def test_revoked_cert_is_revoked(self): hostname = "revoked.stripe.com" cert = ssl.get_server_certificate((hostname, 444)) der_cert = ssl.PEM_cert_to_DER_cert(cert) self.assertRaises(APIError, lambda: certificate_blacklist.verify( hostname, der_cert))
def _check_ssl_cert(self): from stripe import verify_ssl_certs if verify_ssl_certs and not self._CERTIFICATE_VERIFIED: uri = urlparse.urlparse(stripe.api_base) try: certificate = ssl.get_server_certificate( (uri.hostname, uri.port or 443)) der_cert = ssl.PEM_cert_to_DER_cert(certificate) except socket.error, e: raise error.APIConnectionError(e) self._CERTIFICATE_VERIFIED = certificate_blacklist.verify( uri.hostname, der_cert)
def _check_ssl_cert(self): """Preflight the SSL certificate presented by the backend. This isn't 100% bulletproof, in that we're not actually validating the transport used to communicate with Stripe, merely that the first attempt to does not use a revoked certificate. Unfortunately the interface to OpenSSL doesn't make it easy to check the certificate before sending potentially sensitive data on the wire. This approach raises the bar for an attacker significantly.""" from stripe import verify_ssl_certs if verify_ssl_certs and not self._CERTIFICATE_VERIFIED: uri = urllib.parse.urlparse(stripe.api_base) try: certificate = ssl.get_server_certificate( (uri.hostname, uri.port or 443)) der_cert = ssl.PEM_cert_to_DER_cert(certificate) except socket.error as e: raise error.APIConnectionError(e) except TypeError: # The Google App Engine development server blocks the C socket # module which causes a type error when using the SSL library if ('APPENGINE_RUNTIME' in os.environ and 'Dev' in os.environ.get('SERVER_SOFTWARE', '')): self._CERTIFICATE_VERIFIED = True warnings.warn( 'We were unable to verify Stripe\'s SSL certificate ' 'due to a bug in the Google App Engine development ' 'server. Please alert us immediately at ' '[email protected] if this message appears in your ' 'production logs.') return else: raise self._CERTIFICATE_VERIFIED = certificate_blacklist.verify( uri.hostname, der_cert)
def _check_ssl_cert(self): """Preflight the SSL certificate presented by the backend. This isn't 100% bulletproof, in that we're not actually validating the transport used to communicate with Stripe, merely that the first attempt to does not use a revoked certificate. Unfortunately the interface to OpenSSL doesn't make it easy to check the certificate before sending potentially sensitive data on the wire. This approach raises the bar for an attacker significantly.""" from stripe import verify_ssl_certs if verify_ssl_certs and not self._CERTIFICATE_VERIFIED: uri = urllib.parse.urlparse(stripe.api_base) try: certificate = ssl.get_server_certificate( (uri.hostname, uri.port or 443)) der_cert = ssl.PEM_cert_to_DER_cert(certificate) except socket.error as e: raise error.APIConnectionError(e) except TypeError: # The Google App Engine development server blocks the C socket # module which causes a type error when using the SSL library if util.is_appengine_dev(): self._CERTIFICATE_VERIFIED = True warnings.warn( 'We were unable to verify Stripe\'s SSL certificate ' 'due to a bug in the Google App Engine development ' 'server. Please alert us immediately at ' '[email protected] if this message appears in your ' 'production logs.') return else: raise self._CERTIFICATE_VERIFIED = certificate_blacklist.verify( uri.hostname, der_cert)
def _check_ssl_cert(self): """Preflight the SSL certificate presented by the backend. This isn't 100% bulletproof, in that we're not actually validating the transport used to communicate with Stripe, merely that the first attempt to does not use a revoked certificate. Unfortunately the interface to OpenSSL doesn't make it easy to check the certificate before sending potentially sensitive data on the wire. This approach raises the bar for an attacker significantly.""" from stripe import verify_ssl_certs if verify_ssl_certs and not self._CERTIFICATE_VERIFIED: uri = urlparse.urlparse(stripe.api_base) try: certificate = ssl.get_server_certificate( (uri.hostname, uri.port or 443)) der_cert = ssl.PEM_cert_to_DER_cert(certificate) except socket.error, e: raise error.APIConnectionError(e) self._CERTIFICATE_VERIFIED = certificate_blacklist.verify( uri.hostname, der_cert)
except TypeError: # The Google App Engine development server blocks the C socket # module which causes a type error when using the SSL library if util.is_appengine_dev(): self._CERTIFICATE_VERIFIED = True warnings.warn( 'We were unable to verify Stripe\'s SSL certificate ' 'due to a bug in the Google App Engine development ' 'server. Please alert us immediately at ' '[email protected] if this message appears in your ' 'production logs.') return else: raise self._CERTIFICATE_VERIFIED = certificate_blacklist.verify( uri.hostname, der_cert) # Deprecated request handling. Will all be removed in 2.0 def _deprecated_request(self, impl, method, url, headers, params): warnings.warn( 'The *_request functions of APIRequestor are deprecated and ' 'will be removed in version 2.0. Please use the client classes ' ' in `stripe.http_client` instead', DeprecationWarning, stacklevel=2) method = method.lower() if method == 'get' or method == 'delete': if params: url = self.build_url(url, params) post_data = None
# The Google App Engine development server blocks the C socket # module which causes a type error when using the SSL library if ('APPENGINE_RUNTIME' in os.environ and 'Dev' in os.environ.get('SERVER_SOFTWARE', '')): self._CERTIFICATE_VERIFIED = True warnings.warn( 'We were unable to verify Stripe\'s SSL certificate ' 'due to a bug in the Google App Engine development ' 'server. Please alert us immediately at ' '[email protected] if this message appears in your ' 'production logs.') return else: raise self._CERTIFICATE_VERIFIED = certificate_blacklist.verify( uri.hostname, der_cert) # Deprecated request handling. Will all be removed in 2.0 def _deprecated_request(self, impl, method, url, headers, params): warnings.warn( 'The *_request functions of APIRequestor are deprecated and ' 'will be removed in version 2.0. Please use the client classes ' ' in `stripe.http_client` instead', DeprecationWarning, stacklevel=2) method = method.lower() if method == 'get' or method == 'delete': if params: url = self.build_url(url, params)
def test_live_cert_is_not_revoked(self): hostname = "api.stripe.com" cert = ssl.get_server_certificate((hostname, 443)) der_cert = ssl.PEM_cert_to_DER_cert(cert) self.assertTrue(certificate_blacklist.verify(hostname, der_cert))