Binance Pay FAIL code 400002 signature error "Signature for this request is not valid"

Henny_Labrada · January 21, 2024, 9:57am

Hello support team,

I have been struggling for days trying to authenticate a request for Binance Pay API v3 today on January 2024.

Here I share the sample raw post with real data that I have collected with fiddler so you can verify in your system if the request is authenticated correctly:

POST https://bpay.binanceapi.com/binancepay/openapi/v3/order HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Accept: application/json
User-Agent: BinancePayClient/v1.0.0.0
BinancePay-Timestamp: 1705724955616
BinancePay-Nonce: VeTfR5mdAKjbeErxBXTl20JayTiCz4sb
BinancePay-Certificate-SN: nodrehtlbjychgajh5pdm1ndzleiddglcvuzt4dxjcfvdn9oxzsyyo9nvoej3n5r
BinancePay-Signature: 18A3E3DEE1605241117240735A1E05F60199EDB134EB09B6236809C976AEDD8EBD08EBD6CEB6A21A1199A2792CD06F8F52684E6C1F00FE63A8AB30B500F3967A
Content-Length: 350
Host: bpay.binanceapi.com

1705724955616
VeTfR5mdAKjbeErxBXTl20JayTiCz4sb
{“env”:{“terminalType”:“WEB”},“merchantTradeNo”:“43556435764df4”,“orderAmount”:0.01,“currency”:“USDT”,“description”:“Test Product”,“goodsDetails”:[{“goodsType”:“02”,“goodsCategory”:“Z000”,“referenceGoodsId”:“0001”,“goodsName”:“Test Product”,“goodsDetail”:“Test Product”}],“returnUrl”:“”,“cancelUrl”:“”}

And this is the response from api server:
{“status”:“FAIL”,“code”:“400002”,“errorMessage”:“Signature for this request is not valid.”}

Let me know if you can help me figure out if there is something wrong with the request signature.

Here is an attached screenshot of my request in hexadecimal format:

Waiting for your answer.

Regards.

dino · January 21, 2024, 10:58pm

Hi, have you tried this example code:

Thanks

Henny_Labrada · January 22, 2024, 4:45pm

Hi dino,

The github repository that you suggest is in python and nodejs and I am using C#.

I already created my version of signature function in C# by watching that repository and other repositories which are created for older versions of Binance Pay API :

public static string CreateSignature(string message, string secret)
{
byte keyBytes = Encoding.ASCII.GetBytes(secret);
byte messageBytes = Encoding.ASCII.GetBytes(message);
HMACSHA512 hmacsha512 = new HMACSHA512(keyBytes);
byte bytes = hmacsha512.ComputeHash(messageBytes);
string hex = BitConverter.ToString(bytes);
return hex.Replace(“-”, “”).ToUpper();

}

public static string GenerateNonce(int length)
{
const string chars = “abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789”;
return new string(Enumerable.Repeat(chars, length)
.Select(s => s[random.Next(s.Length)]).ToArray());
}

public static string GetTimestamp()
{
long milliseconds = DateTimeOffset.Now.ToUnixTimeMilliseconds();
return milliseconds.ToString();
}

The functions above are created to generate timestamp, nonce and signature.

You can check me previous post where a share the raw http post that is sent. Based in the post data you can verify if the singnature is generated correctly.

Waiting for your answer.

songhanlin · March 29, 2024, 11:24am

我也失败了, 我自己尝试java, 然后尝试了https://github.com/rubenofen/binance-pay-signature-examples.git这里的node代码, 都是验证失败的, 难道是因为我使用的是测试库, 付款的金额是0.00000001 usdt?

songhanlin · March 29, 2024, 11:26am

我这里是verify失败, 回调的信息都是正确的