Try using default_backend (Azure#18611)

sdk/attestation/azure-security-attestation/README.md

@@ -297,7 +297,7 @@ Use `GetSigningCertificatesAsync` to retrieve the certificates which can be used
 ```python
     signers = attest_client.get_signing_certificates()
     for signer in signers:
-        cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=None)
+        cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=default_backend())
         print('Cert  iss:', cert.issuer, '; subject:', cert.subject)
 ```
 

sdk/attestation/azure-security-attestation/azure/security/attestation/_models.py

@@ -13,6 +13,7 @@
 from ._common import Base64Url
 from ._generated.models import PolicyResult, AttestationResult, StoredAttestationPolicy, JSONWebKey, CertificateModification, AttestationType
 from typing import Any, Callable, List, Type, TypeVar, Generic, Union
+from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey
 from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
 from cryptography.x509 import Certificate, load_der_x509_certificate
@@ -132,7 +133,7 @@ class AttestationSigningKey(object):
     def __init__(self, signing_key_der, certificate_der):
     # type: (bytes, bytes) -> None
         signing_key = serialization.load_der_private_key(signing_key_der, password=None)
-        certificate = load_der_x509_certificate(certificate_der, backend=None)
+        certificate = load_der_x509_certificate(certificate_der, backend=default_backend())
 
         self._signing_key = signing_key
         self._certificate = certificate
@@ -426,7 +427,7 @@ def _validate_signature(self, candidate_certificates):
         signed_data = Base64Url.encode(
             self.header_bytes)+'.'+Base64Url.encode(self.body_bytes)
         for signer in candidate_certificates:
-            cert = load_der_x509_certificate(signer.certificates[0], backend=None)
+            cert = load_der_x509_certificate(signer.certificates[0], backend=default_backend())
             signer_key = cert.public_key()
             # Try to verify the signature with this candidate.
             # If it doesn't work, try the next signer.

sdk/attestation/azure-security-attestation/tests/test_attestation.py

@@ -19,6 +19,7 @@
 from logging import fatal
 from typing import Any, ByteString
 import unittest
+from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import hashes
 from devtools_testutils import AzureTestCase, PowerShellPreparer
 import functools
@@ -182,23 +183,23 @@ def test_shared_getsigningcertificates(self, attestation_location_short_name):
         attest_client = self.shared_client(attestation_location_short_name)
         signers = attest_client.get_signing_certificates()
         for signer in signers:
-            x5c = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=None)
+            x5c = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=default_backend())
 
     @AttestationPreparer()
     def test_aad_getsigningcertificates(self, attestation_aad_url):
         #type: (str) -> None
         attest_client = self.create_client(attestation_aad_url)
         signers = attest_client.get_signing_certificates()
         for signer in signers:
-            cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=None)
+            cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=default_backend())
 
     @AttestationPreparer()
     def test_isolated_getsigningcertificates(self, attestation_isolated_url):
         #type: (str) -> None
         attest_client = self.create_client(attestation_isolated_url)
         signers = attest_client.get_signing_certificates()
         for signer in signers:
-            cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=None)
+            cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=default_backend())
 
     def _test_attest_open_enclave(self, client_uri):
         #type: (str) -> None