Search code examples

XML file signed with xmldsig (RobRichards\XMLSecLibs) but XSD validation fails

I installed the RobRichards\XMLSecLibs PHP library to sign my XML files. These files have to be generated according to a XSD file we have

<xs:element name="Lote">
        <xs:element name="Cabecera" type="LoteCabecera"/>
        <xs:element name="Registro" type="RegistroCJD" minOccurs="0" maxOccurs="unbounded"/>
        <xs:any namespace="" minOccurs="0"/>

so, in my PHP code I wrote this:

// Create a new Security object
$objDSig = new XMLSecurityDSig();
// Use the c14n exclusive canonicalization
// Sign using SHA-256

// Create a new (private) Security key
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type'=>'private'));
 If key has a passphrase, set it using
 $objKey->passphrase = '<passphrase>';
// Load the private key
$objKey->loadKey($key_path, TRUE);

// Sign the XML file

// Add the associated public key to the signature

// Append the signature to the XML

and the resulting XML file is:

<?xml version="1.0" encoding="UTF-8"?>
<ns1:Lote xmlns:xsi="" xmlns:ns1="" xsi:schemaLocation=" copia_lavoro.xsd">
    <ds:Signature xmlns:ds="">
            <ds:CanonicalizationMethod Algorithm=""/>
            <ds:SignatureMethod Algorithm=""/>
                    <ds:Transform Algorithm=""/>
                    <ds:Transform Algorithm=""/>
                <ds:DigestMethod Algorithm=""/>

and when I try to validate this file I get the following error:

XML error "Element '{}Signature': No matching global element declaration available, but demanded by the strict wildcard." [2] (Code 1845)

How can I fix this? Is there something I can change in my code to make this XML valid? Because, since I received this XSD from an external authority, it should be untouchable


  • I found the solution on another question: XSD Signature issue

    Basically, my validator are not able to reach the remote XSD so the only way I have to solve this is to download a copy of that XSD file and modify the XSD file in order to look for the schema definition in a local directory, instead of look for it online.