XML Security Library

XML Security Library is a C library based on LibXML2. The library supports major XML security standards:

• XML Signature
• XML Encryption
• Canonical XML (was included in LibXML2)
• Exclusive Canonical XML (was included in LibXML2)

XML Security Library is released under the MIT Licence see the Copyright file in the distribution for details.

News

• December 5 2009
  Changes in XML Security Library 1.2.14 release:
  • XMLSec library is switched from built-in LTDL library to the system LTDL library on Linux/Unix and native calls on Windows to fix security issue in LTDL.
  • Fixed minor bugs (see log for complete list).
• September 12 2009
  Changes in XML Security Library 1.2.13 release:
  • LibXML2 version 2.7.4 is now required
  • Implemented support for C14N version 1.1
  • Increase default minimum hmac size to 80 bits
  • Added support for --with-libxml-src and --with-libxslt-src ./configure options
  • Fixed XML dump output
• July 14 2009
  The new XML Security Library 1.2.12 release includes the following changes (see ChangeLog for the complete list of changes):
  • Fixed HMAC vulnerability with small values of HMAC length (CERT VU #466161).
  • Added support for the GOST implemented by Russian Crypto Pro CSP (patch from Dennis Prochko)
  • Added an option to return the replaced node (based on the patch from Frank Gross)
  • Added new function xmlSecNodeEncodeAndSetContent for encoding special chars in the node content.
  • Added configurable Base64 line length.
  • Bug fixes.