npm - @ripwords/myinvois-client - Versions diffs - 0.2.35 → 0.2.37 - Mend

@ripwords/myinvois-client 0.2.35 → 0.2.37

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (83) hide show

package/dist/api/documentManagement.d.ts +2 -2
package/dist/api/documentSubmission.d.ts +3 -3
package/dist/api/documentSubmission.js +2 -2
package/dist/api/documentTypeManagement.d.ts +2 -2
package/dist/api/notificationManagement.d.ts +2 -2
package/dist/api/platformLogin.d.ts +3 -3
package/dist/api/platformLogin.js +1 -1
package/dist/api/taxpayerValidation.d.ts +2 -2
package/dist/{apiQueue-BE3-DB1A.js → apiQueue-CfneHIgD.js} +53 -19
package/dist/{apiQueue-DDXeQJDC.cjs → apiQueue-CiZxlntc.cjs} +54 -20
package/dist/apiQueue-CiZxlntc.cjs.map +1 -0
package/dist/{document-DWsGewNs.cjs → document-CCza2JPL.cjs} +30 -4
package/dist/document-CCza2JPL.cjs.map +1 -0
package/dist/{document-DI6hw1MO.js → document-DLFdGSK1.js} +29 -3
package/dist/{documentSubmission-YwuM4ap1.cjs → documentSubmission-M4UlirJ7.cjs} +8 -7
package/dist/documentSubmission-M4UlirJ7.cjs.map +1 -0
package/dist/{documentSubmission-CgW1Cm0W.js → documentSubmission-ZAgXsd3X.js} +7 -6
package/dist/{documents-4B5YOXeb.d.cts → documents-DCZ3Ffya.d.cts} +39 -1
package/dist/{documents-ChNlyKB2.d.ts → documents-DzZA3NHj.d.ts} +38 -0
package/dist/index.cjs +9 -6
package/dist/index.cjs.map +1 -1
package/dist/index.d.ts +3 -2
package/dist/index.js +9 -6
package/dist/index10.cjs +195 -4
package/dist/index10.cjs.map +1 -0
package/dist/index11.cjs +0 -22
package/dist/index12.cjs +24 -2
package/dist/{index20.cjs.map → index12.cjs.map} +1 -1
package/dist/index13.cjs +0 -3
package/dist/index14.cjs +0 -330
package/dist/index15.cjs +25 -189
package/dist/index15.cjs.map +1 -1
package/dist/index16.cjs +16 -53
package/dist/index16.cjs.map +1 -1
package/dist/index17.cjs +0 -532
package/dist/index18.cjs +25 -187
package/dist/index18.cjs.map +1 -1
package/dist/index19.cjs +24 -0
package/dist/{index27.cjs.map → index19.cjs.map} +1 -1
package/dist/index20.cjs +0 -25
package/dist/index23.cjs +3 -28
package/dist/index24.cjs +9 -21
package/dist/index24.cjs.map +1 -1
package/dist/index25.cjs +5 -0
package/dist/index26.cjs +21 -33
package/dist/index27.cjs +2 -23
package/dist/index28.cjs +3 -0
package/dist/index29.cjs +330 -0
package/dist/{index14.cjs.map → index29.cjs.map} +1 -1
package/dist/index3.cjs +2 -2
package/dist/index30.cjs +193 -0
package/dist/index30.cjs.map +1 -0
package/dist/index6.cjs +1 -1
package/dist/index62.cts.map +1 -1
package/dist/index65.cts.map +1 -1
package/dist/index67.cts.map +1 -1
package/dist/index71.cts.map +1 -1
package/dist/index8.cjs +61 -3
package/dist/index8.cjs.map +1 -0
package/dist/index9.cjs +528 -9
package/dist/index9.cjs.map +1 -1
package/dist/{platformLogin-CqI9OLYP.js → platformLogin-B6f18bB7.js} +2 -2
package/dist/{platformLogin-Ch6hFKoU.cjs → platformLogin-BVTUzLjd.cjs} +3 -3
package/dist/platformLogin-BVTUzLjd.cjs.map +1 -0
package/dist/{taxpayer-C9VMf0iv.d.ts → taxpayer-DmHW0m7o.d.ts} +1 -1
package/dist/{taxpayer-DubRo4qZ.d.cts → taxpayer-Pm90MrPj.d.cts} +2 -2
package/dist/types/documents.d.ts +1 -1
package/dist/types/index.d.ts +2 -2
package/dist/types/taxpayer.d.ts +2 -2
package/dist/utils/apiQueue.js +1 -1
package/dist/utils/document.d.ts +6 -2
package/dist/utils/document.js +1 -1
package/dist/utils/signature-diagnostics.d.ts +2 -2
package/dist/utils/signature-diagnostics.js +1 -1
package/dist/utils/validation.d.ts +2 -2
package/package.json +1 -1
package/dist/apiQueue-DDXeQJDC.cjs.map +0 -1
package/dist/document-DWsGewNs.cjs.map +0 -1
package/dist/documentSubmission-YwuM4ap1.cjs.map +0 -1
package/dist/index17.cjs.map +0 -1
package/dist/index23.cjs.map +0 -1
package/dist/index26.cjs.map +0 -1
package/dist/platformLogin-Ch6hFKoU.cjs.map +0 -1

package/dist/index29.cjs CHANGED Viewed

@@ -0,0 +1,330 @@
+const require_chunk = require('./chunk-CUT6urMc.cjs');
+require('./formatIdValue-i67o4kyD.cjs');
+const require_document = require('./document-CCza2JPL.cjs');
+const crypto = require_chunk.__toESM(require("crypto"));
+//#region src/utils/signature-diagnostics.ts
+/**
+* Analyzes certificate for MyInvois compatibility issues
+*/
+function analyzeCertificateForDiagnostics(certificatePem) {
+	const issues = [];
+	const recommendations = [];
+	try {
+		const cert = new crypto.default.X509Certificate(certificatePem);
+		const certInfo = require_document.extractCertificateInfo(certificatePem);
+		const parseSubjectFields = (dn) => {
+			const fields = {};
+			dn.split("\n").forEach((line) => {
+				const trimmed = line.trim();
+				if (trimmed.includes("=")) {
+					const [key, ...valueParts] = trimmed.split("=");
+					if (key) fields[key.trim()] = valueParts.join("=").trim();
+				}
+			});
+			return fields;
+		};
+		const subjectFields = parseSubjectFields(cert.subject);
+		const organizationIdentifier = subjectFields["organizationIdentifier"] || subjectFields["2.5.4.97"];
+		const serialNumber = subjectFields["serialNumber"];
+		if (!organizationIdentifier) {
+			issues.push("DS311: Certificate missing organizationIdentifier field (TIN)");
+			recommendations.push("CRITICAL: Generate new certificate with organizationIdentifier matching your MyInvois TIN");
+			recommendations.push("Portal Error: \"Signer of invoice doesn't match the submitter of document. TIN doesn't match with the OI.\"");
+		} else if (organizationIdentifier.length < 10) {
+			issues.push("DS311: OrganizationIdentifier (TIN) appears too short - may cause submission rejection");
+			recommendations.push("Verify TIN format matches exactly what is registered in MyInvois");
+		}
+		if (!serialNumber) {
+			issues.push("DS312: Certificate missing serialNumber field (business registration)");
+			recommendations.push("CRITICAL: Generate new certificate with serialNumber matching your business registration");
+			recommendations.push("Portal Error: \"Submitter registration/identity number doesn't match with the certificate SERIALNUMBER.\"");
+		}
+		if (cert.issuer === cert.subject) {
+			issues.push("DS329: Self-signed certificate detected - will fail chain of trust validation");
+			recommendations.push("BLOCKING: Obtain certificate from MyInvois-approved CA:");
+			recommendations.push("• MSC Trustgate Sdn Bhd");
+			recommendations.push("• DigiCert Sdn Bhd");
+			recommendations.push("• Cybersign Asia Sdn Bhd");
+			recommendations.push("Portal Error: \"Certificate is not valid according to the chain of trust validation or has been issued by an untrusted certificate authority.\"");
+		} else {
+			const issuerName = cert.issuer.toLowerCase();
+			const approvedCAs = [
+				"msc trustgate",
+				"digicert",
+				"cybersign"
+			];
+			const isFromApprovedCA = approvedCAs.some((ca) => issuerName.includes(ca));
+			if (!isFromApprovedCA) {
+				issues.push("DS329: Certificate may not be from MyInvois-approved CA");
+				recommendations.push("Verify certificate was issued by an approved CA for MyInvois");
+			}
+		}
+		const rawIssuer = cert.issuer;
+		const normalizedIssuer = certInfo.issuerName;
+		const normalizedIssuerIssues = [
+			{
+				check: normalizedIssuer.includes("\n"),
+				issue: "Normalized issuer still contains newlines"
+			},
+			{
+				check: normalizedIssuer.includes("  "),
+				issue: "Normalized issuer contains double spaces"
+			},
+			{
+				check: /=\s+/.test(normalizedIssuer),
+				issue: "Normalized issuer has spaces after equals"
+			},
+			{
+				check: /\s+=/.test(normalizedIssuer),
+				issue: "Normalized issuer has spaces before equals"
+			},
+			{
+				check: normalizedIssuer.includes("\r"),
+				issue: "Normalized issuer contains carriage returns"
+			}
+		];
+		const hasActualFormatIssues = normalizedIssuerIssues.some(({ check, issue }) => {
+			if (check) {
+				issues.push(`DS326: ${issue} - will cause X509IssuerName mismatch`);
+				return true;
+			}
+			return false;
+		});
+		const hasRawIssuesButNormalizedOk = rawIssuer.includes("\n") && !normalizedIssuer.includes("\n");
+		if (hasActualFormatIssues) {
+			recommendations.push("CRITICAL: Fix issuer name normalization in signature generation");
+			recommendations.push("Portal Error: \"Certificate X509IssuerName doesn't match the X509IssuerName value provided in the signed properties section.\"");
+			recommendations.push("The normalization function is not properly formatting the issuer name");
+			recommendations.push("Debug: Check document.ts extractCertificateInfo() normalization logic");
+		} else if (hasRawIssuesButNormalizedOk) console.log("ℹ️  Note: Raw certificate issuer has newlines but normalization is handling them correctly");
+		const now = /* @__PURE__ */ new Date();
+		const validFrom = new Date(cert.validFrom);
+		const validTo = new Date(cert.validTo);
+		if (now < validFrom) {
+			issues.push("DS329: Certificate not yet valid (future start date)");
+			recommendations.push("Wait until certificate validity period begins");
+		}
+		if (now > validTo) {
+			issues.push("DS329: Certificate has expired");
+			recommendations.push("BLOCKING: Renew certificate - expired certificates are rejected");
+		}
+		try {
+			if (cert.keyUsage && !cert.keyUsage.includes("digital signature")) {
+				issues.push("DS333: Certificate lacks digitalSignature key usage");
+				recommendations.push("Generate new certificate with digitalSignature key usage enabled");
+			}
+		} catch {
+			console.log("Note: Could not check key usage extensions");
+		}
+		return {
+			organizationIdentifier,
+			serialNumber,
+			issuerName: certInfo.issuerName,
+			subjectName: certInfo.subjectName,
+			issues,
+			recommendations
+		};
+	} catch (error) {
+		issues.push(`Certificate parsing failed: ${error}`);
+		recommendations.push("Verify certificate format and validity");
+		return {
+			issuerName: "",
+			subjectName: "",
+			issues,
+			recommendations
+		};
+	}
+}
+/**
+* Analyzes signature generation for potential issues
+*/
+function analyzeSignatureForDiagnostics(invoices, certificatePem) {
+	const issues = [];
+	const recommendations = [];
+	try {
+		const documentDigest = require_document.calculateDocumentDigest(invoices);
+		const certificateDigest = require_document.calculateCertificateDigest(certificatePem);
+		const certInfo = require_document.extractCertificateInfo(certificatePem);
+		const signingTime = (/* @__PURE__ */ new Date()).toISOString();
+		const signedProperties = require_document.createSignedProperties(certificateDigest, signingTime, certInfo.issuerName, certInfo.serialNumber);
+		const signedPropertiesDigest = require_document.calculateSignedPropertiesDigest(signedProperties);
+		if (documentDigest.length === 0) {
+			issues.push("DS333: Document digest generation failed");
+			recommendations.push("CRITICAL: Verify document serialization excludes UBLExtensions/Signature");
+			recommendations.push("Portal Error: \"Document signature value is not a valid signature of the document digest using the public key of the certificate provided.\"");
+		}
+		if (certificateDigest.length === 0) {
+			issues.push("DS333: Certificate digest generation failed");
+			recommendations.push("CRITICAL: Verify certificate format and encoding");
+			recommendations.push("Certificate must be properly base64 encoded without headers/footers");
+		}
+		if (signedPropertiesDigest.length === 0) {
+			issues.push("DS333: Signed properties digest generation failed");
+			recommendations.push("CRITICAL: Verify signed properties structure and canonicalization");
+			recommendations.push("Check XML canonicalization (C14N) is applied correctly");
+		}
+		try {
+			const cert = new crypto.default.X509Certificate(certificatePem);
+			const publicKey = cert.publicKey;
+			const keyDetails = publicKey.asymmetricKeyDetails;
+			if (keyDetails) {
+				if (publicKey.asymmetricKeyType === "rsa" && keyDetails.modulusLength && keyDetails.modulusLength < 2048) {
+					issues.push("DS333: RSA key size too small (minimum 2048 bits required)");
+					recommendations.push("CRITICAL: Generate new certificate with RSA 2048+ bits");
+				}
+				const supportedKeyTypes = ["rsa", "ec"];
+				if (!supportedKeyTypes.includes(publicKey.asymmetricKeyType || "")) {
+					issues.push(`DS333: Unsupported key type: ${publicKey.asymmetricKeyType}`);
+					recommendations.push("CRITICAL: Use RSA or EC key types for MyInvois compatibility");
+				}
+			}
+			const certBuffer = Buffer.from(certificatePem.replace(/-----[^-]+-----/g, "").replace(/\s/g, ""), "base64");
+			if (certBuffer.length === 0) {
+				issues.push("DS333: Certificate encoding appears invalid");
+				recommendations.push("CRITICAL: Verify certificate is properly PEM encoded");
+			}
+		} catch (error) {
+			issues.push(`DS333: Certificate validation failed - ${error}`);
+			recommendations.push("CRITICAL: Verify certificate format and structure are valid");
+		}
+		const isValidBase64 = (str) => {
+			try {
+				return Buffer.from(str, "base64").toString("base64") === str;
+			} catch {
+				return false;
+			}
+		};
+		if (documentDigest && !isValidBase64(documentDigest)) {
+			issues.push("DS333: Document digest is not valid base64 format");
+			recommendations.push("Ensure digest is properly base64 encoded");
+		}
+		if (certificateDigest && !isValidBase64(certificateDigest)) {
+			issues.push("DS333: Certificate digest is not valid base64 format");
+			recommendations.push("Ensure certificate digest is properly base64 encoded");
+		}
+		if (signedPropertiesDigest && !isValidBase64(signedPropertiesDigest)) {
+			issues.push("DS333: Signed properties digest is not valid base64 format");
+			recommendations.push("Ensure signed properties digest is properly base64 encoded");
+		}
+		return {
+			documentDigest,
+			certificateDigest,
+			signedPropertiesDigest,
+			issues,
+			recommendations
+		};
+	} catch (error) {
+		issues.push(`Signature analysis failed: ${error}`);
+		recommendations.push("Review signature generation implementation");
+		return {
+			documentDigest: "",
+			certificateDigest: "",
+			signedPropertiesDigest: "",
+			issues,
+			recommendations
+		};
+	}
+}
+/**
+* Comprehensive signature diagnostics
+*/
+function diagnoseSignatureIssues(invoices, certificatePem) {
+	const certificateAnalysis = analyzeCertificateForDiagnostics(certificatePem);
+	const signatureAnalysis = analyzeSignatureForDiagnostics(invoices, certificatePem);
+	const certificateIssues = certificateAnalysis.issues.length;
+	const signatureIssues = signatureAnalysis.issues.length;
+	return {
+		certificateAnalysis,
+		signatureAnalysis,
+		summary: {
+			totalIssues: certificateIssues + signatureIssues,
+			certificateIssues,
+			signatureIssues
+		}
+	};
+}
+/**
+* Prints diagnostic results in a formatted way
+*/
+function printDiagnostics(result) {
+	console.log("\n🔍 MyInvois Signature Diagnostics Report");
+	console.log("=".repeat(60));
+	console.log("\n📜 CERTIFICATE ANALYSIS");
+	console.log("-".repeat(30));
+	console.log(`  Issuer: ${result.certificateAnalysis.issuerName}`);
+	console.log(`  Subject: ${result.certificateAnalysis.subjectName}`);
+	if (result.certificateAnalysis.organizationIdentifier) console.log(`  Organization ID (TIN): ${result.certificateAnalysis.organizationIdentifier}`);
+	if (result.certificateAnalysis.serialNumber) console.log(`  Serial Number: ${result.certificateAnalysis.serialNumber}`);
+	if (result.certificateAnalysis.issues.length > 0) {
+		console.log("\n  🚨 Certificate Issues:");
+		result.certificateAnalysis.issues.forEach((issue, index) => {
+			console.log(`    ${index + 1}. ${issue}`);
+		});
+	}
+	if (result.certificateAnalysis.recommendations.length > 0) {
+		console.log("\n  💡 Certificate Recommendations:");
+		result.certificateAnalysis.recommendations.forEach((rec, index) => {
+			console.log(`    ${index + 1}. ${rec}`);
+		});
+	}
+	console.log("\n🔐 SIGNATURE ANALYSIS");
+	console.log("-".repeat(30));
+	console.log(`  Document Digest: ${result.signatureAnalysis.documentDigest.substring(0, 32)}...`);
+	console.log(`  Certificate Digest: ${result.signatureAnalysis.certificateDigest.substring(0, 32)}...`);
+	console.log(`  Signed Properties Digest: ${result.signatureAnalysis.signedPropertiesDigest.substring(0, 32)}...`);
+	if (result.signatureAnalysis.issues.length > 0) {
+		console.log("\n  🚨 Signature Issues:");
+		result.signatureAnalysis.issues.forEach((issue, index) => {
+			console.log(`    ${index + 1}. ${issue}`);
+		});
+	}
+	if (result.signatureAnalysis.recommendations.length > 0) {
+		console.log("\n  💡 Signature Recommendations:");
+		result.signatureAnalysis.recommendations.forEach((rec, index) => {
+			console.log(`    ${index + 1}. ${rec}`);
+		});
+	}
+	console.log("\n📊 SUMMARY");
+	console.log("-".repeat(30));
+	console.log(`  Total Issues Found: ${result.summary.totalIssues}`);
+	console.log(`  Certificate Issues: ${result.summary.certificateIssues}`);
+	console.log(`  Signature Issues: ${result.summary.signatureIssues}`);
+	if (result.summary.totalIssues === 0) {
+		console.log("\n  ✅ No issues detected in current analysis");
+		console.log("  🎉 Certificate and signature implementation appear valid");
+	} else {
+		console.log("\n  ⚠️  Issues detected - review recommendations above");
+		const hasDS311 = result.certificateAnalysis.issues.some((issue) => issue.includes("DS311"));
+		const hasDS312 = result.certificateAnalysis.issues.some((issue) => issue.includes("DS312"));
+		const hasDS326 = result.certificateAnalysis.issues.some((issue) => issue.includes("DS326"));
+		const hasDS329 = result.certificateAnalysis.issues.some((issue) => issue.includes("DS329"));
+		const hasDS333 = result.signatureAnalysis.issues.some((issue) => issue.includes("DS333"));
+		console.log("\n  🎯 MYINVOIS PORTAL ERROR ANALYSIS:");
+		if (hasDS311) console.log("     ❌ DS311 - TIN mismatch between certificate and submitter");
+		if (hasDS312) console.log("     ❌ DS312 - Registration number mismatch with certificate");
+		if (hasDS326) console.log("     ❌ DS326 - X509IssuerName format inconsistency");
+		if (hasDS329) console.log("     ❌ DS329 - Certificate trust chain validation failure");
+		if (hasDS333) console.log("     ❌ DS333 - Document signature validation failure");
+		if (result.summary.certificateIssues > 0) {
+			console.log("\n  🚨 PRIMARY ACTION REQUIRED:");
+			console.log("     Certificate issues must be resolved first");
+			console.log("     Self-generated certificates cannot pass MyInvois validation");
+		}
+		if (result.summary.signatureIssues > 0) {
+			console.log("\n  ⚙️  SECONDARY ACTION:");
+			console.log("     Review and optimize signature implementation");
+		}
+		console.log("\n  📋 NEXT STEPS:");
+		console.log("     1. Address BLOCKING/CRITICAL issues first");
+		console.log("     2. Test with updated certificate/implementation");
+		console.log("     3. Re-run diagnostics to verify fixes");
+		console.log("     4. Submit test document to MyInvois portal");
+	}
+	console.log("\n" + "=".repeat(60));
+}
+//#endregion
+exports.diagnoseSignatureIssues = diagnoseSignatureIssues;
+exports.printDiagnostics = printDiagnostics;
+//# sourceMappingURL=index29.cjs.map

package/dist/{index14.cjs.map → index29.cjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index14.cjs","names":["certificatePem: string","issues: string[]","recommendations: string[]","dn: string","fields: Record<string, string>","invoices: InvoiceV1_1[]","str: string","result: DiagnosticResult"],"sources":["../src/utils/signature-diagnostics.ts"],"sourcesContent":["import crypto from 'crypto'\nimport type { InvoiceV1_1 } from '../types'\nimport {\n extractCertificateInfo,\n calculateDocumentDigest,\n calculateSignedPropertiesDigest,\n createSignedProperties,\n calculateCertificateDigest,\n} from './document'\n\nexport interface CertificateAnalysisResult {\n organizationIdentifier?: string\n serialNumber?: string\n issuerName: string\n subjectName: string\n issues: string[]\n recommendations: string[]\n}\n\nexport interface SignatureAnalysisResult {\n documentDigest: string\n certificateDigest: string\n signedPropertiesDigest: string\n issues: string[]\n recommendations: string[]\n}\n\nexport interface DiagnosticResult {\n certificateAnalysis: CertificateAnalysisResult\n signatureAnalysis: SignatureAnalysisResult\n summary: {\n totalIssues: number\n certificateIssues: number\n signatureIssues: number\n }\n}\n\n/*\n Analyzes certificate for MyInvois compatibility issues\n /\nfunction analyzeCertificateForDiagnostics(\n certificatePem: string,\n): CertificateAnalysisResult {\n const issues: string[] = []\n const recommendations: string[] = []\n\n try {\n const cert = new crypto.X509Certificate(certificatePem)\n const certInfo = extractCertificateInfo(certificatePem)\n\n // Parse subject fields for MyInvois analysis\n const parseSubjectFields = (dn: string) => {\n const fields: Record<string, string> = {}\n dn.split('\\n').forEach(line => {\n const trimmed = line.trim()\n if (trimmed.includes('=')) {\n const [key, ...valueParts] = trimmed.split('=')\n if (key) {\n fields[key.trim()] = valueParts.join('=').trim()\n }\n }\n })\n return fields\n }\n\n const subjectFields = parseSubjectFields(cert.subject)\n const organizationIdentifier =\n subjectFields['organizationIdentifier'] \|\| subjectFields['2.5.4.97']\n const serialNumber = subjectFields['serialNumber']\n\n // DS311 - TIN Mismatch Analysis\n if (!organizationIdentifier) {\n issues.push(\n 'DS311: Certificate missing organizationIdentifier field (TIN)',\n )\n recommendations.push(\n 'CRITICAL: Generate new certificate with organizationIdentifier matching your MyInvois TIN',\n )\n recommendations.push(\n 'Portal Error: \"Signer of invoice doesn\\'t match the submitter of document. TIN doesn\\'t match with the OI.\"',\n )\n } else {\n // Additional TIN format validation\n if (organizationIdentifier.length < 10) {\n issues.push(\n 'DS311: OrganizationIdentifier (TIN) appears too short - may cause submission rejection',\n )\n recommendations.push(\n 'Verify TIN format matches exactly what is registered in MyInvois',\n )\n }\n }\n\n // DS312 - Registration Number Analysis\n if (!serialNumber) {\n issues.push(\n 'DS312: Certificate missing serialNumber field (business registration)',\n )\n recommendations.push(\n 'CRITICAL: Generate new certificate with serialNumber matching your business registration',\n )\n recommendations.push(\n 'Portal Error: \"Submitter registration/identity number doesn\\'t match with the certificate SERIALNUMBER.\"',\n )\n }\n\n // DS329 - Certificate Trust Analysis\n if (cert.issuer === cert.subject) {\n issues.push(\n 'DS329: Self-signed certificate detected - will fail chain of trust validation',\n )\n recommendations.push(\n 'BLOCKING: Obtain certificate from MyInvois-approved CA:',\n )\n recommendations.push('• MSC Trustgate Sdn Bhd')\n recommendations.push('• DigiCert Sdn Bhd')\n recommendations.push('• Cybersign Asia Sdn Bhd')\n recommendations.push(\n 'Portal Error: \"Certificate is not valid according to the chain of trust validation or has been issued by an untrusted certificate authority.\"',\n )\n } else {\n // Check if issuer looks like a known CA\n const issuerName = cert.issuer.toLowerCase()\n const approvedCAs = ['msc trustgate', 'digicert', 'cybersign']\n const isFromApprovedCA = approvedCAs.some(ca => issuerName.includes(ca))\n\n if (!isFromApprovedCA) {\n issues.push('DS329: Certificate may not be from MyInvois-approved CA')\n recommendations.push(\n 'Verify certificate was issued by an approved CA for MyInvois',\n )\n }\n }\n\n // DS326 - Issuer Name Format Analysis (Enhanced)\n const rawIssuer = cert.issuer\n const normalizedIssuer = certInfo.issuerName\n\n // Check for issues in the NORMALIZED issuer (these are actual problems)\n const normalizedIssuerIssues = [\n {\n check: normalizedIssuer.includes('\\n'),\n issue: 'Normalized issuer still contains newlines',\n },\n {\n check: normalizedIssuer.includes(' '),\n issue: 'Normalized issuer contains double spaces',\n },\n {\n check: /=\\s+/.test(normalizedIssuer),\n issue: 'Normalized issuer has spaces after equals',\n },\n {\n check: /\\s+=/.test(normalizedIssuer),\n issue: 'Normalized issuer has spaces before equals',\n },\n {\n check: normalizedIssuer.includes('\\r'),\n issue: 'Normalized issuer contains carriage returns',\n },\n ]\n\n // Only report actual issues in the normalized version that will cause portal errors\n const hasActualFormatIssues = normalizedIssuerIssues.some(\n ({ check, issue }) => {\n if (check) {\n issues.push(`DS326: ${issue} - will cause X509IssuerName mismatch`)\n return true\n }\n return false\n },\n )\n\n // Check if raw issuer has issues but normalized version is OK (informational)\n const hasRawIssuesButNormalizedOk =\n rawIssuer.includes('\\n') && !normalizedIssuer.includes('\\n')\n\n if (hasActualFormatIssues) {\n recommendations.push(\n 'CRITICAL: Fix issuer name normalization in signature generation',\n )\n recommendations.push(\n 'Portal Error: \"Certificate X509IssuerName doesn\\'t match the X509IssuerName value provided in the signed properties section.\"',\n )\n recommendations.push(\n 'The normalization function is not properly formatting the issuer name',\n )\n recommendations.push(\n 'Debug: Check document.ts extractCertificateInfo() normalization logic',\n )\n } else if (hasRawIssuesButNormalizedOk) {\n // This is informational - normalization is working correctly\n console.log(\n 'ℹ️ Note: Raw certificate issuer has newlines but normalization is handling them correctly',\n )\n }\n\n // Additional certificate validity checks\n const now = new Date()\n const validFrom = new Date(cert.validFrom)\n const validTo = new Date(cert.validTo)\n\n if (now < validFrom) {\n issues.push('DS329: Certificate not yet valid (future start date)')\n recommendations.push('Wait until certificate validity period begins')\n }\n\n if (now > validTo) {\n issues.push('DS329: Certificate has expired')\n recommendations.push(\n 'BLOCKING: Renew certificate - expired certificates are rejected',\n )\n }\n\n // Check certificate key usage (if available)\n try {\n if (cert.keyUsage && !cert.keyUsage.includes('digital signature')) {\n issues.push('DS333: Certificate lacks digitalSignature key usage')\n recommendations.push(\n 'Generate new certificate with digitalSignature key usage enabled',\n )\n }\n } catch {\n // Key usage might not be available in all certificates\n console.log('Note: Could not check key usage extensions')\n }\n\n return {\n organizationIdentifier,\n serialNumber,\n issuerName: certInfo.issuerName,\n subjectName: certInfo.subjectName,\n issues,\n recommendations,\n }\n } catch (error) {\n issues.push(`Certificate parsing failed: ${error}`)\n recommendations.push('Verify certificate format and validity')\n\n return {\n issuerName: '',\n subjectName: '',\n issues,\n recommendations,\n }\n }\n}\n\n/\n Analyzes signature generation for potential issues\n /\nfunction analyzeSignatureForDiagnostics(\n invoices: InvoiceV1_1[],\n certificatePem: string,\n): SignatureAnalysisResult {\n const issues: string[] = []\n const recommendations: string[] = []\n\n try {\n // Step 1: Document digest\n const documentDigest = calculateDocumentDigest(invoices)\n\n // Step 2: Certificate digest\n const certificateDigest = calculateCertificateDigest(certificatePem)\n\n // Step 3: Extract certificate info\n const certInfo = extractCertificateInfo(certificatePem)\n const signingTime = new Date().toISOString()\n\n // Step 4: Create signed properties\n const signedProperties = createSignedProperties(\n certificateDigest,\n signingTime,\n certInfo.issuerName,\n certInfo.serialNumber,\n )\n\n // Step 5: Signed properties digest\n const signedPropertiesDigest =\n calculateSignedPropertiesDigest(signedProperties)\n\n // DS333 - Document Signature Validation\n if (documentDigest.length === 0) {\n issues.push('DS333: Document digest generation failed')\n recommendations.push(\n 'CRITICAL: Verify document serialization excludes UBLExtensions/Signature',\n )\n recommendations.push(\n 'Portal Error: \"Document signature value is not a valid signature of the document digest using the public key of the certificate provided.\"',\n )\n }\n\n if (certificateDigest.length === 0) {\n issues.push('DS333: Certificate digest generation failed')\n recommendations.push('CRITICAL: Verify certificate format and encoding')\n recommendations.push(\n 'Certificate must be properly base64 encoded without headers/footers',\n )\n }\n\n if (signedPropertiesDigest.length === 0) {\n issues.push('DS333: Signed properties digest generation failed')\n recommendations.push(\n 'CRITICAL: Verify signed properties structure and canonicalization',\n )\n recommendations.push(\n 'Check XML canonicalization (C14N) is applied correctly',\n )\n }\n\n // Additional DS333 checks\n try {\n const cert = new crypto.X509Certificate(certificatePem)\n\n // Verify the certificate has the required algorithms for MyInvois\n const publicKey = cert.publicKey\n const keyDetails = publicKey.asymmetricKeyDetails\n\n if (keyDetails) {\n // Check if key size is adequate for RSA (minimum 2048 bits)\n if (\n publicKey.asymmetricKeyType === 'rsa' &&\n keyDetails.modulusLength &&\n keyDetails.modulusLength < 2048\n ) {\n issues.push(\n 'DS333: RSA key size too small (minimum 2048 bits required)',\n )\n recommendations.push(\n 'CRITICAL: Generate new certificate with RSA 2048+ bits',\n )\n }\n\n // Check supported key types\n const supportedKeyTypes = ['rsa', 'ec']\n if (!supportedKeyTypes.includes(publicKey.asymmetricKeyType \|\| '')) {\n issues.push(\n `DS333: Unsupported key type: ${publicKey.asymmetricKeyType}`,\n )\n recommendations.push(\n 'CRITICAL: Use RSA or EC key types for MyInvois compatibility',\n )\n }\n }\n\n // Test certificate format validity\n const certBuffer = Buffer.from(\n certificatePem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, ''),\n 'base64',\n )\n if (certBuffer.length === 0) {\n issues.push('DS333: Certificate encoding appears invalid')\n recommendations.push(\n 'CRITICAL: Verify certificate is properly PEM encoded',\n )\n }\n } catch (error) {\n issues.push(`DS333: Certificate validation failed - ${error}`)\n recommendations.push(\n 'CRITICAL: Verify certificate format and structure are valid',\n )\n }\n\n // Validate digest formats (should be base64)\n const isValidBase64 = (str: string) => {\n try {\n return Buffer.from(str, 'base64').toString('base64') === str\n } catch {\n return false\n }\n }\n\n if (documentDigest && !isValidBase64(documentDigest)) {\n issues.push('DS333: Document digest is not valid base64 format')\n recommendations.push('Ensure digest is properly base64 encoded')\n }\n\n if (certificateDigest && !isValidBase64(certificateDigest)) {\n issues.push('DS333: Certificate digest is not valid base64 format')\n recommendations.push(\n 'Ensure certificate digest is properly base64 encoded',\n )\n }\n\n if (signedPropertiesDigest && !isValidBase64(signedPropertiesDigest)) {\n issues.push('DS333: Signed properties digest is not valid base64 format')\n recommendations.push(\n 'Ensure signed properties digest is properly base64 encoded',\n )\n }\n\n return {\n documentDigest,\n certificateDigest,\n signedPropertiesDigest,\n issues,\n recommendations,\n }\n } catch (error) {\n issues.push(`Signature analysis failed: ${error}`)\n recommendations.push('Review signature generation implementation')\n\n return {\n documentDigest: '',\n certificateDigest: '',\n signedPropertiesDigest: '',\n issues,\n recommendations,\n }\n }\n}\n\n/\n Comprehensive signature diagnostics\n /\nexport function diagnoseSignatureIssues(\n invoices: InvoiceV1_1[],\n certificatePem: string,\n): DiagnosticResult {\n const certificateAnalysis = analyzeCertificateForDiagnostics(certificatePem)\n const signatureAnalysis = analyzeSignatureForDiagnostics(\n invoices,\n certificatePem,\n )\n\n const certificateIssues = certificateAnalysis.issues.length\n const signatureIssues = signatureAnalysis.issues.length\n\n return {\n certificateAnalysis,\n signatureAnalysis,\n summary: {\n totalIssues: certificateIssues + signatureIssues,\n certificateIssues,\n signatureIssues,\n },\n }\n}\n\n/\n Prints diagnostic results in a formatted way\n */\nexport function printDiagnostics(result: DiagnosticResult): void {\n console.log('\\n🔍 MyInvois Signature Diagnostics Report')\n console.log('='.repeat(60))\n\n // Certificate Analysis\n console.log('\\n📜 CERTIFICATE ANALYSIS')\n console.log('-'.repeat(30))\n\n console.log(` Issuer: ${result.certificateAnalysis.issuerName}`)\n console.log(` Subject: ${result.certificateAnalysis.subjectName}`)\n\n if (result.certificateAnalysis.organizationIdentifier) {\n console.log(\n ` Organization ID (TIN): ${result.certificateAnalysis.organizationIdentifier}`,\n )\n }\n\n if (result.certificateAnalysis.serialNumber) {\n console.log(` Serial Number: ${result.certificateAnalysis.serialNumber}`)\n }\n\n if (result.certificateAnalysis.issues.length > 0) {\n console.log('\\n 🚨 Certificate Issues:')\n result.certificateAnalysis.issues.forEach((issue, index) => {\n console.log(` ${index + 1}. ${issue}`)\n })\n }\n\n if (result.certificateAnalysis.recommendations.length > 0) {\n console.log('\\n 💡 Certificate Recommendations:')\n result.certificateAnalysis.recommendations.forEach((rec, index) => {\n console.log(` ${index + 1}. ${rec}`)\n })\n }\n\n // Signature Analysis\n console.log('\\n🔐 SIGNATURE ANALYSIS')\n console.log('-'.repeat(30))\n\n console.log(\n ` Document Digest: ${result.signatureAnalysis.documentDigest.substring(0, 32)}...`,\n )\n console.log(\n ` Certificate Digest: ${result.signatureAnalysis.certificateDigest.substring(0, 32)}...`,\n )\n console.log(\n ` Signed Properties Digest: ${result.signatureAnalysis.signedPropertiesDigest.substring(0, 32)}...`,\n )\n\n if (result.signatureAnalysis.issues.length > 0) {\n console.log('\\n 🚨 Signature Issues:')\n result.signatureAnalysis.issues.forEach((issue, index) => {\n console.log(` ${index + 1}. ${issue}`)\n })\n }\n\n if (result.signatureAnalysis.recommendations.length > 0) {\n console.log('\\n 💡 Signature Recommendations:')\n result.signatureAnalysis.recommendations.forEach((rec, index) => {\n console.log(` ${index + 1}. ${rec}`)\n })\n }\n\n // Summary\n console.log('\\n📊 SUMMARY')\n console.log('-'.repeat(30))\n console.log(` Total Issues Found: ${result.summary.totalIssues}`)\n console.log(` Certificate Issues: ${result.summary.certificateIssues}`)\n console.log(` Signature Issues: ${result.summary.signatureIssues}`)\n\n if (result.summary.totalIssues === 0) {\n console.log('\\n ✅ No issues detected in current analysis')\n console.log(' 🎉 Certificate and signature implementation appear valid')\n } else {\n console.log('\\n ⚠️ Issues detected - review recommendations above')\n\n // Check for specific portal errors\n const hasDS311 = result.certificateAnalysis.issues.some(issue =>\n issue.includes('DS311'),\n )\n const hasDS312 = result.certificateAnalysis.issues.some(issue =>\n issue.includes('DS312'),\n )\n const hasDS326 = result.certificateAnalysis.issues.some(issue =>\n issue.includes('DS326'),\n )\n const hasDS329 = result.certificateAnalysis.issues.some(issue =>\n issue.includes('DS329'),\n )\n const hasDS333 = result.signatureAnalysis.issues.some(issue =>\n issue.includes('DS333'),\n )\n\n console.log('\\n 🎯 MYINVOIS PORTAL ERROR ANALYSIS:')\n\n if (hasDS311) {\n console.log(\n ' ❌ DS311 - TIN mismatch between certificate and submitter',\n )\n }\n\n if (hasDS312) {\n console.log(\n ' ❌ DS312 - Registration number mismatch with certificate',\n )\n }\n\n if (hasDS326) {\n console.log(' ❌ DS326 - X509IssuerName format inconsistency')\n }\n\n if (hasDS329) {\n console.log(' ❌ DS329 - Certificate trust chain validation failure')\n }\n\n if (hasDS333) {\n console.log(' ❌ DS333 - Document signature validation failure')\n }\n\n if (result.summary.certificateIssues > 0) {\n console.log('\\n 🚨 PRIMARY ACTION REQUIRED:')\n console.log(' Certificate issues must be resolved first')\n console.log(\n ' Self-generated certificates cannot pass MyInvois validation',\n )\n }\n\n if (result.summary.signatureIssues > 0) {\n console.log('\\n ⚙️ SECONDARY ACTION:')\n console.log(' Review and optimize signature implementation')\n }\n\n console.log('\\n 📋 NEXT STEPS:')\n console.log(' 1. Address BLOCKING/CRITICAL issues first')\n console.log(' 2. Test with updated certificate/implementation')\n console.log(' 3. Re-run diagnostics to verify fixes')\n console.log(' 4. Submit test document to MyInvois portal')\n }\n\n console.log('\\n' + '='.repeat(60))\n}\n"],"mappings":";;;;;;;;;AAwCA,SAAS,iCACPA,gBAC2B;CAC3B,MAAMC,SAAmB,CAAE;CAC3B,MAAMC,kBAA4B,CAAE;AAEpC,KAAI;EACF,MAAM,OAAO,IAAI,eAAO,gBAAgB;EACxC,MAAM,WAAW,wCAAuB,eAAe;EAGvD,MAAM,qBAAqB,CAACC,OAAe;GACzC,MAAMC,SAAiC,CAAE;AACzC,MAAG,MAAM,KAAK,CAAC,QAAQ,UAAQ;IAC7B,MAAM,UAAU,KAAK,MAAM;AAC3B,QAAI,QAAQ,SAAS,IAAI,EAAE;KACzB,MAAM,CAAC,KAAK,GAAG,WAAW,GAAG,QAAQ,MAAM,IAAI;AAC/C,SAAI,IACF,QAAO,IAAI,MAAM,IAAI,WAAW,KAAK,IAAI,CAAC,MAAM;IAEnD;GACF,EAAC;AACF,UAAO;EACR;EAED,MAAM,gBAAgB,mBAAmB,KAAK,QAAQ;EACtD,MAAM,yBACJ,cAAc,6BAA6B,cAAc;EAC3D,MAAM,eAAe,cAAc;AAGnC,OAAK,wBAAwB;AAC3B,UAAO,KACL,gEACD;AACD,mBAAgB,KACd,4FACD;AACD,mBAAgB,KACd,8GACD;EACF,WAEK,uBAAuB,SAAS,IAAI;AACtC,UAAO,KACL,yFACD;AACD,mBAAgB,KACd,mEACD;EACF;AAIH,OAAK,cAAc;AACjB,UAAO,KACL,wEACD;AACD,mBAAgB,KACd,2FACD;AACD,mBAAgB,KACd,4GACD;EACF;AAGD,MAAI,KAAK,WAAW,KAAK,SAAS;AAChC,UAAO,KACL,gFACD;AACD,mBAAgB,KACd,0DACD;AACD,mBAAgB,KAAK,0BAA0B;AAC/C,mBAAgB,KAAK,qBAAqB;AAC1C,mBAAgB,KAAK,2BAA2B;AAChD,mBAAgB,KACd,kJACD;EACF,OAAM;GAEL,MAAM,aAAa,KAAK,OAAO,aAAa;GAC5C,MAAM,cAAc;IAAC;IAAiB;IAAY;GAAY;GAC9D,MAAM,mBAAmB,YAAY,KAAK,QAAM,WAAW,SAAS,GAAG,CAAC;AAExE,QAAK,kBAAkB;AACrB,WAAO,KAAK,0DAA0D;AACtE,oBAAgB,KACd,+DACD;GACF;EACF;EAGD,MAAM,YAAY,KAAK;EACvB,MAAM,mBAAmB,SAAS;EAGlC,MAAM,yBAAyB;GAC7B;IACE,OAAO,iBAAiB,SAAS,KAAK;IACtC,OAAO;GACR;GACD;IACE,OAAO,iBAAiB,SAAS,KAAK;IACtC,OAAO;GACR;GACD;IACE,OAAO,OAAO,KAAK,iBAAiB;IACpC,OAAO;GACR;GACD;IACE,OAAO,OAAO,KAAK,iBAAiB;IACpC,OAAO;GACR;GACD;IACE,OAAO,iBAAiB,SAAS,KAAK;IACtC,OAAO;GACR;EACF;EAGD,MAAM,wBAAwB,uBAAuB,KACnD,CAAC,EAAE,OAAO,OAAO,KAAK;AACpB,OAAI,OAAO;AACT,WAAO,MAAM,SAAS,MAAM,uCAAuC;AACnE,WAAO;GACR;AACD,UAAO;EACR,EACF;EAGD,MAAM,8BACJ,UAAU,SAAS,KAAK,KAAK,iBAAiB,SAAS,KAAK;AAE9D,MAAI,uBAAuB;AACzB,mBAAgB,KACd,kEACD;AACD,mBAAgB,KACd,iIACD;AACD,mBAAgB,KACd,wEACD;AACD,mBAAgB,KACd,wEACD;EACF,WAAU,4BAET,SAAQ,IACN,6FACD;EAIH,MAAM,sBAAM,IAAI;EAChB,MAAM,YAAY,IAAI,KAAK,KAAK;EAChC,MAAM,UAAU,IAAI,KAAK,KAAK;AAE9B,MAAI,MAAM,WAAW;AACnB,UAAO,KAAK,uDAAuD;AACnE,mBAAgB,KAAK,gDAAgD;EACtE;AAED,MAAI,MAAM,SAAS;AACjB,UAAO,KAAK,iCAAiC;AAC7C,mBAAgB,KACd,kEACD;EACF;AAGD,MAAI;AACF,OAAI,KAAK,aAAa,KAAK,SAAS,SAAS,oBAAoB,EAAE;AACjE,WAAO,KAAK,sDAAsD;AAClE,oBAAgB,KACd,mEACD;GACF;EACF,QAAO;AAEN,WAAQ,IAAI,6CAA6C;EAC1D;AAED,SAAO;GACL;GACA;GACA,YAAY,SAAS;GACrB,aAAa,SAAS;GACtB;GACA;EACD;CACF,SAAQ,OAAO;AACd,SAAO,MAAM,8BAA8B,MAAM,EAAE;AACnD,kBAAgB,KAAK,yCAAyC;AAE9D,SAAO;GACL,YAAY;GACZ,aAAa;GACb;GACA;EACD;CACF;AACF;;;;AAKD,SAAS,+BACPC,UACAL,gBACyB;CACzB,MAAMC,SAAmB,CAAE;CAC3B,MAAMC,kBAA4B,CAAE;AAEpC,KAAI;EAEF,MAAM,iBAAiB,yCAAwB,SAAS;EAGxD,MAAM,oBAAoB,4CAA2B,eAAe;EAGpE,MAAM,WAAW,wCAAuB,eAAe;EACvD,MAAM,cAAc,qBAAI,QAAO,aAAa;EAG5C,MAAM,mBAAmB,wCACvB,mBACA,aACA,SAAS,YACT,SAAS,aACV;EAGD,MAAM,yBACJ,iDAAgC,iBAAiB;AAGnD,MAAI,eAAe,WAAW,GAAG;AAC/B,UAAO,KAAK,2CAA2C;AACvD,mBAAgB,KACd,2EACD;AACD,mBAAgB,KACd,+IACD;EACF;AAED,MAAI,kBAAkB,WAAW,GAAG;AAClC,UAAO,KAAK,8CAA8C;AAC1D,mBAAgB,KAAK,mDAAmD;AACxE,mBAAgB,KACd,sEACD;EACF;AAED,MAAI,uBAAuB,WAAW,GAAG;AACvC,UAAO,KAAK,oDAAoD;AAChE,mBAAgB,KACd,oEACD;AACD,mBAAgB,KACd,yDACD;EACF;AAGD,MAAI;GACF,MAAM,OAAO,IAAI,eAAO,gBAAgB;GAGxC,MAAM,YAAY,KAAK;GACvB,MAAM,aAAa,UAAU;AAE7B,OAAI,YAAY;AAEd,QACE,UAAU,sBAAsB,SAChC,WAAW,iBACX,WAAW,gBAAgB,MAC3B;AACA,YAAO,KACL,6DACD;AACD,qBAAgB,KACd,yDACD;IACF;IAGD,MAAM,oBAAoB,CAAC,OAAO,IAAK;AACvC,SAAK,kBAAkB,SAAS,UAAU,qBAAqB,GAAG,EAAE;AAClE,YAAO,MACJ,+BAA+B,UAAU,kBAAkB,EAC7D;AACD,qBAAgB,KACd,+DACD;IACF;GACF;GAGD,MAAM,aAAa,OAAO,KACxB,eAAe,QAAQ,oBAAoB,GAAG,CAAC,QAAQ,OAAO,GAAG,EACjE,SACD;AACD,OAAI,WAAW,WAAW,GAAG;AAC3B,WAAO,KAAK,8CAA8C;AAC1D,oBAAgB,KACd,uDACD;GACF;EACF,SAAQ,OAAO;AACd,UAAO,MAAM,yCAAyC,MAAM,EAAE;AAC9D,mBAAgB,KACd,8DACD;EACF;EAGD,MAAM,gBAAgB,CAACI,QAAgB;AACrC,OAAI;AACF,WAAO,OAAO,KAAK,KAAK,SAAS,CAAC,SAAS,SAAS,KAAK;GAC1D,QAAO;AACN,WAAO;GACR;EACF;AAED,MAAI,mBAAmB,cAAc,eAAe,EAAE;AACpD,UAAO,KAAK,oDAAoD;AAChE,mBAAgB,KAAK,2CAA2C;EACjE;AAED,MAAI,sBAAsB,cAAc,kBAAkB,EAAE;AAC1D,UAAO,KAAK,uDAAuD;AACnE,mBAAgB,KACd,uDACD;EACF;AAED,MAAI,2BAA2B,cAAc,uBAAuB,EAAE;AACpE,UAAO,KAAK,6DAA6D;AACzE,mBAAgB,KACd,6DACD;EACF;AAED,SAAO;GACL;GACA;GACA;GACA;GACA;EACD;CACF,SAAQ,OAAO;AACd,SAAO,MAAM,6BAA6B,MAAM,EAAE;AAClD,kBAAgB,KAAK,6CAA6C;AAElE,SAAO;GACL,gBAAgB;GAChB,mBAAmB;GACnB,wBAAwB;GACxB;GACA;EACD;CACF;AACF;;;;AAKD,SAAgB,wBACdD,UACAL,gBACkB;CAClB,MAAM,sBAAsB,iCAAiC,eAAe;CAC5E,MAAM,oBAAoB,+BACxB,UACA,eACD;CAED,MAAM,oBAAoB,oBAAoB,OAAO;CACrD,MAAM,kBAAkB,kBAAkB,OAAO;AAEjD,QAAO;EACL;EACA;EACA,SAAS;GACP,aAAa,oBAAoB;GACjC;GACA;EACD;CACF;AACF;;;;AAKD,SAAgB,iBAAiBO,QAAgC;AAC/D,SAAQ,IAAI,6CAA6C;AACzD,SAAQ,IAAI,IAAI,OAAO,GAAG,CAAC;AAG3B,SAAQ,IAAI,4BAA4B;AACxC,SAAQ,IAAI,IAAI,OAAO,GAAG,CAAC;AAE3B,SAAQ,KAAK,YAAY,OAAO,oBAAoB,WAAW,EAAE;AACjE,SAAQ,KAAK,aAAa,OAAO,oBAAoB,YAAY,EAAE;AAEnE,KAAI,OAAO,oBAAoB,uBAC7B,SAAQ,KACL,2BAA2B,OAAO,oBAAoB,uBAAuB,EAC/E;AAGH,KAAI,OAAO,oBAAoB,aAC7B,SAAQ,KAAK,mBAAmB,OAAO,oBAAoB,aAAa,EAAE;AAG5E,KAAI,OAAO,oBAAoB,OAAO,SAAS,GAAG;AAChD,UAAQ,IAAI,6BAA6B;AACzC,SAAO,oBAAoB,OAAO,QAAQ,CAAC,OAAO,UAAU;AAC1D,WAAQ,KAAK,MAAM,QAAQ,EAAE,IAAI,MAAM,EAAE;EAC1C,EAAC;CACH;AAED,KAAI,OAAO,oBAAoB,gBAAgB,SAAS,GAAG;AACzD,UAAQ,IAAI,sCAAsC;AAClD,SAAO,oBAAoB,gBAAgB,QAAQ,CAAC,KAAK,UAAU;AACjE,WAAQ,KAAK,MAAM,QAAQ,EAAE,IAAI,IAAI,EAAE;EACxC,EAAC;CACH;AAGD,SAAQ,IAAI,0BAA0B;AACtC,SAAQ,IAAI,IAAI,OAAO,GAAG,CAAC;AAE3B,SAAQ,KACL,qBAAqB,OAAO,kBAAkB,eAAe,UAAU,GAAG,GAAG,CAAC,KAChF;AACD,SAAQ,KACL,wBAAwB,OAAO,kBAAkB,kBAAkB,UAAU,GAAG,GAAG,CAAC,KACtF;AACD,SAAQ,KACL,8BAA8B,OAAO,kBAAkB,uBAAuB,UAAU,GAAG,GAAG,CAAC,KACjG;AAED,KAAI,OAAO,kBAAkB,OAAO,SAAS,GAAG;AAC9C,UAAQ,IAAI,2BAA2B;AACvC,SAAO,kBAAkB,OAAO,QAAQ,CAAC,OAAO,UAAU;AACxD,WAAQ,KAAK,MAAM,QAAQ,EAAE,IAAI,MAAM,EAAE;EAC1C,EAAC;CACH;AAED,KAAI,OAAO,kBAAkB,gBAAgB,SAAS,GAAG;AACvD,UAAQ,IAAI,oCAAoC;AAChD,SAAO,kBAAkB,gBAAgB,QAAQ,CAAC,KAAK,UAAU;AAC/D,WAAQ,KAAK,MAAM,QAAQ,EAAE,IAAI,IAAI,EAAE;EACxC,EAAC;CACH;AAGD,SAAQ,IAAI,eAAe;AAC3B,SAAQ,IAAI,IAAI,OAAO,GAAG,CAAC;AAC3B,SAAQ,KAAK,wBAAwB,OAAO,QAAQ,YAAY,EAAE;AAClE,SAAQ,KAAK,wBAAwB,OAAO,QAAQ,kBAAkB,EAAE;AACxE,SAAQ,KAAK,sBAAsB,OAAO,QAAQ,gBAAgB,EAAE;AAEpE,KAAI,OAAO,QAAQ,gBAAgB,GAAG;AACpC,UAAQ,IAAI,+CAA+C;AAC3D,UAAQ,IAAI,6DAA6D;CAC1E,OAAM;AACL,UAAQ,IAAI,yDAAyD;EAGrE,MAAM,WAAW,OAAO,oBAAoB,OAAO,KAAK,WACtD,MAAM,SAAS,QAAQ,CACxB;EACD,MAAM,WAAW,OAAO,oBAAoB,OAAO,KAAK,WACtD,MAAM,SAAS,QAAQ,CACxB;EACD,MAAM,WAAW,OAAO,oBAAoB,OAAO,KAAK,WACtD,MAAM,SAAS,QAAQ,CACxB;EACD,MAAM,WAAW,OAAO,oBAAoB,OAAO,KAAK,WACtD,MAAM,SAAS,QAAQ,CACxB;EACD,MAAM,WAAW,OAAO,kBAAkB,OAAO,KAAK,WACpD,MAAM,SAAS,QAAQ,CACxB;AAED,UAAQ,IAAI,yCAAyC;AAErD,MAAI,SACF,SAAQ,IACN,gEACD;AAGH,MAAI,SACF,SAAQ,IACN,+DACD;AAGH,MAAI,SACF,SAAQ,IAAI,qDAAqD;AAGnE,MAAI,SACF,SAAQ,IAAI,4DAA4D;AAG1E,MAAI,SACF,SAAQ,IAAI,uDAAuD;AAGrE,MAAI,OAAO,QAAQ,oBAAoB,GAAG;AACxC,WAAQ,IAAI,kCAAkC;AAC9C,WAAQ,IAAI,iDAAiD;AAC7D,WAAQ,IACN,mEACD;EACF;AAED,MAAI,OAAO,QAAQ,kBAAkB,GAAG;AACtC,WAAQ,IAAI,4BAA4B;AACxC,WAAQ,IAAI,oDAAoD;EACjE;AAED,UAAQ,IAAI,qBAAqB;AACjC,UAAQ,IAAI,iDAAiD;AAC7D,UAAQ,IAAI,uDAAuD;AACnE,UAAQ,IAAI,6CAA6C;AACzD,UAAQ,IAAI,kDAAkD;CAC/D;AAED,SAAQ,IAAI,OAAO,IAAI,OAAO,GAAG,CAAC;AACnC"}
1	+ {"version":3,"file":"index29.cjs","names":["certificatePem: string","issues: string[]","recommendations: string[]","dn: string","fields: Record<string, string>","invoices: InvoiceV1_1[]","str: string","result: DiagnosticResult"],"sources":["../src/utils/signature-diagnostics.ts"],"sourcesContent":["import crypto from 'crypto'\nimport type { InvoiceV1_1 } from '../types'\nimport {\n extractCertificateInfo,\n calculateDocumentDigest,\n calculateSignedPropertiesDigest,\n createSignedProperties,\n calculateCertificateDigest,\n} from './document'\n\nexport interface CertificateAnalysisResult {\n organizationIdentifier?: string\n serialNumber?: string\n issuerName: string\n subjectName: string\n issues: string[]\n recommendations: string[]\n}\n\nexport interface SignatureAnalysisResult {\n documentDigest: string\n certificateDigest: string\n signedPropertiesDigest: string\n issues: string[]\n recommendations: string[]\n}\n\nexport interface DiagnosticResult {\n certificateAnalysis: CertificateAnalysisResult\n signatureAnalysis: SignatureAnalysisResult\n summary: {\n totalIssues: number\n certificateIssues: number\n signatureIssues: number\n }\n}\n\n/*\n Analyzes certificate for MyInvois compatibility issues\n /\nfunction analyzeCertificateForDiagnostics(\n certificatePem: string,\n): CertificateAnalysisResult {\n const issues: string[] = []\n const recommendations: string[] = []\n\n try {\n const cert = new crypto.X509Certificate(certificatePem)\n const certInfo = extractCertificateInfo(certificatePem)\n\n // Parse subject fields for MyInvois analysis\n const parseSubjectFields = (dn: string) => {\n const fields: Record<string, string> = {}\n dn.split('\\n').forEach(line => {\n const trimmed = line.trim()\n if (trimmed.includes('=')) {\n const [key, ...valueParts] = trimmed.split('=')\n if (key) {\n fields[key.trim()] = valueParts.join('=').trim()\n }\n }\n })\n return fields\n }\n\n const subjectFields = parseSubjectFields(cert.subject)\n const organizationIdentifier =\n subjectFields['organizationIdentifier'] \|\| subjectFields['2.5.4.97']\n const serialNumber = subjectFields['serialNumber']\n\n // DS311 - TIN Mismatch Analysis\n if (!organizationIdentifier) {\n issues.push(\n 'DS311: Certificate missing organizationIdentifier field (TIN)',\n )\n recommendations.push(\n 'CRITICAL: Generate new certificate with organizationIdentifier matching your MyInvois TIN',\n )\n recommendations.push(\n 'Portal Error: \"Signer of invoice doesn\\'t match the submitter of document. TIN doesn\\'t match with the OI.\"',\n )\n } else {\n // Additional TIN format validation\n if (organizationIdentifier.length < 10) {\n issues.push(\n 'DS311: OrganizationIdentifier (TIN) appears too short - may cause submission rejection',\n )\n recommendations.push(\n 'Verify TIN format matches exactly what is registered in MyInvois',\n )\n }\n }\n\n // DS312 - Registration Number Analysis\n if (!serialNumber) {\n issues.push(\n 'DS312: Certificate missing serialNumber field (business registration)',\n )\n recommendations.push(\n 'CRITICAL: Generate new certificate with serialNumber matching your business registration',\n )\n recommendations.push(\n 'Portal Error: \"Submitter registration/identity number doesn\\'t match with the certificate SERIALNUMBER.\"',\n )\n }\n\n // DS329 - Certificate Trust Analysis\n if (cert.issuer === cert.subject) {\n issues.push(\n 'DS329: Self-signed certificate detected - will fail chain of trust validation',\n )\n recommendations.push(\n 'BLOCKING: Obtain certificate from MyInvois-approved CA:',\n )\n recommendations.push('• MSC Trustgate Sdn Bhd')\n recommendations.push('• DigiCert Sdn Bhd')\n recommendations.push('• Cybersign Asia Sdn Bhd')\n recommendations.push(\n 'Portal Error: \"Certificate is not valid according to the chain of trust validation or has been issued by an untrusted certificate authority.\"',\n )\n } else {\n // Check if issuer looks like a known CA\n const issuerName = cert.issuer.toLowerCase()\n const approvedCAs = ['msc trustgate', 'digicert', 'cybersign']\n const isFromApprovedCA = approvedCAs.some(ca => issuerName.includes(ca))\n\n if (!isFromApprovedCA) {\n issues.push('DS329: Certificate may not be from MyInvois-approved CA')\n recommendations.push(\n 'Verify certificate was issued by an approved CA for MyInvois',\n )\n }\n }\n\n // DS326 - Issuer Name Format Analysis (Enhanced)\n const rawIssuer = cert.issuer\n const normalizedIssuer = certInfo.issuerName\n\n // Check for issues in the NORMALIZED issuer (these are actual problems)\n const normalizedIssuerIssues = [\n {\n check: normalizedIssuer.includes('\\n'),\n issue: 'Normalized issuer still contains newlines',\n },\n {\n check: normalizedIssuer.includes(' '),\n issue: 'Normalized issuer contains double spaces',\n },\n {\n check: /=\\s+/.test(normalizedIssuer),\n issue: 'Normalized issuer has spaces after equals',\n },\n {\n check: /\\s+=/.test(normalizedIssuer),\n issue: 'Normalized issuer has spaces before equals',\n },\n {\n check: normalizedIssuer.includes('\\r'),\n issue: 'Normalized issuer contains carriage returns',\n },\n ]\n\n // Only report actual issues in the normalized version that will cause portal errors\n const hasActualFormatIssues = normalizedIssuerIssues.some(\n ({ check, issue }) => {\n if (check) {\n issues.push(`DS326: ${issue} - will cause X509IssuerName mismatch`)\n return true\n }\n return false\n },\n )\n\n // Check if raw issuer has issues but normalized version is OK (informational)\n const hasRawIssuesButNormalizedOk =\n rawIssuer.includes('\\n') && !normalizedIssuer.includes('\\n')\n\n if (hasActualFormatIssues) {\n recommendations.push(\n 'CRITICAL: Fix issuer name normalization in signature generation',\n )\n recommendations.push(\n 'Portal Error: \"Certificate X509IssuerName doesn\\'t match the X509IssuerName value provided in the signed properties section.\"',\n )\n recommendations.push(\n 'The normalization function is not properly formatting the issuer name',\n )\n recommendations.push(\n 'Debug: Check document.ts extractCertificateInfo() normalization logic',\n )\n } else if (hasRawIssuesButNormalizedOk) {\n // This is informational - normalization is working correctly\n console.log(\n 'ℹ️ Note: Raw certificate issuer has newlines but normalization is handling them correctly',\n )\n }\n\n // Additional certificate validity checks\n const now = new Date()\n const validFrom = new Date(cert.validFrom)\n const validTo = new Date(cert.validTo)\n\n if (now < validFrom) {\n issues.push('DS329: Certificate not yet valid (future start date)')\n recommendations.push('Wait until certificate validity period begins')\n }\n\n if (now > validTo) {\n issues.push('DS329: Certificate has expired')\n recommendations.push(\n 'BLOCKING: Renew certificate - expired certificates are rejected',\n )\n }\n\n // Check certificate key usage (if available)\n try {\n if (cert.keyUsage && !cert.keyUsage.includes('digital signature')) {\n issues.push('DS333: Certificate lacks digitalSignature key usage')\n recommendations.push(\n 'Generate new certificate with digitalSignature key usage enabled',\n )\n }\n } catch {\n // Key usage might not be available in all certificates\n console.log('Note: Could not check key usage extensions')\n }\n\n return {\n organizationIdentifier,\n serialNumber,\n issuerName: certInfo.issuerName,\n subjectName: certInfo.subjectName,\n issues,\n recommendations,\n }\n } catch (error) {\n issues.push(`Certificate parsing failed: ${error}`)\n recommendations.push('Verify certificate format and validity')\n\n return {\n issuerName: '',\n subjectName: '',\n issues,\n recommendations,\n }\n }\n}\n\n/\n Analyzes signature generation for potential issues\n /\nfunction analyzeSignatureForDiagnostics(\n invoices: InvoiceV1_1[],\n certificatePem: string,\n): SignatureAnalysisResult {\n const issues: string[] = []\n const recommendations: string[] = []\n\n try {\n // Step 1: Document digest\n const documentDigest = calculateDocumentDigest(invoices)\n\n // Step 2: Certificate digest\n const certificateDigest = calculateCertificateDigest(certificatePem)\n\n // Step 3: Extract certificate info\n const certInfo = extractCertificateInfo(certificatePem)\n const signingTime = new Date().toISOString()\n\n // Step 4: Create signed properties\n const signedProperties = createSignedProperties(\n certificateDigest,\n signingTime,\n certInfo.issuerName,\n certInfo.serialNumber,\n )\n\n // Step 5: Signed properties digest\n const signedPropertiesDigest =\n calculateSignedPropertiesDigest(signedProperties)\n\n // DS333 - Document Signature Validation\n if (documentDigest.length === 0) {\n issues.push('DS333: Document digest generation failed')\n recommendations.push(\n 'CRITICAL: Verify document serialization excludes UBLExtensions/Signature',\n )\n recommendations.push(\n 'Portal Error: \"Document signature value is not a valid signature of the document digest using the public key of the certificate provided.\"',\n )\n }\n\n if (certificateDigest.length === 0) {\n issues.push('DS333: Certificate digest generation failed')\n recommendations.push('CRITICAL: Verify certificate format and encoding')\n recommendations.push(\n 'Certificate must be properly base64 encoded without headers/footers',\n )\n }\n\n if (signedPropertiesDigest.length === 0) {\n issues.push('DS333: Signed properties digest generation failed')\n recommendations.push(\n 'CRITICAL: Verify signed properties structure and canonicalization',\n )\n recommendations.push(\n 'Check XML canonicalization (C14N) is applied correctly',\n )\n }\n\n // Additional DS333 checks\n try {\n const cert = new crypto.X509Certificate(certificatePem)\n\n // Verify the certificate has the required algorithms for MyInvois\n const publicKey = cert.publicKey\n const keyDetails = publicKey.asymmetricKeyDetails\n\n if (keyDetails) {\n // Check if key size is adequate for RSA (minimum 2048 bits)\n if (\n publicKey.asymmetricKeyType === 'rsa' &&\n keyDetails.modulusLength &&\n keyDetails.modulusLength < 2048\n ) {\n issues.push(\n 'DS333: RSA key size too small (minimum 2048 bits required)',\n )\n recommendations.push(\n 'CRITICAL: Generate new certificate with RSA 2048+ bits',\n )\n }\n\n // Check supported key types\n const supportedKeyTypes = ['rsa', 'ec']\n if (!supportedKeyTypes.includes(publicKey.asymmetricKeyType \|\| '')) {\n issues.push(\n `DS333: Unsupported key type: ${publicKey.asymmetricKeyType}`,\n )\n recommendations.push(\n 'CRITICAL: Use RSA or EC key types for MyInvois compatibility',\n )\n }\n }\n\n // Test certificate format validity\n const certBuffer = Buffer.from(\n certificatePem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, ''),\n 'base64',\n )\n if (certBuffer.length === 0) {\n issues.push('DS333: Certificate encoding appears invalid')\n recommendations.push(\n 'CRITICAL: Verify certificate is properly PEM encoded',\n )\n }\n } catch (error) {\n issues.push(`DS333: Certificate validation failed - ${error}`)\n recommendations.push(\n 'CRITICAL: Verify certificate format and structure are valid',\n )\n }\n\n // Validate digest formats (should be base64)\n const isValidBase64 = (str: string) => {\n try {\n return Buffer.from(str, 'base64').toString('base64') === str\n } catch {\n return false\n }\n }\n\n if (documentDigest && !isValidBase64(documentDigest)) {\n issues.push('DS333: Document digest is not valid base64 format')\n recommendations.push('Ensure digest is properly base64 encoded')\n }\n\n if (certificateDigest && !isValidBase64(certificateDigest)) {\n issues.push('DS333: Certificate digest is not valid base64 format')\n recommendations.push(\n 'Ensure certificate digest is properly base64 encoded',\n )\n }\n\n if (signedPropertiesDigest && !isValidBase64(signedPropertiesDigest)) {\n issues.push('DS333: Signed properties digest is not valid base64 format')\n recommendations.push(\n 'Ensure signed properties digest is properly base64 encoded',\n )\n }\n\n return {\n documentDigest,\n certificateDigest,\n signedPropertiesDigest,\n issues,\n recommendations,\n }\n } catch (error) {\n issues.push(`Signature analysis failed: ${error}`)\n recommendations.push('Review signature generation implementation')\n\n return {\n documentDigest: '',\n certificateDigest: '',\n signedPropertiesDigest: '',\n issues,\n recommendations,\n }\n }\n}\n\n/\n Comprehensive signature diagnostics\n /\nexport function diagnoseSignatureIssues(\n invoices: InvoiceV1_1[],\n certificatePem: string,\n): DiagnosticResult {\n const certificateAnalysis = analyzeCertificateForDiagnostics(certificatePem)\n const signatureAnalysis = analyzeSignatureForDiagnostics(\n invoices,\n certificatePem,\n )\n\n const certificateIssues = certificateAnalysis.issues.length\n const signatureIssues = signatureAnalysis.issues.length\n\n return {\n certificateAnalysis,\n signatureAnalysis,\n summary: {\n totalIssues: certificateIssues + signatureIssues,\n certificateIssues,\n signatureIssues,\n },\n }\n}\n\n/\n Prints diagnostic results in a formatted way\n */\nexport function printDiagnostics(result: DiagnosticResult): void {\n console.log('\\n🔍 MyInvois Signature Diagnostics Report')\n console.log('='.repeat(60))\n\n // Certificate Analysis\n console.log('\\n📜 CERTIFICATE ANALYSIS')\n console.log('-'.repeat(30))\n\n console.log(` Issuer: ${result.certificateAnalysis.issuerName}`)\n console.log(` Subject: ${result.certificateAnalysis.subjectName}`)\n\n if (result.certificateAnalysis.organizationIdentifier) {\n console.log(\n ` Organization ID (TIN): ${result.certificateAnalysis.organizationIdentifier}`,\n )\n }\n\n if (result.certificateAnalysis.serialNumber) {\n console.log(` Serial Number: ${result.certificateAnalysis.serialNumber}`)\n }\n\n if (result.certificateAnalysis.issues.length > 0) {\n console.log('\\n 🚨 Certificate Issues:')\n result.certificateAnalysis.issues.forEach((issue, index) => {\n console.log(` ${index + 1}. ${issue}`)\n })\n }\n\n if (result.certificateAnalysis.recommendations.length > 0) {\n console.log('\\n 💡 Certificate Recommendations:')\n result.certificateAnalysis.recommendations.forEach((rec, index) => {\n console.log(` ${index + 1}. ${rec}`)\n })\n }\n\n // Signature Analysis\n console.log('\\n🔐 SIGNATURE ANALYSIS')\n console.log('-'.repeat(30))\n\n console.log(\n ` Document Digest: ${result.signatureAnalysis.documentDigest.substring(0, 32)}...`,\n )\n console.log(\n ` Certificate Digest: ${result.signatureAnalysis.certificateDigest.substring(0, 32)}...`,\n )\n console.log(\n ` Signed Properties Digest: ${result.signatureAnalysis.signedPropertiesDigest.substring(0, 32)}...`,\n )\n\n if (result.signatureAnalysis.issues.length > 0) {\n console.log('\\n 🚨 Signature Issues:')\n result.signatureAnalysis.issues.forEach((issue, index) => {\n console.log(` ${index + 1}. ${issue}`)\n })\n }\n\n if (result.signatureAnalysis.recommendations.length > 0) {\n console.log('\\n 💡 Signature Recommendations:')\n result.signatureAnalysis.recommendations.forEach((rec, index) => {\n console.log(` ${index + 1}. ${rec}`)\n })\n }\n\n // Summary\n console.log('\\n📊 SUMMARY')\n console.log('-'.repeat(30))\n console.log(` Total Issues Found: ${result.summary.totalIssues}`)\n console.log(` Certificate Issues: ${result.summary.certificateIssues}`)\n console.log(` Signature Issues: ${result.summary.signatureIssues}`)\n\n if (result.summary.totalIssues === 0) {\n console.log('\\n ✅ No issues detected in current analysis')\n console.log(' 🎉 Certificate and signature implementation appear valid')\n } else {\n console.log('\\n ⚠️ Issues detected - review recommendations above')\n\n // Check for specific portal errors\n const hasDS311 = result.certificateAnalysis.issues.some(issue =>\n issue.includes('DS311'),\n )\n const hasDS312 = result.certificateAnalysis.issues.some(issue =>\n issue.includes('DS312'),\n )\n const hasDS326 = result.certificateAnalysis.issues.some(issue =>\n issue.includes('DS326'),\n )\n const hasDS329 = result.certificateAnalysis.issues.some(issue =>\n issue.includes('DS329'),\n )\n const hasDS333 = result.signatureAnalysis.issues.some(issue =>\n issue.includes('DS333'),\n )\n\n console.log('\\n 🎯 MYINVOIS PORTAL ERROR ANALYSIS:')\n\n if (hasDS311) {\n console.log(\n ' ❌ DS311 - TIN mismatch between certificate and submitter',\n )\n }\n\n if (hasDS312) {\n console.log(\n ' ❌ DS312 - Registration number mismatch with certificate',\n )\n }\n\n if (hasDS326) {\n console.log(' ❌ DS326 - X509IssuerName format inconsistency')\n }\n\n if (hasDS329) {\n console.log(' ❌ DS329 - Certificate trust chain validation failure')\n }\n\n if (hasDS333) {\n console.log(' ❌ DS333 - Document signature validation failure')\n }\n\n if (result.summary.certificateIssues > 0) {\n console.log('\\n 🚨 PRIMARY ACTION REQUIRED:')\n console.log(' Certificate issues must be resolved first')\n console.log(\n ' Self-generated certificates cannot pass MyInvois validation',\n )\n }\n\n if (result.summary.signatureIssues > 0) {\n console.log('\\n ⚙️ SECONDARY ACTION:')\n console.log(' Review and optimize signature implementation')\n }\n\n console.log('\\n 📋 NEXT STEPS:')\n console.log(' 1. Address BLOCKING/CRITICAL issues first')\n console.log(' 2. Test with updated certificate/implementation')\n console.log(' 3. Re-run diagnostics to verify fixes')\n console.log(' 4. Submit test document to MyInvois portal')\n }\n\n console.log('\\n' + '='.repeat(60))\n}\n"],"mappings":";;;;;;;;;AAwCA,SAAS,iCACPA,gBAC2B;CAC3B,MAAMC,SAAmB,CAAE;CAC3B,MAAMC,kBAA4B,CAAE;AAEpC,KAAI;EACF,MAAM,OAAO,IAAI,eAAO,gBAAgB;EACxC,MAAM,WAAW,wCAAuB,eAAe;EAGvD,MAAM,qBAAqB,CAACC,OAAe;GACzC,MAAMC,SAAiC,CAAE;AACzC,MAAG,MAAM,KAAK,CAAC,QAAQ,UAAQ;IAC7B,MAAM,UAAU,KAAK,MAAM;AAC3B,QAAI,QAAQ,SAAS,IAAI,EAAE;KACzB,MAAM,CAAC,KAAK,GAAG,WAAW,GAAG,QAAQ,MAAM,IAAI;AAC/C,SAAI,IACF,QAAO,IAAI,MAAM,IAAI,WAAW,KAAK,IAAI,CAAC,MAAM;IAEnD;GACF,EAAC;AACF,UAAO;EACR;EAED,MAAM,gBAAgB,mBAAmB,KAAK,QAAQ;EACtD,MAAM,yBACJ,cAAc,6BAA6B,cAAc;EAC3D,MAAM,eAAe,cAAc;AAGnC,OAAK,wBAAwB;AAC3B,UAAO,KACL,gEACD;AACD,mBAAgB,KACd,4FACD;AACD,mBAAgB,KACd,8GACD;EACF,WAEK,uBAAuB,SAAS,IAAI;AACtC,UAAO,KACL,yFACD;AACD,mBAAgB,KACd,mEACD;EACF;AAIH,OAAK,cAAc;AACjB,UAAO,KACL,wEACD;AACD,mBAAgB,KACd,2FACD;AACD,mBAAgB,KACd,4GACD;EACF;AAGD,MAAI,KAAK,WAAW,KAAK,SAAS;AAChC,UAAO,KACL,gFACD;AACD,mBAAgB,KACd,0DACD;AACD,mBAAgB,KAAK,0BAA0B;AAC/C,mBAAgB,KAAK,qBAAqB;AAC1C,mBAAgB,KAAK,2BAA2B;AAChD,mBAAgB,KACd,kJACD;EACF,OAAM;GAEL,MAAM,aAAa,KAAK,OAAO,aAAa;GAC5C,MAAM,cAAc;IAAC;IAAiB;IAAY;GAAY;GAC9D,MAAM,mBAAmB,YAAY,KAAK,QAAM,WAAW,SAAS,GAAG,CAAC;AAExE,QAAK,kBAAkB;AACrB,WAAO,KAAK,0DAA0D;AACtE,oBAAgB,KACd,+DACD;GACF;EACF;EAGD,MAAM,YAAY,KAAK;EACvB,MAAM,mBAAmB,SAAS;EAGlC,MAAM,yBAAyB;GAC7B;IACE,OAAO,iBAAiB,SAAS,KAAK;IACtC,OAAO;GACR;GACD;IACE,OAAO,iBAAiB,SAAS,KAAK;IACtC,OAAO;GACR;GACD;IACE,OAAO,OAAO,KAAK,iBAAiB;IACpC,OAAO;GACR;GACD;IACE,OAAO,OAAO,KAAK,iBAAiB;IACpC,OAAO;GACR;GACD;IACE,OAAO,iBAAiB,SAAS,KAAK;IACtC,OAAO;GACR;EACF;EAGD,MAAM,wBAAwB,uBAAuB,KACnD,CAAC,EAAE,OAAO,OAAO,KAAK;AACpB,OAAI,OAAO;AACT,WAAO,MAAM,SAAS,MAAM,uCAAuC;AACnE,WAAO;GACR;AACD,UAAO;EACR,EACF;EAGD,MAAM,8BACJ,UAAU,SAAS,KAAK,KAAK,iBAAiB,SAAS,KAAK;AAE9D,MAAI,uBAAuB;AACzB,mBAAgB,KACd,kEACD;AACD,mBAAgB,KACd,iIACD;AACD,mBAAgB,KACd,wEACD;AACD,mBAAgB,KACd,wEACD;EACF,WAAU,4BAET,SAAQ,IACN,6FACD;EAIH,MAAM,sBAAM,IAAI;EAChB,MAAM,YAAY,IAAI,KAAK,KAAK;EAChC,MAAM,UAAU,IAAI,KAAK,KAAK;AAE9B,MAAI,MAAM,WAAW;AACnB,UAAO,KAAK,uDAAuD;AACnE,mBAAgB,KAAK,gDAAgD;EACtE;AAED,MAAI,MAAM,SAAS;AACjB,UAAO,KAAK,iCAAiC;AAC7C,mBAAgB,KACd,kEACD;EACF;AAGD,MAAI;AACF,OAAI,KAAK,aAAa,KAAK,SAAS,SAAS,oBAAoB,EAAE;AACjE,WAAO,KAAK,sDAAsD;AAClE,oBAAgB,KACd,mEACD;GACF;EACF,QAAO;AAEN,WAAQ,IAAI,6CAA6C;EAC1D;AAED,SAAO;GACL;GACA;GACA,YAAY,SAAS;GACrB,aAAa,SAAS;GACtB;GACA;EACD;CACF,SAAQ,OAAO;AACd,SAAO,MAAM,8BAA8B,MAAM,EAAE;AACnD,kBAAgB,KAAK,yCAAyC;AAE9D,SAAO;GACL,YAAY;GACZ,aAAa;GACb;GACA;EACD;CACF;AACF;;;;AAKD,SAAS,+BACPC,UACAL,gBACyB;CACzB,MAAMC,SAAmB,CAAE;CAC3B,MAAMC,kBAA4B,CAAE;AAEpC,KAAI;EAEF,MAAM,iBAAiB,yCAAwB,SAAS;EAGxD,MAAM,oBAAoB,4CAA2B,eAAe;EAGpE,MAAM,WAAW,wCAAuB,eAAe;EACvD,MAAM,cAAc,qBAAI,QAAO,aAAa;EAG5C,MAAM,mBAAmB,wCACvB,mBACA,aACA,SAAS,YACT,SAAS,aACV;EAGD,MAAM,yBACJ,iDAAgC,iBAAiB;AAGnD,MAAI,eAAe,WAAW,GAAG;AAC/B,UAAO,KAAK,2CAA2C;AACvD,mBAAgB,KACd,2EACD;AACD,mBAAgB,KACd,+IACD;EACF;AAED,MAAI,kBAAkB,WAAW,GAAG;AAClC,UAAO,KAAK,8CAA8C;AAC1D,mBAAgB,KAAK,mDAAmD;AACxE,mBAAgB,KACd,sEACD;EACF;AAED,MAAI,uBAAuB,WAAW,GAAG;AACvC,UAAO,KAAK,oDAAoD;AAChE,mBAAgB,KACd,oEACD;AACD,mBAAgB,KACd,yDACD;EACF;AAGD,MAAI;GACF,MAAM,OAAO,IAAI,eAAO,gBAAgB;GAGxC,MAAM,YAAY,KAAK;GACvB,MAAM,aAAa,UAAU;AAE7B,OAAI,YAAY;AAEd,QACE,UAAU,sBAAsB,SAChC,WAAW,iBACX,WAAW,gBAAgB,MAC3B;AACA,YAAO,KACL,6DACD;AACD,qBAAgB,KACd,yDACD;IACF;IAGD,MAAM,oBAAoB,CAAC,OAAO,IAAK;AACvC,SAAK,kBAAkB,SAAS,UAAU,qBAAqB,GAAG,EAAE;AAClE,YAAO,MACJ,+BAA+B,UAAU,kBAAkB,EAC7D;AACD,qBAAgB,KACd,+DACD;IACF;GACF;GAGD,MAAM,aAAa,OAAO,KACxB,eAAe,QAAQ,oBAAoB,GAAG,CAAC,QAAQ,OAAO,GAAG,EACjE,SACD;AACD,OAAI,WAAW,WAAW,GAAG;AAC3B,WAAO,KAAK,8CAA8C;AAC1D,oBAAgB,KACd,uDACD;GACF;EACF,SAAQ,OAAO;AACd,UAAO,MAAM,yCAAyC,MAAM,EAAE;AAC9D,mBAAgB,KACd,8DACD;EACF;EAGD,MAAM,gBAAgB,CAACI,QAAgB;AACrC,OAAI;AACF,WAAO,OAAO,KAAK,KAAK,SAAS,CAAC,SAAS,SAAS,KAAK;GAC1D,QAAO;AACN,WAAO;GACR;EACF;AAED,MAAI,mBAAmB,cAAc,eAAe,EAAE;AACpD,UAAO,KAAK,oDAAoD;AAChE,mBAAgB,KAAK,2CAA2C;EACjE;AAED,MAAI,sBAAsB,cAAc,kBAAkB,EAAE;AAC1D,UAAO,KAAK,uDAAuD;AACnE,mBAAgB,KACd,uDACD;EACF;AAED,MAAI,2BAA2B,cAAc,uBAAuB,EAAE;AACpE,UAAO,KAAK,6DAA6D;AACzE,mBAAgB,KACd,6DACD;EACF;AAED,SAAO;GACL;GACA;GACA;GACA;GACA;EACD;CACF,SAAQ,OAAO;AACd,SAAO,MAAM,6BAA6B,MAAM,EAAE;AAClD,kBAAgB,KAAK,6CAA6C;AAElE,SAAO;GACL,gBAAgB;GAChB,mBAAmB;GACnB,wBAAwB;GACxB;GACA;EACD;CACF;AACF;;;;AAKD,SAAgB,wBACdD,UACAL,gBACkB;CAClB,MAAM,sBAAsB,iCAAiC,eAAe;CAC5E,MAAM,oBAAoB,+BACxB,UACA,eACD;CAED,MAAM,oBAAoB,oBAAoB,OAAO;CACrD,MAAM,kBAAkB,kBAAkB,OAAO;AAEjD,QAAO;EACL;EACA;EACA,SAAS;GACP,aAAa,oBAAoB;GACjC;GACA;EACD;CACF;AACF;;;;AAKD,SAAgB,iBAAiBO,QAAgC;AAC/D,SAAQ,IAAI,6CAA6C;AACzD,SAAQ,IAAI,IAAI,OAAO,GAAG,CAAC;AAG3B,SAAQ,IAAI,4BAA4B;AACxC,SAAQ,IAAI,IAAI,OAAO,GAAG,CAAC;AAE3B,SAAQ,KAAK,YAAY,OAAO,oBAAoB,WAAW,EAAE;AACjE,SAAQ,KAAK,aAAa,OAAO,oBAAoB,YAAY,EAAE;AAEnE,KAAI,OAAO,oBAAoB,uBAC7B,SAAQ,KACL,2BAA2B,OAAO,oBAAoB,uBAAuB,EAC/E;AAGH,KAAI,OAAO,oBAAoB,aAC7B,SAAQ,KAAK,mBAAmB,OAAO,oBAAoB,aAAa,EAAE;AAG5E,KAAI,OAAO,oBAAoB,OAAO,SAAS,GAAG;AAChD,UAAQ,IAAI,6BAA6B;AACzC,SAAO,oBAAoB,OAAO,QAAQ,CAAC,OAAO,UAAU;AAC1D,WAAQ,KAAK,MAAM,QAAQ,EAAE,IAAI,MAAM,EAAE;EAC1C,EAAC;CACH;AAED,KAAI,OAAO,oBAAoB,gBAAgB,SAAS,GAAG;AACzD,UAAQ,IAAI,sCAAsC;AAClD,SAAO,oBAAoB,gBAAgB,QAAQ,CAAC,KAAK,UAAU;AACjE,WAAQ,KAAK,MAAM,QAAQ,EAAE,IAAI,IAAI,EAAE;EACxC,EAAC;CACH;AAGD,SAAQ,IAAI,0BAA0B;AACtC,SAAQ,IAAI,IAAI,OAAO,GAAG,CAAC;AAE3B,SAAQ,KACL,qBAAqB,OAAO,kBAAkB,eAAe,UAAU,GAAG,GAAG,CAAC,KAChF;AACD,SAAQ,KACL,wBAAwB,OAAO,kBAAkB,kBAAkB,UAAU,GAAG,GAAG,CAAC,KACtF;AACD,SAAQ,KACL,8BAA8B,OAAO,kBAAkB,uBAAuB,UAAU,GAAG,GAAG,CAAC,KACjG;AAED,KAAI,OAAO,kBAAkB,OAAO,SAAS,GAAG;AAC9C,UAAQ,IAAI,2BAA2B;AACvC,SAAO,kBAAkB,OAAO,QAAQ,CAAC,OAAO,UAAU;AACxD,WAAQ,KAAK,MAAM,QAAQ,EAAE,IAAI,MAAM,EAAE;EAC1C,EAAC;CACH;AAED,KAAI,OAAO,kBAAkB,gBAAgB,SAAS,GAAG;AACvD,UAAQ,IAAI,oCAAoC;AAChD,SAAO,kBAAkB,gBAAgB,QAAQ,CAAC,KAAK,UAAU;AAC/D,WAAQ,KAAK,MAAM,QAAQ,EAAE,IAAI,IAAI,EAAE;EACxC,EAAC;CACH;AAGD,SAAQ,IAAI,eAAe;AAC3B,SAAQ,IAAI,IAAI,OAAO,GAAG,CAAC;AAC3B,SAAQ,KAAK,wBAAwB,OAAO,QAAQ,YAAY,EAAE;AAClE,SAAQ,KAAK,wBAAwB,OAAO,QAAQ,kBAAkB,EAAE;AACxE,SAAQ,KAAK,sBAAsB,OAAO,QAAQ,gBAAgB,EAAE;AAEpE,KAAI,OAAO,QAAQ,gBAAgB,GAAG;AACpC,UAAQ,IAAI,+CAA+C;AAC3D,UAAQ,IAAI,6DAA6D;CAC1E,OAAM;AACL,UAAQ,IAAI,yDAAyD;EAGrE,MAAM,WAAW,OAAO,oBAAoB,OAAO,KAAK,WACtD,MAAM,SAAS,QAAQ,CACxB;EACD,MAAM,WAAW,OAAO,oBAAoB,OAAO,KAAK,WACtD,MAAM,SAAS,QAAQ,CACxB;EACD,MAAM,WAAW,OAAO,oBAAoB,OAAO,KAAK,WACtD,MAAM,SAAS,QAAQ,CACxB;EACD,MAAM,WAAW,OAAO,oBAAoB,OAAO,KAAK,WACtD,MAAM,SAAS,QAAQ,CACxB;EACD,MAAM,WAAW,OAAO,kBAAkB,OAAO,KAAK,WACpD,MAAM,SAAS,QAAQ,CACxB;AAED,UAAQ,IAAI,yCAAyC;AAErD,MAAI,SACF,SAAQ,IACN,gEACD;AAGH,MAAI,SACF,SAAQ,IACN,+DACD;AAGH,MAAI,SACF,SAAQ,IAAI,qDAAqD;AAGnE,MAAI,SACF,SAAQ,IAAI,4DAA4D;AAG1E,MAAI,SACF,SAAQ,IAAI,uDAAuD;AAGrE,MAAI,OAAO,QAAQ,oBAAoB,GAAG;AACxC,WAAQ,IAAI,kCAAkC;AAC9C,WAAQ,IAAI,iDAAiD;AAC7D,WAAQ,IACN,mEACD;EACF;AAED,MAAI,OAAO,QAAQ,kBAAkB,GAAG;AACtC,WAAQ,IAAI,4BAA4B;AACxC,WAAQ,IAAI,oDAAoD;EACjE;AAED,UAAQ,IAAI,qBAAqB;AACjC,UAAQ,IAAI,iDAAiD;AAC7D,UAAQ,IAAI,uDAAuD;AACnE,UAAQ,IAAI,6CAA6C;AACzD,UAAQ,IAAI,kDAAkD;CAC/D;AAED,SAAQ,IAAI,OAAO,IAAI,OAAO,GAAG,CAAC;AACnC"}

package/dist/index3.cjs CHANGED Viewed

@@ -1,6 +1,6 @@
 require('./formatIdValue-i67o4kyD.cjs');
-require('./document-DWsGewNs.cjs');
-const require_documentSubmission = require('./documentSubmission-YwuM4ap1.cjs');
+require('./document-CCza2JPL.cjs');
+const require_documentSubmission = require('./documentSubmission-M4UlirJ7.cjs');
 exports.getSubmissionStatus = require_documentSubmission.getSubmissionStatus;
 exports.performDocumentAction = require_documentSubmission.performDocumentAction;

package/dist/index30.cjs CHANGED Viewed

@@ -0,0 +1,193 @@
+//#region src/utils/validation.ts
+/**
+* Validates TIN format based on registration type
+*/
+const validateTIN = (tin, registrationType) => {
+	const errors = [];
+	if (!tin) {
+		errors.push({
+			field: "tin",
+			code: "TIN_REQUIRED",
+			message: "TIN is required",
+			severity: "error"
+		});
+		return errors;
+	}
+	if (registrationType === "BRN" && !tin.startsWith("C")) errors.push({
+		field: "tin",
+		code: "TIN_FORMAT_INVALID",
+		message: "Company TIN should start with \"C\" for BRN registration",
+		severity: "warning"
+	});
+	if (registrationType === "NRIC" && !tin.startsWith("IG")) errors.push({
+		field: "tin",
+		code: "TIN_FORMAT_INVALID",
+		message: "Individual TIN should start with \"IG\" for NRIC registration",
+		severity: "warning"
+	});
+	if (tin.length > 14) errors.push({
+		field: "tin",
+		code: "TIN_LENGTH_INVALID",
+		message: "TIN cannot exceed 14 characters",
+		severity: "error"
+	});
+	return errors;
+};
+/**
+* Validates contact number format (E.164 standard)
+*/
+const validateContactNumber = (contactNumber) => {
+	const errors = [];
+	if (!contactNumber || contactNumber === "NA") return errors;
+	const e164Regex = /^\+[1-9]\d{1,14}$/;
+	if (!e164Regex.test(contactNumber)) errors.push({
+		field: "contactNumber",
+		code: "CONTACT_FORMAT_INVALID",
+		message: "Contact number must be in E.164 format (e.g., +60123456789)",
+		severity: "error"
+	});
+	if (contactNumber.length < 8) errors.push({
+		field: "contactNumber",
+		code: "CONTACT_LENGTH_INVALID",
+		message: "Contact number must be at least 8 characters",
+		severity: "error"
+	});
+	return errors;
+};
+/**
+* Validates monetary amounts
+*/
+const validateMonetaryAmount = (amount, fieldName, maxDigits = 18, maxDecimals = 2) => {
+	const errors = [];
+	if (amount < 0) errors.push({
+		field: fieldName,
+		code: "AMOUNT_NEGATIVE",
+		message: `${fieldName} cannot be negative`,
+		severity: "error"
+	});
+	const amountStr = amount.toString();
+	const [integerPart, decimalPart] = amountStr.split(".");
+	if (integerPart && integerPart.length > maxDigits - maxDecimals) errors.push({
+		field: fieldName,
+		code: "AMOUNT_DIGITS_EXCEEDED",
+		message: `${fieldName} exceeds maximum ${maxDigits} digits`,
+		severity: "error"
+	});
+	if (decimalPart && decimalPart.length > maxDecimals) errors.push({
+		field: fieldName,
+		code: "AMOUNT_DECIMALS_EXCEEDED",
+		message: `${fieldName} exceeds maximum ${maxDecimals} decimal places`,
+		severity: "error"
+	});
+	return errors;
+};
+/**
+* Validates line item tax calculation consistency for both fixed rate and percentage taxation
+*/
+const validateLineItemTax = (item, index) => {
+	const errors = [];
+	const tolerance = .01;
+	const hasFixedRate = item.taxPerUnitAmount !== void 0 && item.baseUnitMeasure !== void 0;
+	const hasPercentageRate = item.taxRate !== void 0;
+	if (!hasFixedRate && !hasPercentageRate) {
+		errors.push({
+			field: `lineItem[${index}]`,
+			code: "TAX_METHOD_MISSING",
+			message: `Line item ${index + 1} must specify either taxRate (for percentage) or taxPerUnitAmount + baseUnitMeasure (for fixed rate)`,
+			severity: "error"
+		});
+		return errors;
+	}
+	if (hasFixedRate && hasPercentageRate) errors.push({
+		field: `lineItem[${index}]`,
+		code: "TAX_METHOD_CONFLICT",
+		message: `Line item ${index + 1} cannot have both percentage and fixed rate tax methods`,
+		severity: "error"
+	});
+	if (hasFixedRate) {
+		if (item.baseUnitMeasureCode === void 0) errors.push({
+			field: `lineItem[${index}].baseUnitMeasureCode`,
+			code: "UNIT_CODE_MISSING",
+			message: `Line item ${index + 1} with fixed rate tax must specify baseUnitMeasureCode`,
+			severity: "error"
+		});
+		const expectedTaxAmount = item.taxPerUnitAmount * item.baseUnitMeasure;
+		if (Math.abs(item.taxAmount - expectedTaxAmount) > tolerance) errors.push({
+			field: `lineItem[${index}].taxAmount`,
+			code: "FIXED_TAX_CALCULATION_MISMATCH",
+			message: `Line item ${index + 1} tax amount (${item.taxAmount}) doesn't match fixed rate calculation (${item.taxPerUnitAmount} × ${item.baseUnitMeasure} = ${expectedTaxAmount})`,
+			severity: "error"
+		});
+	}
+	if (hasPercentageRate && !hasFixedRate) {
+		const expectedTaxAmount = item.totalTaxableAmountPerLine * item.taxRate / 100;
+		if (Math.abs(item.taxAmount - expectedTaxAmount) > tolerance) errors.push({
+			field: `lineItem[${index}].taxAmount`,
+			code: "PERCENTAGE_TAX_CALCULATION_MISMATCH",
+			message: `Line item ${index + 1} tax amount (${item.taxAmount}) doesn't match percentage calculation (${item.totalTaxableAmountPerLine} × ${item.taxRate}% = ${expectedTaxAmount})`,
+			severity: "error"
+		});
+	}
+	return errors;
+};
+/**
+* Validates tax calculation consistency
+*/
+const validateTaxCalculations = (invoice) => {
+	const errors = [];
+	invoice.invoiceLineItems.forEach((item, index) => {
+		errors.push(...validateLineItemTax(item, index));
+	});
+	const expectedTaxExclusive = invoice.invoiceLineItems.reduce((sum, item) => sum + item.totalTaxableAmountPerLine, 0);
+	const expectedTaxAmount = invoice.invoiceLineItems.reduce((sum, item) => sum + item.taxAmount, 0);
+	const tolerance = .01;
+	if (Math.abs(invoice.legalMonetaryTotal.taxExclusiveAmount - expectedTaxExclusive) > tolerance) errors.push({
+		field: "legalMonetaryTotal.taxExclusiveAmount",
+		code: "TAX_EXCLUSIVE_MISMATCH",
+		message: `Tax exclusive amount (${invoice.legalMonetaryTotal.taxExclusiveAmount}) doesn't match sum of line items (${expectedTaxExclusive})`,
+		severity: "error"
+	});
+	if (Math.abs(invoice.taxTotal.taxAmount - expectedTaxAmount) > tolerance) errors.push({
+		field: "taxTotal.taxAmount",
+		code: "TAX_AMOUNT_MISMATCH",
+		message: `Tax amount (${invoice.taxTotal.taxAmount}) doesn't match sum of line item taxes (${expectedTaxAmount})`,
+		severity: "error"
+	});
+	return errors;
+};
+/**
+* Main validation function for complete invoice
+*/
+const validateInvoice = (invoice) => {
+	const allErrors = [];
+	allErrors.push(...validateTIN(invoice.supplier.tin, invoice.supplier.registrationType));
+	allErrors.push(...validateTIN(invoice.buyer.tin, invoice.buyer.registrationType));
+	allErrors.push(...validateContactNumber(invoice.supplier.contactNumber));
+	allErrors.push(...validateContactNumber(invoice.buyer.contactNumber));
+	allErrors.push(...validateMonetaryAmount(invoice.legalMonetaryTotal.taxExclusiveAmount, "taxExclusiveAmount"));
+	allErrors.push(...validateMonetaryAmount(invoice.legalMonetaryTotal.payableAmount, "payableAmount"));
+	allErrors.push(...validateMonetaryAmount(invoice.taxTotal.taxAmount, "taxAmount"));
+	invoice.invoiceLineItems.forEach((item, index) => {
+		allErrors.push(...validateMonetaryAmount(item.unitPrice, `lineItem[${index}].unitPrice`));
+		allErrors.push(...validateMonetaryAmount(item.taxAmount, `lineItem[${index}].taxAmount`));
+		allErrors.push(...validateMonetaryAmount(item.totalTaxableAmountPerLine, `lineItem[${index}].totalTaxableAmountPerLine`));
+	});
+	allErrors.push(...validateTaxCalculations(invoice));
+	const errors = allErrors.filter((e) => e.severity === "error");
+	const warnings = allErrors.filter((e) => e.severity === "warning");
+	return {
+		isValid: errors.length === 0,
+		errors,
+		warnings
+	};
+};
+//#endregion
+exports.validateContactNumber = validateContactNumber;
+exports.validateInvoice = validateInvoice;
+exports.validateLineItemTax = validateLineItemTax;
+exports.validateMonetaryAmount = validateMonetaryAmount;
+exports.validateTIN = validateTIN;
+exports.validateTaxCalculations = validateTaxCalculations;
+//# sourceMappingURL=index30.cjs.map