This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"info": { | |
"name": "Gruyere Collection", | |
"_postman_id": "9efdd931-ac99-5996-8bcd-07c07652dcfa", | |
"description": "", | |
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" | |
}, | |
"item": [ | |
{ | |
"name": "Login Request", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"info": { | |
"name": "Alphavantage", | |
"_postman_id": "5866f354-6cbe-1abb-918c-d56c5d15810c", | |
"description": "", | |
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" | |
}, | |
"item": [ | |
{ | |
"name": "Alphavantage Collection", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"id": "e39f0a28-d5ef-461f-807b-35e9078e210b", | |
"name": "Postman Blog Post", | |
"values": [ | |
{ | |
"enabled": true, | |
"key": "username", | |
"value": "test", | |
"type": "text" | |
}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loaded plugins: fastestmirror | |
Installed Packages | |
GeoIP.x86_64 1.5.0-11.el7 installed | |
PyYAML.x86_64 3.10-11.el7 installed | |
acl.x86_64 2.2.51-12.el7 installed | |
apr.x86_64 1.4.8-3.el7_4.1 @updates | |
apr-util.x86_64 1.5.2-6.el7 @base | |
audit.x86_64 2.7.6-3.el7 installed | |
audit-libs.x86_64 2.7.6-3.el7 installed | |
audit-libs-python.x86_64 2.7.6-3.el7 installed |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This will run a collection in Newman using the environment we specify | |
newman -e path/to/environment.json run path/to/collection.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"crypto/ecdsa" | |
"crypto/elliptic" | |
"crypto/rand" | |
"io/ioutil" | |
"log" | |
"github.com/joncooperworks/signedplugin" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) | |
if err != nil { | |
log.Fatalln(err.Error()) | |
} | |
incorrectKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) | |
if err != nil { | |
log.Fatalln(err.Error()) | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"fmt" | |
) | |
// Hello just prints hello, world to demonstrate the plugin system. | |
func Hello() { | |
fmt.Println("Hello, world") | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Verify verifies that a byte slice was signed by a given public key. | |
func Verify(publicKey *ecdsa.PublicKey, signature, data []byte) (bool, error) { | |
hasher := sha3.New256() | |
_, err := hasher.Write(data) | |
if err != nil { | |
return false, err | |
} | |
pluginHash := hasher.Sum(nil) | |
r := new(big.Int).SetBytes(signature[0:32]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Open loads a plugin from disk and verifies that its SHA3-256 hash was signed by the expected public key. | |
// This implementation does not care where the public key or signature come from, allowing callers to load them from disk, a database or a website. | |
// It is vital that public keys and signatures are loaded securely, otherwise an attacker will be able to circumvent the entire scheme. | |
func Open(publicKey *ecdsa.PublicKey, signature []byte, pluginPath string) (*plugin.Plugin, error) { | |
lock := flock.NewFlock(pluginPath) | |
locked, err := lock.TryLock() | |
if err != nil { | |
return nil, err | |
} |
NewerOlder