Request Headers with WinHTTP HMAC SHA256

[AlwaysLearning]

Hello,

I have been struggling with this for nearly 20 hours, and I just cannot seem to figure out the formatting for the header request.
To test this, you will need to use this api key I set up for your testing purposes. (note, I sent tracexx a direct message about this as I didn't realize I could limit API restrictions until just now, so I am now hoping on of you may have the answer on hand)

I need to be able to GET balance and POST orders.
Right now, I can't get past the 401/403 errors on my own.
I believe the Content is formatted for JSON, but using the JSON format didn't work for me ( although that may be because I'm an idiot and formatted something wrong).

I want to get:

1. GET balance page
2. POST delete order page

Here is a temporary API key + Secret API key with only the "View Balance Page" and "Delete Order" functions enabled:

Access-key: tq6GeUrEvfxyF-LG

Secret Access-Key: cZlz75K1wb8-Ed67pRaXvUWTPW6RTH9q

Here is the site's API guide (I followed this closely and doubt the error is there): https://coincheck.com/documents/exchange/api#libraries

 

And here is running source code (needs those keys inputted) which will hash the above keys to the required HMAC SHA256:

expandcollapse popup

#include <Crypt.au3>
#include<WinHttp.au3>

Global Const $CALG_SHA_256 = 0x0000800c

;; =====

$api = "/api/accounts/balance"

$accessNonCE = _TimeGetStamp()
$url = "https://coincheck.com/api/accounts/balance"
$body = ""

WinHTTP($url, $body)

Func WinHTTP($sUrl, $sBody)
    Local $hOpen = _WinHttpOpen()
    Local $hConnect = _WinHttpConnect($hOpen, "https://coincheck.com/api/accounts/balance")
    ; Specify the reguest:
    ;Local $hRequest = _WinHttpOpenRequest($hConnect, Default, $sApi)

    $accessKey = "" ;; Add the key from above
    $secretKey = "" ;; Add the secret key from above
    $message = $accessNonCE & $sUrl
    $BinarySignature = HMAC($secretKey, $message)

    $signature = _Base64Encode($BinarySignature) ;Encode signature

    Local $hRequest = _WinHttpOpenRequest($hConnect, "GET")

    _WinHttpAddRequestHeaders($hRequest, 'ACCESS-KEY: '&$accessKey)
    _WinHttpAddRequestHeaders($hRequest, 'ACCESS-NONCE: '&$accessNonCE)
    _WinHttpAddRequestHeaders($hRequest, 'ACCESS-SIGNATURE: '&$signature)

    ; Send request
    _WinHttpSendRequest($hRequest)

    ; Wait for the response
    _WinHttpReceiveResponse($hRequest)

    Local $sHeader = _WinHttpQueryHeaders($hRequest) ; ...get full header
    Local $sData =  _WinHttpReadData($hRequest)

    ; Clean
    _WinHttpCloseHandle($hRequest)
    _WinHttpCloseHandle($hConnect)
    _WinHttpCloseHandle($hOpen)

    ; Display retrieved data
    MsgBox(0, "Data", $sData)
EndFunc


Func sha256($message)
    Return _Crypt_HashData($message, $CALG_SHA_256)
EndFunc

Func HMAC($key, $message, $hash="sha256")
    Local $blocksize = 64
    Local $a_opad[$blocksize], $a_ipad[$blocksize]
    Local Const $oconst = 0x5C, $iconst = 0x36
    Local $opad = Binary(''), $ipad = Binary('')
    $key = Binary($key)
    If BinaryLen($key) > $blocksize Then $key = Call($hash, $key)
    For $i = 1 To BinaryLen($key)
        $a_ipad[$i-1] = Number(BinaryMid($key, $i, 1))
        $a_opad[$i-1] = Number(BinaryMid($key, $i, 1))
    Next
    For $i = 0 To $blocksize - 1
        $a_opad[$i] = BitXOR($a_opad[$i], $oconst)
        $a_ipad[$i] = BitXOR($a_ipad[$i], $iconst)
    Next
    For $i = 0 To $blocksize - 1
        $ipad &= Binary('0x' & Hex($a_ipad[$i],2))
        $opad &= Binary('0x' & Hex($a_opad[$i],2))
    Next
    Return Call($hash, $opad & Call($hash, $ipad & Binary($message)))
EndFunc


Func _TimeGetStamp()
    Local $av_Time
    $av_Time = DllCall('CrtDll.dll', 'long:cdecl', 'time', 'ptr', 0)
    If @error Then
        SetError(99)
        Return False
    EndIf
    Return $av_Time[0]
EndFunc

Func _Base64Encode($input)

    $input = Binary($input)

    Local $struct = DllStructCreate("byte[" & BinaryLen($input) & "]")

    DllStructSetData($struct, 1, $input)

    Local $strc = DllStructCreate("int")

    Local $a_Call = DllCall("Crypt32.dll", "int", "CryptBinaryToString", _
            "ptr", DllStructGetPtr($struct), _
            "int", DllStructGetSize($struct), _
            "int", 1, _
            "ptr", 0, _
            "ptr", DllStructGetPtr($strc))

    If @error Or Not $a_Call[0] Then
        Return SetError(1, 0, "") ; error calculating the length of the buffer needed
    EndIf

    Local $a = DllStructCreate("char[" & DllStructGetData($strc, 1) & "]")

    $a_Call = DllCall("Crypt32.dll", "int", "CryptBinaryToString", _
            "ptr", DllStructGetPtr($struct), _
            "int", DllStructGetSize($struct), _
            "int", 1, _
            "ptr", DllStructGetPtr($a), _
            "ptr", DllStructGetPtr($strc))

    If @error Or Not $a_Call[0] Then
        Return SetError(2, 0, ""); error encoding
    EndIf

    Return DllStructGetData($a, 1)

EndFunc   ;==>_Base64Encode