Get Errors when generate B2C invoices

Tamer_El_Khawas · September 6, 2023, 12:39pm

Hi All,
I’m using the SDK to generate and sign invoice XML. For the B2B it’s generated and I tested it on the web based validator and it’s accepted with no warning or errors. For the B2C after generating the XML i get the following error when I test the XML on the web based validator:

Errors

category :** QR_CODE_ERROR
code :**hashedXml
message :** hashedXml does not match with qr code hashedXml or the hashedXml is missing
category :** SIGNATURE_ERROR
code :**invoiceSignedDataDigestValue
message :** wrong invoice hashing
category :** SIGNATURE_ERROR
code :**xadesSignedPropertiesDigestValue
message :** wrong xadesSignedPropertiesDigestValue
category :** SIGNATURE_ERROR
code :**X509SerialNumber
message :** wrong X509SerialNumber
category :** XSD_SCHEMA_ERROR
code :**SAXParseException
message :** Schema validation failed; XML does not comply with UBL 2.1 standards in line with ZATCA specifications
category :** SIGNATURE_ERROR
code :**signatureValue
message :** wrong signature Value

Any clue why these errors and how to fix them???

Thanks

Aturkistani · September 6, 2023, 4:58pm

please note that signing invoices from your side only required on B2C invoices, in B2B invoices ZATCA will sign it.

you can validate the invoices from SDK through this command :
fatoora -validate -invoice [invoice file name]

If you are still receving the same signing error please follow the below steps while making sure you got the latests version of SDK installed:

1- get your CSR config file ready with all of the required inputs, then open the command line interface in the CSR config file path and type this command to generate the CSR and private key for simulation :
Fatoora -csr -csrconfig [file name]

Note: simulation and production are independent environments, so if you want to generate a CSR for simulation please make sure to put the flag -sim

2- get your OTP from FATOORA portal that’s associated with the VAT number you have put in the CSR config file.

3- after submitting your CSR & generated OTP in the compliance CSID API, it will return you a security binarytoken, take this value and decode it using base64, and the output is the X.509 certifecate.

4- after getting your X.509 certiecate & private key, please go to the Certificates folder in SDK by following this path “SDK folder\data\Certificates”

5- after going to Certificates in the follwed path above, you will find 2 files:
first file is cert.pem : you are requested to replace the X.509 cert value here, so copy and paste your X.509 cert. (make sure that the pasted value is already a decoded security binarytoken using base64 decoder).

second file is ec-secp256k1-priv-key.pem: you are requested to replace the value of your generated private key here. just copy your generated private key and paste it here.

6- now you will be able to sign your B2C invoices with your certificate, by using this command:

fatoora -sign -invoice [invoice file name]

and this is how sucessfully you can sign your B2C invoices for compliance checks, after getting your invoices signed you can go to the next step which is compliance checks (compliance invoice API), and submit your invoices there to obtain the production CSID\Certificate.

then you can validate the signed invoices using SDK with the mentioned command above.

please do not hesitate to reach out if you have any further questions.

thank you,

Tamer_El_Khawas · September 19, 2023, 2:13pm

Hi, I tried the steps you wrote but now I get this error on the CMD
“invalid organization unit name, please provide a valid 10 digit of your group tin number”

this is what is in the csr-config-example I’m using

csr.common.name=300043295910003
csr.serial.number=1-TST|2-TST|3-ed22f1d8-e6a2-1118-9b58-d9a8f11e445f
csr.organization.identifier=300043295910003
csr.organization.unit.name=Riyadh Branch
csr.organization.name=3000432959
csr.country.name=SA
csr.invoice.type=1111
csr.location.address=RRRD2929
csr.industry.business.category=Healthcare Services

So any clues why this happens ???

kiaziz · September 24, 2023, 6:48am

Dear @Tamer_El_Khawas,

please note that the error is because you just need to sign the invoice first using the SDK before validating it, a new signed invoice will be generated this is the one to be validated.

Regards,

Tamer_El_Khawas · September 25, 2023, 12:28pm

Hi, are you replying to my original post or to my latest reply? I’m confused now.
If you are replying to my original post, I’m already using the SDK and it’s supposed that the SDK signed the XML file, but for some reason which I don’t know it returns these errors when trying to test it on the online validator. So as Aturkistani adviced is to generage a new certificate by generating csr and private key. Here I also faced an error I sent in my reply.

Please advice, Thanks

kiaziz · September 25, 2023, 12:55pm

Dear @Tamer_El_Khawas ,

yes sorry i didn’t see it,
please use the below we changed the org.unit.name to be the tin number and it will work as expected:

csr.common.name=300043295910003
csr.serial.number=1-TST|2-TST|3-ed22f1d8-e6a2-1118-9b58-d9a8f11e445f
csr.organization.identifier=300043295910003
csr.organization.unit.name=3000432959
csr.organization.name=300043295910003
csr.country.name=SA
csr.invoice.type=1111
csr.location.address=RRRD2929
csr.industry.business.category=Healthcare Services

Regards,

Tamer_El_Khawas · November 18, 2023, 5:15pm

Dear Kiaziz,
I managed to generate the csr and private key files. but still after using them to sign the document using ZATCA SDK the signing process fail on the second step which is generating the digital signature. I tried to trace to see where it goes wrong and I found that the issue is in this line of code in the SDK dll:

object pemObject = pemReader.ReadObject();

This line in the the function named GetDigitalSignature in the class named EInvoiceSigningLogic.

the ReadObject method returns null.

Any clue why this happens???

Thanks in advance

ad.almusbahi · November 23, 2023, 7:36am

Dear @Tamer_El_Khawas,

I face the same issue. It got solved when I changed the private key format to PEM.

regards

Tamer_El_Khawas · November 25, 2023, 9:48am

Dear @ad.almusbahi ,
Thanks for your reply. Can you guide me how to do this after the key is generated from the SDK. or you mean there is another way to generate the key without using the SDK? I appreciate if you can put the steps to your solution.

regards

ad.almusbahi · November 27, 2023, 8:18pm

Yes, sure.
there are two ways to do it.

Use the OpenSSL command to convert the private key format “openssl ecparam -name secp256k1 -genkey -noout -out private-key.pem”.
2-C# code to convert the private key to PEM format:

using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.OpenSsl;
using Org.BouncyCastle.Security;

class Program{
	static void Main(string[] args){
		string privateKeyContent = "XXXXXXXXXXXXXX";// the private key contant genetated by ZATKA SDK
		AsymmetricKeyParameter privateKey = PrivateKeyFactory.CreateKey(Convert.FromBase64String(privateKeyContent));
		privateKeyContent = ConvertPrivateKeyToPem(privateKey);
		Console.WriteLine(privateKeyContent);
	}


	public static string ConvertPrivateKeyToPem(AsymmetricKeyParameter privateKey)
	{
		StringWriter stringWriter = new StringWriter();
		PemWriter pemWriter = new PemWriter(stringWriter);
		pemWriter.WriteObject(privateKey);
		pemWriter.Writer.Flush();
		return stringWriter.ToString();
	}
}

Regards

Topic		Replies	Views
Errors while generation B2C invoice using .net SDK SDK, web-based validator and sandbox	6	130	September 14, 2024
B2c signature_error XML and business rules	1	70	September 15, 2024
B2C Validate EInvoice Signature [Failed] Errors: Signing process	1	70	August 18, 2024
INVOICE_HASHING_ERRORS simplifed Clearance and Reporting	11	137	August 31, 2024
B2C Compliance Invoice Error, Invalid certificate hashing Onboarding, renewal and revocation	4	460	July 11, 2024

Get Errors when generate B2C invoices

Errors

Related Topics