【发布时间】:2019-03-28 18:37:08
【问题描述】:
Protected Overrides Function getJsonPrivate(method As String, otherParameters() As Tuple(Of String, String)) As String
Dim base = "https://www.coinmex.com"
Dim premethod = "/api/v1/spot/ccex/"
Dim longmethod = premethod + method
Dim timestampstring = getEstimatedTimeStamp().ToString
Dim stringtosign = timestampstring + "GET" + longmethod + "{}" '1553784499976GET/api/v1/spot/ccex/account/assets{}
Dim hasher = New System.Security.Cryptography.HMACSHA256(System.Text.Encoding.UTF8.GetBytes(_secret1))
Dim sighashbyte = hasher.ComputeHash(System.Text.Encoding.UTF8.GetBytes(stringtosign))
Dim signature = System.Convert.ToBase64String(sighashbyte) '"FIgrJFDOQctqnkOTyuv6+uTy6xw3OZiP4waC1u6P5LU="=
Dim url = base + longmethod 'https://www.coinmex.com/api/v1/spot/ccex/account/assets
'_apiKey1="cmx-1027e54e4723b09810576f8e7a5413**"
'_passphrase1= 1Us6&f%*K@Qsqr**
'
Dim response = CookieAwareWebClient.downloadString1(url, "", {Tuple.Create("ACCESS-KEY", _apiKey1), Tuple.Create("ACCESS-SIGN", signature), Tuple.Create("ACCESS-TIMESTAMP", timestampstring), Tuple.Create("ACCESS-PASSPHRASE", _passphrase1)})
Return response
End Function
Public Overrides Sub readbalances()
typicalReadBalances("account/assets", "data", "currencyCode", "available", "frozen", "", {})
End Sub
我想我是按照这里列出的那样做的 https://github.com/coinmex/coinmex-official-api-docs/blob/master/README_EN.md#1-access-account-information
# Request
GET /api/v1/spot/ccex/account/assets
# Response
[
{
"available":"0.1",
"balance":"0.1",
"currencyCode":"ETH",
"frozen":"0",
"id":1
},
{
"available":"1",
"balance":"1",
"currencyCode":"USDT",
"frozen":"0",
"id":1
}
]
并用于签名
这是说明书上说的
ACCESS-SIGN 标头是使用 HMAC SHA256 生成的输出 使用 BASE64 解码密钥创建 HMAC SHA256 prehash 字符串生成时间戳 + 方法 + requestPath + "?" + queryString + body(其中“+”表示字符串连接)和 BASE64 编码输出。时间戳值与 ACCESS-TIMESTAMP 标头。此正文是请求正文字符串或 如果没有请求正文(通常是 GET 请求),则省略。这 方法应该大写。
请记住,在使用它作为 HMAC 的密钥之前,base64 解码( 结果是 64 字节)首先对 64 位字母数字执行 密码字符串。此外,摘要输出是 base64 编码的 在发送标头之前。
用户提交的参数必须签名,除了签名。首先, 要签名的字符串根据参数名称排序(首先 按字母顺序比较所有参数名称的第一个字母, 如果你遇到相同的第一个字母,那么你移动到第二个 字母等)。
例如,如果我们对以下参数进行签名
curl "https://www.coinmex.com/api/v1/spot/ccex/orders?limit=100" Timestamp = 1590000000.281 Method = "POST" requestPath = "/api/v1/spot/ccex/orders" queryString= "?limit=100" body = { 'code': 'ct_usdt', 'side': 'buy', 'type': 'limit', 'size': '1', 'price': '1', 'funds': '', }生成要签名的字符串
Message = '1590000000.281GET/api/v1/spot/ccex/orders?limit=100{"code": "ct_usdt", "side": "buy", "type": "limit", "size": "1", "price": "0.1", "funds": ""}'然后,要签名的字符加上私钥 参数来生成最终要签名的字符串。
例如:
hmac = hmac(secretkey, Message, SHA256) Signature = base64.encode(hmac.digest())
我认为可能是 _secret1 是 base64 字符串而不是 utf8 所以我改为
Dim base = "https://www.coinmex.com"
Dim premethod = "/api/v1/spot/ccex/"
Dim longmethod = premethod + method
Dim timestampstring = getEstimatedTimeStamp().ToString
'Dim stringtosign = timestampstring + "GET" + longmethod + "{}" '1553784499976GET/api/v1/spot/ccex/account/assets{} also doesn't work
Dim stringtosign = timestampstring + "GET" + longmethod '1553784499976GET/api/v1/spot/ccex/account/assets
Dim hasher = New System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(_secret1)) 'secret looks like 43a90185f5b7ab25af045e9e64bac5dc745934f359f1806fcdd2a4af80ac2
Dim sighashbyte = hasher.ComputeHash(System.Text.Encoding.UTF8.GetBytes(stringtosign))
Dim signature = Convert.ToBase64String(sighashbyte) '"FIgrJFDOQctqnkOTyuv6+uTy6xw3OZiP4waC1u6P5LU="=
Dim url = base + longmethod 'https://www.coinmex.com/api/v1/spot/ccex/account/assets
'_apiKey1="cmx-1027e54e4723b09810576f8e7a5413**"
'_passphrase1= 1Us6&f%*K@Qsq***
'
Dim response = CookieAwareWebClient.downloadString1(url, "", {Tuple.Create("ACCESS-KEY", _apiKey1), Tuple.Create("ACCESS-SIGN", signature), Tuple.Create("ACCESS-TIMESTAMP", timestampstring), Tuple.Create("ACCESS-PASSPHRASE", _passphrase1)})
Return response
也不行。
密钥(我截断了几个字母)看起来像
43a90185f5b7ab25af045e9e64bac5dc745934f359f1806fcdd2a4af80ac2
这是应该解码为 base 64 或 utf8 还是什么?
规范说它是 64。但是,它看起来不像是 64 编码的字符串。看起来字母是从0-f
最佳答案是: 1. 告诉我代码出了什么问题。我做出了改变。尝试。跑。作品。太棒了。
一个好的答案会 2. 具有假/真实签名/随机数/密码和真实实际标题和签名的示例模拟。所以我可以看到我到底在哪里得到了错误的结果。
更新:我再次修改了代码。我将时间戳更改为秒而不是毫秒。我删除了 {}。我两种方式都用。
Dim base = "https://www.coinmex.com"
Dim premethod = "/api/v1/spot/ccex/"
Dim longmethod = premethod + method
Dim timestampstring = (getEstimatedTimeStamp() / 1000).ToString
Dim stringtosign = timestampstring + "GET" + longmethod '1555154812.857GET/api/v1/spot/ccex/account/assets
Dim hasher = New System.Security.Cryptography.HMACSHA256(System.Text.Encoding.UTF8.GetBytes(_secret1)) '"43a90185f5b7ab25af045e9e64bac5dc745934f359f1806fcdd2a4af80ac2******
Dim sighashbyte = hasher.ComputeHash(System.Text.Encoding.UTF8.GetBytes(stringtosign))
Dim signature = Convert.ToBase64String(sighashbyte) '"FIgrJFDOQctqnkOTyuv6+uTy6xw3OZiP4waC1u6P5LU="=
Dim url = base + longmethod 'https://www.coinmex.com/api/v1/spot/ccex/account/assets
'_apiKey1="cmx-1027e54e4723b09810576f8e7a5413**"
'_passphrase1= 1Us6&f%*K@QsqrYZ
'
Dim response = CookieAwareWebClient.downloadString1(url, "", {Tuple.Create("ACCESS-KEY", _apiKey1), Tuple.Create("ACCESS-SIGN", signature), Tuple.Create("ACCESS-TIMESTAMP", timestampstring), Tuple.Create("ACCESS-PASSPHRASE", _passphrase1)})
Return response
还是不行。
当前错误是
Message = "远程服务器返回错误:(401) Unauthorized."
我很乐意提供一些只读 API 密钥。不挂断。或者创建一个空帐户,然后拥有一个只读 API 密钥
【问题讨论】:
-
建议:也许编辑你的标签会有所帮助。标签
api毫无意义:如果将其悬停,您会看到它显示“请勿使用”。也许添加vb.net,因为它看起来像你正在使用的。 -
谢谢。我添加了 vb.net。但是,任何可以验证我是否正确计算签名的语言(例如 PhP)也会有很大帮助。