###### Put this in some file in your python path

from M2Crypto import BIO, SMIME, X509
from django.conf import settings
	
def paypal_encrypt(attributes):
    plaintext = ''

    for key, value in attributes.items():
        plaintext += u'%s=%s\n' % (key, value)
    plaintext = plaintext.encode('utf-8')

    # Instantiate an SMIME object.
    s = SMIME.SMIME()

    # Load signer's key and cert. Sign the buffer.
    s.load_key_bio(BIO.openfile(settings.MY_KEYPAIR), BIO.openfile(settings.MY_CERT))

    p7 = s.sign(BIO.MemoryBuffer(plaintext), flags=SMIME.PKCS7_BINARY)

    # Load target cert to encrypt the signed message to.
    x509 = X509.load_cert_bio(BIO.openfile(settings.PAYPAL_CERT))
    sk = X509.X509_Stack()
    sk.push(x509)
    s.set_x509_stack(sk)

    # Set cipher: 3-key triple-DES in CBC mode.
    s.set_cipher(SMIME.Cipher('des_ede3_cbc'))

    # Create a temporary buffer.
    tmp = BIO.MemoryBuffer()

    # Write the signed message into the temporary buffer.
    p7.write_der(tmp)

    # Encrypt the temporary buffer.
    p7 = s.encrypt(tmp, flags=SMIME.PKCS7_BINARY)

    # Output p7 in mail-friendly format.
    out = BIO.MemoryBuffer()
    p7.write(out)

    return out.read() 

##### In your settings.py you need

MY_KEYPAIR = os.path.join(ROOT_PATH,'cert/my-prvkey.pem') #$ openssl genrsa -out my-prvkey.pem 1024
MY_CERT = os.path.join(ROOT_PATH,'cert/my-pubcert.pem') #$ openssl req -new -key my-prvkey.pem -x509 -days 365 -out my-pubcert.pem
PAYPAL_CERT = os.path.join(ROOT_PATH,'cert/paypal_cert.pem')
MY_CERT_ID = 'this paypal will give it to you when you upload your my-pubcert.pem'
## https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_html_encryptedwebpayments 



##### In your view you need to build the encrypted code for the form
notify_url = 'http://www.yourdomain.com/yournotifyurl'
return_url = 'http://www.yourdomain.com/yourreturnurl'
cancel_url = 'http://www.yourdomain.com/yourcancelurl'


paypal_dict = {}
paypal_dict['item_id_1'] = '666'
paypal_dict['item_name_1'] = 'evil book'
paypal_dict['amount_1'] = '666'
paypal_dict['item_id_2'] = '333'
paypal_dict['item_name_2'] = 'holly book'
paypal_dict['amount_2'] = '333'
paypal_dict['business'] = your@email.paypal.com
paypal_dict['currency_code'] = 'US' #dollars
paypal_dict[u'invoice'] = random.random() #it has to be unique for each purchase
paypal_dict[u'custom'] = 'pass here whatever you want, paypal will return it, max_length=256'
paypal_dict[u'cert_id'] = settings.MY_CERT_ID
paypal_dict['upload'] = 1
paypal_dict['notify_url'] = notify_url
paypal_dict['return_url'] = return_url
paypal_dict['cancel_url'] = cancel_url
paypal_dict['cmd'] = '_cart'
context['encrypted'] = paypal_encrypt(paypal_dict)
context.update(paypal_dict)

########## In your template

  <form class="checkout" action="http://www.paypal.com/cgi-bin/webscr">
    {% csrf_token %}
    <input type="hidden" name="cmd" value="_s-xclick" />
    <input type="hidden" name="encrypted" value="{{encrypted}}" />
    <input type="hidden" name="upload" value="1" />
    <input type="hidden" name="notify_url" value="{{notify_url}}" />
    <input type="hidden" name="return_url" value="{{return_url}}" />
    <input type="hidden" name="cancel_url" value="{{cancel_url}}" />
    <input type="submit" class="pay" value="Paga a trav&Atilde;&copy;s de PayPal" name=
    "paypal_submit" />
  </form>