cancel
Showing results forΒ 
Search instead forΒ 
Did you mean:Β 

Encoding signature for authorization

Jake1
New Contributor

I have a python script used for encoding a signature, I am trying to mimic this in kdb but having issues getting the exact output... the correct output looks like this.


/Api-Key: 534sf23Fjdg8f7ehfuhduwijfd89sa
/Api-Sign: jkdJFOHjklkdjsfaDFNmdfasdjkfaksdKDSAKLFKDKkdsadkcllkdsiuyw8e9rufhsdjksdlahfhdhdadsfklamdskcdansjHUGHVKkjJjkljLKkjlk=
/Api-Nonce: 1528141017949


Here is the python code that creates the signature, need to rewrite in KDB. 



    api_url
= api_url
    api_key
= api_key
    api_secret
= api_secret
 
   
def __init__(self, api_key, api_secret😞

       
self.api_key = api_key
       
self.api_secret = api_secret

   
def xcoinApiCall(self, endpoint, rg_params😞

       
# 1. Api-Sign and Api-Nonce information generation.
       
# 2. Request related information from the Bithumb API server.
       
#
       
# - nonce: it is an arbitrary number that may only be used once.
       
# - api_sign: API signature information created in various combinations values.

        uri_array
= dict(endpoint_item_array, **rg_params) # Concatenate the two arrays.
        str_data
= urllib.parse.urlencode(uri_array)
        nonce
= self.time()
        data
= endpoint + chr(0) + str_data + chr(0) + nonce
        utf8_data
= data.encode('utf-8')
        key
= self.api_secret
        utf8_key
= key.encode('utf-8')
        h
= hmac.new(bytes(utf8_key), utf8_data, hashlib.sha512)
        hex_output
= h.hexdigest()
        utf8_hex_output
= hex_output.encode('utf-8')
        api_sign
= base64.b64encode(utf8_hex_output)
        utf8_api_sign
= api_sign.decode('utf-8')

        curl_handle
= pycurl.Curl()
        curl_handle
.setopt(pycurl.POST, 1)
       
#curl_handle.setopt(pycurl.VERBOSE, 1) # verbose mode :: 1 => True, 0 => False
        curl_handle
.setopt(pycurl.POSTFIELDS, str_data)
        url
= self.api_url + endpoint
        curl_handle
.setopt(curl_handle.URL, url)
        curl_handle
.setopt(curl_handle.HTTPHEADER, ['Api-Key: ' + self.api_key, 'Api-Sign: ' + utf8_api_sign, 'Api-Nonce: ' + nonce])
        curl_handle
.setopt(curl_handle.WRITEFUNCTION, self.body_callback)
        curl_handle
.perform()


4 REPLIES 4

User
Not applicable
Hi

Without your input it is difficult to replicate the python code and get the same results as yours. It would also be helpful to give more details about what you want to achieve with your code allowing those who do not know python to help you as well. 

If you google asatirahul/cryptoq  you can find a library that might be useful for you even though it does not seem to contain anything for sha512. 

Also, have a look at this blog post that uses the hash function inside qcrypt.c to create a sha512 key -> google Passwords are better with salt – hashing, salting and key stretching in kdb+

Regards
Alex

jakedigitalmark
New Contributor

Heres some more info if it helps ..

 
 query_string = path + chr(0) + urllib.parse.urlencode(kwargs) + chr(0) + nonce
 h
= hmac.new(self.API_SECRET, query_string.encode('utf-8'), hashlib.sha512)
 
return base64.b64encode(h.hexdigest().encode('utf-8'))

1. We create a query string like "/info/balance"
2. We will sign the query string with hmac SHA512
3. We will base64 encode the "hexdigest" of the signed query string 

 

I believe cryptoq [https://github.com/asatirahul/cryptoq] has been updated with SHA512 support recently, it may now be possible to use it to do your encoding?

 

Jonathon

 

From: personal-kdbplus@googlegroups.com <personal-kdbplus@googlegroups.com> On Behalf Of jakedigitalmarketing@gmail.com
Sent: 19 June 2018 16:09
To: Kdb+ Personal Developers <personal-kdbplus@googlegroups.com>
Subject: [personal kdb+] Re: Encoding signature for authorization

 

Heres some more info if it helps ..

 

 query_string = path + chr(0) + urllib.parse.urlencode(kwargs) + chr(0) + nonce
 h
= hmac.new(self.API_SECRET, query_string.encode('utf-8'), hashlib.sha512)
 
return base64.b64encode(h.hexdigest().encode('utf-8'))

 

1. We create a query string like "/info/balance"

2. We will sign the query string with hmac SHA512

3. We will base64 encode the "hexdigest" of the signed query string 

 

 

--
You received this message because you are subscribed to the Google Groups "Kdb+ Personal Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to personal-kdbplus+unsubscribe@googlegroups.com.
To post to this group, send email to personal-kdbplus@googlegroups.com.
Visit this group at https://groups.google.com/group/personal-kdbplus.
For more options, visit https://groups.google.com/d/optout.


This e-mail message is intended to be received only by persons entitled to receive the confidential information it may contain. E-mail messages to clients of AquaQ Analytics may contain information that is confidential and legally privileged. Please do not read, copy, forward, or store this message unless you are an intended recipient of it. If you have received this message in error, please forward it to the sender and delete it completely from your computer system.

rahul_asati04
Contributor
Hi Jake, 
As Jonathaon mentioned I have added sha512, sha224, sha384 and hmac_sha512 to cryptoq library. You can look into those. 
I have tested your code with hmac_sha512 and getting same output.

Python:
apikey = "534sf23Fjdg8f7ehfuhduwijfd89sa"
query_string = "/info/balance"

h = hmac.new(apikey.encode('utf-8'),query_string.encode('utf-8'), hashlib.sha512)

base64.b64encode(h.hexdigest().encode('utf-8'))


Outputb'YzU1MTY1ZWVjOWU1Y2Q4NDE1MzJiMzMyMzJmNjEwOWZkODk1ZWMzMjcyNjYyYzgxOTVlOTY0Nzk3ZjhjNGVmNmQ1ZTU1YWQ0YjEyOTU5NTFlYWI3NWE5M2Y0NzAxZjIxMjRiZTJmYTYzMTlhMTgxOTRhYTU1

NDYxOWZmMzIyNzI='


KDB using cryptoq:
apikey : "534sf23Fjdg8f7ehfuhduwijfd89sa"
query_string : "/info/balance"

h:.cryptoq.hmac_sha512[apikey;query_string]

.cryptoq.b64_encode raze string h


Output:"YzU1MTY1ZWVjOWU1Y2Q4NDE1MzJiMzMyMzJmNjEwOWZkODk1ZWMzMjcyNjYyYzgxOTVlOTY0Nzk3ZjhjNGVmNmQ1ZTU1YWQ0YjEyOTU5NTFlYWI3NWE5M2Y0NzAxZjIxMjRiZTJmYTYzMTlhMTgxOTRhYTU1NDYxOWZmMzIyNzI="