use cryptography's sign/verify methods instead of signer/verifier

4 files changed, 13 insertions, 25 deletions

diff --git a/paramiko/dsskey.py b/paramiko/dsskey.py
index ac6875bc..ae7f9799 100644
--- a/paramiko/dsskey.py
+++ b/paramiko/dsskey.py
@@ -112,9 +112,8 @@ class DSSKey(PKey):
                 )
             )
         ).private_key(backend=default_backend())
-        signer = key.signer(hashes.SHA1())
-        signer.update(data)
-        r, s = decode_dss_signature(signer.finalize())
+        sig = key.sign(data, hashes.SHA1())
+        r, s = decode_dss_signature(sig)
 
         m = Message()
         m.add_string('ssh-dss')
@@ -152,10 +151,8 @@ class DSSKey(PKey):
                 g=self.g
             )
         ).public_key(backend=default_backend())
-        verifier = key.verifier(signature, hashes.SHA1())
-        verifier.update(data)
         try:
-            verifier.verify()
+            key.verify(signature, data, hashes.SHA1())
         except InvalidSignature:
             return False
         else:
diff --git a/paramiko/ecdsakey.py b/paramiko/ecdsakey.py
index 51f8d8ce..b13b9a3c 100644
--- a/paramiko/ecdsakey.py
+++ b/paramiko/ecdsakey.py
@@ -181,9 +181,7 @@ class ECDSAKey(PKey):
 
     def sign_ssh_data(self, data):
         ecdsa = ec.ECDSA(self.ecdsa_curve.hash_object())
-        signer = self.signing_key.signer(ecdsa)
-        signer.update(data)
-        sig = signer.finalize()
+        sig = self.signing_key.sign(data, ecdsa)
         r, s = decode_dss_signature(sig)
 
         m = Message()
@@ -198,12 +196,10 @@ class ECDSAKey(PKey):
         sigR, sigS = self._sigdecode(sig)
         signature = encode_dss_signature(sigR, sigS)
 
-        verifier = self.verifying_key.verifier(
-            signature, ec.ECDSA(self.ecdsa_curve.hash_object())
-        )
-        verifier.update(data)
         try:
-            verifier.verify()
+            self.verifying_key.verify(
+                signature, data, ec.ECDSA(self.ecdsa_curve.hash_object())
+            )
         except InvalidSignature:
             return False
         else:
diff --git a/paramiko/rsakey.py b/paramiko/rsakey.py
index 8ccf4c30..8953a626 100644
--- a/paramiko/rsakey.py
+++ b/paramiko/rsakey.py
@@ -105,12 +105,11 @@ class RSAKey(PKey):
         return isinstance(self.key, rsa.RSAPrivateKey)
 
     def sign_ssh_data(self, data):
-        signer = self.key.signer(
+        sig = self.key.sign(
+            data,
             padding=padding.PKCS1v15(),
             algorithm=hashes.SHA1(),
         )
-        signer.update(data)
-        sig = signer.finalize()
 
         m = Message()
         m.add_string('ssh-rsa')
@@ -124,14 +123,10 @@ class RSAKey(PKey):
         if isinstance(key, rsa.RSAPrivateKey):
             key = key.public_key()
 
-        verifier = key.verifier(
-            signature=msg.get_binary(),
-            padding=padding.PKCS1v15(),
-            algorithm=hashes.SHA1(),
-        )
-        verifier.update(data)
         try:
-            verifier.verify()
+            key.verify(
+                msg.get_binary(), data, padding.PKCS1v15(), hashes.SHA1()
+            )
         except InvalidSignature:
             return False
         else:
diff --git a/setup.py b/setup.py
index e2ace96d..4cf477ff 100644
--- a/setup.py
+++ b/setup.py
@@ -75,7 +75,7 @@ setup(
     ],
     install_requires=[
         'bcrypt>=3.0.0',
-        'cryptography>=1.1',
+        'cryptography>=1.5',
         'pynacl>=1.0.1',
         'pyasn1>=0.1.7',
     ],