Hi. I am using the latest .NET SDK (3.3.3) to sign a B2C invoice. When sending the XML to reporting API(simulation), I receive the following error: “The invoice hash API body does not match the (calculated) hash of the XML.”
Initially, I was generating the hash before signing the invoice. I then tried using the hash from the signing result, but in both cases, I encounter the same error. Is this a bug with the SDK, or am I missing something?
Thank you for reaching out, and welcome to our community.
The hash should be calculated on the final version of the XML document after it has been signed. If you’re generating the hash before signing, the XML will change when signed, leading to a mismatch.
Kindly ensure you are correctly using the hash from the signed XML, not the unsigned version, The order should be:
Generate the XML document.
Sign the XML.
Calculate the hash from the signed XML.
Send the signed XML and the corresponding hash to the API.
Please Confirm that you’re signing the XML before generating the hash and that the hash is from the final, signed XML document.
It’s likely not a bug but rather an issue with the order of operations or a mismatch between the hash and the XML content. Ensuring the correct sequence first, then hashing should resolve this issue. If the error still occurs, please don’t hesitate to reach out with our support team via email:
Based on your feedback, here is the code I am using:
var signer = new EInvoiceSigner();
var sigingResult= signer.SignDocument(xml, certificate, privateKey); // here I get true for the signing process
var hashGenerator = new EInvoiceHashGenerator();
var hashResult = hashGenerator.GenerateEInvoiceHashing(sigingResult.SignedEInvoice); //here I get true for generating hash
After generating the hash, I encode the signed XML to base64 and send it along with the hash and uuid. However, I am still encountering the following error: “The invoice hash API body does not match the (calculated) Hash of the XML.”
I followed the steps mentioned, but if there is anything I might be missing, please let me know.
Please refer to the Fatoora Simulation Portal and find the tab for API documentation to locate the correct endpoint for each step in the onboarding process.
I have successfully completed the onboarding steps and can see the device listed in the Fatoora portal. However, I encountered an issue later for reporting:
Using an older version of the .NET SDK, the reporting returned as successful, but I received a warning: “Time on QR Code does not match with Invoice Issue Time (KSA-25). If ZATCA SDK was used to generate the QR Code, kindly use the latest version of the SDK.”
I then updated to the latest version of the SDK(3.3.3), but when I attempted to report the invoice using the endpoint https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/invoices/reporting/single, I received a 400 response with the error message: “The invoice hash API body does not match the (calculated) hash of the XML.”
The issue you’re encountering with the invoice hash not matching is likely from how the invoice is being signed or how the hash is being calculated before it’s reported to ZATCA
Kindly Doble check and make sure to send the signed XML to the correct reporting endpoints, ensure that you are using the correct certificate and private key when signing the invoice.
You should be able to resolve this issue, if further assistance is needed, sharing more details will help in providing more detailed guidance.