Downloading the Libraries
Obtaining the Libraries
Source and binary distributions for both the Java and C++ libraries are available from from the XML project site only. Current distributions are not available from the mirrors.
Validating Distribution Signatures
All distributions are provided with signature .sig files. These contain PGP signatures for the related distribution. You should validate these using the keys found in the key file downloaded from the Apache site.
Verification can be performed using :
% pgpk -a KEYS % pgpv xml-security-bin-1_2_1.zip.sig or % pgp -ka KEYS % pgp xml-security-bin-1_2_1.zip.sig or % gpg --import KEYS % gpg --verify xml-security-bin-1_2_1.zip.sig
SVN Download
For the adventurous, this project's SVN repository can be checked out through anonymous SVN with the following instruction set.
svn co https://svn.apache.org/repos/asf/xml/security/trunk xml-security
This will check out the code into a subdirectory named "xml-security". The checkout will contain both the Java and the C++ source.