B4J Question Sign the nonce with secret using HMAC-SHA256

pedrocam

Member
Licensed User
Longtime User
Hi there,

I am trying to access the blinktrade bitcoin platform API. I am trying to do the following curl request within B4J, but I am having a hard time. I keep getting invalid APIKey, but I think the problem is with the formating of the code. Here is instructions on the site:

B4X:
{"MsgType":"U2","BalanceReqID":1}
message='{ "MsgType": "U2", "BalanceReqID": 1 }'

api_url='API_URL_REST_ENDPOINT'
api_key='YOUR_API_KEY_GENERATED_IN_API_MODULE'
api_secret='YOUR_SECRET_KEY_GENERATED_IN_API_MODULE'

nonce=`date +%s`
signature=`echo -n "$nonce" | openssl dgst -sha256 -hex -hmac "$api_secret" | cut -d ' ' -f 2`

curl -X POST "$api_url" \
-H "APIKey:$api_key" \
-H "Nonce:$nonce" \
-H "Signature:$signature" \
-H "Content-Type:application/json" \
-d "$message"

And this is how I am trying to convert it to B4J

B4X:
Dim message, api_url, api_key, api_secret, nonce, signature As String

    api_key="xxxxxxxxxxkeyhere"
    api_secret="xxxxxxxxxxxxsecrethere"
    nonce=DateTime.Now

    signature="echo -n " & QUOTE & nonce & QUOTE & " | openssl dgst -sha256 -hex -hmac " & QUOTE & api_secret & QUOTE & " | cut -d ' ' -f 2"
 
    Dim Job As HttpJob
    Job.Initialize("FoxBit", Me)
    Job.PostString("https://api.blinktrade.com/tapi/v1/message", "{ " & QUOTE & "MsgType" & QUOTE & ": " & QUOTE & "U2" & QUOTE & ", " & QUOTE & "BalanceReqID" & QUOTE & ": 1 }")
    Job.GetRequest.SetHeader("ContentType","application/json")
    Job.GetRequest.SetHeader("APIKey",api_key)
    Job.GetRequest.SetHeader("Nonce",nonce)
    Job.GetRequest.SetHeader("Signature",signature)

I think (know) that I am unable to correctly Sign the nonce with secret using HMAC-SHA256 to create the correct signature.. I searched around for code to do this, but was unable to port some from b4a, or create one.

Plus I am not sure if I am doing the nonce correctly..
I think that the curl request is correctly formatted but I am not sure as well..

Any help? Thank you!
 

pedrocam

Member
Licensed User
Longtime User
Hi Erel, thanks for the reply. Yes, I imagined that I need to do that, however I was unable to port code from a B4A project to B4J. Can you please give me an example or point to an example in B4J of how to sign it with a secret key using HMAC-SHA256? Thank you very much.
 
Upvote 0

DonManfred

Expert
Licensed User
Longtime User
Upvote 0

pedrocam

Member
Licensed User
Longtime User
Hi Don I did search the forum as usual and was stuck anyhow. Anyways I figured it out. I was using the B4J encryption library and not the B4A one. Thanks!

Solution is to copy the B4A Encryption and ByteConverter libraries to the B4J Library folder. And then the code looks like this:

B4X:
Dim message, api_key, api_secret, nonce, signature As String

    message="{ ""MsgType"": ""U2"", ""BalanceReqID"": 1 }"
    api_key="xxxxxxxxxxkeyhere"
    api_secret="xxxxxxxxxxxxsecrethere"
    nonce=DateTime.Now
 
    Dim m As Mac
    Dim k As KeyGenerator
    k.Initialize("HMACSHA256")
    k.KeyFromBytes(api_secret.GetBytes("UTF8"))
    m.Initialise("HMACSHA256", k.Key)
    m.Update(nonce.GetBytes("UTF8"))
    Dim b() As Byte
    b = m.Sign
    Dim bc As ByteConverter
    Log(bc.HexFromBytes(b))
 
    signature=bc.HexFromBytes(b)

    Dim Job As HttpJob
    Job.Initialize("bitfox", Me)
    Job.PostString("https://api.blinktrade.com/tapi/v1/message", "{ " & QUOTE & "MsgType" & QUOTE & ": " & QUOTE & "U2" & QUOTE & ", " & QUOTE & "BalanceReqID" & QUOTE & ": 1 }")
    Job.GetRequest.SetHeader("ContentType","application/json")
    Job.GetRequest.SetHeader("APIKey",api_key)
    Job.GetRequest.SetHeader("Nonce",nonce)
 
Upvote 0
Top