Can not get the decrypted payload as provided example

[TolaGitHub]

1. Is the param named "payload" value valid for the $client_secret = "0123abcd4567efgh1234567890"?
   (https://www.example.com/my-app-iframe-page?payload=353035362c226163636573735f746f6b656e223a22776d6&app_state=orderId%3A%2012&cache-killer=13532)

2. Is the below decryption function code inside C# valid? Please advice, I have stucked with for so long, thanks.

        public static CheckoutInfo GetPayload(string cipherText, string clientKey)
        {
            try
            {
                // MARK: - Ecwid Decryption Rules
                cipherText = cipherText.Replace("-", "+").Replace("_", "/");
                cipherText = cipherText.PadRight(cipherText.Length + (4 - (cipherText.Length % 4)), '=');
                clientKey = clientKey.Substring(0, 16);

                var jsonData = AES128Decrypt(cipherText, clientKey);
                return JsonConvert.DeserializeObject<CheckoutInfo>(jsonData);
            }
            catch (Exception e)
            {
                Debug.Write("error=> " + e.StackTrace);
                return null;
            }
        }

        public static string AES128Decrypt(string cipherText, string clientKey)
        {
            AesManaged aesObj = new AesManaged();
            aesObj.Mode = CipherMode.CBC;
            aesObj.Padding = PaddingMode.Zeros;
            aesObj.KeySize = 128;
            aesObj.BlockSize = 128;

            var decoded = Convert.FromBase64String(cipherText);
            var key = Encoding.UTF8.GetBytes(clientKey);

            var iv = new byte[16];
            Array.Copy(decoded, 0, iv, 0, iv.Length);

            //var payload = new byte[decoded.Length - iv.Length];
            //Array.Copy(decoded, iv.Length, payload, 0, payload.Length);

            var payloadLen = decoded.Length - iv.Length;
            if (payloadLen < 16)
                payloadLen = 16;
            else if (payloadLen > 16 && payloadLen < 32)
                payloadLen = 32;
            else if (payloadLen > 32)
                payloadLen = 64;

            var payload = new byte[payloadLen];
            Array.Copy(decoded, iv.Length, payload, 0, decoded.Length - iv.Length);

            aesObj.Key = key;
            aesObj.IV = iv;

            var textByte = aesObj.CreateDecryptor().TransformFinalBlock(payload, 0, payload.Length);
            var result = Encoding.UTF8.GetString(textByte);
            return result;
        }

[dexterkvp]

Hello there!

I'll answer your questions:

1. This 'payload' value is just an example and it won't work with a real application. The 'payload' is unique for every store as there are unique parameters such as 'storeId', 'token' and etc;

2. As I can see, you're trying to decrypt the payload for your custom payment gateway app. If so, to understand whether this decryption function code is valid, I recommend doing the following:
   a) Run it on your server and enable logging to track the result;
   b) Provide us with your payment URL, we'll apply it to your custom app in your Ecwid store and it will be easier to test and troubleshoot and see errors while decoding.

Also, please, reach us out via email at [email protected] and ask your questions. This way we'll find your store and provide with guidance. Thanks!

We look forward to hearing from you!

[TolaGitHub]

Noted with thanks.

…

On Fri, Jun 5, 2020 at 12:21 PM dexterkvp ***@***.***> wrote: Hello there! I'll answer your questions: 1. This 'payload' value is just an example and it won't work with a real application. The 'payload' is unique for every store as there are unique parameters such as 'storeId', 'token' and etc; 2. As I can see, you're trying to decrypt the payload for your custom payment gateway app. If so, to understand whether this decryption function code is valid, I recommend doing the following: a) Run it on your server and enable logging to track the result; b) Provide us with your payment URL, we'll apply it to your custom app in your Ecwid store and it will be easier to test and troubleshoot and see errors while decoding. Also, please, reach us out via email at ***@***.*** and ask your questions. This way we'll find your store and provide with guidance. Thanks! We look forward to hearing from you! — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#20 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AGWKLYBXA75TAUS6PU5SZB3RVB6EBANCNFSM4NNUXJXA> .