Sample code for 30+ languages & platforms
Classic ASP

ClickBank Decrypt Instant Notification

See more ClickBank Examples

Demonstrates how to decrypt a ClickBank instant notification. See Instant Notification Service for more information and alternative code snippets.

Chilkat Classic ASP Downloads

Classic ASP
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0

' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' secret key from your ClickBank account
secretKey = "MY_SECRET_KEY"

jsonStr = "{""notification"":""BASE64_NOTIFICATION"",""iv"":""BASE64_IV""}"

set json = Server.CreateObject("Chilkat.JsonObject")
success = json.Load(jsonStr)

' Get the encrypted notification (binary) and IV from the JSON.
set bdNotif = Server.CreateObject("Chilkat.BinData")
set bdIv = Server.CreateObject("Chilkat.BinData")

success = bdNotif.AppendEncoded(json.StringOf("notification"),"base64")
success = bdIv.AppendEncoded(json.StringOf("iv"),"base64")

' Get an SHA1 digest (as a hex string) of the secret key.
' A SHA1 digest is 20 bytes.  Therefore the hex string is 40 chars.
' Treat each us-ascii char as a binary byte of the secret key.
' 256-bit AES needs a 256-bit key, which is 32-bytes.  Therefore
' use the 1st 32 us-ascii chars of the hex SHA1 as the AES secret key.

set crypt = Server.CreateObject("Chilkat.Crypt2")
' Because we're using the hex string as the actual AES key, it matters whether the hex is uppercase or lowercase.
' We want lowercase.
crypt.EncodingMode = "hex_lower"
crypt.HashAlgorithm = "sha1"
hexSha1 = crypt.HashStringENC(secretKey)
Response.Write "<pre>" & Server.HTMLEncode( hexSha1) & "</pre>"

' Treat the hex string as binary data for the AES key..
set bdKey = Server.CreateObject("Chilkat.BinData")
success = bdKey.AppendString(hexSha1,"us-ascii")
success = bdKey.RemoveChunk(32,8)

crypt.KeyLength = 256
crypt.CryptAlgorithm = "aes"
crypt.CipherMode = "cbc"

' We can use any encoding because were just getting the binary bytes in an encoding, and then setting from the same encoding.
' We'll just use base64..
crypt.SetEncodedIV bdIv.GetEncoded("base64"),"base64"
crypt.SetEncodedKey bdKey.GetEncoded("base64"),"base64"

success = crypt.DecryptBd(bdNotif)
Response.Write "<pre>" & Server.HTMLEncode( "Decrypted: " & bdNotif.GetString("utf-8")) & "</pre>"

%>
</body>
</html>