Jump to: navigation, search

WTP/XMLSecurityTools

XML Security Tools

Background

XML is available more or less everywhere nowadays. As configuration files, for data exchange, in XML enabled databases, web services and many more. And a lot of these applications and services do not secure their XML documents: neither encryption nor digital signatures are applied. Or standard transport security like https is used. This destroys the advantages of XML and prevents parsing.

Using XML Security to secure XML based information provides many advantages: the XML structure of the XML document remains intact, independent of the applied signature or encryption (or both). Arbitrary elements or element content can be secured, with different keys if desired. XML Security provides end-to-end-security, applying security directly to the message (information), not to the transport.

The code base is based on an initial code contribution from Dominik Schadow and his original project at SourceForge. Dominik has contributed that code base to Eclipse as of September 2008. All code is licensed under the Eclipse Public License.

Introduction

The XML Security Tools is a set of plug-ins, which enable users to canonicalize, sign, verify, encrypt and decrypt arbitrary XML documents in different editors. The goal is to support as many XML editors as possible (with a preference on the WTP XML Editor).

All XML security functionality is based on the Apache XML Security project Santuario. No further cryptography software or library is required.

Project Description

Resources

Original Project Proposal - The original project proposal.