XML Security Library

     LibXML2
     LibXSLT
     OpenSSL

XML Security Library News

  • December 3 2002
    New XML Security Library 0.0.11 release fixes a major problem with Reference URI attribute processing. This release also includes several Win32 build process fixes from Igor.

  • October 20 2002
    Almost two months from previous release and a lot of minor enchancements are good reasons for the new XML Security Library 0.0.10 release:
    - added a way to specify "current time" to verify certificates expiration against it;
    - implemented XML results output format for the xmlsec command line utility;
    - fixed XMLDSig examples and added a new one (thanks to Devin Heitmueller);
    - resolved static link issue and a bunch of other improvements for Win32 platform builds (Igor Zlatkovic);
    - added dynamic linking option for xmlsec command line utility to help Debian port (John Belmonte);
    - minor bug fixes.

  • August 26 2002
    I've completelly screwed up. The release 0.0.8 was totally broken (I've simply packaged files from wrong CVS :) ) and I am doing a new 0.0.9 release to fix all the problems. Please upgrade to the new version if you use any of previous XML Security Library releases.
    I am really sorry for my stupid mistakes and I promise to never do releases on Friday :(
    And special thanks to Ferrell Moultrie for pointing this out.

  • August 23 2002
    XML Security Library 0.0.8 is released:
    - New errors reporting system is created and all the code is updated;
    - Added XPointer transform support;
    - Major enveloped and XPath transforms performance improvements;
    - Updated XPath 2 Filter implementation to reflect latest W3C specifications;
    - Man page for xmlsec utility is written;
    - Automatically generated API Reference Manual (more than 370 symbols) is created;
    - Minor Win32 bug fixes from Igor;
    - Debian port from John Belmonte.

  • July 11 2002
    XML Security Library documentation created.

  • July 10 2002
    A new XML Security Library 0.0.7 release includes all small bug fixes for last month and a new LibXML2 library with improved canonicalization.

  • May 28 2002
    New LibXML 2.4.22 is released and new XML Security Library 0.0.6 is released:
    - Win32 port is added: the idea and most of the configuration scripts code was taken from LibXML2 (written by Igor Zlatkovic). I modified original files so all errors are mine, not Igor's.
    - Many different performance optimizations (especially for RSA/DSA algorithms and enveloped signatures).
    - XPath Filter 2 and Alternative XPath Filter (not compiled by default, use --enable-altxpath configuration switch if you need this transform) support is added.
    - Custom network protocol handler support is added. It is similar to custom protocol handlers in LibXML2 but applied to binary files.
    - Separated XML Security Library RPM into xmlsec and xmlsec-devel (suggested by Devin Heitmueller).

  • May 14 2002
    I've checked in new code for plugging in custom input handlers (similar to ones that exist in LibXML2). The downside is that you have to use daily LibXML2 snapshot to compile daily XML Security Library snapshot.

  • April 28 2002
    XMLSec 0.0.5 released:
    - Big external and internal cleanup. Now the API looks much more consistent and I hope simple. I hope to declare API frozen in the next couple weeks. Meantime, all comments and suggestions are welcome!
    - Added symmetric key wrap (aes, des) support.
    - Added RIPEMD-160 support.

  • April 19 2002
    Minor release XMLSec 0.0.4 with main goal to fix broken RPM:
    - The RPM is recompiled using OpenSSL 0.9.6. The previous version was compiled with OpenSSL 0.9.7 but I got few complains that there are no RPMs for 0.9.7 yet. The downsides of using 0.9.6 are some functionality limitations for XML Encryption (no AES support, incorrect padding mode for DES, etc.). If you want to use XML Encryption it is better to compile the library from sources and use OpenSSL 0.9.7
    - The testDSig, testEnc and testKeys scripts merged into standalone "xmlsec" application.
    - A couple minor bugs fixed.

  • April 17 2002
    Installed xmlsec mailing list.

  • April 16 2002
    A lot of changes and time for new release XMLSec 0.0.3:
    - The first release that includes XML Encryption support! The bad news is that most of new features require OpenSSL 0.9.7 which is not officially released yet.
    - Options to enable/disable support for particular algorithms were added to the ./configure script.
    - All transforms header files were consolidated in transforms.h

  • April 6 2002
    The RPM packages are now available.

  • April 5 2002
    Test suite updates and new minor release XML Security Library 0.0.2a.
    New interoperability tests were provided by Merlin Hughes. XML Security Library successfully passed all tests after small test program tweaking and adding workaround for OpenSSL CRL problem. These new tests are included into the distribution and previous Merlin's test suites are removed. Because of these changes I decided to generate a new package that also will include the Online XML Digital Signature Verifier code.

  • April 3 2002
    The Online XML Digital Signature Verifier is available! You can use this tool to verify your XML Digital Signatures from online Web form or using a simple Perl script. The idea was stolen from Manoj K. Srivastava.

  • March 31 2002 
    Some major changes and a time for new release: XML Security Library 0.0.2 . Now XML Security Library supports all MUST/SHOULD/MAY features from XMLDSig standard!
    - Added X509 certificates and certificate chains support
    - The detailed signature generation/verification results are made available to the application (see example 3 )
    - RetrievalMethod, Manifests and additional algorithms are added
    - The Transforms and KeyInfo code was significantly re-writen with a goal to separate it from XMLDSig logic for better re-usability (in XML Encryption, etc.)

  • March 18 2002
    - Fixed wrong way shift of the DSA digest result bug found by Philipp Gühring. This bug is critical and I have to do a new build.
    - Added "--with-pedantic" configuration option and fixed all but "unused variable" warnings (bug reported by Daniel Veillard).

  • March 17 2002
    The XML Security Library 0.0.1 is released and available for download! Please try it out and send me your comments/suggestions.

Aleksey Sanin