c - C中的机器人访问API不起作用，为什么？

Question

Bitfinex中的认证过程API 是:

假设客户想要向

POST https://api.bitfinex.com/v1/order/new

有效载荷为

{
"request": "/v1/order/new",
"nonce": "1234",
"option1": ...
} 

提供的随机数必须严格增加。

要验证请求，请使用以下命令:

payload = parameters-dictionary -> JSON encode -> base64
signature = HMAC-SHA384(payload, api-secret) as hexadecimal
send (api-key, payload, signature) 

这些被编码为 HTTP header ，名为:

X-BFX-APIKEY
X-BFX-PAYLOAD
X-BFX-SIGNATURE 

https://www.bitfinex.com/pages/api 中的完整文档

我想 build 一个机器人，所以我研究了一下，我写了这段代码(有帮助):

#include<openssl/pem.h>

/* A BASE-64 ENCODER USING OPENSSL (by Len Schulwitz)
 * Parameter 1: A pointer to the data you want to base-64 encode.
 * Parameter 2: The number of bytes you want encoded.
 * Return: A character pointer to the base-64 encoded data (null-terminated for string output).
 * On linux, compile with "gcc base64_encode.c -o b64enc -lcrypto" and run with "./b64enc".
 * This software has no warranty and is provided "AS IS".  Use at your own risk.
 * Published at http://stackoverflow.com/questions/342409/how-do-i-base64-encode-decode-in-c
 */

/*This function will Base-64 encode your data.*/
char * base64encode (const void *b64_encode_me, int encode_this_many_bytes){
    BIO *b64_bio, *mem_bio;   //Declare two BIOs.  One base64 encodes, the other stores     memory.
    BUF_MEM *mem_bio_mem_ptr; //Pointer to the "memory BIO" structure holding the base64 data.

    b64_bio = BIO_new(BIO_f_base64());  //Initialize our base64 filter BIO.
    mem_bio = BIO_new(BIO_s_mem());  //Initialize our memory sink BIO.
    BIO_push(b64_bio, mem_bio);  //Link the BIOs (i.e. create a filter-sink BIO chain.)
    BIO_set_flags(b64_bio, BIO_FLAGS_BASE64_NO_NL);  //Don't add a newline every 64 characters.

    BIO_write(b64_bio, b64_encode_me, encode_this_many_bytes); //Encode and write our b64 data.
    BIO_flush(b64_bio);  //Flush data.  Necessary for b64 encoding, because of pad characters.

    BIO_get_mem_ptr(mem_bio, &mem_bio_mem_ptr);  //Store address of mem_bio's memory structure.
    BIO_set_close(mem_bio,BIO_NOCLOSE); //Permit access to mem_ptr after BIOs are destroyed.
    BIO_free_all(b64_bio);  //Destroys all BIOs in chain, starting with b64 (i.e. the 1st one).

    (*mem_bio_mem_ptr).data[(*mem_bio_mem_ptr).length] = '\0';  //Adds a null-terminator.

    return (*mem_bio_mem_ptr).data; //Returns base-64 encoded data. (See: "buf_mem_st" struct).
}

#include<stdio.h>
#include<curl/curl.h>
#include<string.h>
#include<malloc.h>
#include<openssl/hmac.h>

int main(){

char key[]="X-BFX-APIKEY:xxxx";
char secret[]="xxxx";

//preparation of X-BFX-PAYLOAD header
char data[]="{\"request\":\"/v1/orders\",\"nonce\":\"46\"}";
char pre_data[]="X-BFX-PAYLOAD:";
int bytes_to_encode=sizeof(data)-1; 
char *data_encoded=base64encode(data,bytes_to_encode);
char *payload;
payload=(char *)malloc(strlen(data_encoded)*sizeof(char)+strlen(pre_data)*sizeof(char));
*payload='\0';
strcat(payload,pre_data);
strcat(payload,data_encoded);

//variables related to hmac
HMAC_CTX ctx;
HMAC_CTX_init(&ctx);
unsigned int len=128;
unsigned char *mac;
mac=(unsigned char *)malloc(sizeof(char)*len);
//using sha384
HMAC_Init_ex(&ctx,secret,strlen(secret),EVP_sha384(),NULL);
HMAC_Update(&ctx,(unsigned char *)&data_encoded,strlen(data_encoded));
HMAC_Final(&ctx,mac,&len);

//preparation of X-BFX-SIGNATURE header
int i;
const char *pre_sign="X-BFX-SIGNATURE:";
size_t pre_sign_len=strlen(pre_sign);
char sign[pre_sign_len+2*len+1];
strcpy(sign,pre_sign);
char *p=&sign[pre_sign_len];
//mac to hex
for(i=0;i<len;i++){
   sprintf(p,"%02x",(unsigned int)mac[i]);
   p+=2;  
}

//variables related to CURL
CURL *request;
FILE *answer=fopen("answer.dat","w");
CURLcode control;
struct curl_slist *headers=NULL;
//CURL preparation
curl_global_init(CURL_GLOBAL_SSL);
request=curl_easy_init();
curl_easy_setopt(request,CURLOPT_WRITEDATA,(void *)answer);
curl_easy_setopt(request,CURLOPT_URL,"https://api.bitfinex.com/v1/orders");
curl_easy_setopt(request,CURLOPT_TIMEOUT,10);
curl_easy_setopt(request,CURLOPT_POST,1L); 
headers=curl_slist_append(headers,key);
headers=curl_slist_append(headers,payload);
headers=curl_slist_append(headers,sign);
curl_easy_setopt(request,CURLOPT_HTTPHEADER,headers);
curl_easy_setopt(request,CURLOPT_POSTFIELDS,"");
curl_easy_setopt(request, CURLOPT_SSL_VERIFYPEER,0L);

//do
if((control=curl_easy_perform(request))!=CURLE_OK)printf("curl error %d\n",(int)control);

//clean up...
return 0;
}

但总是当我发送请求时，我会收到答案:

{"message":"Invalid X-BFX-SIGNATURE."}

由于来自 API 的响应并不总是准确的，我不确定到底出了什么问题，所以我尝试更改很多东西，例如字符串数据格式和 hmac 进程，但没有结果。可能问题不在于 hmac 进程，它对其他 API 工作得很好，但现在我不知道出了什么问题。

出于绝望，我转向这里，有谁知道它为什么不起作用？

提前致谢

Answer 1

解决了，我尝试了在线哈希加密，它起作用了，问题出在 hmac 进程中，但问题出在另一个问题上。