hello , i have an issue in simulation ,
i am generating the qr code as the following for B2C invoices
tag 1: seller name
tag 2: seller vat number
tag 3: datetime => the same time while signing the invoice
tag 4: invoice total amount
tag 5: invoice total vat
tag 6: invoice hash => the same hash we use in xml as well as when reporting the invoice in API body. got it from the invoice without ubl and qr code tags after canonicalizing the xml , then hash it with sha256 and encoded it 64 base.
tag 7: invoice signature : the same invoice signature we use in xml. got it from signing the previous invoice hash with private key decoded in 64 base.
tag 8: public key => got it from x-509 certificate , and removing “-----BEGIN PUBLIC KEY-----”, “-----END PUBLIC KEY-----” tag, all the new lines and spaces
then encode it 64 base
but i am having validation issue , {
“type”: “ERROR”,
“code”: “publicKey_QRCODE_INVALID”,
“category”: “QRCODE_VALIDATION”,
“message”: “ECDSA Public Key does not match with qr code ECDSA public key”,
“status”: “ERROR”
},
tag 9: certificate signature => got it from x-509 certificate ecdsa-with-SHA256
as hex without spaces and : .
change hex to binary and then encode it 64 base
but i have an validation issue
{
“type”: “ERROR”,
“code”: “CERTIFICATE_SIGNATURE_QRCODE_INVALID”,
“category”: “QRCODE_VALIDATION”,
“message”: "certificate signature does not match with qr certificate signature value ",
“status”: “ERROR”
},
can some one tell me are my steps from tag 6 to tag 9 are correct ?
Tag6: It is the same hash of the document (invoice), which you will send along with the XML and UUID during the reporting/clearance phase. What is the format, and how do you calculate it? You have to read the PDF documentation about XML security implementations.
Tag7: When you generate CSR, you have also generated PrivateKey . Then this PrivateKey and Production CSID are used to generate <UBLExtensions> tags, which contain signature values. This value should be specified here.
Tag8: We are deriving PublicKey from PrivateKey that you generated during the creation of CSR. In the documentation, it is stated that PublicKey should be extracted from ‘PrivateKey’, as usually, you have both of them.
Tag9: It is the Production CSID signature. The certificate object has a signature value that should be placed in the cert.pem file in the SDK. Follow this path.
“zatca-einvoicing-sdk-238-R3.4.3\Data\Certificates”
For any further support, please don’t hesitate to send your full concerns with an attachment to sp_support@zatca.gov.sa to ensure comprehensive support as usual.
Hi,
Do you have SDK installed as it will help you to validate your generated XML and also QR code etc locally and then you can easily resolve. Try following links to validate your data,