Invalid signed properties hashing, SignedProperties with id=‘xadesSignedProperties’
I am using CSID generated with OTP from fatoora simulation portal. With the same CSID I successfully passed B2B invoice to the same API.
When I checked the xml, there is only one difference between B2B and B2C, it’s ‘InvoiceTypeCode’. For B2B, it’s 010000 and for B2C it’s 020000.
When validating the hashing of the B2C invoice with .NET SDK, it’s showing valid.
Is there anything I am busy. Stuck with this problem for a long time.
I have the same issue, i am using SDK 238 R333, when validating the B2C, the returned error on Einvoice Signature is “[Error] CODE: xadesSignedPropertiesDigestValue, MESSAGE: wrong xadesSignedPropertiesDigestValue” while on B2B the validation returns no error"
Please adhere to the following steps accurately to ensure receipt of the certificate and private key in the required format:
On SDK: Utilize the command ‘fatoora -sim -csr-csrConfig “config.properties”’, to generate a CSR and private key for acquiring a CCSID, necessary for completing compliance checks.
Log in to the FATOORA portal using your VAT to obtain a correct OTP. Make sure to generate the OTP from the SIM portal.
Upon response receipt, you will obtain a binary security token, a secret, and a request ID. Utilize the BinarySecurityToken and secret (referring to the current CCSID) to fulfill all compliance checks. The request ID will be used to generate the PCCSD.
Initiate the compliance check to dispatch invoices based on the invoice type specified in the config file used for CSR generation:
Standard (Clearance): If “1000” is chosen as the invoice type, send 3 standard invoices of types (invoice, credit, debit) for successful compliance checks. Ensure all types are sent to avoid missing compliance checks.
Simplified (Reporting): If “0100” is chosen as the invoice type, send 3 simplified invoices of types (invoice, credit, debit) for successful compliance checks. Don’t forget to sign the simplified invoice before dispatching it.
Standard and Simplified: If “1100” is chosen as the invoice type, send 6 standard and simplified invoices for each type (invoice, credit, debit) for successful compliance checks. Ensure all types are sent to avoid missing compliance checks.
Using the API endpoint: For authorization, select Basic Auth as the Auth Type, with BinarySecurityToken as the username and Secret as the password. In the body, send the invoice (the hash for the invoice, the UUID, and the encoded invoice). On SDK, utilize the command 'fatoora -invoiceRequest -invoice “invoice.xml” ', to generate a full invoice request to use it in the body, https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/precompliance/invoices.
Using API endpoint: Upon completing all compliance checks, ensure Basic Auth is selected as the Auth Type for Authorization, with BinarySecurityToken as the username and the Secret as the password. In the headers, use the current CCSID; in the body, use the request ID received in the first API. Access https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/core/csids/.
After generating the PCSID from the API, decode the returned token and place it in the certificate file located in SDK/Data/Certificates/cert.pem. This will serve as the final certificate for sending invoices to clearance and report APIs henceforth.