What are the Steps for Generating Tag 9?

Signing process
1

The docs say:

For Simplified Tax Invoices and their associated notes, the ECDSA signature of the cryptographic stamp’s public key by ZATCA’s technical CA

The way I understood this is:

  1. I take the public key (The same public key that is in tag 8) as raw bytes
  2. I sign those raw bytes somehow. Do I need to hash the bytes in any way first? Perhaps the same way I signed the invoice hash for tag 7
    a. Get the invoice hash as a hexdigest (a hexadecimal string, not bytes)
    b. ECDSA-sign that hexdigest.

Is my understanding correct? Should I simply get a hexdigest of tag 8 and sign it?

2

To generate a digital signature, please follow these steps:

1-Generate private key from CSR config file (you can refer to openssl commands, or readme file on SDK).
Sign the generated invoice hash (in SHA-256 format "hexadecimal ") with ECDSA using the private key (output).

MEQCIGvLa1f3uMCe0AidKUWJ5ghMiDMRcC0qO78ntcTKVOYgAiAKBkX+uuFhbIcye3JznNa45qH1twlLFu/qPzEQ9HMNLw==

Note : you can try on this tool online elliptic curve generate key, sign verify message, bitcoin curve

3

Hello @MAl-tamimi,

I am asking about tag 9, I believe the steps you mentioned are for tag 7.

I already got the steps for tag 7 working, based on your answer is tag 9 supposed to be a duplicate of tag 7?

4

For Simplified Tax Invoices and their associated notes, the ECDSA signature of the cryptographic stamp’s issued by ZATCA’s technical CA

MicrosoftTeams-image
MicrosoftTeams-image1369×883 36.2 KB

5

@MAl-tamimi

I read that part (I also included it in my original post), but it’s not clear how to generate this signature.

What are the steps to generate it?

6

Hello @obahareth-mrsool, I understand. To learn how to generate tag 9 in a QR code, please follow these steps:

  1. Retrieve the certificate from your invoice and decode it. Extract the “Signature Algorithm: ecdsa-with-SHA256” value from the decoded invoice.
  2. Convert the extracted value from hexadecimal to base64.

URLs:
certificate decoder
From Hexa to Base64

7

@MAl-tamimi Thanks! This worked for me!

1 Like
8

Dear @MAl-tamimi ,
There is any tool can added to .net project to can get “Signature Algorithm: ecdsa-with-SHA256” without using the URL " CSR Decoder and Certificate Decoder | CSR Checker | Certificate Checker "

9

@MAl-tamimi Thank you for your comment. It helped me a lot. For the past few days, I was stuck with the “certificate signature does not match with QR certificate signature value” error. I was unable to identify the issue, but I followed these steps and it is now working fine.