I agree that the use protocol buffer and x509 by BIP70 is a poor choice.
The choice should have been done to maximize portability, not to maximize efficiency and flexibility.
What I ended up doing for having a similar codebase on all plateform is to parse a BIP70 messages with the help of a web service that convert it to JSON.
I don't like this solution since it had a trust dependency, and the certificate verification become handled by the web service, not the device. But even if I solved google buffer problem, I would stumble upon having headache to validate the x509 certificate chain on every plateforms.
A simple BIP70 using JSON + HTTPS would have make things more easy.
I agree that it requires that the merchant own the domain name of the BIP70 endpoint, but I don't consider such a big of a deal, since this is how e-commerce works.