Question

我试图从我的Agnular4项目中调用Kraken API。我使用的是crypto-js库https://www.npmjs.com/package/crypto-js。

Kraken需要这个签名：

API-Sign = Message signature using HMAC-SHA512 of (URI path + SHA256(nonce + POST data)) and base64 decoded secret API key

Correct result:
gy+Ljq8nPD2kFFCQSofQ46pbPV8z8D7klrU78Kxvl6jyior/Ev2FiclhKs+zoqrmL8u8u1Y9CXzIw0n3CswtNA==

Result from:
CryptoJS.HmacSHA512(path + CryptoJS.enc.Hex.stringify(hashDigest), secret);

DWtQpzZJkcHw7Ai1aFUNAR8ne0h3P/GaHc1OIUGsITifOOE+IAWF9f5HxspSY5wF6qcQwCKx9Bz1MDwFhu01QA==

我已经在Android应用程序之前进行了这些调用并且它有效（请参阅本文底部的代码和结果）。

我已经尝试了好几天了。我可能犯了一个愚蠢的错误：D

提前感谢您阅读并希望回复：）

这是我的Angular4客户端代码：

import * as CryptoJS from 'crypto-js';
...
this.API_SECRET = "0a...g==";
...
private getMessageSignature(path: string, request: string, nonce: number) {
    console.log('getMessageSignature', path, request, nonce);
    console.log('request', request);
    const message = nonce + request;
    var secret = CryptoJS.enc.Base64.parse(this.API_SECRET);
    var hashDigest = CryptoJS.SHA256(message);
    var hashDigestBase64 = CryptoJS.enc.Base64.stringify(hashDigest);
    console.log('hashDigest', CryptoJS.enc.Base64.stringify(hashDigest)); // correct
    console.log('hashDigest', CryptoJS.enc.Hex.stringify(hashDigest)); // correct

    var hmacDigest = CryptoJS.HmacSHA512(path + hashDigest, secret);
    console.log('hmacDigest', CryptoJS.enc.Base64.stringify(hmacDigest));
    var hmacDigest1 = CryptoJS.HmacSHA512(path + CryptoJS.enc.Base64.stringify(hashDigest), secret);
    console.log('hmacDigest1', CryptoJS.enc.Base64.stringify(hmacDigest1));
    var hmacDigest2 = CryptoJS.HmacSHA512(path + CryptoJS.enc.Hex.stringify(hashDigest), secret);
    console.log('hmacDigest2', CryptoJS.enc.Base64.stringify(hmacDigest2));
    var hmacDigest3 = CryptoJS.HmacSHA512(path + CryptoJS.enc.Latin1.stringify(hashDigest), secret);
    console.log('hmacDigest3', CryptoJS.enc.Base64.stringify(hmacDigest3));

    var hmacDigest4 = CryptoJS.HmacSHA512(path + hashDigest, this.API_SECRET);
    console.log('hmacDigest4', CryptoJS.enc.Base64.stringify(hmacDigest4));
    var hmacDigest5 = CryptoJS.HmacSHA512(path + CryptoJS.enc.Base64.stringify(hashDigest), this.API_SECRET);
    console.log('hmacDigest5', CryptoJS.enc.Base64.stringify(hmacDigest5));
    var hmacDigest6 = CryptoJS.HmacSHA512(path + CryptoJS.enc.Hex.stringify(hashDigest), this.API_SECRET);
    console.log('hmacDigest6', CryptoJS.enc.Base64.stringify(hmacDigest6));
    var hmacDigest7 = CryptoJS.HmacSHA512(path + CryptoJS.enc.Latin1.stringify(hashDigest), this.API_SECRET);
    console.log('hmacDigest7', CryptoJS.enc.Base64.stringify(hmacDigest7));

    return CryptoJS.enc.Base64.stringify(hmacDigest);
}

Angular4结果：

getMessageSignature /0/private/Balance nonce=1503065538999 1503065538999
request nonce=1503065538999
hashDigest EcvBaI+IvdvibXZ4UiNlcuAvT8fPPdAItwhBrCNx7q8=
hashDigest 11cbc1688f88bddbe26d767852236572e02f4fc7cf3dd008b70841ac2371eeaf
hmacDigest DWtQpzZJkcHw7Ai1aFUNAR8ne0h3P/GaHc1OIUGsITifOOE+IAWF9f5HxspSY5wF6qcQwCKx9Bz1MDwFhu01QA==
hmacDigest1 3f+oCR9hagmWESRcaZhfU6gHlMNFnnRCP25Yslc1nitfFvkq+/SikcByeWNQFWICkTLUOxMxQr4LBw2mcGwC9g==
hmacDigest2 DWtQpzZJkcHw7Ai1aFUNAR8ne0h3P/GaHc1OIUGsITifOOE+IAWF9f5HxspSY5wF6qcQwCKx9Bz1MDwFhu01QA==
hmacDigest3 87Zs0C/7b1fPuINnkB8WHQ1LhUG9u3hMMIt1hGOKszWZ4yHfohdlLLe2eUdpZr+c2B24ecYaqc/r6WRcDp5sdg==
hmacDigest4 MySDdpd+ufXJLp6BhP2oGpvnCrs1FUlIFp5+4P6oW0Zf3H9CfuQ3Z6BioUr9l2O3Y1VXfo9qhHNtRO/F8NS5Ag==
hmacDigest5 ndMT5/pjEgYI1qd7cpaloiJJ6Q6ktBl2R9Kgi4kL3UwSiSix/jLi9sFQdZTNqmqJIt70GFNqbDUyQII+FOj/tw==
hmacDigest6 MySDdpd+ufXJLp6BhP2oGpvnCrs1FUlIFp5+4P6oW0Zf3H9CfuQ3Z6BioUr9l2O3Y1VXfo9qhHNtRO/F8NS5Ag==
hmacDigest7 iOU29TPq7vm2gQ6totB9UbVrQGUBNbxK5G7nbqMXWJFjdO2BTTpQD59bCPjkijPz3hgQkwdHpdHimJfCIXYYAw==

Android代码：

private static String calculateSignature(String nonce, String data, String path) {
    System.out.println("calculateSignature " + nonce + " " + data + " " + path);
    String signature = "";
    try {
        MessageDigest md = MessageDigest.getInstance("SHA-256");
        md.update((nonce + data).getBytes());
        Mac mac = Mac.getInstance("HmacSHA512");
        mac.init(new SecretKeySpec(Base64.decode(API_SECRET.getBytes(), Base64.NO_WRAP), "HmacSHA512"));
        mac.update(path.getBytes());
        byte[] digest = md.digest();
        System.out.println("digest = " + Base64.encodeToString(digest, Base64.NO_WRAP));
        signature = Base64.encodeToString(mac.doFinal(digest), Base64.NO_WRAP);
        System.out.println("signature = " + signature);
    } catch(Exception e) {}
    return signature;
}

Android结果：

calculateSignature 1503065538999 nonce=1503065538999 /0/private/Balance
digest = EcvBaI+IvdvibXZ4UiNlcuAvT8fPPdAItwhBrCNx7q8=
signature = gy+Ljq8nPD2kFFCQSofQ46pbPV8z8D7klrU78Kxvl6jyior/Ev2FiclhKs+zoqrmL8u8u1Y9CXzIw0n3CswtNA==

Answer 1

问题是@types/crypto-js提供的方法只包括字符串方法。

所以我删除了包，可以使用update方法等。

private getMessageSignature(apiSecret: string, path: string, request: string, nonce: number) {
  const secret = CryptoJS.enc.Base64.parse(apiSecret);
  const hashDigest = CryptoJS.SHA256(nonce + request);

  const hmac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA512, secret);
  hmac.update(path);
  hmac.update(hashDigest);

  return CryptoJS.enc.Base64.stringify(hmac.finalize());
}

Angular4 / Typescript签署Kraken API调用（CryptoJS）

1 个答案: