After weeks of trench work understanding as much as I can about X509 certificates and PayPal (dynamically) Encrypted buttons, I'm waving a white flag for help.
First, here's what I've tried..
- I have success end-to-end using PayPal's Website Payment Code Samples (Windowns, like is below) , but I'm looking to not use this C++ library because it depends on OpenSSL libraries to perform encryption (for the button).
- I noodled around with BouncyCastle as well, but it just seemed to be another dependency.
- Tried building a .pfx that contains an exportable key into the Windows certificate store using the mmc.exe snap-in -- this site is running on Azure, so this option is out as well.
At a high-level, a call should be...
var sStage = ""; //blank for production, otherwise, "sandbox"
var ppe = new PayPalEncryptor(sPrivKeyFile, sCertFile,sPPCertFile, "<passwordIfNeeded>");
string encrypted = ppe.Encrypt(cmdTxt, myCertFileName, myKeyFileName, payPalCertFileName);
if (!string.IsNullOrWhiteSpace(encrypted))
{
if ( File.Exists( sOutputFile ) )
File.Delete( sOutputFile );
StreamWriter OutStream = new StreamWriter(sOutputFile, false, Encoding.ASCII);
if (OutStream != null)
{
OutStream.Write( @"<form action=""https://www." );
OutStream.Write( sStage );
OutStream.WriteLine( @"paypal.com/cgi-bin/webscr"" method=""post"">" );
OutStream.WriteLine(@"<input type=""hidden"" name=""cmd"" value=""_s-xclick"">");
OutStream.Write( @"<input type=""image"" src=""https://www." );
OutStream.Write( sStage );
OutStream.WriteLine( @"paypal.com/en_US/i/btn/x-click-but23.gif"" border=""0"" name=""submit"" alt=""Make payments with PayPal - it's fast, free and secure!"">" );
OutStream.Write( @"<input type=""hidden"" name=""encrypted"" value=""" );
OutStream.Write( sEnc );
OutStream.WriteLine( @""">" );
OutStream.WriteLine( @"</form>" );
OutStream.Close();
}
}
Where I had trouble was finding a pure .Net PayPalEncryptor class that actually works with .Net 4.6+, and without dependencies or certificate stores. It took me a long time to get around the "Key not found" error that can happen on the signed.ComputeSignature(signer) method and found that to fix the error, the following line helps, but the end result is not understood by PayPal -- I get a Sorry — your last action could not be completed PayPal Error.
RSACryptoServiceProvider rsaCsp = LoadCertificateFile(privateKeyFilePath);
Some items on StackOverflow have been helpful, but solutions seem to have issues at the low-levels.
EDIT: If you've used PayPal's PPEncrypt (w/OpenSSL) and have that working, try a pure .Net solution (no C++); I believe the encrypted output should be the same as the PPEncrypt output -- but I am not absolutely sure.
Any help will be deeply appreciated.
