according to the api docs the requests must be signned as follow
API-Key = API key
API-Sign = Message signature using HMAC-SHA512 of (URI path + SHA256(nonce + POST data)) and base64 decoded secret API key
here is my code but i still get error EAPI Invalid Key
function TKrakenAPI.QueryPrivate(const URI: string; Params: String): XVar;
var S: TMemoryStream;
J: TJSONParser;
URL,
Sign,
Sha256,
Nonce: String;
R,I,L: Integer;
LHMAC: IHMAC;
sha512: PChar;
buf: array [00..64] of char;
begin
Nonce:=IntToStr(DateTimeToUnix(Now));
Params:='nonce='+nonce+'&'+params;
sha256:=Nonce+Params;
URL:=kraken_private+URI;
L:=Length(URL);
Getmem(sha512,L+32);
Move(URL[1],Sha512^,L);
with THashFactory.TCrypto.CreateSHA2_256().ComputeUntyped(sha256[1],Length(Sha256)) do
move(getbytes[0],sha512[L],32);
LHMAC:= THashFactory.THMAC.CreateHMAC(THashFactory.TCrypto.CreateSHA2_512);
LHMAC.Key := TConverters.ConvertStringToBytes(DecodeStringBase64(FSecret), TEncoding.UTF8);
// sign:=EncodeStringBase64(LHMAC.ComputeUntyped(sha512,L+32).ToString);
move(LHMAC.ComputeUntyped(sha512,L+32).GetBytes[0],Buf[0],64);
Buf[64]:=#0;
sign:=EncodeStringBase64(Pchar(@Buf[0]));
try
FNET.AddHeader('API-Key:',FKEY);
FNET.AddHeader('API-Sign:',Sign);
FNET.AddHeader('Content-Type', 'application/x-www-form-urlencoded');
FNET.AddHeader('Content-Length', IntToStr(Length(Params)));
writeln(Nonce);
writeln(URL);
writeln(sha512);
writeln(sign);
S:=TMemoryStream.Create;
J:=TJSONParser.Create;
FNet.FormPOST(KrakenURL+URL,Params,S);
R:=J.Parse(S.Memory,S.Size);
writeln(R);
if R>0 then Result:=J.UseXON
else Result:=XVar.Null;
with Result['result'] do
for i:=0 to Count-1 do writeln(Keys[i].AsString,'=',Vars[i].AsString);
finally
J.Free;
S.Free;
end;
end;