Versions Compared

Old Version 25

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 26

changes.mady.by.user Colm O hEigeartaigh

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup
h1. Welcome to Apache Santuario

h3. The Project

The {tm}Apache Santuario{tm} project is aimed at providing implementation of the primary security standards for XML

   * XML-Signature Syntax and Processing
   * XML Encryption Syntax and Processing.

Two libraries are currently available.

   * Apache XML Security for Java: This library includes a mature Digital Signature and Encryption implementation. It also includes the standard JSR 105 (Java XML Digital Signature) API. Applications can use the standard JSR 105 API or the Apache Santuario API to create and validate XML Signatures.
   * Apache XML Security for C\+\+: This library includes a mature Digital Signature and Encryption implementation using a proprietary C\+\+ API on top of the Xerces-C XML Parser's DOM API. It includes a pluggable cryptographic layer, but support for alternatives to OpenSSL are less complete and less mature.

Apache Santuario, Apache, and the Apache feather logo are trademarks of The Apache Software Foundation.

h3. News

h5. July 2012

The Apache Santuario team are pleased to announce the release of version 1.7.0 of the Apache XML Security for C++ library. This release provides a few bug fixes and a partial implementation of XML Encryption 1.1 features, including AES-GCM encryption and some support for newer RSA-OAEP variants.

h5. May October 2012

Version 1.5.23 of the Apache XML Security for Java library has been released. The main feature of this This release isfeatures thatsupport thefor defaultnew canonicalizationXML algorithmSignature for1.1 encryptionKeyInfo hasextensions. changedIt from inclusive with comments toalso fixes a new canonicalization algorithm that preserves the physical representation number of thebugs element being encrypted. This change fixes including a problem wherewhen anmessage elementsizes mightare begreater decryptedthan to the wrong namespace512 MB.

Please see the [release notes|java_1_5_23_release_notes] for more information.

h5. MayJuly 2012

The Apache Santuario team are pleased to announce the release of version 1.47.70 of the Apache XML Security for JavaC++ library. This release fixesprovides a few problembug fixes withand a missingpartial KeyInfoimplementation Elementof whenXML multipleEncryption elements are encrypted1.1 features, asincluding wellAES-GCM asencryption aand numbersome ofsupport other issues.

Please see the [release notes|java_1_4_7_release_notes] for more informationfor newer RSA-OAEP variants.

h5. July 2011

A security advisory, [CVE-2011-2516|secadv], affecting Apache XML-Security for C++ versions prior to 1.6.1, has been issued.

The Apache Santuario team are pleased to announce the release of version 1.6.1 of the Apache XML Security for C++ library. This release provides bug fixes and addresses [CVE-2011-2516|secadv].

h3. Old News

See [here|old_news] for older news.