From ce8eb052675df867f6124ebcb9bd7c1e900a6217 Mon Sep 17 00:00:00 2001
From: Brianna Poulos <Brianna.Poulos@jhuapl.edu>
Date: Fri, 23 Feb 2018 16:49:26 -0500
Subject: [PATCH] Address verifier DeprecationWarning

The use of signer and verifier in cryptography has been
deprecated, and causes the following warning:

barbican_tempest_plugin/tests/scenario/barbican_manager.py:139:
DeprecationWarning: signer and verifier have been deprecated.
Please use sign and verify instead.

This patch replaces signer with sign.

Change-Id: Ia6358e2c4e84faa9d692a13b9b3aa1504407301b
---
 .../tests/scenario/barbican_manager.py        | 21 +++++++++++--------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/barbican_tempest_plugin/tests/scenario/barbican_manager.py b/barbican_tempest_plugin/tests/scenario/barbican_manager.py
index a98d2cc..2cf7a7f 100644
--- a/barbican_tempest_plugin/tests/scenario/barbican_manager.py
+++ b/barbican_tempest_plugin/tests/scenario/barbican_manager.py
@@ -21,6 +21,7 @@ import os
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.asymmetric import padding
 from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives.asymmetric import utils
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives import serialization
 from cryptography import x509
@@ -131,20 +132,22 @@ class BarbicanScenarioTest(mgr.ScenarioTest):
 
     def _sign_image(self, image_file):
         LOG.debug("Creating signature for image data")
-        signer = self.private_key.signer(
-            padding.PSS(
-                mgf=padding.MGF1(hashes.SHA256()),
-                salt_length=padding.PSS.MAX_LENGTH
-            ),
-            hashes.SHA256()
-        )
+        hasher = hashes.Hash(hashes.SHA256(), default_backend())
         chunk_bytes = 8192
         with open(image_file, 'rb') as f:
             chunk = f.read(chunk_bytes)
             while len(chunk) > 0:
-                signer.update(chunk)
+                hasher.update(chunk)
                 chunk = f.read(chunk_bytes)
-        signature = signer.finalize()
+        digest = hasher.finalize()
+        signature = self.private_key.sign(
+            digest,
+            padding.PSS(
+                mgf=padding.MGF1(hashes.SHA256()),
+                salt_length=padding.PSS.MAX_LENGTH
+            ),
+            utils.Prehashed(hashes.SHA256())
+        )
         signature_b64 = base64.b64encode(signature)
         return signature_b64