Bitfinex API中的身份验证过程是:
假设客户想要提出
请求POST https://api.bitfinex.com/v1/order/new
有效载荷
{
"request": "/v1/order/new",
"nonce": "1234",
"option1": ...
}
提供的随机数必须严格增加。
要对请求进行身份验证,请使用以下命令:
payload = parameters-dictionary -> JSON encode -> base64
signature = HMAC-SHA384(payload, api-secret) as hexadecimal
send (api-key, payload, signature)
这些编码为名为:
的HTTP标头X-BFX-APIKEY
X-BFX-PAYLOAD
X-BFX-SIGNATURE
https://www.bitfinex.com/pages/api
中的完整文档我想构建一个机器人,所以我研究了一下并编写了这段代码(帮助):
#include<openssl/pem.h>
/* A BASE-64 ENCODER USING OPENSSL (by Len Schulwitz)
* Parameter 1: A pointer to the data you want to base-64 encode.
* Parameter 2: The number of bytes you want encoded.
* Return: A character pointer to the base-64 encoded data (null-terminated for string output).
* On linux, compile with "gcc base64_encode.c -o b64enc -lcrypto" and run with "./b64enc".
* This software has no warranty and is provided "AS IS". Use at your own risk.
* Published at http://stackoverflow.com/questions/342409/how-do-i-base64-encode-decode-in-c
*/
/*This function will Base-64 encode your data.*/
char * base64encode (const void *b64_encode_me, int encode_this_many_bytes){
BIO *b64_bio, *mem_bio; //Declare two BIOs. One base64 encodes, the other stores memory.
BUF_MEM *mem_bio_mem_ptr; //Pointer to the "memory BIO" structure holding the base64 data.
b64_bio = BIO_new(BIO_f_base64()); //Initialize our base64 filter BIO.
mem_bio = BIO_new(BIO_s_mem()); //Initialize our memory sink BIO.
BIO_push(b64_bio, mem_bio); //Link the BIOs (i.e. create a filter-sink BIO chain.)
BIO_set_flags(b64_bio, BIO_FLAGS_BASE64_NO_NL); //Don't add a newline every 64 characters.
BIO_write(b64_bio, b64_encode_me, encode_this_many_bytes); //Encode and write our b64 data.
BIO_flush(b64_bio); //Flush data. Necessary for b64 encoding, because of pad characters.
BIO_get_mem_ptr(mem_bio, &mem_bio_mem_ptr); //Store address of mem_bio's memory structure.
BIO_set_close(mem_bio,BIO_NOCLOSE); //Permit access to mem_ptr after BIOs are destroyed.
BIO_free_all(b64_bio); //Destroys all BIOs in chain, starting with b64 (i.e. the 1st one).
(*mem_bio_mem_ptr).data[(*mem_bio_mem_ptr).length] = '\0'; //Adds a null-terminator.
return (*mem_bio_mem_ptr).data; //Returns base-64 encoded data. (See: "buf_mem_st" struct).
}
#include<stdio.h>
#include<curl/curl.h>
#include<string.h>
#include<malloc.h>
#include<openssl/hmac.h>
int main(){
char key[]="X-BFX-APIKEY:xxxx";
char secret[]="xxxx";
//preparation of X-BFX-PAYLOAD header
char data[]="{\"request\":\"/v1/orders\",\"nonce\":\"46\"}";
char pre_data[]="X-BFX-PAYLOAD:";
int bytes_to_encode=sizeof(data)-1;
char *data_encoded=base64encode(data,bytes_to_encode);
char *payload;
payload=(char *)malloc(strlen(data_encoded)*sizeof(char)+strlen(pre_data)*sizeof(char));
*payload='\0';
strcat(payload,pre_data);
strcat(payload,data_encoded);
//variables related to hmac
HMAC_CTX ctx;
HMAC_CTX_init(&ctx);
unsigned int len=128;
unsigned char *mac;
mac=(unsigned char *)malloc(sizeof(char)*len);
//using sha384
HMAC_Init_ex(&ctx,secret,strlen(secret),EVP_sha384(),NULL);
HMAC_Update(&ctx,(unsigned char *)&data_encoded,strlen(data_encoded));
HMAC_Final(&ctx,mac,&len);
//preparation of X-BFX-SIGNATURE header
int i;
const char *pre_sign="X-BFX-SIGNATURE:";
size_t pre_sign_len=strlen(pre_sign);
char sign[pre_sign_len+2*len+1];
strcpy(sign,pre_sign);
char *p=&sign[pre_sign_len];
//mac to hex
for(i=0;i<len;i++){
sprintf(p,"%02x",(unsigned int)mac[i]);
p+=2;
}
//variables related to CURL
CURL *request;
FILE *answer=fopen("answer.dat","w");
CURLcode control;
struct curl_slist *headers=NULL;
//CURL preparation
curl_global_init(CURL_GLOBAL_SSL);
request=curl_easy_init();
curl_easy_setopt(request,CURLOPT_WRITEDATA,(void *)answer);
curl_easy_setopt(request,CURLOPT_URL,"https://api.bitfinex.com/v1/orders");
curl_easy_setopt(request,CURLOPT_TIMEOUT,10);
curl_easy_setopt(request,CURLOPT_POST,1L);
headers=curl_slist_append(headers,key);
headers=curl_slist_append(headers,payload);
headers=curl_slist_append(headers,sign);
curl_easy_setopt(request,CURLOPT_HTTPHEADER,headers);
curl_easy_setopt(request,CURLOPT_POSTFIELDS,"");
curl_easy_setopt(request, CURLOPT_SSL_VERIFYPEER,0L);
//do
if((control=curl_easy_perform(request))!=CURLE_OK)printf("curl error %d\n",(int)control);
//clean up...
return 0;
}
但是,当我发送请求时,我会收到答案:
{"message":"Invalid X-BFX-SIGNATURE."}
由于API的响应并不总是精确的,我不确定到底出了什么问题所以我试图改变很多东西,比如字符串数据格式和hmac进程,但没有结果。可能问题不在于hmac过程,这对其他API很有效,但现在我无法弄清楚出了什么问题。
出于绝望,我转过来,有谁知道它为什么不起作用?
提前致谢
答案 0 :(得分:0)
解决了,我尝试了在线哈希加密并且它有效,问题出在hmac过程中,但问题是另一个问题。