Apache Santuario


After discussion with the Santuario PMC, it has been decided to address the long term lack of support for the C++ library by formally retiring the code here at Apache. The Java code of course remains well supported and will continue to be developed.

As of now, the C++ code is frozen here. The current sole maintainer will be transferring the source code to the Shibboleth Project and it will be maintained by that team for some period of time because it is a dependency of that software, but it will not be supported for any third-party use. It is estimated that the code will be fully retired some time before 2030. The code will be publically hosted and accessible after the transition, and the license is not changing.

Once the code transition occurs, which may not be for some time yet, we will update more of the site as is appropriate to reflect the transition. In the event a significant issue arises with the library prior to the transition, we will endeavor to address it here.

Provided Tools

A number of very simple "tools" (really examples) are provided with the Apache XML Security for C++ library. These can be used either to provide examples of how to use the library or as simple utilities in their own right for performing canonicalisation and signature functions.

The tools are :

  • c14n - A tool to output a Canonicalised version of an input document.
  • checksig - A tool to validate a signature in an XML input document
  • templatesign - A tool to sign an XML document that already has the <Signature> structure installed, but needs the references hashed and the SignatureValue set.
  • txfmout - A tool to take an XML Signature and output the fully transformed references to stdout or a nominated file
  • threadTest - A Windows only program that runs up a number of threads which simultaneously sign and validate documents. A number of documents are modified in between (to cause the signature validation to fail).
  • siginf - A tool to read in an XML Signature and dump various details about the signature and references to the terminal
  • cipher - A tool to encrypt and decrypt XML documents.
  • xklient - A tool to generate and process XKMS messages. Can be used to send XKMS requests to XKMS servers over SOAP 1.1/1.2 and HTML and to dump the results to screen.

The tools can all be run with no command line arguments to see their parameters.

One extra "tool" is provided - xtest. This is really a testing program that exercises various capabilities of the library and compares the results with known good results.

  • No labels