Signature instructions

Signature instructions

All The Request Require Timestamp And Sign

The specific steps to generate a signature are as follows:

Arrange the request parameters in ascending order according to the dictionary order of parameter names.
Splicing the sorted parameters into a string in the format: key 1 = value1 & key 2 = value2 & ... & keyn = valuen.
The spliced string is encrypted by HMAC-SHA256, and the SecretKey is used as the encryption key.
Convert the encrypted result into a hexadecimal string, which is the generated signature.

Sign demo to initiate API


public class HmacUtil {

    private final static Charset UTF8 = StandardCharsets.UTF_8;

    public static String hmac256(String key, String msg) throws Exception {
        // Get Mac instance and specify HmacSHA256 algorithm.
        Mac mac = Mac.getInstance("HmacSHA256");
        // Create a SecretKeySpec instance to store key information. The mac.getAlgorithm () method gets the name of the algorithm used by the Mac instance.
        SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(UTF8), mac.getAlgorithm());
        // Key initialization.
        mac.init(secretKeySpec);
        // Calculate the HmacSHA256 digest value of the message.
        byte[] data = mac.doFinal(msg.getBytes(UTF8));
        // Converts a summary value to a hexadecimal string
        String hmac256Sign = DatatypeConverter.printHexBinary(data).toLowerCase();
        log.info("HmacSHA256 rawContent is [{}], key is [{}], hash result is [{}]", msg, key, hmac256Sign);
        return hmac256Sign;
    }

  

    public static String getStringToSign(Map<String, Object> params) {
        TreeMap<String, Object> treeMap = new TreeMap<>(params);
        StringBuilder s2s = new StringBuilder();
        for (String k : treeMap.keySet()) {
            if(StringUtils.hasText(k)){
                Object value = params.get(k);
                if(value instanceof Map){
                    continue;
                }else if(value instanceof List){
                    continue;
                }
                if (Objects.nonNull(value) && StrUtil.isNotEmpty(value.toString())) {
                    s2s.append(k).append("=").append(params.get(k).toString()).append("&");
                }
            }
        }
        return s2s.substring(0, s2s.length() - 1);
    }

    public static void main(String[] args) throws Exception {

        final String appid = "aaa";
        final String secretKey = "bbb";

        Map<String, Object> map = new HashMap<>();
        // The actual call needs to update the parameters. This is only an example to demonstrate that the signature verification passed.
        map.put("orderId", "1400006666");
        map.put("network", "TRX");
        map.put("amount", "1234");
        map.put("cryptoCurrency","USDT");
        map.put("fiat", "USD");
        map.put("type", "ONE");
        map.put("timestamp", String.valueOf(System.currentTimeMillis()));
        map.put("appid", appid);

        String sign = getStringToSign(map);
        log.info("sign is {}", sign);

        String hmac256Sign = hmac256(secretKey, sign);
        log.info("hmac256Sign is {}", hmac256Sign);

    }

}

const crypto = require('crypto');

class HmacUtil {
  static hmac256(key, msg) {
    const mac = crypto.createHmac('sha256', key);
    const data = mac.update(msg).digest('hex').toLowerCase();
    console.log(`HmacSHA256 rawContent is [${msg}], key is [${key}], hash result is [${data}]`);
    return data;
  }

  static getStringToSign(params) {
    const treeMap = new Map(Object.entries(params).sort());
    let s2s = '';

    for (const [k, v] of treeMap) {
      if (!k || typeof v === 'object') {
        continue;
      }
      if (v !== null && v !== undefined && String(v)) {
        s2s += `${k}=${v}&`;
      }
    }

    return s2s.slice(0, -1);
  }
}

const appid = 'aaa';
const secretKey = 'bbb';
// The actual call needs to update the parameters. This is only an example to demonstrate that the signature verification passed.
const map = {
  orderId: '1400006666',
  network: 'TRX',
  amount: '1234',
  cryptoCurrency: 'USDT',
  fiat: 'USD',
  type: 'ONE',
  timestamp: String(Date.now()),
  appid: appid,
};

const sign = HmacUtil.getStringToSign(map);
console.log(`sign is ${sign}`);

const hmac256Sign = HmacUtil.hmac256(secretKey, sign);
console.log(`hmac256Sign is ${hmac256Sign}`);

import hashlib
import hmac
from typing import Dict

class HmacUtil:
    @staticmethod
    def hmac256(key: str, msg: str) -> str:
       
        data = hmac.new(key.encode(), msg.encode(), hashlib.sha256).digest()
       
        hmac256Sign = data.hex().lower()
        print(f"HmacSHA256 rawContent is [{msg}], key is [{key}], hash result is [{hmac256Sign}]")
        return hmac256Sign

    @staticmethod
    def get_string_to_sign(params: Dict[str, object]) -> str:
     
        s2s = '&'.join([f"{k}={v}" for k, v in sorted(params.items()) if v is not None and str(v)])
        return s2s

if __name__ == '__main__':
    appid = "aaa"
    secretKey = "bbb"
    ##The actual call needs to update the parameters. This is only an example to demonstrate that the signature verification passed.
    params = {
        "orderId": "1400006666",
        "network": "TRX",
        "amount": "1234",
        "cryptoCurrency": "USDT",
        "fiat": "USD",
        "type": "ONE",
        "timestamp": str(int(time.time() * 1000)),
        "appid": appid
    }

    sign = HmacUtil.get_string_to_sign(params)
    print(f"sign is {sign}")

    hmac256Sign = HmacUtil.hmac256(secretKey, sign)
    print(f"hmac256Sign is {hmac256Sign}")

<?php

class HmacUtil {
  public static function hmac256($key, $msg) {
  
    $data = hash_hmac('sha256', $msg, $key, true);
   
    $hmac256Sign = bin2hex($data);
    echo "HmacSHA256 rawContent is [{$msg}], key is [{$key}], hash result is [{$hmac256Sign}]\n";
    return $hmac256Sign;
  }

  public static function getStringToSign($params) {
   
    ksort($params);
    $s2s = '';
    foreach ($params as $k => $v) {
      if (is_array($v)) {
        continue;
      } else if (!empty($v)) {
        $s2s .= "{$k}={$v}&";
      }
    }
    return rtrim($s2s, '&');
  }
}

$appid = 'aaa';
$secretKey = 'bbb';
// The actual call needs to update the parameters. This is only an example to demonstrate that the signature verification passed.
$params = array(
  'orderId' => '1400006666',
  'network' => 'TRX',
  'amount' => '1234',
  'cryptoCurrency' => 'USDT',
  'fiat' => 'USD',
  'type' => 'ONE',
  'timestamp' => strval(time() * 1000),
  'appid' => $appid,
);

$sign = HmacUtil::getStringToSign($params);
echo "sign is {$sign}\n";

$hmac256Sign = HmacUtil::hmac256($secretKey, $sign);
echo "hmac256Sign is {$hmac256Sign}\n";

?>

package main

import (
	"crypto/hmac"
	"crypto/sha256"
	"encoding/hex"
	"fmt"
	"sort"
	"strings"
	"time"
)

// hmac256 calculates the HMAC-SHA256 signature.
func hmac256(key string, msg string) string {
	h := hmac.New(sha256.New, []byte(key))
	h.Write([]byte(msg))
	data := h.Sum(nil)
	hmac256Sign := hex.EncodeToString(data)
	fmt.Printf("HmacSHA256 rawContent is [%s], key is [%s], hash result is [%s]\n", msg, key, hmac256Sign)
	return hmac256Sign
}

// getStringToSign sorts the parameters in lexicographical order and generates the string to be signed.
func getStringToSign(params map[string]interface{}) string {
	keys := make([]string, 0, len(params))
	for k := range params {
		keys = append(keys, k)
	}
	sort.Strings(keys)

	var s2s strings.Builder
	for _, k := range keys {
		if v, ok := params[k]; ok {
			switch v.(type) {
			case map[string]interface{}, []interface{}:
				continue
			default:
			case string:
				if v != "" {
					s2s.WriteString(fmt.Sprintf("%s=%s&", k, v))
				}
			case int:
				s2s.WriteString(fmt.Sprintf("%s=%d&", k, v))
			case float64:
				s2s.WriteString(fmt.Sprintf("%s=%f&", k, v))
			}
		}
	}
	return s2s.String()[:s2s.Len()-1]
}

func main() {
	appid := "aaa"
	secretKey := "bbb"

	params := map[string]interface{}{
		"orderId":        "1400006666",
		"network":        "TRX",
		"amount":         "1234",
		"depositType":     2,
		"cryptoCurrency": "USDT",
		"fiat":           "USD",
		"type":           "ONE",
		"timestamp":      fmt.Sprintf("%d", time.Now().UnixNano()/int64(time.Millisecond)),
		"appid":          appid,
	}

	sign := getStringToSign(params)
	fmt.Printf("sign is %s\n", sign)

	hmac256Sign := hmac256(secretKey, sign)
	fmt.Printf("hmac256Sign is %s\n", hmac256Sign)
}

import 'dart:convert';
import 'package:crypto/crypto.dart';

class HmacUtil {
  static String hmac256(String key, String msg) {
   
    var hmac = Hmac(sha256, utf8.encode(key));
    var data = hmac.convert(utf8.encode(msg)).bytes;
   
    var hmac256Sign = hex.encode(data).toLowerCase();
    print('HmacSHA256 rawContent is [$msg], key is [$key], hash result is [$hmac256Sign]');
    return hmac256Sign;
  }

  static String getStringToSign(Map<String, dynamic> params) {
   
    var keys = params.keys.toList()..sort();
    var s2s = StringBuffer();
    for (var k in keys) {
      if (params[k] is Map || params[k] is List) {
        continue;
      } else if (params[k] != null && params[k].toString().isNotEmpty) {
        s2s.write('$k=${params[k]}&');
      }
    }
    return s2s.toString().substring(0, s2s.length - 1);
  }
}

void main() {
  final appid = 'aaa';
  final secretKey = 'bbb';
  // The actual call needs to update the parameters. This is only an example to demonstrate that the signature verification passed.
  var map = <String, dynamic>{
    'orderId': '1400006666',
    'network': 'TRX',
    'amount': '1234',
    'cryptoCurrency': 'USDT',
    'fiat': 'USD',
    'type': 'ONE',
    'timestamp': '${DateTime.now().millisecondsSinceEpoch}',
    'appid': appid,
  };

  var sign = HmacUtil.getStringToSign(map);
  print('sign is $sign');

  var hmac256Sign = HmacUtil.hmac256(secretKey, sign);
  print('hmac256Sign is $hmac256Sign');
}