Automic VaultAutomic Vault

brew

xml-security-c を Homebrew, dnf, MacPorts, Nix, apt, zypper でインストール

xml-security-c のインストール経路、実行ファイル、メタデータ、AI エージェント向けセキュリティノートを確認します。

インストール

追加のインストールコマンド

macOS

Homebrew確認済み · 100%
brew install xml-security-c

local Homebrew formula metadata

MacPorts確認済み · 94%
sudo port install xml-security-c

MacPorts ports tree · security/xml-security-c/Portfile · ソース: api.github.com

Linux

Fedora dnf確認済み · 92%
sudo dnf install xml-security-c

Fedora Rawhide package metadata · xml-security-c · ソース: dl.fedoraproject.org

Nix確認済み · 92%
nix profile install nixpkgs#xml-security-c

nixpkgs package indexes · pkgs/by-name/xm/xml-security-c/package.nix · ソース: api.github.com

Debian apt確認済み · 92%
sudo apt install libxml-security-c-dev

Debian stable package indexes · libxml-security-c-dev · ソース: deb.debian.org

openSUSE zypper確認済み · 92%
sudo zypper install libxml-security-c-devel

openSUSE Tumbleweed package metadata · libxml-security-c-devel · ソース: download.opensuse.org

概要

パッケージ概要

Implementation of primary security standards for XML

コマンドとエイリアス

  • xsec-c14n
  • xsec-checksig
  • xsec-cipher
  • xsec-siginf
  • xsec-templatesign
  • xsec-txfmout
  • xsec-xtest

履歴

プロジェクトの歴史と使われ方

Apache XML Security for C++ was the C++ implementation in Apache Santuario, providing XML Digital Signature and XML Encryption support plus command-line tools such as checksig, c14n, cipher, and template signing helpers. As of 2024, Apache has frozen and officially retired the C++ code because of long-term maintainer scarcity.

プロジェクトの歴史

Apache Santuario's history starts with a Java XML Signature effort at the University of Siegen in 1999-2001, which was later placed under the Apache Software Foundation. The C++ library was added later: the official history says it began on SourceForge and migrated into the XML-Security project in early 2003.

The C++ library implemented XML Digital Signature and XML Encryption specifications and used Xerces-C for XML parsing, optional Xalan-C for XPath/XSLT transforms, and OpenSSL for cryptographic functionality through a wrapper layer. The C++ overview stresses that XML Signature and Encryption are complex and hard to implement securely, and warns that generic support for features such as XPath and XSLT increases risk.

Apache Santuario became a top-level project in 2006 and included both Java and C++ libraries. Over time the Java library remained the main supported implementation, while C++ maintenance became concentrated in downstream users, especially the Shibboleth Project.

The 2.0.0 C++ release in 2018 was a major upgrade focused on refactoring and removing deprecated APIs rather than adding large features. Later 2.0.x releases addressed crash bugs and OpenSSL compatibility, with 2.0.4 in 2021 correcting support for OpenSSL versions earlier than 1.1 after a 2.0.3 regression.

採用の歴史

The package's practical adoption was strongest in infrastructure that needed C++ XML signature verification or encryption rather than Java APIs. Apache's current C++ page explicitly identifies the Shibboleth Project as the source of current manpower and says the transferred code is maintained by Shibboleth because it is a dependency of that software.

The library's security advisories are part of its adoption story. Apache published C++ advisories for issues such as signature bypass, XPointer stack overflow, HMAC denial-of-service/hash-length bypass, InclusiveNamespace heap overflow, and 2011 large-key buffer overflows. That history matters because XML Signature processing sits directly on trust boundaries.

In 2024, Apache announced retirement of the C++ code after discussion by the Santuario PMC. The current site says the code is frozen at Apache, transferred to Shibboleth for a period, and not supported for third-party use, while the Java Santuario code remains supported.

使われ方

Library users embedded it to create and validate XML signatures, encrypt or decrypt XML, canonicalize XML, and process signature transforms. Programming examples initialize Xerces, optionally Xalan, and XSEC, then create or load DSIGSignature objects through XSECProvider.

Command-line package users encounter the tool side: xsec-checksig for signature checking, xsec-c14n for canonicalization, xsec-cipher for encryption/decryption workflows, and template/signature information helpers. These tools are useful for testing and operations around XML security artifacts, but the upstream documentation now cautions strongly against new third-party application use.

パッケージ好きにとっての重要性

xml-security-c is significant because it packages standards-heavy security machinery into a native C++ library plus CLI tools. Its dependency stack, optional transform support, security advisories, and retirement notice all show why security packages are not just version numbers: maintainer availability and threat-model fit are part of the package's meaning.

It is also a case study in downstream-driven survival. The formula can still exist for legacy users, but upstream's own position has shifted from general-purpose Apache library to frozen code maintained elsewhere for a specific dependent ecosystem.

タイムライン

  • 1999-2001: University of Siegen XML Signature work led to the original Apache XML Security Java library.
  • Early 2003: XML Security C++ migrated from SourceForge into the Apache XML-Security project.
  • 2006: XML-Security became the Apache Santuario top-level project.
  • 2013: Apache issued multiple Santuario XML Security for C++ advisories affecting versions before 1.7.1.
  • 2018-06: Apache XML Security for C++ 2.0.0 released as a refactoring/API cleanup major release.
  • 2021-11: Version 2.0.4 released to fix a regression affecting pre-OpenSSL-1.1 builds.
  • 2024-03: Apache announced the C++ code would be frozen and retired because of lack of support.
  • 2024-07: Apache site noted the C++ library was officially retired and migrated as a fork to the Shibboleth Project.

Related projects

  • Related projects and standards include Apache Santuario for Java, W3C XML Signature, W3C XML Encryption, Xerces-C, Xalan-C, OpenSSL, NSS, Windows CryptoAPI, XKMS, and the Shibboleth Project.

セキュリティ状態

リスクレベル: グリーン

narrow executable package without higher-risk signals.

リスク分類器

リスク グリーン · 信頼度 低 · appliance

理由

  • narrow executable package without higher-risk signals

信号

  • metadata:no-higher-risk-signals

インストール挙動

  • formula メタデータに Homebrew post-install フックは記録されていません。
  • Homebrew bottle メタデータは 8 個のプラットフォームターゲットで利用できます。
  • 2 件の実行時依存関係とともにインストールされます。
  • ビルドメタデータには 1 件のビルド依存関係があります。

推奨レビュー

エージェントに無人実行させる前に、このツールが平文の認証情報を読むか、リモート状態を書き込むか、成果物を公開するか、プラグインを起動するかを確認してください。

実行可能ファイル

インストールされる実行可能ファイル

コマンド種類公開範囲メモ
xsec-c14ncliグローバル実行可能ファイル
xsec-checksigcliグローバル実行可能ファイル
xsec-ciphercliグローバル実行可能ファイル
xsec-siginfcliグローバル実行可能ファイル
xsec-templatesigncliグローバル実行可能ファイル
xsec-txfmoutcliグローバル実行可能ファイル
xsec-xtestcliグローバル実行可能ファイル

鮮度

バージョンと鮮度

これらの信号は、ページ生成時期、パッケージマネージャの活動、上流リリース比較を分けて示します。バージョン遅れは、証拠 URL と比較可能なバージョンがある場合だけ警告されます。

ページ生成日2026-07-10
マネージャ版3.0.0
マネージャ更新日2026-06-22
ローカルデータOK
上流not checked
検出された最新未検出

https://santuario.apache.org/

インストールメタデータ

パッケージメタデータ

パッケージキーbrew:xml-security-c
バージョン3.0.0
パッケージマネージャHomebrew
パッケージマネージャページhttps://formulae.brew.sh/formula/xml-security-c
ホームページhttps://santuario.apache.org/
リポジトリhttps://svn.apache.org/repos/asf/santuario/xml-security-cpp/trunk
上流ドキュメントhttps://santuario.apache.org/
ライセンスApache-2.0
ソースアーカイブhttps://shibboleth.net/downloads/xml-security-c/3.0.0/xml-security-c-3.0.0.tar.bz2
最終更新2026-06-22T14:06:41-07:00
Pulseupdated
依存関係openssl@3, xerces-c
ビルド依存関係pkgconf
Bottle利用可能 (対象 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux)
Homebrew post-install未定義
サービス宣言なし

レジストリ情報

ソースデータベース詳細

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namexml-security-c
Version Scheme0
Revision0
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

ソースデータベース一致

他のパッケージマネージャ記録

一致は外部パッケージマネージャインデックスから取得され、ローカルの Automic Vault パッケージリンクとは分けて表示されます。

Debian apt95%

libxml-security-c-dev 3.0.0-2

C++ library for XML Digital Signatures (development)

https://www.shibboleth.net/

sudo apt install libxml-security-c-dev
  • Section: libdevel
  • Architecture: amd64
  • Source Package: xml-security-c
  • 3 依存関係
  • normalized package name match
  • 一致条件: Xml Security C
Debian stable package indexes · deb.debian.org · Debian stable package indexes: libxml-security-c-dev from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Debian apt95%

libxml-security-c30 3.0.0-2

C++ library for XML Digital Signatures (runtime)

https://www.shibboleth.net/

sudo apt install libxml-security-c30
  • Section: libs
  • Architecture: amd64
  • Source Package: xml-security-c
  • 5 依存関係
  • normalized package name match
  • 一致条件: Xml Security C
Debian stable package indexes · deb.debian.org · Debian stable package indexes: libxml-security-c30 from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Debian apt95%

xml-security-c-utils 3.0.0-2

C++ library for XML Digital Signatures (utilities)

https://www.shibboleth.net/

sudo apt install xml-security-c-utils
  • Section: utils
  • Architecture: amd64
  • Source Package: xml-security-c
  • 6 依存関係
  • normalized package name match
  • 一致条件: Xml Security C
Debian stable package indexes · deb.debian.org · Debian stable package indexes: xml-security-c-utils from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Nix95%

xml-security-c

nix profile install nixpkgs#xml-security-c
  • normalized package name match
  • 一致条件: Xml Security C
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/xm/xml-security-c/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
Ubuntu apt95%

libxml-security-c-dev 2.0.4-2build2

C++ library for XML Digital Signatures (development)

https://santuario.apache.org/cindex.html

sudo apt install libxml-security-c-dev
  • Section: universe/libdevel
  • Architecture: amd64
  • Source Package: xml-security-c
  • 3 依存関係
  • normalized package name match
  • 一致条件: Xml Security C
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: libxml-security-c-dev from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
Ubuntu apt95%

libxml-security-c20 2.0.4-2build2

C++ library for XML Digital Signatures (runtime)

https://santuario.apache.org/cindex.html

sudo apt install libxml-security-c20
  • Section: universe/libs
  • Architecture: amd64
  • Source Package: xml-security-c
  • 5 依存関係
  • normalized package name match
  • 一致条件: Xml Security C
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: libxml-security-c20 from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
Ubuntu apt95%

xml-security-c-utils 2.0.4-2build2

C++ library for XML Digital Signatures (utilities)

https://santuario.apache.org/cindex.html

sudo apt install xml-security-c-utils
  • Section: universe/utils
  • Architecture: amd64
  • Source Package: xml-security-c
  • 6 依存関係
  • normalized package name match
  • 一致条件: Xml Security C
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: xml-security-c-utils from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
dnf95%

xml-security-c 2.0.4-8.fc43

C++ Implementation of W3C security standards for XML

http://santuario.apache.org/cindex.html

sudo dnf install xml-security-c
  • License: Apache-2.0
  • Category: Unspecified
  • Architecture: i686
  • Source Package: xml-security-c
  • 8 依存関係
  • 2 提供
  • normalized package name match
  • 一致条件: Xml Security C
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: xml-security-c from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst
dnf95%

xml-security-c-devel 2.0.4-8.fc43

Development files for xml-security-c

http://santuario.apache.org/cindex.html

sudo dnf install xml-security-c-devel
  • License: Apache-2.0
  • Category: Unspecified
  • Architecture: i686
  • Source Package: xml-security-c
  • 8 依存関係
  • 2 提供
  • normalized package name match
  • 一致条件: Xml Security C
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: xml-security-c-devel from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst
zypper95%

libxml-security-c-devel 3.0.0-1.5

Development files for the Apache C++ XML security library

https://shibboleth.net

sudo zypper install libxml-security-c-devel
  • License: Apache-2.0
  • Category: Development/Libraries/C and C++
  • Architecture: x86_64
  • Source Package: xml-security-c
  • 6 依存関係
  • 3 提供
  • normalized package name match
  • 一致条件: Xml Security C
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: libxml-security-c-devel from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
zypper95%

libxml-security-c30 3.0.0-1.5

Apache XML security C++ library

https://shibboleth.net

sudo zypper install libxml-security-c30
  • License: Apache-2.0
  • Category: Development/Libraries/C and C++
  • Architecture: x86_64
  • Source Package: xml-security-c
  • 6 依存関係
  • 3 提供
  • normalized package name match
  • 一致条件: Xml Security C
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: libxml-security-c30 from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
zypper95%

xml-security-c-bin 3.0.0-1.5

Utilities for XML security C++ library

https://shibboleth.net

sudo zypper install xml-security-c-bin
  • License: Apache-2.0
  • Category: Development/Libraries/C and C++
  • Architecture: x86_64
  • Source Package: xml-security-c
  • 6 依存関係
  • 1 提供
  • normalized package name match
  • 一致条件: Xml Security C
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: xml-security-c-bin from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
MacPorts95%

xml-security-c

sudo port install xml-security-c
  • normalized package name match
  • 一致条件: Xml Security C
MacPorts ports tree · api.github.com · MacPorts ports tree: security/xml-security-c/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

ソース経路

リポジトリデータから生成

このページは scripts/generate-pkg-sqlite.py が生成した非公開のパッケージ SQLite アーティファクトから av-web によって提供されます。

使用ソース

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment