From 24eb609945a0f2cdcd31831e7ddf25ad939e591a Mon Sep 17 00:00:00 2001
From: Larry Osterman <LarryOsterman@users.noreply.github.com>
Date: Mon, 10 May 2021 13:25:58 -0700
Subject: [PATCH] Try using `default_backend` (#18611)

---
 sdk/attestation/azure-security-attestation/README.md       | 2 +-
 .../azure/security/attestation/_models.py                  | 5 +++--
 .../azure-security-attestation/tests/test_attestation.py   | 7 ++++---
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/sdk/attestation/azure-security-attestation/README.md b/sdk/attestation/azure-security-attestation/README.md
index 9f64a7ea14695..8d1e83c7aa77f 100644
--- a/sdk/attestation/azure-security-attestation/README.md
+++ b/sdk/attestation/azure-security-attestation/README.md
@@ -297,7 +297,7 @@ Use `GetSigningCertificatesAsync` to retrieve the certificates which can be used
 ```python
     signers = attest_client.get_signing_certificates()
     for signer in signers:
-        cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=None)
+        cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=default_backend())
         print('Cert  iss:', cert.issuer, '; subject:', cert.subject)
 ```
 
diff --git a/sdk/attestation/azure-security-attestation/azure/security/attestation/_models.py b/sdk/attestation/azure-security-attestation/azure/security/attestation/_models.py
index 19721aee97166..2461490587367 100644
--- a/sdk/attestation/azure-security-attestation/azure/security/attestation/_models.py
+++ b/sdk/attestation/azure-security-attestation/azure/security/attestation/_models.py
@@ -13,6 +13,7 @@
 from ._common import Base64Url
 from ._generated.models import PolicyResult, AttestationResult, StoredAttestationPolicy, JSONWebKey, CertificateModification, AttestationType
 from typing import Any, Callable, List, Type, TypeVar, Generic, Union
+from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey
 from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
 from cryptography.x509 import Certificate, load_der_x509_certificate
@@ -132,7 +133,7 @@ class AttestationSigningKey(object):
     def __init__(self, signing_key_der, certificate_der):
     # type: (bytes, bytes) -> None
         signing_key = serialization.load_der_private_key(signing_key_der, password=None)
-        certificate = load_der_x509_certificate(certificate_der, backend=None)
+        certificate = load_der_x509_certificate(certificate_der, backend=default_backend())
 
         self._signing_key = signing_key
         self._certificate = certificate
@@ -426,7 +427,7 @@ def _validate_signature(self, candidate_certificates):
         signed_data = Base64Url.encode(
             self.header_bytes)+'.'+Base64Url.encode(self.body_bytes)
         for signer in candidate_certificates:
-            cert = load_der_x509_certificate(signer.certificates[0], backend=None)
+            cert = load_der_x509_certificate(signer.certificates[0], backend=default_backend())
             signer_key = cert.public_key()
             # Try to verify the signature with this candidate.
             # If it doesn't work, try the next signer.
diff --git a/sdk/attestation/azure-security-attestation/tests/test_attestation.py b/sdk/attestation/azure-security-attestation/tests/test_attestation.py
index 34de55196254a..2b548340e9b1a 100644
--- a/sdk/attestation/azure-security-attestation/tests/test_attestation.py
+++ b/sdk/attestation/azure-security-attestation/tests/test_attestation.py
@@ -19,6 +19,7 @@
 from logging import fatal
 from typing import Any, ByteString
 import unittest
+from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import hashes
 from devtools_testutils import AzureTestCase, PowerShellPreparer
 import functools
@@ -182,7 +183,7 @@ def test_shared_getsigningcertificates(self, attestation_location_short_name):
         attest_client = self.shared_client(attestation_location_short_name)
         signers = attest_client.get_signing_certificates()
         for signer in signers:
-            x5c = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=None)
+            x5c = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=default_backend())
 
     @AttestationPreparer()
     def test_aad_getsigningcertificates(self, attestation_aad_url):
@@ -190,7 +191,7 @@ def test_aad_getsigningcertificates(self, attestation_aad_url):
         attest_client = self.create_client(attestation_aad_url)
         signers = attest_client.get_signing_certificates()
         for signer in signers:
-            cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=None)
+            cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=default_backend())
 
     @AttestationPreparer()
     def test_isolated_getsigningcertificates(self, attestation_isolated_url):
@@ -198,7 +199,7 @@ def test_isolated_getsigningcertificates(self, attestation_isolated_url):
         attest_client = self.create_client(attestation_isolated_url)
         signers = attest_client.get_signing_certificates()
         for signer in signers:
-            cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=None)
+            cert = cryptography.x509.load_der_x509_certificate(signer.certificates[0], backend=default_backend())
 
     def _test_attest_open_enclave(self, client_uri):
         #type: (str) -> None