npm - @ripwords/myinvois-client - Versions diffs - 0.2.26 → 0.2.28 - Mend

@ripwords/myinvois-client 0.2.26 → 0.2.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

package/dist/api/documentManagement.d.ts +2 -2
package/dist/api/documentSubmission.d.ts +2 -2
package/dist/api/documentSubmission.js +2 -2
package/dist/api/documentTypeManagement.d.ts +2 -2
package/dist/api/notificationManagement.d.ts +2 -2
package/dist/api/platformLogin.d.ts +2 -2
package/dist/api/taxpayerValidation.d.ts +2 -2
package/dist/{document-B03WWFMc.cjs → document-CNM7-o5x.cjs} +79 -30
package/dist/document-CNM7-o5x.cjs.map +1 -0
package/dist/{document-BAUDGfZU.js → document-nWFcUMsi.js} +78 -29
package/dist/{documentSubmission-56VbFff3.cjs → documentSubmission-BE1En5JO.cjs} +2 -2
package/dist/{documentSubmission-56VbFff3.cjs.map → documentSubmission-BE1En5JO.cjs.map} +1 -1
package/dist/{documentSubmission-isM8tGm0.js → documentSubmission-CVwFwnDd.js} +1 -1
package/dist/{documents-BWpJ0B3C.d.cts → documents-B4VA36Bj.d.cts} +2 -2
package/dist/{documents-DRQ6_toX.d.ts → documents-BIGS59JL.d.ts} +1 -1
package/dist/index.cjs +33 -2
package/dist/index.cjs.map +1 -1
package/dist/index.d.ts +28 -2
package/dist/index.js +33 -2
package/dist/index26.cjs +1 -1
package/dist/index29.cjs +1 -1
package/dist/index3.cjs +2 -2
package/dist/index67.cts.map +1 -1
package/dist/index71.cts.map +1 -1
package/dist/{taxpayer-DtyHXKwz.d.ts → taxpayer-YXsbpgpd.d.ts} +1 -1
package/dist/{taxpayer-CApK7x_O.d.cts → taxpayer-iisM69iU.d.cts} +2 -2
package/dist/types/documents.d.ts +1 -1
package/dist/types/index.d.ts +2 -2
package/dist/types/taxpayer.d.ts +2 -2
package/dist/utils/document.d.ts +7 -2
package/dist/utils/document.js +1 -1
package/dist/utils/signature-diagnostics.d.ts +2 -2
package/dist/utils/signature-diagnostics.js +1 -1
package/dist/utils/validation.d.ts +2 -2
package/package.json +3 -1
package/dist/document-B03WWFMc.cjs.map +0 -1

package/dist/api/documentManagement.d.ts CHANGED Viewed

@@ -51,11 +51,11 @@ import "../YX-F34sJ7Ik.js";
 import "../ZX-CDQOfsHh.js";
 import "../XX-DOA-10JW.js";
 import "../unit-types-VgYXIwTT.js";
-import { DocumentStatus, DocumentSummary, DocumentValidationResult, DocumentValidationStepResult } from "../documents-DRQ6_toX.js";
+import { DocumentStatus, DocumentSummary, DocumentValidationResult, DocumentValidationStepResult } from "../documents-BIGS59JL.js";
 import "../payment-modes-g3DzLmWb.js";
 import "../signatures-CerHUrj3.js";
 import "../notifications-sFhgh3rJ.js";
-import "../taxpayer-DtyHXKwz.js";
+import "../taxpayer-YXsbpgpd.js";
 import { Fetch } from "../utils-C4FoVKLq.js";
 import "../index-CygwSf0x.js";

package/dist/api/documentSubmission.d.ts CHANGED Viewed

@@ -51,11 +51,11 @@ import "../YX-F34sJ7Ik.js";
 import "../ZX-CDQOfsHh.js";
 import "../XX-DOA-10JW.js";
 import "../unit-types-VgYXIwTT.js";
-import { AllDocumentsV1_1, DocumentSummary, SigningCredentials, StandardError, SubmissionResponse, SubmissionStatus } from "../documents-DRQ6_toX.js";
+import { AllDocumentsV1_1, DocumentSummary, SigningCredentials, StandardError, SubmissionResponse, SubmissionStatus } from "../documents-BIGS59JL.js";
 import "../payment-modes-g3DzLmWb.js";
 import "../signatures-CerHUrj3.js";
 import "../notifications-sFhgh3rJ.js";
-import "../taxpayer-DtyHXKwz.js";
+import "../taxpayer-YXsbpgpd.js";
 import { Fetch } from "../utils-C4FoVKLq.js";
 import "../index-CygwSf0x.js";

package/dist/api/documentSubmission.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import "../formatIdValue-qTxJqj9o.js";
-import "../document-BAUDGfZU.js";
-import { getSubmissionStatus, performDocumentAction, submitDocument } from "../documentSubmission-isM8tGm0.js";
+import "../document-nWFcUMsi.js";
+import { getSubmissionStatus, performDocumentAction, submitDocument } from "../documentSubmission-CVwFwnDd.js";
 export { getSubmissionStatus, performDocumentAction, submitDocument };

package/dist/api/documentTypeManagement.d.ts CHANGED Viewed

@@ -51,11 +51,11 @@ import "../YX-F34sJ7Ik.js";
 import "../ZX-CDQOfsHh.js";
 import "../XX-DOA-10JW.js";
 import "../unit-types-VgYXIwTT.js";
-import { DocumentTypeResponse, DocumentTypeVersionResponse, DocumentTypesResponse } from "../documents-DRQ6_toX.js";
+import { DocumentTypeResponse, DocumentTypeVersionResponse, DocumentTypesResponse } from "../documents-BIGS59JL.js";
 import "../payment-modes-g3DzLmWb.js";
 import "../signatures-CerHUrj3.js";
 import "../notifications-sFhgh3rJ.js";
-import "../taxpayer-DtyHXKwz.js";
+import "../taxpayer-YXsbpgpd.js";
 import { Fetch } from "../utils-C4FoVKLq.js";
 import "../index-CygwSf0x.js";

package/dist/api/notificationManagement.d.ts CHANGED Viewed

@@ -51,11 +51,11 @@ import "../YX-F34sJ7Ik.js";
 import "../ZX-CDQOfsHh.js";
 import "../XX-DOA-10JW.js";
 import "../unit-types-VgYXIwTT.js";
-import "../documents-DRQ6_toX.js";
+import "../documents-BIGS59JL.js";
 import "../payment-modes-g3DzLmWb.js";
 import "../signatures-CerHUrj3.js";
 import { NotificationResponse, NotificationSearchParams } from "../notifications-sFhgh3rJ.js";
-import "../taxpayer-DtyHXKwz.js";
+import "../taxpayer-YXsbpgpd.js";
 import { Fetch } from "../utils-C4FoVKLq.js";
 import "../index-CygwSf0x.js";

package/dist/api/platformLogin.d.ts CHANGED Viewed

@@ -51,11 +51,11 @@ import "../YX-F34sJ7Ik.js";
 import "../ZX-CDQOfsHh.js";
 import "../XX-DOA-10JW.js";
 import "../unit-types-VgYXIwTT.js";
-import "../documents-DRQ6_toX.js";
+import "../documents-BIGS59JL.js";
 import "../payment-modes-g3DzLmWb.js";
 import "../signatures-CerHUrj3.js";
 import "../notifications-sFhgh3rJ.js";
-import "../taxpayer-DtyHXKwz.js";
+import "../taxpayer-YXsbpgpd.js";
 import "../utils-C4FoVKLq.js";
 import { ClientCredentials } from "../index-CygwSf0x.js";

package/dist/api/taxpayerValidation.d.ts CHANGED Viewed

@@ -51,11 +51,11 @@ import "../YX-F34sJ7Ik.js";
 import "../ZX-CDQOfsHh.js";
 import "../XX-DOA-10JW.js";
 import "../unit-types-VgYXIwTT.js";
-import { RegistrationType } from "../documents-DRQ6_toX.js";
+import { RegistrationType } from "../documents-BIGS59JL.js";
 import "../payment-modes-g3DzLmWb.js";
 import "../signatures-CerHUrj3.js";
 import "../notifications-sFhgh3rJ.js";
-import { TaxpayerQRCodeResponse, TinSearchParams, TinSearchResponse } from "../taxpayer-DtyHXKwz.js";
+import { TaxpayerQRCodeResponse, TinSearchParams, TinSearchResponse } from "../taxpayer-YXsbpgpd.js";
 import { Fetch } from "../utils-C4FoVKLq.js";
 import "../index-CygwSf0x.js";

package/dist/{document-B03WWFMc.cjs → document-CNM7-o5x.cjs} RENAMED Viewed

@@ -257,6 +257,8 @@ const generateCleanUBLDocument = (invoices) => {
 * Step 1: Transform the document for hashing or transmission
 * Removes UBLExtensions and Signature, and minifies the JSON
 * Returns the minified, cleaned JSON string
+*
+* FIXED: Use regex-based minification to match PowerShell script exactly
 */
 const transformDocumentForHashing = (invoices) => {
 	const cleanDocument = generateCleanUBLDocument(invoices);
@@ -265,7 +267,12 @@ const transformDocumentForHashing = (invoices) => {
 		delete invoice.UBLExtensions;
 		delete invoice.Signature;
 	});
-	return JSON.stringify(documentForTransform);
+	const jsonString = JSON.stringify(documentForTransform);
+	const minifiedJson = jsonString.replace(/("(?:\\.|[^"\\])*")|\s+/g, (match, quotedString) => {
+		if (quotedString) return quotedString;
+		else return "";
+	});
+	return minifiedJson;
 };
 /**
 * Step 2: Calculate Document Digest
@@ -281,13 +288,22 @@ const calculateDocumentDigest = (invoices) => {
 /**
 * Step 4: Calculate Certificate Digest
 * Enhanced to handle certificate content properly
+* FIXED: Match PowerShell script exactly - use raw certificate data like $cert.RawData
 */
 const calculateCertificateDigest = (certificatePem) => {
-	const certificateContent = certificatePem.replace(/-----BEGIN CERTIFICATE-----/g, "").replace(/-----END CERTIFICATE-----/g, "").replace(/\s+/g, "");
-	const certificateBinary = Buffer.from(certificateContent, "base64");
-	const hash = crypto.default.createHash("sha256");
-	hash.update(certificateBinary);
-	return hash.digest("base64");
+	try {
+		const cert = new crypto.X509Certificate(certificatePem);
+		const rawCertificateData = cert.raw;
+		const hash = crypto.default.createHash("sha256");
+		hash.update(rawCertificateData);
+		return hash.digest("base64");
+	} catch (error) {
+		const certificateContent = certificatePem.replace(/-----BEGIN CERTIFICATE-----/g, "").replace(/-----END CERTIFICATE-----/g, "").replace(/\s+/g, "");
+		const certificateBinary = Buffer.from(certificateContent, "base64");
+		const hash = crypto.default.createHash("sha256");
+		hash.update(certificateBinary);
+		return hash.digest("base64");
+	}
 };
 /**
 * Enhanced certificate info extraction with better error handling
@@ -297,18 +313,22 @@ const extractCertificateInfo = (certificatePem) => {
 	try {
 		const cert = new crypto.X509Certificate(certificatePem);
 		const serialNumberHex = cert.serialNumber;
-		const normalizeDistinguishedName = (dn) => {
-			const parts = dn.split(/\r?\n|,\s*/).map((part) => part.trim()).filter((part) => part.length > 0).reverse();
+		const escapeXmlSpecialChars = (str) => {
+			return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&apos;");
+		};
+		const normalizeIssuerName = (issuer) => {
+			const parts = issuer.split(/\r?\n|,\s*/).map((part) => part.trim()).filter((part) => part.length > 0).reverse();
 			return parts.join(", ").replace(/\s*=\s*/g, "=");
 		};
 		const formatSerialNumber = (serialHex) => {
 			const decimal = BigInt("0x" + serialHex).toString();
 			return decimal;
 		};
+		const rawSubjectName = cert.subject;
 		return {
-			issuerName: normalizeDistinguishedName(cert.issuer),
+			issuerName: escapeXmlSpecialChars(normalizeIssuerName(cert.issuer)),
 			serialNumber: formatSerialNumber(serialNumberHex),
-			subjectName: normalizeDistinguishedName(cert.subject)
+			subjectName: rawSubjectName
 		};
 	} catch (error) {
 		throw new Error(`Failed to extract certificate info: ${error instanceof Error ? error.message : String(error)}`);
@@ -343,6 +363,7 @@ const createSignedProperties = (certificateDigest, signingTime, issuerName, seri
 /**
 * Step 6: Calculate SignedProperties Digest
 * Calculates the digest over the correct structure for validator compliance.
+* FIXED: Calculate digest from SignedProperties only (without Target wrapper)
 */
 const calculateSignedPropertiesDigest = (signedProperties, useTargetWrapper = true) => {
 	let digestObj;
@@ -351,10 +372,13 @@ const calculateSignedPropertiesDigest = (signedProperties, useTargetWrapper = tr
 		SignedProperties: signedProperties.SignedProperties
 	};
 	else digestObj = signedProperties.SignedProperties;
-	const sortedDigestObj = sortObjectKeys(digestObj);
-	const signedPropertiesString = JSON.stringify(sortedDigestObj);
+	const signedPropertiesString = JSON.stringify(digestObj);
+	const minifiedSignedProperties = signedPropertiesString.replace(/("(?:\\.|[^"\\])*")|\s+/g, (match, quotedString) => {
+		if (quotedString) return quotedString;
+		else return "";
+	});
 	const hash = crypto.default.createHash("sha256");
-	hash.update(signedPropertiesString, "utf8");
+	hash.update(minifiedSignedProperties, "utf8");
 	return hash.digest("base64");
 };
 /**
@@ -407,13 +431,12 @@ const createSignedInfoAndSign = (docDigest, propsDigest, privateKeyPem) => {
 /**
 * Signs the minified document string using the provided private key PEM
 * Returns the signature as a base64 string
+* FIXED: Match PowerShell script exactly - first compute hash, then sign the hash
 */
 const signDocumentString = (documentString, privateKeyPem) => {
-	const signature = crypto.default.sign("sha256", Buffer.from(documentString, "utf8"), {
-		key: privateKeyPem,
-		padding: crypto.default.constants.RSA_PKCS1_PADDING
-	});
-	return signature.toString("base64");
+	const signer = crypto.default.createSign("RSA-SHA256");
+	signer.update(documentString, "utf8");
+	return signer.sign(privateKeyPem, "base64");
 };
 /**
 * Complete document generation with signatures
@@ -424,22 +447,45 @@ const generateCompleteDocument = (invoices, signingCredentials) => {
 		const docDigest = calculateDocumentDigest(invoices);
 		const documentString = transformDocumentForHashing(invoices);
 		const docSignature = signDocumentString(documentString, signingCredentials.privateKeyPem);
-		const signingTime = (/* @__PURE__ */ new Date()).toISOString();
+		const now = /* @__PURE__ */ new Date();
+		const signingTime = now.getFullYear() + "-" + String(now.getMonth() + 1).padStart(2, "0") + "-" + String(now.getDate()).padStart(2, "0") + "T" + String(now.getHours()).padStart(2, "0") + ":" + String(now.getMinutes()).padStart(2, "0") + ":" + String(now.getSeconds()).padStart(2, "0") + "Z";
 		const certInfo = extractCertificateInfo(signingCredentials.certificatePem);
 		const certificateDigest = calculateCertificateDigest(signingCredentials.certificatePem);
 		const signedProperties = createSignedProperties(certificateDigest, signingTime, certInfo.issuerName, certInfo.serialNumber);
-		const digestObj = {
-			Target: "signature",
-			SignedProperties: signedProperties.SignedProperties
+		const propsDigest = calculateSignedPropertiesDigest(signedProperties);
+		const signedInfo = {
+			CanonicalizationMethod: [{
+				_: "",
+				Algorithm: "http://www.w3.org/2006/12/xml-c14n11"
+			}],
+			SignatureMethod: [{
+				_: "",
+				Algorithm: "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
+			}],
+			Reference: [{
+				Id: "id-doc-signed-data",
+				Type: "",
+				URI: "",
+				DigestMethod: [{
+					_: "",
+					Algorithm: "http://www.w3.org/2001/04/xmlenc#sha256"
+				}],
+				DigestValue: [{ _: docDigest }]
+			}, {
+				Id: "id-xades-signed-props",
+				Type: "http://uri.etsi.org/01903/v1.3.2#SignedProperties",
+				URI: "#id-xades-signed-props",
+				DigestMethod: [{
+					_: "",
+					Algorithm: "http://www.w3.org/2001/04/xmlenc#sha256"
+				}],
+				DigestValue: [{ _: propsDigest }]
+			}]
 		};
-		const sortedDigestObj = sortObjectKeys(digestObj);
-		const signedPropertiesString = JSON.stringify(sortedDigestObj);
-		const propsDigest = crypto.default.createHash("sha256").update(signedPropertiesString, "utf8").digest("base64");
-		const { signedInfo } = createSignedInfoAndSign(docDigest, propsDigest, signingCredentials.privateKeyPem);
-		const certificate = signingCredentials.certificatePem.replace(/-----BEGIN CERTIFICATE-----/g, "").replace(/-----END CERTIFICATE-----/g, "").replace(/\s+/g, "");
+		const cert = new crypto.X509Certificate(signingCredentials.certificatePem);
+		const certificate = cert.raw.toString("base64");
 		const signedInvoices = invoices.map((invoice) => {
 			const cleanInvoice = generateCleanInvoiceObject(invoice);
-			const parsedCanonicalSignedProps = JSON.parse(signedPropertiesString);
 			return {
 				...cleanInvoice,
 				UBLExtensions: [{ UBLExtension: [{
@@ -449,7 +495,10 @@ const generateCompleteDocument = (invoices, signingCredentials) => {
 						ReferencedSignatureID: [{ _: "urn:oasis:names:specification:ubl:signature:Invoice" }],
 						Signature: [{
 							Id: "signature",
-							Object: [{ QualifyingProperties: [parsedCanonicalSignedProps] }],
+							Object: [{ QualifyingProperties: [{
+								Target: "signature",
+								SignedProperties: signedProperties.SignedProperties
+							}] }],
 							KeyInfo: [{ X509Data: [{
 								X509Certificate: [{ _: certificate }],
 								X509SubjectName: [{ _: certInfo.subjectName }],
@@ -649,4 +698,4 @@ Object.defineProperty(exports, 'transformDocumentForHashing', {
     return transformDocumentForHashing;
   }
 });
-//# sourceMappingURL=document-B03WWFMc.cjs.map
+//# sourceMappingURL=document-CNM7-o5x.cjs.map

package/dist/document-CNM7-o5x.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"document-CNM7-o5x.cjs","names":["item: InvoiceLineItem","doc: AllDocumentsV1_1","obj: unknown","sortedObj: Record<string, unknown>","invoice: AllDocumentsV1_1","invoices: AllDocumentsV1_1[]","invoice: InvoiceSubmission","certificatePem: string","X509Certificate","str: string","issuer: string","serialHex: string","error: unknown","certificateDigest: string","signingTime: string","issuerName: string","serialNumber: string","signedProperties: SignedPropertiesObject","useTargetWrapper: boolean","digestObj: unknown","docDigest: string","propsDigest: string","privateKeyPem: string","signedInfo: SignedInfoObject","documentString: string","signingCredentials: SigningCredentials","params: {\n itemClassificationCode: ClassificationCode\n itemDescription: string\n unitPrice: number\n quantity?: number\n taxType: TaxTypeCode\n taxRate: number\n totalTaxableAmountPerLine?: number\n}","params: {\n itemClassificationCode: ClassificationCode\n itemDescription: string\n unitPrice: number\n quantity?: number\n taxType: TaxTypeCode\n taxPerUnitAmount: number\n baseUnitMeasure: number\n baseUnitMeasureCode: UnitTypeCode\n totalTaxableAmountPerLine?: number\n}","lineItems: InvoiceLineItem[]"],"sources":["../src/utils/document.ts"],"sourcesContent":["import crypto, { X509Certificate } from 'crypto'\nimport {\n InvoiceSubmission,\n AllDocumentsV1_1,\n SigningCredentials,\n SignedPropertiesObject,\n UBLDocument,\n CompleteInvoice,\n SignedInfoObject,\n UnitTypeCode,\n InvoiceLineItem,\n} from '../types'\nimport type { ClassificationCode } from '../types'\nimport type { TaxTypeCode } from '../types'\nimport { formatIdValue } from './formatIdValue'\n\n/**\n * MyInvois v1.1 Document Generation and Signing Utilities\n * Strictly follows: https://sdk.myinvois.hasil.gov.my/documents/invoice-v1-1\n * JSON Signature Guide: https://sdk.myinvois.hasil.gov.my/signature-creation-json/\n */\n\n/**\n * Determines if a line item uses fixed rate taxation\n */\nexport const isFixedRateTax = (item: InvoiceLineItem): boolean => {\n return (\n item.taxPerUnitAmount !== undefined && item.baseUnitMeasure !== undefined\n )\n}\n\n/**\n * Determines if a line item uses percentage taxation\n */\nexport const isPercentageTax = (item: InvoiceLineItem): boolean => {\n return item.taxRate !== undefined && !isFixedRateTax(item)\n}\n\n/**\n * Calculates expected tax amount for a line item based on its tax type\n */\nexport const calculateExpectedTaxAmount = (item: InvoiceLineItem): number => {\n if (isFixedRateTax(item)) {\n return item.taxPerUnitAmount! * item.baseUnitMeasure!\n } else if (isPercentageTax(item)) {\n return (item.totalTaxableAmountPerLine * item.taxRate!) / 100\n }\n return 0\n}\n\n/**\n * Extracts the line-item array from any document variant\n */\nconst getLineItems = (doc: AllDocumentsV1_1): InvoiceLineItem[] => {\n if ('invoiceLineItems' in doc) return doc.invoiceLineItems\n if ('creditNoteLineItems' in doc) return doc.creditNoteLineItems\n if ('debitNoteLineItems' in doc) return doc.debitNoteLineItems\n if ('refundNoteLineItems' in doc) return doc.refundNoteLineItems\n if ('selfBilledCreditNoteLineItems' in doc)\n return doc.selfBilledCreditNoteLineItems\n if ('selfBilledRefundNoteLineItems' in doc)\n return doc.selfBilledRefundNoteLineItems\n // Fallback (should never happen with exhaustive types)\n return []\n}\n\n/**\n * Helper function to recursively sort object keys for JSON canonicalization\n */\nexport function sortObjectKeys(obj: unknown): unknown {\n if (obj === null || typeof obj !== 'object') {\n return obj\n }\n\n if (Array.isArray(obj)) {\n return obj.map(sortObjectKeys)\n }\n\n const sortedObj: Record<string, unknown> = {}\n const keys = Object.keys(obj as Record<string, unknown>).sort()\n\n for (const key of keys) {\n sortedObj[key] = sortObjectKeys((obj as Record<string, unknown>)[key])\n }\n\n return sortedObj\n}\n\n/**\n * Enhanced canonicalization following MyInvois specification exactly\n * Key changes: ensure consistent ordering and formatting\n */\nexport const canonicalizeJSON = (obj: unknown): string => {\n const sortedObj = sortObjectKeys(obj)\n // Use compact JSON with no extra whitespace\n return JSON.stringify(sortedObj, null, 0)\n}\n\n/**\n * Generates a clean invoice object following MyInvois v1.1 specification exactly\n * This is the base invoice structure WITHOUT signature elements (for hash calculation)\n *\n * Key requirements from working documents:\n * - All mandatory fields must be present\n * - Many optional fields must be present even if empty\n * - Specific field ordering and structure\n * - Correct listID values (e.g., \"3166-1\" not \"ISO3166-1\")\n */\nexport const generateCleanInvoiceObject = (\n invoice: AllDocumentsV1_1,\n): InvoiceSubmission => {\n const lineItems = getLineItems(invoice)\n return {\n // === MANDATORY CORE FIELDS ===\n ID: [{ _: invoice.eInvoiceCodeOrNumber }],\n IssueDate: [{ _: invoice.eInvoiceDate }],\n IssueTime: [{ _: invoice.eInvoiceTime }],\n InvoiceTypeCode: [\n {\n _: invoice.eInvoiceTypeCode,\n listVersionID: invoice.eInvoiceVersion || '1.1',\n },\n ],\n DocumentCurrencyCode: [{ _: invoice.invoiceCurrencyCode }],\n\n // === BILLING REFERENCE (only for credit/debit/refund notes) ===\n ...('originalEInvoiceReferenceNumber' in invoice &&\n 'originalEInvoiceInternalId' in invoice &&\n invoice.originalEInvoiceReferenceNumber\n ? {\n BillingReference: [\n {\n InvoiceDocumentReference: [\n {\n UUID: [\n {\n _: invoice.originalEInvoiceReferenceNumber,\n },\n ],\n ID: [\n {\n _: invoice.originalEInvoiceInternalId,\n },\n ],\n },\n ],\n },\n ],\n }\n : {}),\n\n // === SUPPLIER PARTY (AccountingSupplierParty) ===\n AccountingSupplierParty: [\n {\n Party: [\n {\n // Industry Classification - required field\n IndustryClassificationCode: [\n {\n _: invoice.supplier.industryClassificationCode,\n name: invoice.supplier.industryClassificationDescription,\n },\n ],\n\n // Party Identifications\n PartyIdentification: [\n {\n ID: [\n {\n _: invoice.supplier.tin,\n schemeID: 'TIN',\n },\n ],\n },\n {\n ID: [\n {\n _: formatIdValue(invoice.supplier.registrationNumber),\n schemeID: invoice.supplier.registrationType || 'NRIC',\n },\n ],\n },\n ],\n\n // Postal Address - FIXED listID format\n PostalAddress: [\n {\n CityName: [{ _: invoice.supplier.address.cityName }],\n CountrySubentityCode: [{ _: invoice.supplier.address.state }],\n AddressLine: [\n {\n Line: [{ _: invoice.supplier.address.addressLine0 }],\n },\n ],\n Country: [\n {\n IdentificationCode: [\n {\n _: invoice.supplier.address.country || 'MYS',\n listID: '3166-1', // FIXED: was \"ISO3166-1\"\n listAgencyID: 'ISO',\n },\n ],\n },\n ],\n },\n ],\n\n // Party Legal Entity\n PartyLegalEntity: [\n {\n RegistrationName: [{ _: invoice.supplier.name }],\n },\n ],\n\n // Contact Information\n Contact: [\n {\n Telephone: [{ _: invoice.supplier.contactNumber || '' }],\n },\n ],\n },\n ],\n },\n ],\n\n // === BUYER PARTY (AccountingCustomerParty) ===\n AccountingCustomerParty: [\n {\n Party: [\n {\n // Party Identifications\n PartyIdentification: [\n {\n ID: [\n {\n _: invoice.buyer.tin,\n schemeID: 'TIN',\n },\n ],\n },\n {\n ID: [\n {\n _: formatIdValue(invoice.buyer.registrationNumber),\n schemeID: invoice.buyer.registrationType || 'NRIC',\n },\n ],\n },\n {\n ID: [\n {\n _: invoice.buyer.sstRegistrationNumber || 'NA',\n schemeID: 'SST',\n },\n ],\n },\n ],\n\n // Postal Address - FIXED listID format\n PostalAddress: [\n {\n CityName: [{ _: invoice.buyer.address.cityName }],\n CountrySubentityCode: [{ _: invoice.buyer.address.state }],\n AddressLine: [\n {\n Line: [{ _: invoice.buyer.address.addressLine0 }],\n },\n ],\n Country: [\n {\n IdentificationCode: [\n {\n _: invoice.buyer.address.country || 'MYS',\n listID: '3166-1', // FIXED: was \"ISO3166-1\"\n listAgencyID: 'ISO',\n },\n ],\n },\n ],\n },\n ],\n\n // Party Legal Entity\n PartyLegalEntity: [\n {\n RegistrationName: [{ _: invoice.buyer.name }],\n },\n ],\n\n // Contact Information\n Contact: [\n {\n Telephone: [{ _: invoice.buyer.contactNumber || '' }],\n },\n ],\n },\n ],\n },\n ],\n\n // === TAX TOTAL ===\n TaxTotal: [\n {\n TaxAmount: [\n {\n _: invoice.taxTotal.taxAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n TaxSubtotal: [\n // Generate basic tax subtotal from invoice line items\n {\n TaxableAmount: [\n {\n _: invoice.legalMonetaryTotal.taxExclusiveAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n TaxAmount: [\n {\n _: invoice.taxTotal.taxAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n TaxCategory: [\n {\n ID: [{ _: lineItems[0]?.taxType || '01' }],\n TaxScheme: [\n {\n ID: [\n {\n _: 'OTH',\n schemeAgencyID: '6',\n schemeID: 'UN/ECE 5153',\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n\n // === LEGAL MONETARY TOTAL ===\n LegalMonetaryTotal: [\n {\n LineExtensionAmount: [\n {\n _: invoice.legalMonetaryTotal.taxExclusiveAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n TaxExclusiveAmount: [\n {\n _: invoice.legalMonetaryTotal.taxExclusiveAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n TaxInclusiveAmount: [\n {\n _: invoice.legalMonetaryTotal.taxInclusiveAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n PayableAmount: [\n {\n _: invoice.legalMonetaryTotal.payableAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n },\n ],\n\n // === INVOICE LINES ===\n InvoiceLine: lineItems.map((item, index) => ({\n ID: [{ _: (index + 1).toString() }],\n\n // Item Information\n Item: [\n {\n CommodityClassification: [\n {\n ItemClassificationCode: [\n {\n _: item.itemClassificationCode,\n listID: 'CLASS',\n },\n ],\n },\n ],\n Description: [{ _: item.itemDescription }],\n },\n ],\n\n ItemPriceExtension: [\n {\n Amount: [\n {\n _: item.totalTaxableAmountPerLine,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n },\n ],\n\n LineExtensionAmount: [\n {\n _: item.totalTaxableAmountPerLine,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n\n // Price Information\n Price: [\n {\n PriceAmount: [\n {\n _: item.unitPrice,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n },\n ],\n\n // Tax Information for line\n TaxTotal: [\n {\n TaxAmount: [\n {\n _: item.taxAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n TaxSubtotal: [\n {\n TaxableAmount: [\n {\n _: item.totalTaxableAmountPerLine,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n TaxAmount: [\n {\n _: item.taxAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n // Conditional tax fields based on taxation type\n ...(item.taxPerUnitAmount !== undefined &&\n item.baseUnitMeasure !== undefined\n ? {\n // Fixed Rate Taxation\n PerUnitAmount: [\n {\n _: item.taxPerUnitAmount,\n currencyID: invoice.invoiceCurrencyCode,\n },\n ],\n BaseUnitMeasure: [\n {\n _: item.baseUnitMeasure,\n unitCode: item.baseUnitMeasureCode || 'C62',\n },\n ],\n }\n : item.taxRate !== undefined\n ? {\n // Percentage Taxation\n Percent: [{ _: item.taxRate }],\n }\n : {}),\n TaxCategory: [\n {\n ID: [{ _: item.taxType }],\n TaxScheme: [\n {\n ID: [\n {\n _: 'OTH',\n schemeAgencyID: '6',\n schemeID: 'UN/ECE 5153',\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n })),\n\n // === TAX EXCHANGE RATE (mandatory where applicable) ===\n TaxExchangeRate: invoice.currencyExchangeRate\n ? [\n {\n SourceCurrencyCode: [\n {\n _: invoice.invoiceCurrencyCode,\n },\n ],\n TargetCurrencyCode: [\n {\n _: 'MYR',\n },\n ],\n CalculationRate: [\n {\n _: invoice.currencyExchangeRate,\n },\n ],\n },\n ]\n : undefined,\n }\n}\n\n/**\n * Generates the complete UBL document structure with namespace declarations\n */\nexport const generateCleanUBLDocument = (\n invoices: AllDocumentsV1_1[],\n): UBLDocument => {\n return {\n _D: 'urn:oasis:names:specification:ubl:schema:xsd:Invoice-2',\n _A: 'urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2',\n _B: 'urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2',\n Invoice: invoices.map(generateCleanInvoiceObject),\n }\n}\n\n/**\n * Step 1: Transform the document for hashing or transmission\n * Removes UBLExtensions and Signature, and minifies the JSON\n * Returns the minified, cleaned JSON string\n *\n * FIXED: Use regex-based minification to match PowerShell script exactly\n */\nexport const transformDocumentForHashing = (\n invoices: AllDocumentsV1_1[],\n): string => {\n // Generate clean UBL document structure\n const cleanDocument = generateCleanUBLDocument(invoices)\n\n // Deep clone to avoid mutating input\n const documentForTransform = JSON.parse(JSON.stringify(cleanDocument))\n if (\n documentForTransform.Invoice &&\n Array.isArray(documentForTransform.Invoice)\n ) {\n documentForTransform.Invoice.forEach((invoice: InvoiceSubmission) => {\n delete invoice.UBLExtensions\n delete invoice.Signature\n })\n }\n\n // Convert to JSON string first\n const jsonString = JSON.stringify(documentForTransform)\n\n // Apply the exact same regex-based minification as PowerShell script\n // This regex preserves whitespace within quoted strings but removes all other whitespace\n const minifiedJson = jsonString.replace(\n /(\"(?:\\\\.|[^\"\\\\])*\")|\\s+/g,\n (match, quotedString) => {\n if (quotedString) {\n return quotedString // Keep string content exactly as-is\n } else {\n return '' // Remove all other whitespace\n }\n },\n )\n\n return minifiedJson\n}\n\n/**\n * Step 2: Calculate Document Digest\n * FIXED: Remove UBLExtensions and Signature before hashing (DS322)\n * Based on working implementation pattern\n */\nexport const calculateDocumentDigest = (\n invoices: AllDocumentsV1_1[],\n): string => {\n // Use the transformation function to get the minified, cleaned JSON string\n const documentString = transformDocumentForHashing(invoices)\n\n // Calculate SHA-256 hash\n const hash = crypto.createHash('sha256')\n hash.update(documentString, 'utf8')\n\n // Return as Base64 (DocDigest)\n return hash.digest('base64')\n}\n\n/**\n * Step 4: Calculate Certificate Digest\n * Enhanced to handle certificate content properly\n * FIXED: Match PowerShell script exactly - use raw certificate data like $cert.RawData\n */\nexport const calculateCertificateDigest = (certificatePem: string): string => {\n try {\n // Create X509Certificate object to get raw data (like PowerShell $cert.RawData)\n const cert = new X509Certificate(certificatePem)\n\n // Get the raw certificate data (DER-encoded, like PowerShell $cert.RawData)\n const rawCertificateData = cert.raw\n\n // Calculate SHA-256 hash of raw certificate data (like PowerShell $sha256.ComputeHash($cert.RawData))\n const hash = crypto.createHash('sha256')\n hash.update(rawCertificateData)\n\n // Return as Base64 (like PowerShell [Convert]::ToBase64String($certHash))\n return hash.digest('base64')\n } catch (error) {\n // Fallback to the previous method if X509Certificate fails\n const certificateContent = certificatePem\n .replace(/-----BEGIN CERTIFICATE-----/g, '')\n .replace(/-----END CERTIFICATE-----/g, '')\n .replace(/\\s+/g, '') // Remove all whitespace\n\n // Convert Base64 to binary\n const certificateBinary = Buffer.from(certificateContent, 'base64')\n\n // Calculate SHA-256 hash of binary content\n const hash = crypto.createHash('sha256')\n hash.update(certificateBinary)\n\n // Return as Base64\n return hash.digest('base64')\n }\n}\n\n/**\n * Enhanced certificate info extraction with better error handling\n * FIXED: Normalize issuer name format to match MyInvois expectations (DS326)\n */\nexport const extractCertificateInfo = (\n certificatePem: string,\n): {\n issuerName: string\n serialNumber: string\n subjectName: string\n} => {\n try {\n const cert = new X509Certificate(certificatePem)\n\n // Extract serial number and convert to decimal string\n const serialNumberHex = cert.serialNumber\n\n // FIXED: Use raw issuer name like PowerShell $cert.IssuerName.Name\n // Apply XML escaping to match PowerShell [System.Security.SecurityElement]::Escape()\n const escapeXmlSpecialChars = (str: string): string => {\n return str\n .replace(/&/g, '&')\n .replace(/</g, '<')\n .replace(/>/g, '>')\n .replace(/\"/g, '"')\n .replace(/'/g, ''')\n }\n\n // FIXED: Normalize issuer name to match MyInvois expectations\n // The issuer name should be in the format: \"CN=Trial LHDNM Sub CA V1, OU=Terms of use at http://www.testcertcomp.com.my, O=LHDNM, C=MY\"\n const normalizeIssuerName = (issuer: string): string => {\n // Node returns issuer DN in reverse RDN order (C, O, ... , CN).\n // The MyInvois validator expects forward order (CN first).\n // 1. Break DN into components separated by newline or commas.\n // 2. Reverse to get CN → ... → C ordering.\n // 3. Join with \", \" and ensure single '=' spacing.\n const parts = issuer\n .split(/\\r?\\n|,\\s*/)\n .map(part => part.trim())\n .filter(part => part.length > 0)\n .reverse()\n return parts.join(', ').replace(/\\s*=\\s*/g, '=')\n }\n\n // Enhanced serial number formatting\n const formatSerialNumber = (serialHex: string): string => {\n // Convert hex to decimal and ensure it's a string\n const decimal = BigInt('0x' + serialHex).toString()\n return decimal\n }\n\n // FIXED: Use raw subject name without normalization to match PowerShell $cert.SubjectName.Name\n // The subject name should be in the format shown in the specification\n const rawSubjectName = cert.subject\n\n return {\n issuerName: escapeXmlSpecialChars(normalizeIssuerName(cert.issuer)),\n serialNumber: formatSerialNumber(serialNumberHex),\n subjectName: rawSubjectName, // Use raw subject name like PowerShell\n }\n } catch (error: unknown) {\n throw new Error(\n `Failed to extract certificate info: ${error instanceof Error ? error.message : String(error)}`,\n )\n }\n}\n\n/**\n * Step 5: Create SignedProperties with enhanced structure\n * FIXED: Simplified structure to match MyInvois expectations (DS320)\n * Following MyInvois JSON signature specification exactly\n */\nexport const createSignedProperties = (\n certificateDigest: string,\n signingTime: string,\n issuerName: string,\n serialNumber: string,\n): SignedPropertiesObject => {\n return {\n SignedProperties: [\n {\n Id: 'id-xades-signed-props',\n SignedSignatureProperties: [\n {\n SigningTime: [{ _: signingTime }],\n SigningCertificate: [\n {\n Cert: [\n {\n CertDigest: [\n {\n DigestMethod: [\n {\n _: '',\n Algorithm:\n 'http://www.w3.org/2001/04/xmlenc#sha256',\n },\n ],\n DigestValue: [{ _: certificateDigest }],\n },\n ],\n IssuerSerial: [\n {\n X509IssuerName: [{ _: issuerName }],\n X509SerialNumber: [{ _: serialNumber }],\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n }\n}\n\n/**\n * Step 6: Calculate SignedProperties Digest\n * Calculates the digest over the correct structure for validator compliance.\n * FIXED: Calculate digest from SignedProperties only (without Target wrapper)\n */\nexport const calculateSignedPropertiesDigest = (\n signedProperties: SignedPropertiesObject,\n useTargetWrapper: boolean = true, // Changed to true - validator calculates digest from embedded structure with Target wrapper\n): string => {\n let digestObj: unknown\n if (useTargetWrapper) {\n digestObj = {\n Target: 'signature',\n SignedProperties: signedProperties.SignedProperties,\n }\n } else {\n digestObj = signedProperties.SignedProperties\n }\n\n // FIXED: Don't sort object keys - use exact structure as embedded\n // The validator calculates digest from the exact embedded structure\n const signedPropertiesString = JSON.stringify(digestObj)\n\n // Apply the same regex-based minification as the document transformation\n const minifiedSignedProperties = signedPropertiesString.replace(\n /(\"(?:\\\\.|[^\"\\\\])*\")|\\s+/g,\n (match, quotedString) => {\n if (quotedString) {\n return quotedString // Keep string content exactly as-is\n } else {\n return '' // Remove all other whitespace\n }\n },\n )\n\n const hash = crypto.createHash('sha256')\n hash.update(minifiedSignedProperties, 'utf8')\n return hash.digest('base64')\n}\n\n/**\n * Step 3: Create SignedInfo and calculate signature\n * Enhanced with better structure and signature generation\n */\nexport const createSignedInfoAndSign = (\n docDigest: string,\n propsDigest: string,\n privateKeyPem: string,\n): { signedInfo: SignedInfoObject; signatureValue: string } => {\n // Create SignedInfo structure following specification exactly\n const signedInfo: SignedInfoObject = {\n CanonicalizationMethod: [\n {\n _: '',\n Algorithm: 'http://www.w3.org/2006/12/xml-c14n11',\n },\n ],\n SignatureMethod: [\n {\n _: '',\n Algorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',\n },\n ],\n Reference: [\n {\n Id: 'id-doc-signed-data',\n Type: '',\n URI: '',\n DigestMethod: [\n {\n _: '',\n Algorithm: 'http://www.w3.org/2001/04/xmlenc#sha256',\n },\n ],\n DigestValue: [{ _: docDigest }],\n },\n {\n Id: 'id-xades-signed-props',\n Type: 'http://uri.etsi.org/01903/v1.3.2#SignedProperties',\n URI: '#id-xades-signed-props',\n DigestMethod: [\n {\n _: '',\n Algorithm: 'http://www.w3.org/2001/04/xmlenc#sha256',\n },\n ],\n DigestValue: [{ _: propsDigest }],\n },\n ],\n }\n\n // Serialize the SignedInfo exactly as it will be embedded (no reordering)\n const signedInfoRaw = JSON.stringify(signedInfo)\n\n try {\n const signer = crypto.createSign('RSA-SHA256')\n signer.update(signedInfoRaw, 'utf8')\n const signatureValue = signer.sign(privateKeyPem, 'base64')\n\n // Reuse the original object so ordering is preserved\n return { signedInfo, signatureValue }\n } catch (error) {\n throw new Error(\n `Signature generation failed: ${error instanceof Error ? error.message : String(error)}`,\n )\n }\n}\n\n/**\n * Signs the minified document string using the provided private key PEM\n * Returns the signature as a base64 string\n * FIXED: Match PowerShell script exactly - first compute hash, then sign the hash\n */\nexport const signDocumentString = (\n documentString: string,\n privateKeyPem: string,\n): string => {\n // Create signer with RSA-SHA256 (matches PowerShell RSAPKCS1SignatureFormatter)\n const signer = crypto.createSign('RSA-SHA256')\n signer.update(documentString, 'utf8')\n return signer.sign(privateKeyPem, 'base64')\n}\n\n/**\n * Complete document generation with signatures\n * Follows the complete MyInvois JSON signature creation process (Steps 1-7)\n */\nexport const generateCompleteDocument = (\n invoices: AllDocumentsV1_1[],\n signingCredentials: SigningCredentials,\n): CompleteInvoice => {\n try {\n // Step 1: Generate clean document (done in calculateDocumentDigest)\n // Step 2: Calculate document digest\n const docDigest = calculateDocumentDigest(invoices)\n\n // Get the minified, cleaned JSON string for signing\n const documentString = transformDocumentForHashing(invoices)\n\n // Step 3: Sign the minified document string (not the digest)\n const docSignature = signDocumentString(\n documentString,\n signingCredentials.privateKeyPem,\n )\n\n // Generate signing time in proper ISO format matching PowerShell exactly\n // PowerShell: Get-Date -Format \"yyyy-MM-ddTHH:mm:ssZ\"\n const now = new Date()\n const signingTime =\n now.getFullYear() +\n '-' +\n String(now.getMonth() + 1).padStart(2, '0') +\n '-' +\n String(now.getDate()).padStart(2, '0') +\n 'T' +\n String(now.getHours()).padStart(2, '0') +\n ':' +\n String(now.getMinutes()).padStart(2, '0') +\n ':' +\n String(now.getSeconds()).padStart(2, '0') +\n 'Z'\n\n // Extract certificate information (enhanced)\n const certInfo = extractCertificateInfo(signingCredentials.certificatePem)\n\n // Step 4: Calculate certificate digest\n const certificateDigest = calculateCertificateDigest(\n signingCredentials.certificatePem,\n )\n\n // Step 5: Create SignedProperties using extracted cert info\n const signedProperties = createSignedProperties(\n certificateDigest,\n signingTime,\n certInfo.issuerName,\n certInfo.serialNumber,\n )\n\n // Step 6: Calculate SignedProperties digest using the dedicated function\n const propsDigest = calculateSignedPropertiesDigest(signedProperties)\n\n // Create simple SignedInfo structure (matching PowerShell approach)\n const signedInfo: SignedInfoObject = {\n CanonicalizationMethod: [\n {\n _: '',\n Algorithm: 'http://www.w3.org/2006/12/xml-c14n11',\n },\n ],\n SignatureMethod: [\n {\n _: '',\n Algorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',\n },\n ],\n Reference: [\n {\n Id: 'id-doc-signed-data',\n Type: '',\n URI: '',\n DigestMethod: [\n {\n _: '',\n Algorithm: 'http://www.w3.org/2001/04/xmlenc#sha256',\n },\n ],\n DigestValue: [{ _: docDigest }],\n },\n {\n Id: 'id-xades-signed-props',\n Type: 'http://uri.etsi.org/01903/v1.3.2#SignedProperties',\n URI: '#id-xades-signed-props',\n DigestMethod: [\n {\n _: '',\n Algorithm: 'http://www.w3.org/2001/04/xmlenc#sha256',\n },\n ],\n DigestValue: [{ _: propsDigest }],\n },\n ],\n }\n\n // Extract certificate content using raw data (like PowerShell $cert.RawData)\n const cert = new X509Certificate(signingCredentials.certificatePem)\n const certificate = cert.raw.toString('base64')\n\n // Step 7: Create final signed document\n const signedInvoices = invoices.map(invoice => {\n const cleanInvoice = generateCleanInvoiceObject(invoice)\n\n return {\n ...cleanInvoice,\n\n // Add UBLExtensions with complete signature structure\n UBLExtensions: [\n {\n UBLExtension: [\n {\n ExtensionURI: [\n {\n _: 'urn:oasis:names:specification:ubl:dsig:enveloped:xades',\n },\n ],\n ExtensionContent: [\n {\n UBLDocumentSignatures: [\n {\n SignatureInformation: [\n {\n ID: [\n {\n _: 'urn:oasis:names:specification:ubl:signature:1',\n },\n ],\n ReferencedSignatureID: [\n {\n _: 'urn:oasis:names:specification:ubl:signature:Invoice',\n },\n ],\n Signature: [\n {\n Id: 'signature',\n Object: [\n {\n QualifyingProperties: [\n {\n Target: 'signature',\n SignedProperties:\n signedProperties.SignedProperties,\n },\n ],\n },\n ],\n KeyInfo: [\n {\n X509Data: [\n {\n X509Certificate: [{ _: certificate }],\n X509SubjectName: [\n { _: certInfo.subjectName },\n ],\n X509IssuerSerial: [\n {\n X509IssuerName: [\n {\n _: certInfo.issuerName,\n },\n ],\n X509SerialNumber: [\n {\n _: certInfo.serialNumber,\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n SignatureValue: [{ _: docSignature }],\n SignedInfo: [signedInfo],\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n },\n ],\n\n // Add simple Signature reference\n Signature: [\n {\n ID: [\n {\n _: 'urn:oasis:names:specification:ubl:signature:Invoice',\n },\n ],\n SignatureMethod: [\n {\n _: 'urn:oasis:names:specification:ubl:dsig:enveloped:xades',\n },\n ],\n },\n ],\n }\n })\n\n return {\n _D: 'urn:oasis:names:specification:ubl:schema:xsd:Invoice-2',\n _A: 'urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2',\n _B: 'urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2',\n Invoice: signedInvoices,\n }\n } catch (error) {\n throw new Error(\n `Document generation failed: ${error instanceof Error ? error.message : String(error)}`,\n )\n }\n}\n\n/**\n * Creates a line item with percentage-based taxation (e.g., SST, GST)\n */\nexport const createPercentageTaxLineItem = (params: {\n itemClassificationCode: ClassificationCode\n itemDescription: string\n unitPrice: number\n quantity?: number\n taxType: TaxTypeCode\n taxRate: number\n totalTaxableAmountPerLine?: number\n}): InvoiceLineItem => {\n const quantity = params.quantity || 1\n const totalTaxableAmount =\n params.totalTaxableAmountPerLine || params.unitPrice * quantity\n const taxAmount = (totalTaxableAmount * params.taxRate) / 100\n\n return {\n itemClassificationCode: params.itemClassificationCode,\n itemDescription: params.itemDescription,\n unitPrice: params.unitPrice,\n taxType: params.taxType,\n taxRate: params.taxRate,\n taxAmount: Math.round(taxAmount * 100) / 100, // Round to 2 decimal places\n totalTaxableAmountPerLine: totalTaxableAmount,\n totalAmountPerLine: totalTaxableAmount + taxAmount,\n }\n}\n\n/**\n * Creates a line item with fixed rate taxation (e.g., Tourism Tax)\n */\nexport const createFixedRateTaxLineItem = (params: {\n itemClassificationCode: ClassificationCode\n itemDescription: string\n unitPrice: number\n quantity?: number\n taxType: TaxTypeCode\n taxPerUnitAmount: number\n baseUnitMeasure: number\n baseUnitMeasureCode: UnitTypeCode\n totalTaxableAmountPerLine?: number\n}): InvoiceLineItem => {\n const quantity = params.quantity || 1\n const totalTaxableAmount =\n params.totalTaxableAmountPerLine || params.unitPrice * quantity\n const taxAmount = params.taxPerUnitAmount * params.baseUnitMeasure\n\n return {\n itemClassificationCode: params.itemClassificationCode,\n itemDescription: params.itemDescription,\n unitPrice: params.unitPrice,\n taxType: params.taxType,\n taxPerUnitAmount: params.taxPerUnitAmount,\n baseUnitMeasure: params.baseUnitMeasure,\n baseUnitMeasureCode: params.baseUnitMeasureCode,\n taxAmount: Math.round(taxAmount * 100) / 100, // Round to 2 decimal places\n totalTaxableAmountPerLine: totalTaxableAmount,\n totalAmountPerLine: totalTaxableAmount + taxAmount,\n }\n}\n\n/**\n * Calculates invoice totals from line items\n */\nexport const calculateInvoiceTotals = (\n lineItems: InvoiceLineItem[],\n): {\n legalMonetaryTotal: {\n taxExclusiveAmount: number\n taxInclusiveAmount: number\n payableAmount: number\n }\n taxTotal: {\n taxAmount: number\n }\n} => {\n const taxExclusiveAmount = lineItems.reduce(\n (sum, item) => sum + item.totalTaxableAmountPerLine,\n 0,\n )\n const totalTaxAmount = lineItems.reduce(\n (sum, item) => sum + item.taxAmount,\n 0,\n )\n const taxInclusiveAmount = taxExclusiveAmount + totalTaxAmount\n\n return {\n legalMonetaryTotal: {\n taxExclusiveAmount: Math.round(taxExclusiveAmount * 100) / 100,\n taxInclusiveAmount: Math.round(taxInclusiveAmount * 100) / 100,\n payableAmount: Math.round(taxInclusiveAmount * 100) / 100,\n },\n taxTotal: {\n taxAmount: Math.round(totalTaxAmount * 100) / 100,\n },\n }\n}\n"],"mappings":";;;;;;;;;;;;;AAyBA,MAAa,iBAAiB,CAACA,SAAmC;AAChE,QACE,KAAK,+BAAkC,KAAK;AAE/C;;;;AAKD,MAAa,kBAAkB,CAACA,SAAmC;AACjE,QAAO,KAAK,uBAA0B,eAAe,KAAK;AAC3D;;;;AAKD,MAAa,6BAA6B,CAACA,SAAkC;AAC3E,KAAI,eAAe,KAAK,CACtB,QAAO,KAAK,mBAAoB,KAAK;UAC5B,gBAAgB,KAAK,CAC9B,QAAQ,KAAK,4BAA4B,KAAK,UAAY;AAE5D,QAAO;AACR;;;;AAKD,MAAM,eAAe,CAACC,QAA6C;AACjE,KAAI,sBAAsB,IAAK,QAAO,IAAI;AAC1C,KAAI,yBAAyB,IAAK,QAAO,IAAI;AAC7C,KAAI,wBAAwB,IAAK,QAAO,IAAI;AAC5C,KAAI,yBAAyB,IAAK,QAAO,IAAI;AAC7C,KAAI,mCAAmC,IACrC,QAAO,IAAI;AACb,KAAI,mCAAmC,IACrC,QAAO,IAAI;AAEb,QAAO,CAAE;AACV;;;;AAKD,SAAgB,eAAeC,KAAuB;AACpD,KAAI,QAAQ,eAAe,QAAQ,SACjC,QAAO;AAGT,KAAI,MAAM,QAAQ,IAAI,CACpB,QAAO,IAAI,IAAI,eAAe;CAGhC,MAAMC,YAAqC,CAAE;CAC7C,MAAM,OAAO,OAAO,KAAK,IAA+B,CAAC,MAAM;AAE/D,MAAK,MAAM,OAAO,KAChB,WAAU,OAAO,eAAgB,IAAgC,KAAK;AAGxE,QAAO;AACR;;;;;AAMD,MAAa,mBAAmB,CAACD,QAAyB;CACxD,MAAM,YAAY,eAAe,IAAI;AAErC,QAAO,KAAK,UAAU,WAAW,MAAM,EAAE;AAC1C;;;;;;;;;;;AAYD,MAAa,6BAA6B,CACxCE,YACsB;CACtB,MAAM,YAAY,aAAa,QAAQ;AACvC,QAAO;EAEL,IAAI,CAAC,EAAE,GAAG,QAAQ,qBAAsB,CAAC;EACzC,WAAW,CAAC,EAAE,GAAG,QAAQ,aAAc,CAAC;EACxC,WAAW,CAAC,EAAE,GAAG,QAAQ,aAAc,CAAC;EACxC,iBAAiB,CACf;GACE,GAAG,QAAQ;GACX,eAAe,QAAQ,mBAAmB;EAC3C,CACF;EACD,sBAAsB,CAAC,EAAE,GAAG,QAAQ,oBAAqB,CAAC;EAG1D,GAAI,qCAAqC,WACzC,gCAAgC,WAChC,QAAQ,kCACJ,EACE,kBAAkB,CAChB,EACE,0BAA0B,CACxB;GACE,MAAM,CACJ,EACE,GAAG,QAAQ,gCACZ,CACF;GACD,IAAI,CACF,EACE,GAAG,QAAQ,2BACZ,CACF;EACF,CACF,EACF,CACF,EACF,IACD,CAAE;EAGN,yBAAyB,CACvB,EACE,OAAO,CACL;GAEE,4BAA4B,CAC1B;IACE,GAAG,QAAQ,SAAS;IACpB,MAAM,QAAQ,SAAS;GACxB,CACF;GAGD,qBAAqB,CACnB,EACE,IAAI,CACF;IACE,GAAG,QAAQ,SAAS;IACpB,UAAU;GACX,CACF,EACF,GACD,EACE,IAAI,CACF;IACE,GAAG,oCAAc,QAAQ,SAAS,mBAAmB;IACrD,UAAU,QAAQ,SAAS,oBAAoB;GAChD,CACF,EACF,CACF;GAGD,eAAe,CACb;IACE,UAAU,CAAC,EAAE,GAAG,QAAQ,SAAS,QAAQ,SAAU,CAAC;IACpD,sBAAsB,CAAC,EAAE,GAAG,QAAQ,SAAS,QAAQ,MAAO,CAAC;IAC7D,aAAa,CACX,EACE,MAAM,CAAC,EAAE,GAAG,QAAQ,SAAS,QAAQ,aAAc,CAAC,EACrD,CACF;IACD,SAAS,CACP,EACE,oBAAoB,CAClB;KACE,GAAG,QAAQ,SAAS,QAAQ,WAAW;KACvC,QAAQ;KACR,cAAc;IACf,CACF,EACF,CACF;GACF,CACF;GAGD,kBAAkB,CAChB,EACE,kBAAkB,CAAC,EAAE,GAAG,QAAQ,SAAS,KAAM,CAAC,EACjD,CACF;GAGD,SAAS,CACP,EACE,WAAW,CAAC,EAAE,GAAG,QAAQ,SAAS,iBAAiB,GAAI,CAAC,EACzD,CACF;EACF,CACF,EACF,CACF;EAGD,yBAAyB,CACvB,EACE,OAAO,CACL;GAEE,qBAAqB;IACnB,EACE,IAAI,CACF;KACE,GAAG,QAAQ,MAAM;KACjB,UAAU;IACX,CACF,EACF;IACD,EACE,IAAI,CACF;KACE,GAAG,oCAAc,QAAQ,MAAM,mBAAmB;KAClD,UAAU,QAAQ,MAAM,oBAAoB;IAC7C,CACF,EACF;IACD,EACE,IAAI,CACF;KACE,GAAG,QAAQ,MAAM,yBAAyB;KAC1C,UAAU;IACX,CACF,EACF;GACF;GAGD,eAAe,CACb;IACE,UAAU,CAAC,EAAE,GAAG,QAAQ,MAAM,QAAQ,SAAU,CAAC;IACjD,sBAAsB,CAAC,EAAE,GAAG,QAAQ,MAAM,QAAQ,MAAO,CAAC;IAC1D,aAAa,CACX,EACE,MAAM,CAAC,EAAE,GAAG,QAAQ,MAAM,QAAQ,aAAc,CAAC,EAClD,CACF;IACD,SAAS,CACP,EACE,oBAAoB,CAClB;KACE,GAAG,QAAQ,MAAM,QAAQ,WAAW;KACpC,QAAQ;KACR,cAAc;IACf,CACF,EACF,CACF;GACF,CACF;GAGD,kBAAkB,CAChB,EACE,kBAAkB,CAAC,EAAE,GAAG,QAAQ,MAAM,KAAM,CAAC,EAC9C,CACF;GAGD,SAAS,CACP,EACE,WAAW,CAAC,EAAE,GAAG,QAAQ,MAAM,iBAAiB,GAAI,CAAC,EACtD,CACF;EACF,CACF,EACF,CACF;EAGD,UAAU,CACR;GACE,WAAW,CACT;IACE,GAAG,QAAQ,SAAS;IACpB,YAAY,QAAQ;GACrB,CACF;GACD,aAAa,CAEX;IACE,eAAe,CACb;KACE,GAAG,QAAQ,mBAAmB;KAC9B,YAAY,QAAQ;IACrB,CACF;IACD,WAAW,CACT;KACE,GAAG,QAAQ,SAAS;KACpB,YAAY,QAAQ;IACrB,CACF;IACD,aAAa,CACX;KACE,IAAI,CAAC,EAAE,GAAG,UAAU,IAAI,WAAW,KAAM,CAAC;KAC1C,WAAW,CACT,EACE,IAAI,CACF;MACE,GAAG;MACH,gBAAgB;MAChB,UAAU;KACX,CACF,EACF,CACF;IACF,CACF;GACF,CACF;EACF,CACF;EAGD,oBAAoB,CAClB;GACE,qBAAqB,CACnB;IACE,GAAG,QAAQ,mBAAmB;IAC9B,YAAY,QAAQ;GACrB,CACF;GACD,oBAAoB,CAClB;IACE,GAAG,QAAQ,mBAAmB;IAC9B,YAAY,QAAQ;GACrB,CACF;GACD,oBAAoB,CAClB;IACE,GAAG,QAAQ,mBAAmB;IAC9B,YAAY,QAAQ;GACrB,CACF;GACD,eAAe,CACb;IACE,GAAG,QAAQ,mBAAmB;IAC9B,YAAY,QAAQ;GACrB,CACF;EACF,CACF;EAGD,aAAa,UAAU,IAAI,CAAC,MAAM,WAAW;GAC3C,IAAI,CAAC,EAAE,GAAG,CAAC,QAAQ,GAAG,UAAU,CAAE,CAAC;GAGnC,MAAM,CACJ;IACE,yBAAyB,CACvB,EACE,wBAAwB,CACtB;KACE,GAAG,KAAK;KACR,QAAQ;IACT,CACF,EACF,CACF;IACD,aAAa,CAAC,EAAE,GAAG,KAAK,gBAAiB,CAAC;GAC3C,CACF;GAED,oBAAoB,CAClB,EACE,QAAQ,CACN;IACE,GAAG,KAAK;IACR,YAAY,QAAQ;GACrB,CACF,EACF,CACF;GAED,qBAAqB,CACnB;IACE,GAAG,KAAK;IACR,YAAY,QAAQ;GACrB,CACF;GAGD,OAAO,CACL,EACE,aAAa,CACX;IACE,GAAG,KAAK;IACR,YAAY,QAAQ;GACrB,CACF,EACF,CACF;GAGD,UAAU,CACR;IACE,WAAW,CACT;KACE,GAAG,KAAK;KACR,YAAY,QAAQ;IACrB,CACF;IACD,aAAa,CACX;KACE,eAAe,CACb;MACE,GAAG,KAAK;MACR,YAAY,QAAQ;KACrB,CACF;KACD,WAAW,CACT;MACE,GAAG,KAAK;MACR,YAAY,QAAQ;KACrB,CACF;KAED,GAAI,KAAK,+BACT,KAAK,6BACD;MAEE,eAAe,CACb;OACE,GAAG,KAAK;OACR,YAAY,QAAQ;MACrB,CACF;MACD,iBAAiB,CACf;OACE,GAAG,KAAK;OACR,UAAU,KAAK,uBAAuB;MACvC,CACF;KACF,IACD,KAAK,qBACH,EAEE,SAAS,CAAC,EAAE,GAAG,KAAK,QAAS,CAAC,EAC/B,IACD,CAAE;KACR,aAAa,CACX;MACE,IAAI,CAAC,EAAE,GAAG,KAAK,QAAS,CAAC;MACzB,WAAW,CACT,EACE,IAAI,CACF;OACE,GAAG;OACH,gBAAgB;OAChB,UAAU;MACX,CACF,EACF,CACF;KACF,CACF;IACF,CACF;GACF,CACF;EACF,GAAE;EAGH,iBAAiB,QAAQ,uBACrB,CACE;GACE,oBAAoB,CAClB,EACE,GAAG,QAAQ,oBACZ,CACF;GACD,oBAAoB,CAClB,EACE,GAAG,MACJ,CACF;GACD,iBAAiB,CACf,EACE,GAAG,QAAQ,qBACZ,CACF;EACF,CACF;CAEN;AACF;;;;AAKD,MAAa,2BAA2B,CACtCC,aACgB;AAChB,QAAO;EACL,IAAI;EACJ,IAAI;EACJ,IAAI;EACJ,SAAS,SAAS,IAAI,2BAA2B;CAClD;AACF;;;;;;;;AASD,MAAa,8BAA8B,CACzCA,aACW;CAEX,MAAM,gBAAgB,yBAAyB,SAAS;CAGxD,MAAM,uBAAuB,KAAK,MAAM,KAAK,UAAU,cAAc,CAAC;AACtE,KACE,qBAAqB,WACrB,MAAM,QAAQ,qBAAqB,QAAQ,CAE3C,sBAAqB,QAAQ,QAAQ,CAACC,YAA+B;AACnE,SAAO,QAAQ;AACf,SAAO,QAAQ;CAChB,EAAC;CAIJ,MAAM,aAAa,KAAK,UAAU,qBAAqB;CAIvD,MAAM,eAAe,WAAW,QAC9B,4BACA,CAAC,OAAO,iBAAiB;AACvB,MAAI,aACF,QAAO;MAEP,QAAO;CAEV,EACF;AAED,QAAO;AACR;;;;;;AAOD,MAAa,0BAA0B,CACrCD,aACW;CAEX,MAAM,iBAAiB,4BAA4B,SAAS;CAG5D,MAAM,OAAO,eAAO,WAAW,SAAS;AACxC,MAAK,OAAO,gBAAgB,OAAO;AAGnC,QAAO,KAAK,OAAO,SAAS;AAC7B;;;;;;AAOD,MAAa,6BAA6B,CAACE,mBAAmC;AAC5E,KAAI;EAEF,MAAM,OAAO,IAAIC,uBAAgB;EAGjC,MAAM,qBAAqB,KAAK;EAGhC,MAAM,OAAO,eAAO,WAAW,SAAS;AACxC,OAAK,OAAO,mBAAmB;AAG/B,SAAO,KAAK,OAAO,SAAS;CAC7B,SAAQ,OAAO;EAEd,MAAM,qBAAqB,eACxB,QAAQ,gCAAgC,GAAG,CAC3C,QAAQ,8BAA8B,GAAG,CACzC,QAAQ,QAAQ,GAAG;EAGtB,MAAM,oBAAoB,OAAO,KAAK,oBAAoB,SAAS;EAGnE,MAAM,OAAO,eAAO,WAAW,SAAS;AACxC,OAAK,OAAO,kBAAkB;AAG9B,SAAO,KAAK,OAAO,SAAS;CAC7B;AACF;;;;;AAMD,MAAa,yBAAyB,CACpCD,mBAKG;AACH,KAAI;EACF,MAAM,OAAO,IAAIC,uBAAgB;EAGjC,MAAM,kBAAkB,KAAK;EAI7B,MAAM,wBAAwB,CAACC,QAAwB;AACrD,UAAO,IACJ,QAAQ,MAAM,QAAQ,CACtB,QAAQ,MAAM,OAAO,CACrB,QAAQ,MAAM,OAAO,CACrB,QAAQ,MAAM,SAAS,CACvB,QAAQ,MAAM,SAAS;EAC3B;EAID,MAAM,sBAAsB,CAACC,WAA2B;GAMtD,MAAM,QAAQ,OACX,MAAM,aAAa,CACnB,IAAI,UAAQ,KAAK,MAAM,CAAC,CACxB,OAAO,UAAQ,KAAK,SAAS,EAAE,CAC/B,SAAS;AACZ,UAAO,MAAM,KAAK,KAAK,CAAC,QAAQ,YAAY,IAAI;EACjD;EAGD,MAAM,qBAAqB,CAACC,cAA8B;GAExD,MAAM,UAAU,OAAO,OAAO,UAAU,CAAC,UAAU;AACnD,UAAO;EACR;EAID,MAAM,iBAAiB,KAAK;AAE5B,SAAO;GACL,YAAY,sBAAsB,oBAAoB,KAAK,OAAO,CAAC;GACnE,cAAc,mBAAmB,gBAAgB;GACjD,aAAa;EACd;CACF,SAAQC,OAAgB;AACvB,QAAM,IAAI,OACP,sCAAsC,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,CAAC;CAEjG;AACF;;;;;;AAOD,MAAa,yBAAyB,CACpCC,mBACAC,aACAC,YACAC,iBAC2B;AAC3B,QAAO,EACL,kBAAkB,CAChB;EACE,IAAI;EACJ,2BAA2B,CACzB;GACE,aAAa,CAAC,EAAE,GAAG,YAAa,CAAC;GACjC,oBAAoB,CAClB,EACE,MAAM,CACJ;IACE,YAAY,CACV;KACE,cAAc,CACZ;MACE,GAAG;MACH,WACE;KACH,CACF;KACD,aAAa,CAAC,EAAE,GAAG,kBAAmB,CAAC;IACxC,CACF;IACD,cAAc,CACZ;KACE,gBAAgB,CAAC,EAAE,GAAG,WAAY,CAAC;KACnC,kBAAkB,CAAC,EAAE,GAAG,aAAc,CAAC;IACxC,CACF;GACF,CACF,EACF,CACF;EACF,CACF;CACF,CACF,EACF;AACF;;;;;;AAOD,MAAa,kCAAkC,CAC7CC,kBACAC,mBAA4B,SACjB;CACX,IAAIC;AACJ,KAAI,iBACF,aAAY;EACV,QAAQ;EACR,kBAAkB,iBAAiB;CACpC;KAED,aAAY,iBAAiB;CAK/B,MAAM,yBAAyB,KAAK,UAAU,UAAU;CAGxD,MAAM,2BAA2B,uBAAuB,QACtD,4BACA,CAAC,OAAO,iBAAiB;AACvB,MAAI,aACF,QAAO;MAEP,QAAO;CAEV,EACF;CAED,MAAM,OAAO,eAAO,WAAW,SAAS;AACxC,MAAK,OAAO,0BAA0B,OAAO;AAC7C,QAAO,KAAK,OAAO,SAAS;AAC7B;;;;;AAMD,MAAa,0BAA0B,CACrCC,WACAC,aACAC,kBAC6D;CAE7D,MAAMC,aAA+B;EACnC,wBAAwB,CACtB;GACE,GAAG;GACH,WAAW;EACZ,CACF;EACD,iBAAiB,CACf;GACE,GAAG;GACH,WAAW;EACZ,CACF;EACD,WAAW,CACT;GACE,IAAI;GACJ,MAAM;GACN,KAAK;GACL,cAAc,CACZ;IACE,GAAG;IACH,WAAW;GACZ,CACF;GACD,aAAa,CAAC,EAAE,GAAG,UAAW,CAAC;EAChC,GACD;GACE,IAAI;GACJ,MAAM;GACN,KAAK;GACL,cAAc,CACZ;IACE,GAAG;IACH,WAAW;GACZ,CACF;GACD,aAAa,CAAC,EAAE,GAAG,YAAa,CAAC;EAClC,CACF;CACF;CAGD,MAAM,gBAAgB,KAAK,UAAU,WAAW;AAEhD,KAAI;EACF,MAAM,SAAS,eAAO,WAAW,aAAa;AAC9C,SAAO,OAAO,eAAe,OAAO;EACpC,MAAM,iBAAiB,OAAO,KAAK,eAAe,SAAS;AAG3D,SAAO;GAAE;GAAY;EAAgB;CACtC,SAAQ,OAAO;AACd,QAAM,IAAI,OACP,+BAA+B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,CAAC;CAE1F;AACF;;;;;;AAOD,MAAa,qBAAqB,CAChCC,gBACAF,kBACW;CAEX,MAAM,SAAS,eAAO,WAAW,aAAa;AAC9C,QAAO,OAAO,gBAAgB,OAAO;AACrC,QAAO,OAAO,KAAK,eAAe,SAAS;AAC5C;;;;;AAMD,MAAa,2BAA2B,CACtCjB,UACAoB,uBACoB;AACpB,KAAI;EAGF,MAAM,YAAY,wBAAwB,SAAS;EAGnD,MAAM,iBAAiB,4BAA4B,SAAS;EAG5D,MAAM,eAAe,mBACnB,gBACA,mBAAmB,cACpB;EAID,MAAM,sBAAM,IAAI;EAChB,MAAM,cACJ,IAAI,aAAa,GACjB,MACA,OAAO,IAAI,UAAU,GAAG,EAAE,CAAC,SAAS,GAAG,IAAI,GAC3C,MACA,OAAO,IAAI,SAAS,CAAC,CAAC,SAAS,GAAG,IAAI,GACtC,MACA,OAAO,IAAI,UAAU,CAAC,CAAC,SAAS,GAAG,IAAI,GACvC,MACA,OAAO,IAAI,YAAY,CAAC,CAAC,SAAS,GAAG,IAAI,GACzC,MACA,OAAO,IAAI,YAAY,CAAC,CAAC,SAAS,GAAG,IAAI,GACzC;EAGF,MAAM,WAAW,uBAAuB,mBAAmB,eAAe;EAG1E,MAAM,oBAAoB,2BACxB,mBAAmB,eACpB;EAGD,MAAM,mBAAmB,uBACvB,mBACA,aACA,SAAS,YACT,SAAS,aACV;EAGD,MAAM,cAAc,gCAAgC,iBAAiB;EAGrE,MAAMF,aAA+B;GACnC,wBAAwB,CACtB;IACE,GAAG;IACH,WAAW;GACZ,CACF;GACD,iBAAiB,CACf;IACE,GAAG;IACH,WAAW;GACZ,CACF;GACD,WAAW,CACT;IACE,IAAI;IACJ,MAAM;IACN,KAAK;IACL,cAAc,CACZ;KACE,GAAG;KACH,WAAW;IACZ,CACF;IACD,aAAa,CAAC,EAAE,GAAG,UAAW,CAAC;GAChC,GACD;IACE,IAAI;IACJ,MAAM;IACN,KAAK;IACL,cAAc,CACZ;KACE,GAAG;KACH,WAAW;IACZ,CACF;IACD,aAAa,CAAC,EAAE,GAAG,YAAa,CAAC;GAClC,CACF;EACF;EAGD,MAAM,OAAO,IAAIf,uBAAgB,mBAAmB;EACpD,MAAM,cAAc,KAAK,IAAI,SAAS,SAAS;EAG/C,MAAM,iBAAiB,SAAS,IAAI,aAAW;GAC7C,MAAM,eAAe,2BAA2B,QAAQ;AAExD,UAAO;IACL,GAAG;IAGH,eAAe,CACb,EACE,cAAc,CACZ;KACE,cAAc,CACZ,EACE,GAAG,yDACJ,CACF;KACD,kBAAkB,CAChB,EACE,uBAAuB,CACrB,EACE,sBAAsB,CACpB;MACE,IAAI,CACF,EACE,GAAG,gDACJ,CACF;MACD,uBAAuB,CACrB,EACE,GAAG,sDACJ,CACF;MACD,WAAW,CACT;OACE,IAAI;OACJ,QAAQ,CACN,EACE,sBAAsB,CACpB;QACE,QAAQ;QACR,kBACE,iBAAiB;OACpB,CACF,EACF,CACF;OACD,SAAS,CACP,EACE,UAAU,CACR;QACE,iBAAiB,CAAC,EAAE,GAAG,YAAa,CAAC;QACrC,iBAAiB,CACf,EAAE,GAAG,SAAS,YAAa,CAC5B;QACD,kBAAkB,CAChB;SACE,gBAAgB,CACd,EACE,GAAG,SAAS,WACb,CACF;SACD,kBAAkB,CAChB,EACE,GAAG,SAAS,aACb,CACF;QACF,CACF;OACF,CACF,EACF,CACF;OACD,gBAAgB,CAAC,EAAE,GAAG,aAAc,CAAC;OACrC,YAAY,CAAC,UAAW;MACzB,CACF;KACF,CACF,EACF,CACF,EACF,CACF;IACF,CACF,EACF,CACF;IAGD,WAAW,CACT;KACE,IAAI,CACF,EACE,GAAG,sDACJ,CACF;KACD,iBAAiB,CACf,EACE,GAAG,yDACJ,CACF;IACF,CACF;GACF;EACF,EAAC;AAEF,SAAO;GACL,IAAI;GACJ,IAAI;GACJ,IAAI;GACJ,SAAS;EACV;CACF,SAAQ,OAAO;AACd,QAAM,IAAI,OACP,8BAA8B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,CAAC;CAEzF;AACF;;;;AAKD,MAAa,8BAA8B,CAACkB,WAQrB;CACrB,MAAM,WAAW,OAAO,YAAY;CACpC,MAAM,qBACJ,OAAO,6BAA6B,OAAO,YAAY;CACzD,MAAM,YAAa,qBAAqB,OAAO,UAAW;AAE1D,QAAO;EACL,wBAAwB,OAAO;EAC/B,iBAAiB,OAAO;EACxB,WAAW,OAAO;EAClB,SAAS,OAAO;EAChB,SAAS,OAAO;EAChB,WAAW,KAAK,MAAM,YAAY,IAAI,GAAG;EACzC,2BAA2B;EAC3B,oBAAoB,qBAAqB;CAC1C;AACF;;;;AAKD,MAAa,6BAA6B,CAACC,WAUpB;CACrB,MAAM,WAAW,OAAO,YAAY;CACpC,MAAM,qBACJ,OAAO,6BAA6B,OAAO,YAAY;CACzD,MAAM,YAAY,OAAO,mBAAmB,OAAO;AAEnD,QAAO;EACL,wBAAwB,OAAO;EAC/B,iBAAiB,OAAO;EACxB,WAAW,OAAO;EAClB,SAAS,OAAO;EAChB,kBAAkB,OAAO;EACzB,iBAAiB,OAAO;EACxB,qBAAqB,OAAO;EAC5B,WAAW,KAAK,MAAM,YAAY,IAAI,GAAG;EACzC,2BAA2B;EAC3B,oBAAoB,qBAAqB;CAC1C;AACF;;;;AAKD,MAAa,yBAAyB,CACpCC,cAUG;CACH,MAAM,qBAAqB,UAAU,OACnC,CAAC,KAAK,SAAS,MAAM,KAAK,2BAC1B,EACD;CACD,MAAM,iBAAiB,UAAU,OAC/B,CAAC,KAAK,SAAS,MAAM,KAAK,WAC1B,EACD;CACD,MAAM,qBAAqB,qBAAqB;AAEhD,QAAO;EACL,oBAAoB;GAClB,oBAAoB,KAAK,MAAM,qBAAqB,IAAI,GAAG;GAC3D,oBAAoB,KAAK,MAAM,qBAAqB,IAAI,GAAG;GAC3D,eAAe,KAAK,MAAM,qBAAqB,IAAI,GAAG;EACvD;EACD,UAAU,EACR,WAAW,KAAK,MAAM,iBAAiB,IAAI,GAAG,IAC/C;CACF;AACF"}

package/dist/{document-BAUDGfZU.js → document-nWFcUMsi.js} RENAMED Viewed

@@ -256,6 +256,8 @@ const generateCleanUBLDocument = (invoices) => {
 * Step 1: Transform the document for hashing or transmission
 * Removes UBLExtensions and Signature, and minifies the JSON
 * Returns the minified, cleaned JSON string
+*
+* FIXED: Use regex-based minification to match PowerShell script exactly
 */
 const transformDocumentForHashing = (invoices) => {
 	const cleanDocument = generateCleanUBLDocument(invoices);
@@ -264,7 +266,12 @@ const transformDocumentForHashing = (invoices) => {
 		delete invoice.UBLExtensions;
 		delete invoice.Signature;
 	});
-	return JSON.stringify(documentForTransform);
+	const jsonString = JSON.stringify(documentForTransform);
+	const minifiedJson = jsonString.replace(/("(?:\\.|[^"\\])*")|\s+/g, (match, quotedString) => {
+		if (quotedString) return quotedString;
+		else return "";
+	});
+	return minifiedJson;
 };
 /**
 * Step 2: Calculate Document Digest
@@ -280,13 +287,22 @@ const calculateDocumentDigest = (invoices) => {
 /**
 * Step 4: Calculate Certificate Digest
 * Enhanced to handle certificate content properly
+* FIXED: Match PowerShell script exactly - use raw certificate data like $cert.RawData
 */
 const calculateCertificateDigest = (certificatePem) => {
-	const certificateContent = certificatePem.replace(/-----BEGIN CERTIFICATE-----/g, "").replace(/-----END CERTIFICATE-----/g, "").replace(/\s+/g, "");
-	const certificateBinary = Buffer.from(certificateContent, "base64");
-	const hash = crypto.createHash("sha256");
-	hash.update(certificateBinary);
-	return hash.digest("base64");
+	try {
+		const cert = new X509Certificate(certificatePem);
+		const rawCertificateData = cert.raw;
+		const hash = crypto.createHash("sha256");
+		hash.update(rawCertificateData);
+		return hash.digest("base64");
+	} catch (error) {
+		const certificateContent = certificatePem.replace(/-----BEGIN CERTIFICATE-----/g, "").replace(/-----END CERTIFICATE-----/g, "").replace(/\s+/g, "");
+		const certificateBinary = Buffer.from(certificateContent, "base64");
+		const hash = crypto.createHash("sha256");
+		hash.update(certificateBinary);
+		return hash.digest("base64");
+	}
 };
 /**
 * Enhanced certificate info extraction with better error handling
@@ -296,18 +312,22 @@ const extractCertificateInfo = (certificatePem) => {
 	try {
 		const cert = new X509Certificate(certificatePem);
 		const serialNumberHex = cert.serialNumber;
-		const normalizeDistinguishedName = (dn) => {
-			const parts = dn.split(/\r?\n|,\s*/).map((part) => part.trim()).filter((part) => part.length > 0).reverse();
+		const escapeXmlSpecialChars = (str) => {
+			return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&apos;");
+		};
+		const normalizeIssuerName = (issuer) => {
+			const parts = issuer.split(/\r?\n|,\s*/).map((part) => part.trim()).filter((part) => part.length > 0).reverse();
 			return parts.join(", ").replace(/\s*=\s*/g, "=");
 		};
 		const formatSerialNumber = (serialHex) => {
 			const decimal = BigInt("0x" + serialHex).toString();
 			return decimal;
 		};
+		const rawSubjectName = cert.subject;
 		return {
-			issuerName: normalizeDistinguishedName(cert.issuer),
+			issuerName: escapeXmlSpecialChars(normalizeIssuerName(cert.issuer)),
 			serialNumber: formatSerialNumber(serialNumberHex),
-			subjectName: normalizeDistinguishedName(cert.subject)
+			subjectName: rawSubjectName
 		};
 	} catch (error) {
 		throw new Error(`Failed to extract certificate info: ${error instanceof Error ? error.message : String(error)}`);
@@ -342,6 +362,7 @@ const createSignedProperties = (certificateDigest, signingTime, issuerName, seri
 /**
 * Step 6: Calculate SignedProperties Digest
 * Calculates the digest over the correct structure for validator compliance.
+* FIXED: Calculate digest from SignedProperties only (without Target wrapper)
 */
 const calculateSignedPropertiesDigest = (signedProperties, useTargetWrapper = true) => {
 	let digestObj;
@@ -350,10 +371,13 @@ const calculateSignedPropertiesDigest = (signedProperties, useTargetWrapper = tr
 		SignedProperties: signedProperties.SignedProperties
 	};
 	else digestObj = signedProperties.SignedProperties;
-	const sortedDigestObj = sortObjectKeys(digestObj);
-	const signedPropertiesString = JSON.stringify(sortedDigestObj);
+	const signedPropertiesString = JSON.stringify(digestObj);
+	const minifiedSignedProperties = signedPropertiesString.replace(/("(?:\\.|[^"\\])*")|\s+/g, (match, quotedString) => {
+		if (quotedString) return quotedString;
+		else return "";
+	});
 	const hash = crypto.createHash("sha256");
-	hash.update(signedPropertiesString, "utf8");
+	hash.update(minifiedSignedProperties, "utf8");
 	return hash.digest("base64");
 };
 /**
@@ -406,13 +430,12 @@ const createSignedInfoAndSign = (docDigest, propsDigest, privateKeyPem) => {
 /**
 * Signs the minified document string using the provided private key PEM
 * Returns the signature as a base64 string
+* FIXED: Match PowerShell script exactly - first compute hash, then sign the hash
 */
 const signDocumentString = (documentString, privateKeyPem) => {
-	const signature = crypto.sign("sha256", Buffer.from(documentString, "utf8"), {
-		key: privateKeyPem,
-		padding: crypto.constants.RSA_PKCS1_PADDING
-	});
-	return signature.toString("base64");
+	const signer = crypto.createSign("RSA-SHA256");
+	signer.update(documentString, "utf8");
+	return signer.sign(privateKeyPem, "base64");
 };
 /**
 * Complete document generation with signatures
@@ -423,22 +446,45 @@ const generateCompleteDocument = (invoices, signingCredentials) => {
 		const docDigest = calculateDocumentDigest(invoices);
 		const documentString = transformDocumentForHashing(invoices);
 		const docSignature = signDocumentString(documentString, signingCredentials.privateKeyPem);
-		const signingTime = (/* @__PURE__ */ new Date()).toISOString();
+		const now = /* @__PURE__ */ new Date();
+		const signingTime = now.getFullYear() + "-" + String(now.getMonth() + 1).padStart(2, "0") + "-" + String(now.getDate()).padStart(2, "0") + "T" + String(now.getHours()).padStart(2, "0") + ":" + String(now.getMinutes()).padStart(2, "0") + ":" + String(now.getSeconds()).padStart(2, "0") + "Z";
 		const certInfo = extractCertificateInfo(signingCredentials.certificatePem);
 		const certificateDigest = calculateCertificateDigest(signingCredentials.certificatePem);
 		const signedProperties = createSignedProperties(certificateDigest, signingTime, certInfo.issuerName, certInfo.serialNumber);
-		const digestObj = {
-			Target: "signature",
-			SignedProperties: signedProperties.SignedProperties
+		const propsDigest = calculateSignedPropertiesDigest(signedProperties);
+		const signedInfo = {
+			CanonicalizationMethod: [{
+				_: "",
+				Algorithm: "http://www.w3.org/2006/12/xml-c14n11"
+			}],
+			SignatureMethod: [{
+				_: "",
+				Algorithm: "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
+			}],
+			Reference: [{
+				Id: "id-doc-signed-data",
+				Type: "",
+				URI: "",
+				DigestMethod: [{
+					_: "",
+					Algorithm: "http://www.w3.org/2001/04/xmlenc#sha256"
+				}],
+				DigestValue: [{ _: docDigest }]
+			}, {
+				Id: "id-xades-signed-props",
+				Type: "http://uri.etsi.org/01903/v1.3.2#SignedProperties",
+				URI: "#id-xades-signed-props",
+				DigestMethod: [{
+					_: "",
+					Algorithm: "http://www.w3.org/2001/04/xmlenc#sha256"
+				}],
+				DigestValue: [{ _: propsDigest }]
+			}]
 		};
-		const sortedDigestObj = sortObjectKeys(digestObj);
-		const signedPropertiesString = JSON.stringify(sortedDigestObj);
-		const propsDigest = crypto.createHash("sha256").update(signedPropertiesString, "utf8").digest("base64");
-		const { signedInfo } = createSignedInfoAndSign(docDigest, propsDigest, signingCredentials.privateKeyPem);
-		const certificate = signingCredentials.certificatePem.replace(/-----BEGIN CERTIFICATE-----/g, "").replace(/-----END CERTIFICATE-----/g, "").replace(/\s+/g, "");
+		const cert = new X509Certificate(signingCredentials.certificatePem);
+		const certificate = cert.raw.toString("base64");
 		const signedInvoices = invoices.map((invoice) => {
 			const cleanInvoice = generateCleanInvoiceObject(invoice);
-			const parsedCanonicalSignedProps = JSON.parse(signedPropertiesString);
 			return {
 				...cleanInvoice,
 				UBLExtensions: [{ UBLExtension: [{
@@ -448,7 +494,10 @@ const generateCompleteDocument = (invoices, signingCredentials) => {
 						ReferencedSignatureID: [{ _: "urn:oasis:names:specification:ubl:signature:Invoice" }],
 						Signature: [{
 							Id: "signature",
-							Object: [{ QualifyingProperties: [parsedCanonicalSignedProps] }],
+							Object: [{ QualifyingProperties: [{
+								Target: "signature",
+								SignedProperties: signedProperties.SignedProperties
+							}] }],
 							KeyInfo: [{ X509Data: [{
 								X509Certificate: [{ _: certificate }],
 								X509SubjectName: [{ _: certInfo.subjectName }],

package/dist/{documentSubmission-56VbFff3.cjs → documentSubmission-BE1En5JO.cjs} RENAMED Viewed

@@ -1,4 +1,4 @@
-const require_document = require('./document-B03WWFMc.cjs');
+const require_document = require('./document-CNM7-o5x.cjs');
 //#region src/api/documentSubmission.ts
 async function submitDocument(context, documents) {
@@ -147,4 +147,4 @@ Object.defineProperty(exports, 'submitDocument', {
     return submitDocument;
   }
 });
-//# sourceMappingURL=documentSubmission-56VbFff3.cjs.map
+//# sourceMappingURL=documentSubmission-BE1En5JO.cjs.map