3

I have an XML file that is validating against a schema. However on our web site we are using Fiddler to monitor the requests it makes and noticed alot of requests being made that I believe are related to our XML and XSD definition.

It is all relating to my desire to use Microsofts SignedXML objects to add a signature to my XML that I am generating from an application. I had issues just getting this signature to validate and after some help from the comments below managed to get it done. However now this issue is occuring.

I have tried validating it in Notepad++ but all I get is "Unable to parse schema file" error.

My XML is:

<?xml version="1.0" encoding="utf-8"?>
<EngineRequest xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" EngineVersion="6.0" RequestTime="2012-01-07T12:46:15.31868+13:00" xmlns="analysis.org.nz">
  <Analysis xmlns="">
  ... Various elements here
  </Analysis>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
      <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
      <Reference URI="">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
        <DigestValue>QDhgJy28UHmqhB2SA825mudXkr0=</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>fVxTK70NBoDuMw/76Sxx8lH5bWrEDbx2w+RfB1pkuUCLpjafG06U1PptjM0ndHMFGxWBa7lhaqyQV3fQOQ/KFzyYdeijQRXdOsV39Ex0GBhM+Ajo5YCdm6XfQaLheoSGaAf5TX7H7+mxwiFd71VENxWDWKmnQEVA3nUaWRumHOM=</SignatureValue>
  </Signature>
</EngineRequest>

My XSD is:

<?xml version="1.0"?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"            
            xmlns:tns="analysis.org.nz"
            xmlns:ds="http://www.w3.org/2000/09/xmldsig#"            
            targetNamespace="analysis.org.nz"
            attributeFormDefault="unqualified"
            >

  <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.mywebsite.co.nz/xsd/xmldsig-core-schema.xsd"/>

  <xsd:complexType name="AnalysisType">
  ... Various elements etc here
  </xsd:complexType>
   <xsd:element name="EngineRequest">
    <xsd:complexType>
      <xsd:sequence>
        <xsd:element name="Analysis" type="tns:AnalysisType" />
        <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1" />
      </xsd:sequence>
      <xsd:attribute name="EngineVersion" type="xsd:string" />
      <xsd:attribute name="RequestTime"   type="xsd:dateTime" use="required"/>
    </xsd:complexType>
  </xsd:element>
</xsd:schema>

The Fiddler output is:

www.mywebsite.co.nz/xsd/xmldsig-core-schema.xsd
www.w3.org/2001/XMLSchema.dtd
www.w3.org/2001/datatypes
www.mywebsite.co.nz/xsd/xmldsig-core-schema.xsd

Here's my C# that is doing the validation on my code side which I think it causing the multiple requests seen in Fiddler:

public static bool Validate(String input)
    {
        _isValid = true; // set to false if any error occurs
        _message.Clear();

        StringReader xml = new StringReader(input);

        // load embedded schema resource to validate against
        Assembly assembly = Assembly.GetExecutingAssembly();

        // validation settings
        XmlReaderSettings settings = new XmlReaderSettings();            
        settings.ValidationType = ValidationType.Schema;

        settings.ValidationFlags |= XmlSchemaValidationFlags.ProcessInlineSchema;
        settings.ValidationFlags |= XmlSchemaValidationFlags.ProcessSchemaLocation;
        settings.ValidationFlags |= XmlSchemaValidationFlags.ReportValidationWarnings;
        settings.ValidationEventHandler += new System.Xml.Schema.ValidationEventHandler(ValidationEventHandler);

        // add schemas for validation
        AddSchema(assembly, settings);
        AddSignatureSchema(assembly, settings);

        // create xml validation reader            
        XmlReader reader = XmlReader.Create(xml, settings);

        // validation node by node
        while (reader.Read()) ;

        reader.Close();

        return IsValid;
    }

    private static void AddSchema(Assembly assembly, XmlReaderSettings settings)
    {
        Stream xsdStream = assembly.GetManifestResourceStream("Engine.Schema.Engine.xsd");
        XmlReader xsdReader = XmlReader.Create(xsdStream);

        settings.Schemas.Add("mywebsite.org.nz", xsdReader);
    }

    private static void AddSignatureSchema(Assembly assembly, XmlReaderSettings settings)
    {
        XmlReaderSettings sigSettings = new XmlReaderSettings()
        {
            ValidationType = ValidationType.DTD,
            DtdProcessing = DtdProcessing.Parse
        };

        Stream sigStream = assembly.GetManifestResourceStream("Engine.Schema.xmldsig-core-schema.xsd");
        XmlReader sigReader = XmlReader.Create(sigStream, sigSettings); 

        settings.Schemas.Add(null, sigReader); // signature schema

    }

Ideally I don't want to have to import the Signature namespace like that however if I don't I don't have access to the Signature element. When I tried creating my own Signature element to match the xmldsig-core-schema one I got validation errors due to Microsofts SignedXML() object placing the xmlns="http://www.w3.org/2000/09/xmldsig#" error in the generated XML.

NOTE: This question has been updated from it's original one due to the errors changing slightly after I made modifications to my XML and XSD. However my problem still exists in that I am struggling to add what would seem a simple thing?

dreza
  • 3,605
  • 7
  • 44
  • 55
  • Can you post more of your XSD, it looks like you don't have a definition for the Signature element. With what is shown it looks like a Request can only have the following child elements: Analysis, EngineVersion, RequestTime. Also, is the empty close tag (>) part of your XML, or is it just an abbreviation? – bakoyaro Dec 22 '11 at 19:43
  • Thanks bakoyaro. When I add the definition in by uncommenting I get the error SignatureType not declared from my c# code. I'm thinking I might need to add the XSD to the Schemas.Add() that contains the SignatureType declaration? – dreza Dec 22 '11 at 19:50
  • How is SignatureType declared in your XSD? I don't see it in your posted version. – bakoyaro Dec 22 '11 at 20:16
  • I added the signature element to my XSD but I'm still getting the same error. – dreza Dec 22 '11 at 22:06

2 Answers2

2

You have a couple of problems here:

The XSD says that

  • {mynamespace}Request must be the root element.
  • {mynamespace}Analysis must come before Signature
David W
  • 945
  • 9
  • 21
  • thanks David. I've changed it a bit because I think there might have been a problem with the information I posted. Still having an issue though. – dreza Jan 07 '12 at 00:16
1

The problem appeared to be related to the AddSignatureSchema() method. This was causing a download of the DTD located in http://www.mywebsite.co.nz/xsd/xmldsig-core-schema.xsd the every time it was called.

All I had to do was set the XMLResolver to null and this prevented this download from occuring. I found that out from another issue at Prevent DTD download when parsing xml

I also set the DtdProcessing = DtdProcessing.Ignore flag. The method looks like

    private static void AddSignatureSchema(Assembly assembly, XmlReaderSettings settings)
    {
        XmlReaderSettings sigSettings = new XmlReaderSettings()
        {
            ValidationType = ValidationType.DTD,
            DtdProcessing = DtdProcessing.Ignore
        };

        // Prevent the DTD from downloading
        sigSettings.XmlResolver = null;

        Stream sigStream = assembly.GetManifestResourceStream("Engine.Schema.xmldsig-core-schema.xsd");
        XmlReader sigReader = XmlReader.Create(sigStream, sigSettings); 

        settings.Schemas.Add(null, sigReader); // signaturte schema

    }
Community
  • 1
  • 1
dreza
  • 3,605
  • 7
  • 44
  • 55
  • I am also using xml signature. I have to verify the signed document against a schma first. But I keep getting the error that the content of Anontype ReferenceSignedInfoSignature is invalid. But there is no content in the reference element in the input xml document. It only contains a transforms element. Then why am I getting this error(exception) – Ashwin May 28 '12 at 05:14
  • @Ashwin Does your element declaration allow for minOccurs=0? Hard to know without more information sorry. Perhaps might be easiest to create a new question with your xml and xsd declarations and the error message that's occuring? – dreza May 28 '12 at 05:34
  • My colleague has posted the question. Please see the link http://stackoverflow.com/questions/10779764/xml-schema-validation-error – Ashwin May 28 '12 at 06:10