I am building an application where we have the requirement to check the digest and signature headers sent in HTTP requests.
The digest header contains a hashed version of the request body. (info)
The signature headers contains a signed hash of the other headers in the request. (info)
Using the combination of these standards the whole request an be secured.
Are there any plugs that do one or both of the above?
I have started implementing one myself, however the digest plug needs to read the body but that can only be done once for a conn.