XMLBlackbox

Secure your XML processing applications

XMLBlackbox
  • Supported Platforms

  • .NET.NET

    Pure managed and integrated components, carefully optimized to achieve maximum performance comparable to native processor code. The .NET edition can be used on .NET and Mono server and desktop platforms, in ASP.NET applications, and on mobile devices.

  • .NETJava

    Highly integrated Java security library including numerous classes to enable support for a wide range of application-level protocols, security algorithms, and standards. You can use Java security libraries to develop software for desktop and server platforms, mobile devices, and Web applications.

  • .NETC++

    A shared library (.dll on Windows and .so on Linux / macOS) and set of C++ classes. Used in C++ applications for Windows, Linux, macOS, and iOS platforms. Supported compilers include Visual C++, MinGW, gcc, and Xcode.

  • .NETVCL

    Highly integrated and blazingly fast native Delphi (Pascal) components for building native Windows, Linux, and macOS applications. All components are native Delphi, have no third-party binaries or references, and no reliance on Windows CryptoAPI. Also includes Delphi components for building Android and iOS apps.

  • .NETPHP

    Integrated components for PHP scripts running on Linux and Windows servers.

Overview

Use XMLBlackbox to extend your XML processing applications with outstanding security features, such as XML-compliant password-based, certificate-based and OpenPGP-based encryption, and certificate-based and OpenPGP-based signing and timestamping of your XML documents or any generic data.

XML Document Signing and Timestamping

XMLBlackbox can encrypt or sign and timestamp valid XML document or any data and perform processing according to XMLEnc, XMLDSig, and XAdES specifications. For XAdES signing, all profiles defined by the specification are supported.

SOAP Message Signing and Timestamping

Sign SOAP messages and verify signatures of signed SOAP messages according to WS-Security, SOAP-DSig, and XMLDSig standards. With addition of HTTPBlackbox, you can also send SOAP requests and receive and process SOAP responses.

On-demand Data Loading

XMLBlackbox supports on-demand data loading and parsing, so processing large documents does not require large amount of resources.

Built-in DOM Processor

XMLBlackbox includes built-in XML DOM processor with charset/encoding support which you can use independently of security features of XMLBlackbox.

Certificate and Key Management

As the main function of XMLBlackbox is to sign and encrypt XML documents using X.509 certificates and OpenPGP keys, it includes base functions of PKIBlackbox for certificate management and OpenPGPBlackbox for OpenPGP key management.

XAdES Compliance

XAdES specification has several levels, some of which require collection of external timestamps and complete certificate chain revocation information. This is performed by XMLBlackbox.

Full Feature List

XML Security

  • Encryption and decryption of XML documents, document parts, or generic data using XML Encryption Syntax and Processing standard
  • Digital signing and signature verification of XML documents and their parts using XML-Signature Syntax and Processing standard
  • Timestamping of digital signatures using XAdES with automatic collection of timestamps and revocation information. Supported XAdES profiles include XAdES-BES, XAdES-EPES, XAdES-T, XAdES-C, XAdES-X, XAdES-X-L, and XAdES-A
  • XML-compliant signing / verification and encryption / decryption of XML-formatted documents, individual XML nodes, or generic data
  • Possibility to sign the data in distributed mode lets you build client-server document management systems with secure signing of documents
  • Use of Cryptocards and USB Crypto Tokens for further protection of secret information (private and secret keys)
  • Securing of the data using RSA keys, X.509 certificates, and OpenPGP keys
  • Detached, enveloping, and enveloped signature types (signing and HMAC are supported)
  • Base64, C14N (canonicalization), enveloped signature, and XPath transforms
  • Simple, inclusive, and exclusive canonicalization with our without comments
  • (optional) FIPS-compliant operation mode
  • Built-in DOM parser and writer with powerful charset support

SOAP Security

  • Signing and signature verification of SOAP messages
  • Sending and receiving SOAP messages and responses (with help of HTTPBlackbox package)
  • SOAP Message versions 1.1 and 1.2 are processed
  • Signature formats supported: WS-Security ("Web Services Security: SOAP Message Security"), SOAP-DSig ("SOAP Security Extensions: Digital Signature"), and regular XMLDSig