(SQL Server) Sign XML for Zakat, Tax and Customs Authority (ZATCA)

See more ZATCA Examples

Demonstrates how to sign XML for Zakat, Tax and Customs Authority (ZATCA).

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @success int
    SELECT @success = 1

    -- Load XML to be signed...
    DECLARE @sbXml int
    -- Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbXml OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    EXEC sp_OAMethod @sbXml, 'LoadFile', @success OUT, 'qa_data/xml_dsig_valid_samples/UBL_Saudi_ZATCA_Zakat_Tax_and_Customs_Authority_toBeSigned.xml', 'utf-8'
    IF @success = 0
      BEGIN

        PRINT 'Failed to load XML file to be signed.'
        EXEC @hr = sp_OADestroy @sbXml
        RETURN
      END

    -- Loads XML containing the following (with data modified from the original sample).

    -- <?xml version="1.0" encoding="UTF-8"?>
    -- <Invoice xmlns="urn:oasis:names:specification:ubl:schema:xsd:Invoice-2" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2" xmlns:ext="urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2"><ext:UBLExtensions>
    --     <ext:UBLExtension>
    --         <ext:ExtensionURI>urn:oasis:names:specification:ubl:dsig:enveloped:xades</ext:ExtensionURI>
    --         <ext:ExtensionContent>
    --             <sig:UBLDocumentSignatures xmlns:sig="urn:oasis:names:specification:ubl:schema:xsd:CommonSignatureComponents-2" xmlns:sac="urn:oasis:names:specification:ubl:schema:xsd:SignatureAggregateComponents-2" xmlns:sbc="urn:oasis:names:specification:ubl:schema:xsd:SignatureBasicComponents-2">
    --                 <sac:SignatureInformation>
    --                     <cbc:ID>urn:oasis:names:specification:ubl:signature:1</cbc:ID>
    --                     <sbc:ReferencedSignatureID>urn:oasis:names:specification:ubl:signature:Invoice</sbc:ReferencedSignatureID>
    --                     
    --                 </sac:SignatureInformation>
    --             </sig:UBLDocumentSignatures>
    --         </ext:ExtensionContent>
    --     </ext:UBLExtension>
    -- </ext:UBLExtensions>
    --    
    --    <cbc:ProfileID>reporting:1.0</cbc:ProfileID>
    --    <cbc:ID>100</cbc:ID>
    --    <cbc:UUID>3cf5ee18-ee25-44ea-a444-2c37ba7f28be</cbc:UUID>
    --    <cbc:IssueDate>2021-04-25</cbc:IssueDate>
    --    <cbc:IssueTime>15:30:00</cbc:IssueTime>
    --    <cbc:InvoiceTypeCode name="0100000">388</cbc:InvoiceTypeCode>
    --    <cbc:DocumentCurrencyCode>SAR</cbc:DocumentCurrencyCode>
    --    <cbc:TaxCurrencyCode>SAR</cbc:TaxCurrencyCode>
    --    <cbc:LineCountNumeric>2</cbc:LineCountNumeric>
    --    <cac:AdditionalDocumentReference>
    --       <cbc:ID>ICV</cbc:ID>
    --       <cbc:UUID>46531</cbc:UUID>
    --    </cac:AdditionalDocumentReference>
    --    <cac:AdditionalDocumentReference>
    --       <cbc:ID>PIH</cbc:ID>
    --       <cac:Attachment>
    --          <cbc:EmbeddedDocumentBinaryObject mimeCode="text/plain">NWZl......NTdlOQ==</cbc:EmbeddedDocumentBinaryObject>
    --       </cac:Attachment>
    --    </cac:AdditionalDocumentReference>
    --    
    --   
    --    <cac:AdditionalDocumentReference>
    --         <cbc:ID>QR</cbc:ID>
    --         <cac:Attachment>
    --             <cbc:EmbeddedDocumentBinaryObject mimeCode="text/plain">ARlBbC........FAau5g</cbc:EmbeddedDocumentBinaryObject>
    --         </cac:Attachment>
    -- </cac:AdditionalDocumentReference><cac:Signature>
    --       <cbc:ID>urn:oasis:names:specification:ubl:signature:Invoice</cbc:ID>
    --       <cbc:SignatureMethod>urn:oasis:names:specification:ubl:dsig:enveloped:xades</cbc:SignatureMethod>
    -- </cac:Signature><cac:AccountingSupplierParty>
    --       <cac:Party>
    --          <cac:PartyIdentification>
    --             <cbc:ID schemeID="MLS">123457890</cbc:ID>
    --          </cac:PartyIdentification>
    --          <cac:PostalAddress>
    --             <cbc:StreetName>King Abdulaziz Road</cbc:StreetName>
    --             <cbc:BuildingNumber>9999</cbc:BuildingNumber>
    --             <cbc:PlotIdentification>9999</cbc:PlotIdentification>
    --             <cbc:CitySubdivisionName>Al Amal</cbc:CitySubdivisionName>
    --             <cbc:CityName>Riyadh</cbc:CityName>
    --             <cbc:PostalZone>12643</cbc:PostalZone>
    --             <cbc:CountrySubentity>Riyadh Region</cbc:CountrySubentity>
    --             <cac:Country>
    --                <cbc:IdentificationCode>SA</cbc:IdentificationCode>
    --             </cac:Country>
    --          </cac:PostalAddress>
    --          <cac:PartyTaxScheme>
    --             <cbc:CompanyID>300099999900003</cbc:CompanyID>
    --             <cac:TaxScheme>
    --                <cbc:ID>VAT</cbc:ID>
    --             </cac:TaxScheme>
    --          </cac:PartyTaxScheme>
    --          <cac:PartyLegalEntity>
    --             <cbc:RegistrationName>Example Co. LTD</cbc:RegistrationName>
    --          </cac:PartyLegalEntity>
    --       </cac:Party>
    --    </cac:AccountingSupplierParty>
    --    <cac:AccountingCustomerParty>
    --       <cac:Party>
    --          <cac:PartyIdentification>
    --             <cbc:ID schemeID="SAG">123C12345678</cbc:ID>
    --          </cac:PartyIdentification>
    --          <cac:PostalAddress>
    --             <cbc:StreetName>King Abdullah Road</cbc:StreetName>
    --             <cbc:BuildingNumber>9999</cbc:BuildingNumber>
    --             <cbc:PlotIdentification>9999</cbc:PlotIdentification>
    --             <cbc:CitySubdivisionName>Al Mursalat</cbc:CitySubdivisionName>
    --             <cbc:CityName>Riyadh</cbc:CityName>
    --             <cbc:PostalZone>11564</cbc:PostalZone>
    --             <cbc:CountrySubentity>Riyadh Region</cbc:CountrySubentity>
    --             <cac:Country>
    --                <cbc:IdentificationCode>SA</cbc:IdentificationCode>
    --             </cac:Country>
    --          </cac:PostalAddress>
    --          <cac:PartyTaxScheme>
    --             <cac:TaxScheme>
    --                <cbc:ID>VAT</cbc:ID>
    --             </cac:TaxScheme>
    --          </cac:PartyTaxScheme>
    --          <cac:PartyLegalEntity>
    --             <cbc:RegistrationName>EXAMPLE MARKETS</cbc:RegistrationName>
    --          </cac:PartyLegalEntity>
    --       </cac:Party>
    --    </cac:AccountingCustomerParty>
    --    <cac:Delivery>
    --       <cbc:ActualDeliveryDate>2022-04-25</cbc:ActualDeliveryDate>
    --    </cac:Delivery>
    --    <cac:PaymentMeans>
    --       <cbc:PaymentMeansCode>42</cbc:PaymentMeansCode>
    --    </cac:PaymentMeans>
    --    <cac:TaxTotal>
    --       <cbc:TaxAmount currencyID="SAR">135.00</cbc:TaxAmount>
    --       <cac:TaxSubtotal>
    --          <cbc:TaxableAmount currencyID="SAR">900.00</cbc:TaxableAmount>
    --          <cbc:TaxAmount currencyID="SAR">135.00</cbc:TaxAmount>
    --          <cac:TaxCategory>
    --             <cbc:ID>S</cbc:ID>
    --             <cbc:Percent>15</cbc:Percent>
    --             <cac:TaxScheme>
    --                <cbc:ID>VAT</cbc:ID>
    --             </cac:TaxScheme>
    --          </cac:TaxCategory>
    --       </cac:TaxSubtotal>
    --    </cac:TaxTotal>
    --    <cac:TaxTotal>
    --       <cbc:TaxAmount currencyID="SAR">135.00</cbc:TaxAmount>
    --    </cac:TaxTotal>
    --    <cac:LegalMonetaryTotal>
    --       <cbc:LineExtensionAmount currencyID="SAR">900.00</cbc:LineExtensionAmount>
    --       <cbc:TaxExclusiveAmount currencyID="SAR">900.00</cbc:TaxExclusiveAmount>
    --       <cbc:TaxInclusiveAmount currencyID="SAR">1035.00</cbc:TaxInclusiveAmount>
    --       <cbc:AllowanceTotalAmount currencyID="SAR">0.00</cbc:AllowanceTotalAmount>
    --       <cbc:PayableAmount currencyID="SAR">1035.00</cbc:PayableAmount>
    --    </cac:LegalMonetaryTotal>
    --    <cac:InvoiceLine>
    --       <cbc:ID>1</cbc:ID>
    --       <cbc:InvoicedQuantity unitCode="PCE">1</cbc:InvoicedQuantity>
    --       <cbc:LineExtensionAmount currencyID="SAR">200.00</cbc:LineExtensionAmount>
    --       <cac:TaxTotal>
    --          <cbc:TaxAmount currencyID="SAR">30.00</cbc:TaxAmount>
    --          <cbc:RoundingAmount currencyID="SAR">230.00</cbc:RoundingAmount>
    --       </cac:TaxTotal>
    --       <cac:Item>
    --          <cbc:Name>Item A</cbc:Name>
    --          <cac:ClassifiedTaxCategory>
    --             <cbc:ID>S</cbc:ID>
    --             <cbc:Percent>15</cbc:Percent>
    --             <cac:TaxScheme>
    --                <cbc:ID>VAT</cbc:ID>
    --             </cac:TaxScheme>
    --          </cac:ClassifiedTaxCategory>
    --       </cac:Item>
    --       <cac:Price>
    --          <cbc:PriceAmount currencyID="SAR">200.00</cbc:PriceAmount>
    --       </cac:Price>
    --    </cac:InvoiceLine>
    --    <cac:InvoiceLine>
    --       <cbc:ID>2</cbc:ID>
    --       <cbc:InvoicedQuantity unitCode="PCE">2</cbc:InvoicedQuantity>
    --       <cbc:LineExtensionAmount currencyID="SAR">700.00</cbc:LineExtensionAmount>
    --       <cac:TaxTotal>
    --          <cbc:TaxAmount currencyID="SAR">105.00</cbc:TaxAmount>
    --          <cbc:RoundingAmount currencyID="SAR">805.00</cbc:RoundingAmount>
    --       </cac:TaxTotal>
    --       <cac:Item>
    --          <cbc:Name>Item B</cbc:Name>
    --          <cac:ClassifiedTaxCategory>
    --             <cbc:ID>S</cbc:ID>
    --             <cbc:Percent>15</cbc:Percent>
    --             <cac:TaxScheme>
    --                <cbc:ID>VAT</cbc:ID>
    --             </cac:TaxScheme>
    --          </cac:ClassifiedTaxCategory>
    --       </cac:Item>
    --       <cac:Price>
    --          <cbc:PriceAmount currencyID="SAR">350.00</cbc:PriceAmount>
    --       </cac:Price>
    --    </cac:InvoiceLine>
    -- </Invoice>

    DECLARE @gen int
    -- Use "Chilkat_9_5_0.XmlDSigGen" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.XmlDSigGen', @gen OUT

    EXEC sp_OASetProperty @gen, 'SigLocation', 'Invoice|ext:UBLExtensions|ext:UBLExtension|ext:ExtensionContent|sig:UBLDocumentSignatures|sac:SignatureInformation'
    EXEC sp_OASetProperty @gen, 'SigLocationMod', 0
    EXEC sp_OASetProperty @gen, 'SigId', 'signature'
    EXEC sp_OASetProperty @gen, 'SigNamespacePrefix', 'ds'
    EXEC sp_OASetProperty @gen, 'SigNamespaceUri', 'http://www.w3.org/2000/09/xmldsig#'
    EXEC sp_OASetProperty @gen, 'SignedInfoCanonAlg', 'C14N_11'
    EXEC sp_OASetProperty @gen, 'SignedInfoDigestMethod', 'sha256'

    -- Create an Object to be added to the Signature.
    DECLARE @object1 int
    -- Use "Chilkat_9_5_0.Xml" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.Xml', @object1 OUT

    EXEC sp_OASetProperty @object1, 'Tag', 'xades:QualifyingProperties'
    EXEC sp_OAMethod @object1, 'AddAttribute', @success OUT, 'xmlns:xades', 'http://uri.etsi.org/01903/v1.3.2#'
    EXEC sp_OAMethod @object1, 'AddAttribute', @success OUT, 'Target', 'signature'
    EXEC sp_OAMethod @object1, 'UpdateAttrAt', @success OUT, 'xades:SignedProperties', 1, 'Id', 'xadesSignedProperties'
    EXEC sp_OAMethod @object1, 'UpdateChildContent', NULL, 'xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime', 'TO BE GENERATED BY CHILKAT'
    EXEC sp_OAMethod @object1, 'UpdateAttrAt', @success OUT, 'xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod', 1, 'Algorithm', 'http://www.w3.org/2001/04/xmlenc#sha256'
    EXEC sp_OAMethod @object1, 'UpdateChildContent', NULL, 'xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue', 'TO BE GENERATED BY CHILKAT'
    EXEC sp_OAMethod @object1, 'UpdateChildContent', NULL, 'xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName', 'TO BE GENERATED BY CHILKAT'
    EXEC sp_OAMethod @object1, 'UpdateChildContent', NULL, 'xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber', 'TO BE GENERATED BY CHILKAT'

    EXEC sp_OAMethod @object1, 'GetXml', @sTmp0 OUT
    EXEC sp_OAMethod @gen, 'AddObject', @success OUT, '', @sTmp0, '', ''

    -- -------- Reference 1 --------
    DECLARE @xml1 int
    -- Use "Chilkat_9_5_0.Xml" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.Xml', @xml1 OUT

    EXEC sp_OASetProperty @xml1, 'Tag', 'ds:Transforms'
    EXEC sp_OAMethod @xml1, 'UpdateAttrAt', @success OUT, 'ds:Transform', 1, 'Algorithm', 'http://www.w3.org/TR/1999/REC-xpath-19991116'
    EXEC sp_OAMethod @xml1, 'UpdateChildContent', NULL, 'ds:Transform|ds:XPath', 'not(//ancestor-or-self::ext:UBLExtensions)'
    EXEC sp_OAMethod @xml1, 'UpdateAttrAt', @success OUT, 'ds:Transform[1]', 1, 'Algorithm', 'http://www.w3.org/TR/1999/REC-xpath-19991116'
    EXEC sp_OAMethod @xml1, 'UpdateChildContent', NULL, 'ds:Transform[1]|ds:XPath', 'not(//ancestor-or-self::cac:Signature)'
    EXEC sp_OAMethod @xml1, 'UpdateAttrAt', @success OUT, 'ds:Transform[2]', 1, 'Algorithm', 'http://www.w3.org/TR/1999/REC-xpath-19991116'
    EXEC sp_OAMethod @xml1, 'UpdateChildContent', NULL, 'ds:Transform[2]|ds:XPath', 'not(//ancestor-or-self::cac:AdditionalDocumentReference[cbc:ID=''QR''])'
    EXEC sp_OAMethod @xml1, 'UpdateAttrAt', @success OUT, 'ds:Transform[3]', 1, 'Algorithm', 'http://www.w3.org/2006/12/xml-c14n11'

    EXEC sp_OAMethod @gen, 'AddSameDocRef2', @success OUT, '', 'sha256', @xml1, ''

    EXEC sp_OAMethod @gen, 'SetRefIdAttr', @success OUT, '', 'invoiceSignedData'

    -- -------- Reference 2 --------
    EXEC sp_OAMethod @gen, 'AddObjectRef', @success OUT, 'xadesSignedProperties', 'sha256', '', '', 'http://www.w3.org/2000/09/xmldsig#SignatureProperties'

    -- Provide a certificate + private key. (PFX password is test123)
    DECLARE @certFromPfx int
    -- Use "Chilkat_9_5_0.Cert" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.Cert', @certFromPfx OUT

    EXEC sp_OAMethod @certFromPfx, 'LoadPfxFile', @success OUT, 'qa_data/pfx/cert_test123.pfx', 'test123'
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @certFromPfx, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @gen
        EXEC @hr = sp_OADestroy @object1
        EXEC @hr = sp_OADestroy @xml1
        EXEC @hr = sp_OADestroy @certFromPfx
        RETURN
      END

    -- Alternatively, if your certificate and private key are in separate PEM files, do this:
    DECLARE @cert int
    -- Use "Chilkat_9_5_0.Cert" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT

    EXEC sp_OAMethod @cert, 'LoadFromFile', @success OUT, 'qa_data/zatca/cert.pem'
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @gen
        EXEC @hr = sp_OADestroy @object1
        EXEC @hr = sp_OADestroy @xml1
        EXEC @hr = sp_OADestroy @certFromPfx
        EXEC @hr = sp_OADestroy @cert
        RETURN
      END

    EXEC sp_OAGetProperty @cert, 'SubjectCN', @sTmp0 OUT
    PRINT @sTmp0

    -- Load the private key.
    DECLARE @privKey int
    -- Use "Chilkat_9_5_0.PrivateKey" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.PrivateKey', @privKey OUT

    EXEC sp_OAMethod @privKey, 'LoadPemFile', @success OUT, 'qa_data/zatca/ec-secp256k1-priv-key.pem'
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @privKey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @gen
        EXEC @hr = sp_OADestroy @object1
        EXEC @hr = sp_OADestroy @xml1
        EXEC @hr = sp_OADestroy @certFromPfx
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @privKey
        RETURN
      END


    EXEC sp_OAGetProperty @privKey, 'KeyType', @sTmp0 OUT
    PRINT 'Key Type: ' + @sTmp0

    -- Associate the private key with the certificate.
    EXEC sp_OAMethod @cert, 'SetPrivateKey', @success OUT, @privKey
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @gen
        EXEC @hr = sp_OADestroy @object1
        EXEC @hr = sp_OADestroy @xml1
        EXEC @hr = sp_OADestroy @certFromPfx
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @privKey
        RETURN
      END

    -- The certificate passed to SetX509Cert must have an associated private key.
    -- If the cert was loaded from a PFX, then it should automatically has an associated private key.
    -- If the cert was loaded from PEM, then the private key was explicitly associated as shown above.
    EXEC sp_OAMethod @gen, 'SetX509Cert', @success OUT, @cert, 1
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @gen, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @gen
        EXEC @hr = sp_OADestroy @object1
        EXEC @hr = sp_OADestroy @xml1
        EXEC @hr = sp_OADestroy @certFromPfx
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @privKey
        RETURN
      END

    EXEC sp_OASetProperty @gen, 'KeyInfoType', 'X509Data'
    EXEC sp_OASetProperty @gen, 'X509Type', 'Certificate'

    -- ---------------- This is important -----------------------------------------
    -- Starting in Chilkat v9.5.0.92, add the "ZATCA" behavior to produce the format required by ZATCA.
    EXEC sp_OASetProperty @gen, 'Behaviors', 'IndentedSignature,TransformSignatureXPath,ZATCA'
    -- ----------------------------------------------------------------------------

    -- Sign the XML...
    EXEC sp_OAMethod @gen, 'CreateXmlDSigSb', @success OUT, @sbXml
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @gen, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @gen
        EXEC @hr = sp_OADestroy @object1
        EXEC @hr = sp_OADestroy @xml1
        EXEC @hr = sp_OADestroy @certFromPfx
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @privKey
        RETURN
      END
    -- -----------------------------------------------

    -- Save the signed XML to a file.
    EXEC sp_OAMethod @sbXml, 'WriteFile', @success OUT, 'qa_output/signedXml.xml', 'utf-8', 0

    EXEC sp_OAMethod @sbXml, 'GetAsString', @sTmp0 OUT
    PRINT @sTmp0

    -- ----------------------------------------
    -- Verify the signatures we just produced...
    DECLARE @verifier int
    -- Use "Chilkat_9_5_0.XmlDSig" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.XmlDSig', @verifier OUT

    EXEC sp_OAMethod @verifier, 'LoadSignatureSb', @success OUT, @sbXml
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @verifier, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @gen
        EXEC @hr = sp_OADestroy @object1
        EXEC @hr = sp_OADestroy @xml1
        EXEC @hr = sp_OADestroy @certFromPfx
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @privKey
        EXEC @hr = sp_OADestroy @verifier
        RETURN
      END

    -- ---------------- This is important -----------------------------------------
    -- Starting in Chilkat v9.5.0.92, specify "ZATCA" in uncommon options 
    -- to validate signed XML according to ZATCA needs.
    -- ----------------------------------------------------------------------------
    EXEC sp_OASetProperty @verifier, 'UncommonOptions', 'ZATCA'

    DECLARE @numSigs int
    EXEC sp_OAGetProperty @verifier, 'NumSignatures', @numSigs OUT
    DECLARE @verifyIdx int
    SELECT @verifyIdx = 0
    WHILE @verifyIdx < @numSigs
      BEGIN
        EXEC sp_OASetProperty @verifier, 'Selector', @verifyIdx
        DECLARE @verified int
        EXEC sp_OAMethod @verifier, 'VerifySignature', @verified OUT, 1
        IF @verified <> 1
          BEGIN
            EXEC sp_OAGetProperty @verifier, 'LastErrorText', @sTmp0 OUT
            PRINT @sTmp0
            EXEC @hr = sp_OADestroy @sbXml
            EXEC @hr = sp_OADestroy @gen
            EXEC @hr = sp_OADestroy @object1
            EXEC @hr = sp_OADestroy @xml1
            EXEC @hr = sp_OADestroy @certFromPfx
            EXEC @hr = sp_OADestroy @cert
            EXEC @hr = sp_OADestroy @privKey
            EXEC @hr = sp_OADestroy @verifier
            RETURN
          END
        SELECT @verifyIdx = @verifyIdx + 1
      END

    PRINT 'All signatures were successfully verified.'

    EXEC @hr = sp_OADestroy @sbXml
    EXEC @hr = sp_OADestroy @gen
    EXEC @hr = sp_OADestroy @object1
    EXEC @hr = sp_OADestroy @xml1
    EXEC @hr = sp_OADestroy @certFromPfx
    EXEC @hr = sp_OADestroy @cert
    EXEC @hr = sp_OADestroy @privKey
    EXEC @hr = sp_OADestroy @verifier


END
GO