I am having trouble properly setting headers for the Bitfinex API (https://www.bitfinex.com/pages/api). I have no trouble with the un-authenticated Get calls but I cannot get my authenticated Post calls working. An example call that I am working with is a Post to "/balances". I am hoping that somebody who uses the API can help me with what I am doing wrong. Here is some sample input and output (fake keys of course) that I am currently generating:
Private Key:
012345abcdef
API Key:
000111aaafff
Payload:
{"request": "/v1/balances","nonce": "1413737362"}
Base64 Payload:
e3JlcXVlc3Q6IC92MS9iYWxhbmNlcyxub25jZTogMTQxMzczNzM2Mn0=
Using the OpenSSL command:
echo -n 'e3JlcXVlc3Q6IC92MS9iYWxhbmNlcyxub25jZTogMTQxMzczNzM2Mn0=' | openssl dgst -hmac 012345abcdef -sha384 -hex
to get a signaure of
b18953370fad9bd5dd482d6ae07aeb96fdebd812e98cbf847f2d923bf66d1579eb31e10e1d79c7ae8405c54e28d0ae2a
So I get the Headers:
"X-BFX-APIKEY" "000111aaafff"
"X-BFX-PAYLOAD" "e3JlcXVlc3Q6IC92MS9iYWxhbmNlcyxub25jZTogMTQxMzczNzM2Mn0="
"X-BFX-SIGNATURE" "b18953370fad9bd5dd482d6ae07aeb96fdebd812e98cbf847f2d923bf66d1579eb31e10e1d79c7ae8405c54e28d0ae2a"
I have been trying everything I can think of and the responses I get from the API switch between "Invalid X-BFX-SIGNATURE." and "Invalid json.".
Where is the flaw in my process? I cannot see what I am doing incorrectly.
I was using a Unix system call to run the OpenSSL command. The result was returned in two lines, I was only reading the first line. Reading all lines until encountering and End of File solved the problem.