Error: "The encryption method is not supported by this protocol version"

Question

I'm trying to get use Sage Pay's Form Integration with my website. I thought it'd be fairly straightforward but it's not proving to be so far. I'm working in .NET so I downloaded the .NET Integration Kit from their support page hoping that I'd be able to see how it works and replicate it.

Unfortunately, the example kits are far too complex for what they are. They should be extremely simple projects which allow the workings to be clearly understood, not complete, nicely encapsulated solutions. It's very complicated when there are methods in one code file that call methods from a couple of others which use values stored in the Web.Config file... For the purposes of education it'd be much easier if the code was typed out long-hand in one file, with settings values explicitly declared. Of course it wouldn't be pretty and hopefully no decent developer would replicate such a clumsy approach, but it would make it easier to see what's going on!

Anyway, rant over. My problem is that when I submit my data to Sage Pay I get the error

"5068: The encryption method is not supported by this protocol version"

To do my encryption I added the SagePay.IntegrationKit.DotNet.DLL file to my project and then called the SagePay.IntegrationKit.Cryptography.EncryptAndEncode method, which produces an encrypted string that looks the same as the one produced in the working example from the website. Unfortunately, when I submit the string to Sage Pay's server I get the error mentioned.

Answer 1

I didn't down vote, but there isn't a lot to go on in your question (e.g. source) which may explain it. However I've just got this working with this code to do the encryption:

public string SagePayEncryptAndEncode(string inputText, string key)
{
    using (var AES = new RijndaelManaged())
    {

        // Set the mode, padding and block size for the key
        AES.Padding = PaddingMode.PKCS7;
        AES.Mode = CipherMode.CBC;
        AES.KeySize = 128;
        AES.BlockSize = 128;

        // Convert key and input text into byte arrays
        Byte[] keyAndIvBytes = UTF8Encoding.UTF8.GetBytes(key);
        Byte[] inputBytes = UTF8Encoding.UTF8.GetBytes(inputText);

        // Create streams and encryptor object
        using (var memoryStream = new MemoryStream())
        using (var cryptoStream = new CryptoStream(memoryStream, AES.CreateEncryptor(keyAndIvBytes, keyAndIvBytes), CryptoStreamMode.Write))
        {

            // Perform encryption
            cryptoStream.Write(inputBytes, 0, inputBytes.Length);
            cryptoStream.FlushFinalBlock();

            // Get encrypted stream into byte array
            var outBytes = memoryStream.ToArray();

            // Manually close streams
            memoryStream.Close();
            cryptoStream.Close();
            AES.Clear();

            //return Convert.ToBase64String(outBytes);

            return BitConverter.ToString(outBytes).Replace("-", String.Empty);
        }
    }
}

You then need to store the resulting value in the hidden 'Crypt' field and prepend '@'.

<input name='Crypt' type='hidden' value='@<InsertResultHere>' />

One thing to note, it appears to only work using Hex encoding, and not Base64 encoding as the documentation implies.

Hope this helps!

Answer 2

Form v3.00 Crypt string should be encrypted using the AES/CBC/PCKS#5 algorithm and the pre-registered Encryption password (it differs for both Test and Live accounts), then subsequently Base64 encoded to allow safe transport in an HTML form. Please ensure use AES as above mentioned to prevent the error 5068.

V2.23 supported XOR also.

Sage Pay Support