Kraken API 私有请求身份验证 {"error":["EAPI:Invalid key"]} - Google 脚本

Question

我一直在尝试与 kraken 上的私有 API 进行通信。我得到的错误表明{"error":["EAPI:Invalid key"]} 加密/解密步骤是正确的。我尝试创建新密钥，但没有帮助。我想知道签名变量的“格式”是否错误，即使本质上是正确的。

function balance () {
    var sheet = SpreadsheetApp.getActiveSpreadsheet().getSheetByName("API_read_only");
    var key = sheet.getRange("B5").getValue()
    var secret = sheet.getRange("B6").getValue()
  
    // (API method, nonce, and POST data)
  
    var path = "/0/private/TradeBalance"
    var nonce = new Date () * 1000
    var postdata = "nonce=" + nonce 
  
    //Algorithms

    //Calculate the SHA256 of the nonce and the POST data 
    // using goolge script lib 
    // using more succint function from https://stackoverflow.com/questions/16216868/get-back-a-string-representation-from-computedigestalgorithm-value-byte
  
    function SHA_256 (str) {
    return Utilities.computeDigest(Utilities.DigestAlgorithm.SHA_256, str).reduce(function(str,chr){
    chr = (chr < 0 ? chr + 256 : chr).toString(16);
    return str + (chr.length==1?'0':'') + chr;
    },'');
    }
    var api_sha256 = SHA_256(nonce + postdata)

    //Decode the API secret (the private part of the API key) from base64 // need to stringyfy
  
    var base64 = Utilities.base64Decode(secret)
    var base64s = Utilities.newBlob(base64).getDataAsString()
  
//Calculate the HMAC of the URI path and the SHA256, using SHA512 as the HMAC hash and the decoded API secret as the HMAC key
  
    var hamc512_uri = Utilities.computeHmacSha256Signature(path + api_sha256,base64s)
    var hamc512_uris = Utilities.newBlob(hamc512_uri).getDataAsString()
  
//Encode the HMAC into base64
  
    var signature = Utilities.base64Encode(hamc512_uris)
  
    Logger.log(signature)
      
    //An example of the algorithm using the variables shown above is as follows:

    //Base64Encode(HMAC-SHA512 of ("/0/private/TradeBalance" + SHA256("1540973848000nonce=1540973848000&asset=xxbt")) using Base64Decode("FRs+gtq09rR7OFtKj9BGhyOGS3u5vtY/EdiIBO9kD8NFtRX7w7LeJDSrX6cq1D8zmQmGkWFjksuhBvKOAWJohQ==") as the HMAC key

  //The result is the API-Sign value / signature.
   
  // connect
  
    var url = "https://api.kraken.com" + path;
    var options = {
    method: 'post',
    headers: {
        'API-Key': key,
        'API-Sign': signature
    },
    payload: postdata
    };

    var response = UrlFetchApp.fetch (url, options);
    json = response.getContentText ();
    
    Logger.log(json)
}

Answer 1

虽然我无法发现您的代码有什么问题，但我也遇到了同样的问题（认为我一切都正确，但得到了 EAPI:Invalid key），但使用了不同的库。

帮助我的方法是：

• 采取一些已发布的工作解决方案，例如https://stackoverflow.com/a/43081507/672008（Java）
• 检查它是否真的有效
• 修复nonce参数以获得稳定的HMAC end results
• 按摩我的代码，直到我得到相同的中间和最终结果

最后我成功使用了这个库：https://www.npmjs.com/package/jssha

代码：

import jssha from 'jssha';

const secret = '...';
const nonce = 1642383717038;
const message = '';
const path = '/0/private/Balance';
const data = 'nonce=' + nonce;

const dataHash = new jssha('SHA-256', 'TEXT');
dataHash.update(nonce + data + message);

let utf8Encode = new TextEncoder();
const hmacHash = new jssha('SHA-512', 'UINT8ARRAY', { hmacKey: { value: secret, format: 'B64' } });
hmacHash.update(utf8Encode.encode(path));
hmacHash.update(dataHash.getHash('UINT8ARRAY'));

console.log('hmac', hmacHash.getHash('B64'));