Skip to main content

B.2.5. Signing a Request Using hmac-sha256

B.2.5. Signing a Request Using hmac-sha256

This example covers portions of the test-request message using the hmac-sha256 algorithm and the secret test-shared-secret.

The corresponding signature base is:

NOTE: '' line wrapping per RFC 8792

"date": Tue, 20 Apr 2021 02:07:55 GMT "@authority": example.com "content-type": application/json "@signature-params": ("date" "@authority" "content-type")
;created=1618884473;keyid="test-shared-secret"

This results in the following Signature-Input and Signature header fields being added to the message under the label sig-b25:

NOTE: '' line wrapping per RFC 8792

Signature-Input: sig-b25=("date" "@authority" "content-type")
;created=1618884473;keyid="test-shared-secret" Signature: sig-b25=:pxcQw6G3AjtMBQjwo8XzkZf/bws5LelbaMk5rGIGtE8=:

Before using symmetric signatures in practice, see the discussion regarding security trade-offs in Section 7.3.3.

Last updated on