Use raw signature-params instead of self-construct one.

[Gh0u1L5]

Currently the verifier uses a self-constructed "@signature-params" when verifying the signature. However, the order of signature params is not strictly defined in the standard.

For example, the following example is given in Section 2.3 of revision 19.

("@target-uri" "@authority" "date" "cache-control")\
  ;keyid="test-key-rsa-pss";alg="rsa-pss-sha512";\
  created=1618884475;expires=1618884775

Next example is generated by Python library requests-http-signature.

("@method" "@authority" "@path" "@query" "content-digest" "date");created=1692263726;keyid="d8676596-40a7-4e1d-95fa-fa375147b65c";expires=1692263786;alg="hmac-sha256"

Both of them are valid, but will fail our verification. So I suggest we can just use the raw params data to compose the signable.