Replace pyOpenSSL by cryptography

The crypto module of the pyOpenSSL library is now discouraged and
the cryptography library should be used to manage certificates and
keys[1].

[1] https://www.pyopenssl.org/en/latest/api/crypto.html

Change-Id: I004e97dfe6444d0278013901005f104461bd8d1a

barbican/plugin/util/translations.py

@@ -13,7 +13,7 @@
 
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import serialization
-from OpenSSL import crypto
+from cryptography import x509
 from oslo_serialization import base64
 
 from barbican import i18n as u  # noqa
@@ -188,12 +188,12 @@ def _convert_public_der_to_pem(der):
 
 
 def _convert_certificate_pem_to_der(pem):
-    cert = crypto.load_certificate(crypto.FILETYPE_PEM, pem)
-    der = crypto.dump_certificate(crypto.FILETYPE_ASN1, cert)
+    cert = x509.load_pem_x509_certificate(pem)
+    der = cert.public_bytes(serialization.Encoding.DER)
     return der
 
 
 def _convert_certificate_der_to_pem(der):
-    cert = crypto.load_certificate(crypto.FILETYPE_ASN1, der)
-    pem = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
+    cert = x509.load_der_x509_certificate(der)
+    pem = cert.public_bytes(serialization.Encoding.PEM)
     return pem

requirements.txt

@@ -20,7 +20,6 @@ Paste>=2.0.2 # MIT
 PasteDeploy>=1.5.0 # MIT
 pbr!=2.1.0,>=2.0.0 # Apache-2.0
 pecan!=1.0.2,!=1.0.3,!=1.0.4,!=1.2,>=1.0.0 # BSD
-pyOpenSSL>=17.1.0 # Apache-2.0
 ldap3>=1.0.2 # LGPLv3
 keystonemiddleware>=9.5.0 # Apache-2.0
 SQLAlchemy!=1.1.5,!=1.1.6,!=1.1.7,!=1.1.8,>=1.0.10 # MIT