In my 2 articles, Google Checkout XSD File To Generate .Net class and Serialize Google Checkout object to generate Cart XML we have covered Step 1 of Level 2 integration as described in Google Checkout developer's guide. Now I will discuss how to accomplish following steps (2,3 and 4) as described in the documentation.

• Create a signature
• Base64-encode the cart
• Base64-encode the signature

Here is what google says about step 2 in their documentation. You must create a signature, a cryptographically secure value that ensures the cart is not altered before it's received by Google. To create the signature, call the HMAC_SHA1 function, provided by most development environments, passing the cart and your Merchant Key as parameters. .Net framework provides System.Security.Cryptography.HMACSHA1 class that you can use to generate the signature. Since the signature is generates as binary byte array it can not be sent in HTTP request as such. It needs to be in a format that can be put in HTTP request object. Thats the reason Base64-encode of cart is ncessary. And this step is made easy by Convert.ToBase64String method. Following code snippets how these 3 steps can be accomplished using managed classes instead of using COM dll provided by google in ASP sample.

internal String CreateCartSignature(String strCartXml)
{
    byte[] keyBytes = System.Text.Encoding.Default.GetBytes
        (m_oCheckoutCart.m_obMerchantInfo.MerchantKey);
    byte[] cartBytes = System.Text.Encoding.Default.GetBytes(strCartXml);
    HMACSHA1 hmacsha1 = new HMACSHA1(keyBytes);
    byte[] hashBytes = hmacsha1.ComputeHash(cartBytes);
    String strSignature = Convert.ToBase64String(hashBytes);
    return strSignature;
}

internal String EncodeCart(String strCartXml)
{
    byte[] cartBytes = System.Text.Encoding.Default.GetBytes(strCartXml);
    String strEncoded = Convert.ToBase64String(cartBytes);
    return strEncoded;
}