B.2.2. Selective Covered Components Using rsa-pss-sha512 (B.2.2. 使用 rsa-pss-sha512 的选择性被覆盖组成部分)

本示例在 test-request 中使用 rsa-pss-sha512 算法覆盖附加组成部分 (authority, Content-Digest 头字段与单个命名查询参数). 本示例还添加 tag 参数, 取应用专用值 header-example.

对应的签名基为:

NOTE: '' line wrapping per RFC 8792

"@authority": example.com "content-digest": sha-512=:WZDPaVn/7XgHaAy8pmojAkGWoRx2UFChF41A2svX
+TaPm+AbwAgBWnrIiYllu7BNNyealdVLvRwEmTHWXvJwew==: "@query-param";name="Pet": dog "@signature-params": ("@authority" "content-digest"
"@query-param";name="Pet")
;created=1618884473;keyid="test-key-rsa-pss"
;tag="header-example"

这导致在标签 sig-b22 下将下列 Signature-Input 与 Signature 头字段加入消息:

NOTE: '' line wrapping per RFC 8792

Signature-Input: sig-b22=("@authority" "content-digest"
"@query-param";name="Pet");created=1618884473
;keyid="test-key-rsa-pss";tag="header-example" Signature: sig-b22=:LjbtqUbfmvjj5C5kr1Ugj4PmLYvx9wVjZvD9GsTT4F7GrcQ
EdJzgI9qHxICagShLRiLMlAJjtq6N4CDfKtjvuJyE5qH7KT8UCMkSowOB4+ECxCmT
8rtAmj/0PIXxi0A0nxKyB09RNrCQibbUjsLS/2YyFYXEu4TRJQzRw1rLEuEfY17SA
RYhpTlaqwZVtR8NV7+4UKkjqpcAoFqWFQh62s7Cl+H2fjBSpqfZUJcsIk4N6wiKYd
4je2U/lankenQ99PZfB4jY3I5rSV2DSBVkSFsURIjYErOs0tFTQosMTAoxk//0RoK
UqiYY8Bh0aaUEb0rQl3/XaVe4bXTugEjHSw==:

注意此处使用的 RSA-PSS 算法为非确定性, 即每次运行算法将产生不同签名值. 此处提供的签名值可相对给定密钥校验, 但新生成的签名值预计与示例不匹配. 见第 7.3.5 节.

B.2.2. Selective Covered Components Using rsa-pss-sha512 (B.2.2. 使用 rsa-pss-sha512 的选择性被覆盖组成部分)​

B.2.2. Selective Covered Components Using rsa-pss-sha512 (B.2.2. 使用 rsa-pss-sha512 的选择性被覆盖组成部分)