Example 1: As a query string

queryString: symbol=LTCBTC&side=BUY&type=LIMIT&timeInForce=GTC&quantity=1&price=0.1&recvWindow=5000&timestamp=1499827319559

HMAC SHA256 signature:

[linux]$ echo -n “symbol=LTCBTC&side=BUY&type=LIMIT&timeInForce=GTC&quantity=1&price=0.1&recvWindow=5000&timestamp=1499827319559” | openssl dgst -sha256 -hmac “NhqPtmdSJYdKjVHjA7PZj4Mge3R5YNiP1e3UZjInClVN65XAbvqqM6A7H5fATj0j” (stdin)= c8db56825ae71d6d79447849e617115f4a920fa2acdcab2b053c4b2838bd6b71

他需要加上timestamp参数，然后对整个querystring签名， 我试着 var querystr = “asset=abc&amount=100&address=abc&timestamp=abc”; var sig = HMAC(‘sha256’, ‘hex’, querystr, secretkey）;//第二个参数全都试过了 exchange.IO(“api”, “POST”, “/wapi/v3/withdraw.html”,querystr+“&signature=”+sig);或者 exchange.IO(“api”, “POST”, “/wapi/v3/withdraw.html”,querystr); 得到 {“msg”:“{\“code\”:-1105,\“msg\”:\“Parameter ‘payload’ was was empty.\”}“,“success”:false}

exchange.IO(“api”, “POST”, “/wapi/v3/withdraw.html?”+querystr+“&signature=”+sig,“”);//ru 会得到 {“msg”:“{\“code\”:-1100,\“msg\”:\“Illegal characters found in parameter ‘signature’; legal range is ‘^[A-Fa-f0-9]{64}$’.\”}“,“success”:false}

如果不带signature {“msg”:“{\“code\”:-1022,\“msg\”:\“Signature for this request is not valid.\”}“,“success”:false}