Sage Pay error 3045 : The Currency field is missing. MALFORMED

Question

I am trying to upgrade sage pay version from 2.22 to 3.00 and I am using Form Intergration to submit the values to Sage. The codes written asp.net(VB). In 2.2, it was using "SimpleXor encryption algorithm", but that doesn't allowed in version 3.00 and as a result, I am getting the below error message:

This transaction attempt has failed. We are unable to redirect you back to the web store from which you were purchasing. The details of the failure are given below.

Status: INVALID
Status Detail: 5068 : The encryption method is not supported by this protocol version.

I found, version 3.00 allowed only AES encryption, And I have added the below code in class file for encryption:

Public Shared Function AESEncrypt(ByVal clearText As String) As String
        Dim EncryptionKey As String = "MAKV2SPBNI99212"
        Dim clearBytes As Byte() = Encoding.Unicode.GetBytes(clearText)
        Using encryptor As Aes = Aes.Create()
            Dim pdb As New Rfc2898DeriveBytes(EncryptionKey, New Byte() {&H49, &H76, &H61, &H6E, &H20, &H4D, _
             &H65, &H64, &H76, &H65, &H64, &H65, _
             &H76})
            encryptor.Key = pdb.GetBytes(32)
            encryptor.IV = pdb.GetBytes(16)
            Using ms As New MemoryStream()
                Using cs As New CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write)
                    cs.Write(clearBytes, 0, clearBytes.Length)
                    cs.Close()
                End Using
                clearText = Convert.ToBase64String(ms.ToArray())
            End Using
        End Using
        Return clearText
    End Function

And in main .vb file, I change below code:

Dim strXOR As String = simpleXor(strPost, strEncryptionPassword)
strCrypt = base64Encode(strXOR)

To

Dim aesEncrypt As String = AESEncrypt(strPost)
strCrypt = "@" & aesEncrypt

Sorry, I am begginer on this. Is there any mistakes I did in my class file Or in main vb file? Do I need to base64encode after aes encryption?

Thank you in advance.

Answer 1

OK. Compete answer rewrite.

Ditch the code you have - I found it on another site and it isn't going to work.

Instead, use the stuff below (which I've adapted very slightly from here) :

 Public Shared Function AESEncryption(ByVal strCrypt As String, ByVal strEncryptionPassword As String) As String

        Dim keyAndIvBytes As Byte() = UTF8Encoding.UTF8.GetBytes(strEncryptionPassword)

        Using AES As New RijndaelManaged()
            ' Set the mode, padding and block size for the key
            AES.Padding = PaddingMode.PKCS7
            AES.Mode = CipherMode.CBC
            AES.KeySize = 128
            AES.BlockSize = 128

            ' Encrypt the string to an array of bytes. 
            Dim encrypted As Byte() = EncryptStringToBytes(strCrypt, keyAndIvBytes, keyAndIvBytes)

            AESEncryption = "@" & BitConverter.ToString(encrypted).Replace("-", "").ToUpper
            ' System.Console.WriteLine(AESEncryption)
        End Using
    End Function

    Public Shared Function AESDecryption(ByVal strCrypt As String, ByVal strEncryptionPassword As String) As String

        Dim keyAndIvBytes As [Byte]() = UTF8Encoding.UTF8.GetBytes(strEncryptionPassword)

        ' Create a new instance of the RijndaelManaged 
        ' class.  This generates a new key and initialization  
        ' vector (IV). 
        Using AES As New RijndaelManaged()
            ' Set the mode, padding and block size for the key
            AES.Padding = PaddingMode.PKCS7
            AES.Mode = CipherMode.CBC
            AES.KeySize = 128
            AES.BlockSize = 128

            Dim encryptedData As Byte() = StringToByteArray(strCrypt.Remove(0, 1))

            Dim roundtrip As String = DecryptStringFromBytes(encryptedData, keyAndIvBytes, keyAndIvBytes)

            AESDecryption = roundtrip
        End Using
    End Function
    Shared Function byteArrayToHexString(ByVal ba As Byte()) As String
        Return BitConverter.ToString(ba).Replace("-", "")
    End Function
    Shared Function StringToByteArray(ByVal hex As String) As Byte()
        Return Enumerable.Range(0, hex.Length).Where(Function(x) x Mod 2 = 0).[Select](Function(x) Convert.ToByte(hex.Substring(x, 2), 16)).ToArray()
    End Function

    Shared Function EncryptStringToBytes(ByVal plainText As String, ByVal Key() As Byte, ByVal IV() As Byte) As Byte()
        ' Check arguments. 
        If plainText Is Nothing OrElse plainText.Length <= 0 Then
            Throw New ArgumentNullException("plainText")
        End If
        If Key Is Nothing OrElse Key.Length <= 0 Then
            Throw New ArgumentNullException("Key")
        End If
        If IV Is Nothing OrElse IV.Length <= 0 Then
            Throw New ArgumentNullException("IV")
        End If
        Dim encrypted() As Byte
        ' Create an RijndaelManaged object 
        ' with the specified key and IV. 
        Using AES As New RijndaelManaged()
            AES.Padding = PaddingMode.PKCS7
            AES.Mode = CipherMode.CBC
            AES.KeySize = 128
            AES.BlockSize = 128

            AES.Key = Key
            AES.IV = IV

            ' Create a decrytor to perform the stream transform. 
            Dim encryptor As ICryptoTransform = AES.CreateEncryptor(AES.Key, AES.IV)
            ' Create the streams used for encryption. 
            Using msEncrypt As New MemoryStream()
                Using csEncrypt As New CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)
                    Using swEncrypt As New StreamWriter(csEncrypt)

                        'Write all data to the stream.
                        swEncrypt.Write(plainText)
                    End Using
                    encrypted = msEncrypt.ToArray()
                End Using
            End Using
        End Using

        ' Return the encrypted bytes from the memory stream. 
        Return encrypted

    End Function 'EncryptStringToBytes

    Shared Function DecryptStringFromBytes(ByVal cipherText() As Byte, ByVal Key() As Byte, ByVal IV() As Byte) As String

        ' Check arguments. 
        If cipherText Is Nothing OrElse cipherText.Length <= 0 Then
            Throw New ArgumentNullException("cipherText")
        End If
        If Key Is Nothing OrElse Key.Length <= 0 Then
            Throw New ArgumentNullException("Key")
        End If
        If IV Is Nothing OrElse IV.Length <= 0 Then
            Throw New ArgumentNullException("IV")
        End If
        ' Declare the string used to hold 
        ' the decrypted text. 
        Dim plaintext As String = Nothing

        ' Create an RijndaelManaged object 
        ' with the specified key and IV. 
        Using AES As New RijndaelManaged
            AES.Padding = PaddingMode.PKCS7
            AES.Mode = CipherMode.CBC
            AES.KeySize = 128
            AES.BlockSize = 128

            'AES.Key = Key
            'AES.IV = IV

            ' Create a decrytor to perform the stream transform. 
            Dim decryptor As ICryptoTransform = AES.CreateDecryptor(Key, IV)

            ' Create the streams used for decryption. 
            Using msDecrypt As New MemoryStream(cipherText)

                Using csDecrypt As New CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)

                    Using srDecrypt As New StreamReader(csDecrypt)


                        ' Read the decrypted bytes from the decrypting stream 
                        ' and place them in a string.
                        plaintext = srDecrypt.ReadToEnd()
                    End Using
                End Using
            End Using
        End Using

        Return plaintext

    End Function

And in your main.vb file change:

Dim strXOR As String = simpleXor(strPost, strEncryptionPassword)
strCrypt = base64Encode(strXOR)

To:

strCrypt=AESEncryption(strPost, strEncryptionPassword)