Skip to content

structured-world/xml-sec

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

71 Commits
.github
.github
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

xml-sec

Pure Rust XML Security library. Drop-in replacement for libxmlsec1.

No C dependencies. No cmake. No system libraries. Just cargo add xml-sec.

Features

  • C14N — XML Canonicalization (inclusive + exclusive, W3C compliant)
  • XMLDSig — XML Digital Signatures (sign + verify, enveloped/enveloping/detached)
  • XMLEnc — XML Encryption (symmetric + asymmetric)
  • X.509 — Certificate-based key extraction and validation

Why?

Every SAML, SOAP, and WS-Security implementation depends on libxmlsec1 — a C library that:

  • Requires cmake + libxml2 + OpenSSL/NSS/GnuTLS to build
  • Breaks on Alpine/musl static linking
  • Has decades of CVEs in XML parsing and signature validation
  • Cannot cross-compile easily

xml-sec is a ground-up Rust rewrite using roxmltree + ring + x509-parser. Single cargo build, works everywhere Rust works.

Status

Pre-release. API is unstable. Not ready for production use.

Specifications

Spec Status
Canonical XML 1.0 Planned
Exclusive C14N Planned
XMLDSig Planned
XMLEnc Planned

License

Apache-2.0

About

Pure Rust XML Security: XMLDSig, XMLEnc, C14N. Drop-in replacement for libxmlsec1.

Topics

rust security saml xml xmldsig xml-signature pure-rust xmlenc c14n

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages