. For more information see the coordination page.
• XMLSec Library FreeBSD and OpenBSD ports.

The previous releases are also available.

GIT

XML Security Library is available from the GitHub.

Requirements

The XML Security Library requires LibXML library, LibXSLT library (optional) and one of the following cryptographic libraries:

XMLSec library	Cryptographic library	Supported formats	Notes
xmlsec-openssl	OpenSSL 1.1.1 or above, 3.0.0 or above is recommended LibreSSL 3.5 or above BoringSSL 1.1.0	Private keys: pkcs12, pkcs8 (pem/der), unencrypted keys (pem/der) Public keys: x509 certificates (pem/der), standalone keys (pem/der) x509 certificates: pem/der x509 CRLs: pem/der	xmlsec-openssl with OpenSSL 3.0.0 or greater is recommended (supports all REQUIRED and all RECOMMENDED XML Digital Signature 1.1 and XML Encryption 1.1 algorithms). BoringSSL API is unstable and the latest versions might not work with XMLSec Library.
xmlsec-gnutls	GnuTLS 3.6.13 or above	Private keys: pkcs12, pkcs8 (pem/der), unencrypted keys (pem/der) Public keys: x509 certificates (pem/der), standalone keys (pem/der)	Supports multiple cryptographic backends, the exact features set for xmlsec-gnutls depends on the backend in use.
xmlsec-nss	NSS (Mozilla cryptographic library) 3.35 or above	Private keys: pkcs12 Public keys: x509 certificates (der), standalone keys (der) x509 certificates: der x509 CRLs: der	Requires NSPR 4.25.0 or above
xmlsec-mscng	Microsoft Cryptography API: Next Generation (requires Windows 7, Windows Server 2008 R2, or above)	Private keys: pkcs12 Public keys: x509 certificates (der) x509 certificates: der x509 CRLs: none	xmlsec-mscng is the recommended version on Windows platform.
xmlsec-mscrypto	Microsoft CryptogAPI: (MSCrypto) (requires Windows XP, Windows Server 2003, or above)	Private keys: pkcs12 Public keys: x509 certificates (der) x509 certificates: der x509 CRLs: none	In maintenance mode starting from xmlsec 1.3.0, April 2023.
xmlsec-gcrypt	LibGCrypt 1.4.0 or above	Private keys: limited unencrypted keys (der) Public keys: limited standalone keys (der) x509 certificates: none x509 CRLs: none	Limited functionality without built-in x509 certificates support in LibGCrypt. In maintenance mode starting from xmlsec 1.3.0, April 2023.

The XML Digital Signature Interoperability report and XML Encryption Interoperability report provide detailed information about the features supported by each library.

Installation (source archive)

All steps are usual:

gunzip -c xmlsec1-xxx.tar.gz | tar xvf -
cd xmlsec1-xxxx
./configure --help
./configure [possible options]
make
make install
make check

The last step is optional and requires Internet connection to execute some tests.

Other languages

• Python xmlsec module
• Perl LibXML-Sec module