B.2.4. Signing a Response Using ecdsa-p256-sha256 (B.2.4. 使用 ecdsa-p256-sha256 签名响应)

本示例使用 ecdsa-p256-sha256 算法与密钥 test-key-ecc-p256 覆盖 test-response 消息的部分内容.

对应的签名基为:

NOTE: '' line wrapping per RFC 8792

"@status": 200 "content-type": application/json "content-digest": sha-512=:mEWXIS7MaLRuGgxOBdODa3xqM1XdEvxoYhvlCFJ4
1QJgJc4GTsPp29l5oGX69wWdXymyU0rjJuahq4l5aGgfLQ==: "content-length": 23 "@signature-params": ("@status" "content-type" "content-digest"
"content-length");created=1618884473;keyid="test-key-ecc-p256"

这导致在标签 sig-b24 下将下列 Signature-Input 与 Signature 头字段加入消息:

NOTE: '' line wrapping per RFC 8792

Signature-Input: sig-b24=("@status" "content-type"
"content-digest" "content-length");created=1618884473
;keyid="test-key-ecc-p256" Signature: sig-b24=:wNmSUAhwb5LxtOtOpNa6W5xj067m5hFrj0XQ4fvpaCLx0NK
ocgPquLgyahnzDnDAUy5eCdlYUEkLIj+32oiasw==:

注意此处使用的 ECDSA 签名算法为非确定性, 即每次运行算法将产生不同签名值. 此处提供的签名值可相对给定密钥校验, 但新生成的签名值预计与示例不匹配. 见第 7.3.5 节.

B.2.4. Signing a Response Using ecdsa-p256-sha256 (B.2.4. 使用 ecdsa-p256-sha256 签名响应)​

B.2.4. Signing a Response Using ecdsa-p256-sha256 (B.2.4. 使用 ecdsa-p256-sha256 签名响应)