If you think you’ve received a suspicious email or have been directed to a fake website, forward it to firstname.lastname@example.org and we’ll investigate it for you. After you send us the email, delete it from your inbox. If you clicked on any links or downloaded any attachments within the suspicious email or website, log into your account and view your transactions. It’s also a good idea to change your password.
I've really been struggling to get working code, good examples...and most importantly, good documentation on how to use Paypal's Java SDK for Encrypting Website Payments.
I went to https://www.paypal.com/us/cgi-bin/?cmd=p/xcl/rec/ewp-code and downloaded the Paypal Java SDK. Within the zip, there is a ReadMe.txt file with instructions for setup. You can tell that this file, and its components, haven't been updated along with the current version of Java (which is 1.6, update 26)....as the Readme file indicates a version of 1.4.2.
I went to Bouncy Castle's site - http://www.bouncycastle.org/latest_releases.html - to download the latest versions of the following jars :
I then went to http://www.oracle.com/technetwork/java/javase/downloads/index.html to download the
Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files
I put all the JARS in the appropriate folders, updated the classpath and then tried to compile the ClientSide.java class that came with the Paypal Java SDK.
The compiler tells me that there are deprecated classes, showing me the following errors after recompiling with -Xlint.
.\palmb\servlets\paypal\ClientSide.java:98: warning: [deprecation] addSigner(jav
a.security.PrivateKey,java.security.cert.X509Certificate,java.lang.String) in org.bouncycastle.cms.CMSSignedDataGenerator has been deprecated
signedGenerator.addSigner( privateKey, certificate, CMSSignedDataGenerator.DIGEST_SHA1 );
.\palmb\servlets\paypal\ClientSide.java:101: warning: [unchecked] unchecked call
to add(E) as a member of the raw type java.util.ArrayList
.\palmb\servlets\paypal\ClientSide.java:103: warning: [deprecation] addCertificatesAndCRLs(java.security.cert.CertStore) in org.bouncycastle.cms.CMSSignedGenerator has been deprecated
.\palmb\servlets\paypal\ClientSide.java:110: warning: [deprecation] generate(org.bouncycastle.cms.CMSProcessable,boolean,java.lang.String) in org.bouncycastle.cms.CMSSignedDataGenerator has been deprecated
CMSSignedData signedData = signedGenerator.generate(cmsByteArray, true, "BC");
.\palmb\servlets\paypal\ClientSide.java:115: warning: [deprecation] addKeyTransRecipient(java.security.cert.X509Certificate) in org.bouncycastle.cms.CMSEnvelopedGenerator has been deprecated envGenerator.addKeyTransRecipient(payPalCert);
.\palmb\servlets\paypal\ClientSide.java:116: warning: [deprecation] generate(org.bouncycastle.cms.CMSProcessable,java.lang.String,java.lang.String) in org.bouncycastle.cms.CMSEnvelopedDataGenerator has been deprecated
CMSEnvelopedData envData = envGenerator.generate( new CMSProcessableByteArray(signed),
I have Java 1.6 running on my machine. Why hasn't Paypal upgraded their Java SDK??
So then, what are my options at this point? I need help.
You have very good questions, however PayPal does have a Developer Forum that would be able to better answer your questions. Here is a direct link. I hope this will help.