Kucoin C#问题签名

Question

我试图将bot写到Kucoin，但是创建签名失败了。

var input = nonce;
var stringToSign = "/user/info/"+input+"/";
byte[] secretkeyBytes = Encoding.UTF8.GetBytes(SecretKey);
byte[] inputBytes = Encoding.UTF8.GetBytes(stringToSign);
using (var hmac = new HMACSHA256(secretkeyBytes))
{
byte[] hashValue = hmac.ComputeHash(inputBytes);
return BitConverter.ToString(hashValue).Replace("-", "").ToLower();
}

但每次都会出错：

{“代码”：“UNAUTH”，“msg”：“签名验证失败”，“成功”：false，“时间戳”：1}

在官方网站上，我们有这样的例子

String strForSign = endpoint + "/" + nonce +"/" + queryString;  

//Make a base64 encoding of the completed string
String signatureStr = Base64.getEncoder().encodeToString(strForSign.getBytes("UTF-8"));

Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secretKeySpec = new SecretKeySpec(secret.getBytes("UTF-8"), "HmacSHA256");
sha256_HMAC.init(secretKeySpec);

//KC-API-SIGNATURE in header
String signatureResult =  Hex.encodeHexString(sha256_HMAC.doFinal(signatureStr.getBytes("UTF-8")));

我的代码有什么问题？

Answer 1

您忽略了输入数据的base64 64编码步骤。你需要这样的东西：

// String interpolation just to be simpler; no need for input variable either
var stringToSign = $"/user/info/{nonce}/";

// This is the step you were missing
var signatureString = Convert.ToBase64String(Encoding.UTF8.GetBytes(stringToSign));

byte[] secretKeyBytes = Encoding.UTF8.GetBytes(SecretKey);
byte[] inputBytes = Encoding.UTF8.GetBytes(signatureString);
using (var hmac = new HMACSHA256(secretKeyBytes))
{
    byte[] hashValue = hmac.ComputeHash(inputBytes);
    return BitConverter.ToString(hashValue).Replace("-", "").ToLower();
}

Answer 2

我想发布我的代码，它工作并包含正确的参数，因为Zimsan的代码包含带有参数的小错误。

    public KuCoin_Balance GetAccountBalance()
    {
        KuCoin_Balance tmpBalance = new KuCoin_Balance();
        string domain = "https://api.kucoin.com";
        string endpoint = "/v1/user/info";
        string signatureResult = "";
        string SecretKey = apiSecret;
        long nonce = GetNonce();

        var stringToSign = $"/v1/user/info/{nonce}/";

        var signatureString = Convert.ToBase64String(Encoding.UTF8.GetBytes(stringToSign));

        byte[] secretKeyBytes = Encoding.UTF8.GetBytes(SecretKey);
        byte[] inputBytes = Encoding.UTF8.GetBytes(signatureString);
        using (var hmac = new HMACSHA256(secretKeyBytes))
        {
            byte[] hashValue = hmac.ComputeHash(inputBytes);
            signatureResult = BitConverter.ToString(hashValue).Replace("-", "").ToLower();
        }

        KuCoin_Response Resp = new KuCoin_Response();
        HttpWebRequest request = (HttpWebRequest)WebRequest.Create(domain + endpoint);
        request.Method = "GET";
        request.Headers["KC-API-KEY"] = apiKey;
        request.Headers["KC-API-NONCE"] = nonce.ToString();
        request.Headers["KC-API-SIGNATURE"] = signatureResult; // apiSecret;
        HttpWebResponse response = null;

        try
        {
            response = (HttpWebResponse)request.GetResponse();
            using (Stream responseStream = response.GetResponseStream())
            {
                if (responseStream != null)
                {
                    using (StreamReader reader = new StreamReader(responseStream))
                    {
                        Resp.StatusCode = "1";
                        Resp.StatusDescription = "Success";
                        Resp.ResponseString = reader.ReadToEnd();
                        //return Resp;
                    }//End of StreamReader
                }
            }// End of using ResponseStream
        }
        catch (Exception ex)
        {
            Resp.StatusCode = "-1";
            Resp.StatusDescription = "Error";
            Resp.ResponseString = ex.Message.ToString() + "      " + response.StatusDescription;
            //return Resp;
        }
        return tmpBalance;
    }

Answer 3

我尝试了我找到的所有解决方案，但是没有什么对我有用，所以我尝试用这种方式加密签名，它运行得很好：

public void SendSignHeader()
{
    var method = HttpMethod.Get;
    var endopoint = "/api/v1/accounts";
    var body = new SortedDictionary<string, object>();
    long time = DateTimeOffset.Now.ToUnixTimeMilliseconds();
    string Secret = "Your secret";

    var signature = GetSignature(method, endopoint, time, Secret, body);
    request.AddHeader("KC-API-SIGN", signature);
}


public string GetSignature(HttpMethod method, string endpoint, long nonce, string apiSecret, SortedDictionary<string, object> body = null)
            {
                var timestamp = nonce.ToString();
                var callMethod = method.ToString().ToUpper();
                var jsonedBody = body != null && body.Count > 0
                    ? JsonConvert.SerializeObject(body)
                    : string.Empty;`enter code here`
                var sigString = $"{nonce}{callMethod}{endpoint}{jsonedBody}";
                var signature = HmacSha256(sigString, apiSecret);
                return signature;
            }

public string HmacSha256(string message, string secret)
        {
            var encoding = new ASCIIEncoding();
            var msgBytes = encoding.GetBytes(message);
            var secretBytes = encoding.GetBytes(secret);
            var hmac = new HMACSHA256(secretBytes);

            var hash = hmac.ComputeHash(msgBytes);

            return Convert.ToBase64String(hash);
        }