RSA
RSA Signature Demo Code
- Java
- Python
- JS
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.net.URI;
public class BydoxeRsaExample {
private static final String API_KEY = "your-api-key";
private static final String PASSPHRASE = "your-passphrase";
private static final String BASE_URL = "https://open-api.bydoxe.com";
// Your RSA private key (PKCS#8 format, without header/footer)
private static final String PRIVATE_KEY = "-----BEGIN PRIVATE KEY-----\n MIIEvgIBADANBgkqhkiG9w0BAQEFAASC...your-private-key...-----END PRIVATE KEY-----";
/**
* Generate RSA SHA256 signature
* Message format: timestamp + method + requestPath + body
* If queryString exists: timestamp + method + requestPath + "?" + queryString + body
*/
public static String generateSignature(String privateKeyStr, String timestamp,
String method, String requestPath,
String queryString, String body) {
try {
String message;
if (queryString != null && !queryString.isEmpty()) {
message = timestamp + method.toUpperCase() + requestPath + "?" + queryString + body;
} else {
message = timestamp + method.toUpperCase() + requestPath + body;
}
byte[] keyBytes = Base64.getDecoder().decode(privateKeyStr);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
Signature signature = Signature.getInstance("SHA256withRSA");
signature.initSign(privateKey);
signature.update(message.getBytes("UTF-8"));
byte[] signatureBytes = signature.sign();
return Base64.getEncoder().encodeToString(signatureBytes);
} catch (Exception e) {
throw new RuntimeException("Failed to generate RSA signature", e);
}
}
public static void main(String[] args) throws Exception {
// GET request example (without query string)
String timestamp = String.valueOf(System.currentTimeMillis());
String method = "GET";
String requestPath = "/api/v1/spot/account/assets";
String queryString = "";
String body = "";
String signature = generateSignature(PRIVATE_KEY, timestamp, method, requestPath, queryString, body);
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create(BASE_URL + requestPath))
.header("ACCESS-KEY", API_KEY)
.header("ACCESS-SIGN", signature)
.header("ACCESS-TIMESTAMP", timestamp)
.header("ACCESS-PASSPHRASE", PASSPHRASE)
.header("Content-Type", "application/json")
.GET()
.build();
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
System.out.println(response.body());
// GET request example (with query string)
String timestamp2 = String.valueOf(System.currentTimeMillis());
String requestPath2 = "/api/v1/spot/market/tickers";
String queryString2 = "symbol=BTCUSDT";
String signature2 = generateSignature(PRIVATE_KEY, timestamp2, "GET", requestPath2, queryString2, "");
HttpRequest request2 = HttpRequest.newBuilder()
.uri(URI.create(BASE_URL + requestPath2 + "?" + queryString2))
.header("ACCESS-KEY", API_KEY)
.header("ACCESS-SIGN", signature2)
.header("ACCESS-TIMESTAMP", timestamp2)
.header("ACCESS-PASSPHRASE", PASSPHRASE)
.header("Content-Type", "application/json")
.GET()
.build();
HttpResponse<String> response2 = client.send(request2, HttpResponse.BodyHandlers.ofString());
System.out.println(response2.body());
}
}
import base64
import time
import requests
import json
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives.serialization import load_pem_private_key
API_KEY = "your-api-key"
PASSPHRASE = "your-passphrase"
BASE_URL = "https://open-api.bydoxe.com"
# Your RSA private key (PEM format)
PRIVATE_KEY_PEM = """-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASC...your-private-key...
-----END PRIVATE KEY-----"""
def load_private_key(pem_key):
"""
Load RSA private key from PEM string
"""
return load_pem_private_key(pem_key.encode(), password=None)
def generate_signature(private_key, timestamp, method, request_path, query_string="", body=""):
"""
Generate RSA SHA256 signature
Message format: timestamp + method + requestPath + body
If queryString exists: timestamp + method + requestPath + "?" + queryString + body
"""
if query_string:
message = f"{timestamp}{method.upper()}{request_path}?{query_string}{body}"
else:
message = f"{timestamp}{method.upper()}{request_path}{body}"
signature = private_key.sign(
message.encode('utf-8'),
padding.PKCS1v15(),
hashes.SHA256()
)
return base64.b64encode(signature).decode('utf-8')
def get_request(request_path, params=None):
"""
Send GET request with RSA authentication
"""
private_key = load_private_key(PRIVATE_KEY_PEM)
timestamp = str(int(time.time() * 1000))
query_string = ""
if params:
query_string = "&".join([f"{k}={v}" for k, v in params.items()])
signature = generate_signature(private_key, timestamp, "GET", request_path, query_string)
headers = {
"ACCESS-KEY": API_KEY,
"ACCESS-SIGN": signature,
"ACCESS-TIMESTAMP": timestamp,
"ACCESS-PASSPHRASE": PASSPHRASE,
"Content-Type": "application/json"
}
url = BASE_URL + request_path
if query_string:
url += "?" + query_string
response = requests.get(url, headers=headers)
return response.json()
def post_request(request_path, data):
"""
Send POST request with RSA authentication
"""
private_key = load_private_key(PRIVATE_KEY_PEM)
timestamp = str(int(time.time() * 1000))
body = json.dumps(data)
signature = generate_signature(private_key, timestamp, "POST", request_path, "", body)
headers = {
"ACCESS-KEY": API_KEY,
"ACCESS-SIGN": signature,
"ACCESS-TIMESTAMP": timestamp,
"ACCESS-PASSPHRASE": PASSPHRASE,
"Content-Type": "application/json"
}
response = requests.post(BASE_URL + request_path, headers=headers, data=body)
return response.json()
if __name__ == "__main__":
# GET request example (without query string)
result = get_request("/api/v1/spot/account/assets")
print(result)
# GET request example (with query string)
result = get_request("/api/v1/spot/market/tickers", {"symbol": "BTCUSDT"})
print(result)
# POST request example
order_data = {
"symbol": "BTCUSDT",
"side": "BUY",
"orderType": "LIMIT",
"price": "30000",
"size": "0.01"
}
result = post_request("/api/v1/spot/trade/place-order", order_data)
print(result)
const crypto = require("crypto");
const https = require("https");
const API_KEY = "your-api-key";
const PASSPHRASE = "your-passphrase";
const BASE_URL = "open-api.bydoxe.com";
// Your RSA private key (PEM format)
const PRIVATE_KEY = `-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASC...your-private-key...
-----END PRIVATE KEY-----`;
/**
* Generate RSA SHA256 signature
* Message format: timestamp + method + requestPath + body
* If queryString exists: timestamp + method + requestPath + "?" + queryString + body
*/
function generateSignature(privateKey, timestamp, method, requestPath, queryString = "", body = "") {
let message;
if (queryString) {
message = `${timestamp}${method.toUpperCase()}${requestPath}?${queryString}${body}`;
} else {
message = `${timestamp}${method.toUpperCase()}${requestPath}${body}`;
}
const sign = crypto.createSign("SHA256");
sign.update(message);
sign.end();
const signature = sign.sign(privateKey, "base64");
return signature;
}
/**
* Send GET request with RSA authentication
*/
function getRequest(requestPath, params = null) {
return new Promise((resolve, reject) => {
const timestamp = Date.now().toString();
let queryString = "";
if (params) {
queryString = Object.entries(params)
.map(([k, v]) => `${k}=${v}`)
.join("&");
}
const signature = generateSignature(PRIVATE_KEY, timestamp, "GET", requestPath, queryString);
const path = queryString ? `${requestPath}?${queryString}` : requestPath;
const options = {
hostname: BASE_URL,
path: path,
method: "GET",
headers: {
"ACCESS-KEY": API_KEY,
"ACCESS-SIGN": signature,
"ACCESS-TIMESTAMP": timestamp,
"ACCESS-PASSPHRASE": PASSPHRASE,
"Content-Type": "application/json",
},
};
const req = https.request(options, (res) => {
let data = "";
res.on("data", (chunk) => (data += chunk));
res.on("end", () => resolve(JSON.parse(data)));
});
req.on("error", reject);
req.end();
});
}
/**
* Send POST request with RSA authentication
*/
function postRequest(requestPath, data) {
return new Promise((resolve, reject) => {
const timestamp = Date.now().toString();
const body = JSON.stringify(data);
const signature = generateSignature(PRIVATE_KEY, timestamp, "POST", requestPath, "", body);
const options = {
hostname: BASE_URL,
path: requestPath,
method: "POST",
headers: {
"ACCESS-KEY": API_KEY,
"ACCESS-SIGN": signature,
"ACCESS-TIMESTAMP": timestamp,
"ACCESS-PASSPHRASE": PASSPHRASE,
"Content-Type": "application/json",
},
};
const req = https.request(options, (res) => {
let responseData = "";
res.on("data", (chunk) => (responseData += chunk));
res.on("end", () => resolve(JSON.parse(responseData)));
});
req.on("error", reject);
req.write(body);
req.end();
});
}
// Example usage
(async () => {
// GET request example (without query string)
const result1 = await getRequest("/api/v1/spot/account/assets");
console.log(result1);
// GET request example (with query string)
const result2 = await getRequest("/api/v1/spot/market/tickers", { symbol: "BTCUSDT" });
console.log(result2);
// POST request example
const orderData = {
symbol: "BTCUSDT",
side: "BUY",
orderType: "LIMIT",
price: "30000",
size: "0.01",
};
const result3 = await postRequest("/api/v1/spot/trade/place-order", orderData);
console.log(result3);
})();