x509: Replace removed register_interface with subclassing

python-cryptography 38.0 removed `register_interface` decorator:
pyca/cryptography@f70e334a52

Backward compatibility:
Cryptography haven't changed the interface of `Certificate` since it was
first used by IPA (4.6.0) till cryptography 38.0.

cryptography 38.0 (pyca/cryptography@c1b7307a3e)
added `tbs_precertificate_bytes` attribute.

Fixes: https://pagure.io/freeipa/issue/9160
Signed-off-by: Stanislav Levin <slev@altlinux.org>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>

ipalib/x509.py

@@ -41,7 +41,6 @@ import base64
 import re
 
 from cryptography import x509 as crypto_x509
-from cryptography import utils as crypto_utils
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.serialization import (
@@ -88,8 +87,7 @@ SAN_UPN = '1.3.6.1.4.1.311.20.2.3'
 SAN_KRB5PRINCIPALNAME = '1.3.6.1.5.2.2'
 
 
-@crypto_utils.register_interface(crypto_x509.Certificate)
+class IPACertificate(crypto_x509.Certificate):
-class IPACertificate:
     """
     A proxy class wrapping a python-cryptography certificate representation for
     IPA purposes
@@ -402,6 +400,11 @@ class IPACertificate:
             match_cert, DNSName(hostname).ToASCII()
         )
 
+    # added in python-cryptography 38.0
+    @property
+    def tbs_precertificate_bytes(self):
+        return self._cert.tbs_precertificate_bytes
+
 
 def load_pem_x509_certificate(data):
     """