您的位置: 首页  >  技术问答  >  Coinbase.com无效签名

Coinbase.com无效签名

分类: 技术问答 2022-04-08 10:36:34
问题描述:

I searched the other posts since I am not the only person with signature issues. I tried it with couple of languages and I always have the same problem.

What am I doing wrong with the API authentication with coinbase.com:

# normally I fetch the timestamp from https://api.coinbase.com/v2/time
TIMESTAMP=$(date +%s)
SIG=$(echo -n "${TIMESTAMP}GET/v2/accounts" | hmac256 --stdkey $COINBASE_SECRET)

curl https://api.coinbase.com/v2/accounts \
  --header "CB-ACCESS-KEY: $COINBASE_KEY" \
  --header "CB-ACCESS-SIGN: $SIG" \
  --header "CB-ACCESS-TIMESTAMP: $TIMESTAMP" \
  --header "CB-VERSION: 2016-03-08"

In go I am trying to do something like:

nonce := strconv.FormatInt(int64(time.Data.Epoch), 10)
message := nonce + req.Method + endpoint // endpoint "/v2/accounts"
req.Header.Set("CB-ACCESS-KEY", a.Key)
h := hmac.New(sha256.New, []byte(a.Secret))
h.Write([]byte(message))

signature := hex.EncodeToString(h.Sum(nil))

req.Header.Set("CB-ACCESS-SIGN", signature)
req.Header.Set("CB-ACCESS-TIMESTAMP", nonce)
req.Header.Set("CB-VERSION", "2016-03-08")

Also it seams that the sandbox is no longer supported since api.sandbox.coinbase.com is unavailable?!

Kind regards

由于我不是唯一遇到签名问题的人,因此我搜索了其他帖子。 我尝试了几种语言,但始终遇到相同的问题。 p>

使用coinbase.com进行API身份验证时我做错了什么: p> 

 #通常我从https://api.coinbase.com/v2/time
TIMESTAMP=$(date +%s)
SIG = $(echo -n“ $ {TIMESTAMP} GET / v2获取时间戳记 / accounts“ | hmac256 --stdkey $ COINBASE_SECRET)
 
curl https://api.coinbase.com/v2/accounts \
 --header” CB-ACCESS-KEY:$ COINBASE_KEY“ \
 --header  “ CB-ACCESS-SIGN:$ SIG” \
 --header“ CB-ACCESS-TIMESTAMP:$ TIMESTAMP” \
 --header“ CB-VERSION:2016-03-08” 
  code>  
 
 
我正在尝试执行以下操作: p> 
 
 


  nonce:= strconv.FormatInt(int64(time.Data.Epoch),  10)
message:=随机数+请求方法+端点//端点////v2/accounts
req.Header.Set("CB-ACCESS-KEY“,a.Key)
h:= hmac.New(sha256  .new,[] byte(a.Secret))
h.Write([] byte(message))
 
signature:= hex.EncodeToString(h.Sum(nil))
 
req.Header.Set(  “ CB-ACCESS-SIGN”,签名)
req.Header.Set(“ CB-ACCESS-TIMEST  AMP”,nonce)
req.Header.Set(“ CB-VERSION”,“ 2016-03-08”)
  code>  pre> 
 
 
另外,它也表明沙盒是 不再受支持,因为 api.sandbox.coinbase.com  code>不可用?! p> 
 
 
亲切的问候 p> 
  div>

For bash/curl the issue was the hmac tool I used with echo. Following worked for me with curl requests:

SIG=$(echo -n "${TIMESTAMP}GET/v2/accounts" | openssl dgst -sha256 -hmac "$COINBASE_SECRET" |cut -d' ' -f2);

In respect of golang I compared the hash sums and came to the conclusion that something is fishy with the current library I am using.

I wrote a library on my own (https://github.com/Zauberstuhl/go-coinbase) and now it works like a charm. I am doing the same like above except I am using Sprintf for the final encoding but that should be the same.

Thanks anyway!

相关推荐