Decrypt FB Payments Results in Error
16 views
Skip to first unread message
Tim Weaver
Mar 14, 2017, 4:09:37 PM3/14/17
to DidiSoft Forum
FB Messenger is sending GPG encrypted payment data. When attempting to decrypt I'm always getting {"The supplied data is not a valid OpenPGP message"}.
https://developers.facebook.com/docs/messenger-platform/payments-reference
Tried with streams as well as file based. I can decrypt from cmd line via gpg4win 2.3.3 using the exact same data.
Sample data
"tokenized_card": "-----BEGIN PGP MESSAGE-----\n\nhQIMA9wDW2pvqUYzAQ//cl/U3dyjKsX0zzGBKTzp1yB8Fp/pngI/d1zHE7bX2Bez\n0R+/6XBsNE1e5/4xF53uMRJz0Pf39ZClTJNWbNuSDS2KUYYKwp9pIV9dDYbj0kru\nPOjs2yRmjr0DTjt/wOgAEWncXtvWCC5Tr4D8yMgYaU/c0x5CrDBuY0DFZhIpxDqG\nc2C7jaIw5nmyQI/XMGY4dXDXSrr8kFfv3Kct3j2zYcg/8c3LLTBxsFmDQQ4uuLtp\nmTUtI8vTaJmHd4mOzFas8t/RLT8nQ3dIwQ3uBgPboDJf19OuMp72KqVaLeDL9Yl6\nTrPXhTM1JxMklJWrMcutCl6PpYG3VAeyPU+EoYxWIYHIhD0b2kgsKikPl8BW42jd\n+uDXAinhXry1yL0eUkwOMb0q18TSwsTOQqcED0qq0dAuIyWEZ8RWeJKJPL454yB8\nIJmuXYj6YzHP/LYSFuciDewHl0TYgI6rrTmV2QI1SOq59wPwv1gvasnOlbhp1agn\nkQv7z+RdAL7ISzCckxTGcqlBf7iQtMjlzBCsZDbJE+MtZ28wHwDe9M5+/OAIFTXU\nZJQOmYdER+GYDZTLbok1K6rgeqScBCgVuM3oWe8W0JAUBhI4PEvQk7VuA+zvGF9M\nI7aQlJShlV4qPcXKsTD2yI9kPJZcqsClykjqCc6u9HAB81YKcdTQZ3TXTJJ37SXS\n6QFyfRrUJfGDfxKl4w4UpofcqFwiAGp3wOiaJlcgYiYv4FP95rqfL5DyKFyv1GzR\nE6qtMXA6dthc5ExOf9yMy/0aYb1jk+0oJX1s/hxEz19GHHI6RG/r1TkUdXVQ8lTB\nK2usfVyIU/ogICf5fD+F/wJET2ZtoC/18Jiz6KCR1ZecohYDKMIkrVkwxos8HbZD\ndqL2v5nk+bEghRsMjBEmCY4MWERKtC164rIKVQ+HR2A
Z/VDasxriMo5QGQaSfJPi\nq19Lsit3SUtqjB+zM3ajHwVfdFrTPrhlLtFdcVcD4qkPxfhRZXdjGtbRkhMLaPLG\nutNZXYCpWk+boawGW4czjIHa7uputzt1aiH2amXNa/H6p+PQ0G2K6UeDPgK6eCaD\nWgwstB7xQPAf//uSOgvYcnHwsDEN6Dgo+BnpV8UqloTM3hyy/kJH2U7hmeVKM2gU\n1sjMY2gayvJNEZscxRvAZmO0KjGY+OR96fCG4+SgOymoXA0vpyDRp9zvrHXCgL7C\ntIfMcsIHcpL0QQ/ImQZ/fjFELAv0a1JFzpUxh/ZyFjSKYPlZvdfBXNi7MaJBphcV\n43vvAxKbiPPiLQTw/8pol312f+U/0G8JgrCiL1q8JULg8iCUS0a6aDvRjKUei0Vb\nTgmJ2o1f6huZH2Ifnx6oIBN+3kvzxKy0oX9Y/J09ysbwfME5y4GblQBsK/9O8Dws\n513uyf+ke3YI4K8A/rhdVhKwDmNjucvZz8kWLlA7bJeF7/k2kRczJDEYSbWlFbtD\n3qAwMSW8Mv43yxWZLwQg+5zHvYzmAZd1bITRAWn1EDodKcZmtmlRBk3ATrEQRqC1\npYxzNljjaoe/vsOSYS8=\n=7Jju\n-----END PGP MESSAGE-----\n",
Note that I've tried both with and without newline (\n) and it makes no difference.
Simple example taken from your example pages where creditCardNL = above string.
try
{
plainString =
pgp.DecryptString(creditCardNL,
new FileInfo(HttpContext.Current.Server.MapPath(@"\keys\test_key.asc")),
"kiosk bot subway");
}catch(Exception ex)
{
Debug.WriteLine(ex.Message);
}
return plainString;
At this point not even sure if this should work? Am I missing something obvious?
DidiSoft Support
Mar 14, 2017, 4:39:47 PM3/14/17
to didisof...@googlegroups.com, Tim Weaver
Hi Tim,
Can you verify that the code below throws the same exception:
string creditCardNL = "-----BEGIN PGP MESSAGE-----\n\nhQIMA9wDW2pvqUYzAQ//cl/U3dyjKsX0zzGBKTzp1yB8Fp/pngI/d1zHE7bX2Bez\n0R+/6XBsNE1e5/4xF53uMRJz0Pf39ZClTJNWbNuSDS2KUYYKwp9pIV9dDYbj0kru\nPOjs2yRmjr0DTjt/wOgAEWncXtvWCC5Tr4D8yMgYaU/c0x5CrDBuY0DFZhIpxDqG\nc2C7jaIw5nmyQI/XMGY4dXDXSrr8kFfv3Kct3j2zYcg/8c3LLTBxsFmDQQ4uuLtp\nmTUtI8vTaJmHd4mOzFas8t/RLT8nQ3dIwQ3uBgPboDJf19OuMp72KqVaLeDL9Yl6\nTrPXhTM1JxMklJWrMcutCl6PpYG3VAeyPU+EoYxWIYHIhD0b2kgsKikPl8BW42jd\n+uDXAinhXry1yL0eUkwOMb0q18TSwsTOQqcED0qq0dAuIyWEZ8RWeJKJPL454yB8\nIJmuXYj6YzHP/LYSFuciDewHl0TYgI6rrTmV2QI1SOq59wPwv1gvasnOlbhp1agn\nkQv7z+RdAL7ISzCckxTGcqlBf7iQtMjlzBCsZDbJE+MtZ28wHwDe9M5+/OAIFTXU\nZJQOmYdER+GYDZTLbok1K6rgeqScBCgVuM3oWe8W0JAUBhI4PEvQk7VuA+zvGF9M\nI7aQlJShlV4qPcXKsTD2yI9kPJZcqsClykjqCc6u9HAB81YKcdTQZ3TXTJJ37SXS\n6QFyfRrUJfGDfxKl4w4UpofcqFwiAGp3wOiaJlcgYiYv4FP95rqfL5DyKFyv1GzR\nE6qtMXA6dthc5ExOf9yMy/0aYb1jk+0oJX1s/hxEz19GHHI6RG/r1TkUdXVQ8lTB\nK2usfVyIU/ogICf5fD+F/wJET2ZtoC/18Jiz6KCR1ZecohYDKMIkrVkwxos8HbZD\ndqL2v5nk+bEghRsMjBEmCY4MWERKtC164rIKVQ+HR2AZ/VDasxr iMo5QGQaSfJPi\nq19Lsit3SUtqjB+zM3ajHwVfdFrTPrhlLtFdcVcD4qkPxfhRZXdjGtbRkhMLaPLG\nutNZXYCpWk+boawGW4czjIHa7uputzt1aiH2amXNa/H6p+PQ0G2K6UeDPgK6eCaD\nWgwstB7xQPAf//uSOgvYcnHwsDEN6Dgo+BnpV8UqloTM3hyy/kJH2U7hmeVKM2gU\n1sjMY2gayvJNEZscxRvAZmO0KjGY+OR96fCG4+SgOymoXA0vpyDRp9zvrHXCgL7C\ntIfMcsIHcpL0QQ/ImQZ/fjFELAv0a1JFzpUxh/ZyFjSKYPlZvdfBXNi7MaJBphcV\n43vvAxKbiPPiLQTw/8pol312f+U/0G8JgrCiL1q8JULg8iCUS0a6aDvRjKUei0Vb\nTgmJ2o1f6huZH2Ifnx6oIBN+3kvzxKy0oX9Y/J09ysbwfME5y4GblQBsK/9O8Dws\n513uyf+ke3YI4K8A/rhdVhKwDmNjucvZz8kWLlA7bJeF7/k2kRczJDEYSbWlFbtD\n3qAwMSW8Mv43yxWZLwQg+5zHvYzmAZd1bITRAWn1EDodKcZmtmlRBk3ATrEQRqC1\npYxzNljjaoe/vsOSYS8=\n=7Jju\n-----END PGP MESSAGE-----\n";
string plainString = pgp.DecryptString(creditCardNL,
Can you verify that the code below throws the same exception:
string creditCardNL = "-----BEGIN PGP MESSAGE-----\n\nhQIMA9wDW2pvqUYzAQ//cl/U3dyjKsX0zzGBKTzp1yB8Fp/pngI/d1zHE7bX2Bez\n0R+/6XBsNE1e5/4xF53uMRJz0Pf39ZClTJNWbNuSDS2KUYYKwp9pIV9dDYbj0kru\nPOjs2yRmjr0DTjt/wOgAEWncXtvWCC5Tr4D8yMgYaU/c0x5CrDBuY0DFZhIpxDqG\nc2C7jaIw5nmyQI/XMGY4dXDXSrr8kFfv3Kct3j2zYcg/8c3LLTBxsFmDQQ4uuLtp\nmTUtI8vTaJmHd4mOzFas8t/RLT8nQ3dIwQ3uBgPboDJf19OuMp72KqVaLeDL9Yl6\nTrPXhTM1JxMklJWrMcutCl6PpYG3VAeyPU+EoYxWIYHIhD0b2kgsKikPl8BW42jd\n+uDXAinhXry1yL0eUkwOMb0q18TSwsTOQqcED0qq0dAuIyWEZ8RWeJKJPL454yB8\nIJmuXYj6YzHP/LYSFuciDewHl0TYgI6rrTmV2QI1SOq59wPwv1gvasnOlbhp1agn\nkQv7z+RdAL7ISzCckxTGcqlBf7iQtMjlzBCsZDbJE+MtZ28wHwDe9M5+/OAIFTXU\nZJQOmYdER+GYDZTLbok1K6rgeqScBCgVuM3oWe8W0JAUBhI4PEvQk7VuA+zvGF9M\nI7aQlJShlV4qPcXKsTD2yI9kPJZcqsClykjqCc6u9HAB81YKcdTQZ3TXTJJ37SXS\n6QFyfRrUJfGDfxKl4w4UpofcqFwiAGp3wOiaJlcgYiYv4FP95rqfL5DyKFyv1GzR\nE6qtMXA6dthc5ExOf9yMy/0aYb1jk+0oJX1s/hxEz19GHHI6RG/r1TkUdXVQ8lTB\nK2usfVyIU/ogICf5fD+F/wJET2ZtoC/18Jiz6KCR1ZecohYDKMIkrVkwxos8HbZD\ndqL2v5nk+bEghRsMjBEmCY4MWERKtC164rIKVQ+HR2AZ/VDasxr iMo5QGQaSfJPi\nq19Lsit3SUtqjB+zM3ajHwVfdFrTPrhlLtFdcVcD4qkPxfhRZXdjGtbRkhMLaPLG\nutNZXYCpWk+boawGW4czjIHa7uputzt1aiH2amXNa/H6p+PQ0G2K6UeDPgK6eCaD\nWgwstB7xQPAf//uSOgvYcnHwsDEN6Dgo+BnpV8UqloTM3hyy/kJH2U7hmeVKM2gU\n1sjMY2gayvJNEZscxRvAZmO0KjGY+OR96fCG4+SgOymoXA0vpyDRp9zvrHXCgL7C\ntIfMcsIHcpL0QQ/ImQZ/fjFELAv0a1JFzpUxh/ZyFjSKYPlZvdfBXNi7MaJBphcV\n43vvAxKbiPPiLQTw/8pol312f+U/0G8JgrCiL1q8JULg8iCUS0a6aDvRjKUei0Vb\nTgmJ2o1f6huZH2Ifnx6oIBN+3kvzxKy0oX9Y/J09ysbwfME5y4GblQBsK/9O8Dws\n513uyf+ke3YI4K8A/rhdVhKwDmNjucvZz8kWLlA7bJeF7/k2kRczJDEYSbWlFbtD\n3qAwMSW8Mv43yxWZLwQg+5zHvYzmAZd1bITRAWn1EDodKcZmtmlRBk3ATrEQRqC1\npYxzNljjaoe/vsOSYS8=\n=7Jju\n-----END PGP MESSAGE-----\n";
string plainString = pgp.DecryptString(creditCardNL,
new
FileInfo(HttpContext.Current.Server.MapPath(@"\keys\test_key.asc")),
"kiosk bot subway");
Kind Regards
Peter Kalef
Technical Support
DidiSoft Inc | Toll free (USA and Canada): 866-253-7568 | International: +1-501-313-0397 | Fax: +1-501-313-0397 | Web: www.didisoft.com
Peter Kalef
Technical Support
DidiSoft Inc | Toll free (USA and Canada): 866-253-7568 | International: +1-501-313-0397 | Fax: +1-501-313-0397 | Web: www.didisoft.com
--
You received this message because you are subscribed to the Google Groups "DidiSoft Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to didisoft_foru...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Tim Weaver
Mar 14, 2017, 7:20:11 PM3/14/17
to DidiSoft Forum
Your example does work.
Well don't I feel stupid. As far as I can tell you trimmed out some spaces in my tokenized string? Actually your example still has one space in it, but the call works both with and without the space.DidiSoft Support
Mar 15, 2017, 2:45:09 AM3/15/17
to didisof...@googlegroups.com, Tim Weaver
Hi Tim,
Can you send to sup...@didisoft.com attached the raw input that you have obtained from Facebook with your application (dump it to a file with File.WriteAllText) and then I can test the same data that you use.
Can you send to sup...@didisoft.com attached the raw input that you have obtained from Facebook with your application (dump it to a file with File.WriteAllText) and then I can test the same data that you use.
Kind Regards
Peter Kalef
Technical Support
DidiSoft Inc
Peter Kalef
Technical Support
DidiSoft Inc
Reply all
Reply to author
Forward
0 new messages