Update orion requirement from 0.16.0 to 0.17.0

[dependabot[bot]]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Updates the requirements on orion to permit the latest version.

Release notes

Sourced from orion's releases.

0.17.0

Changelog:

See CHANGELOG.md.

Changelog

Sourced from orion's changelog.

0.17.0

Date: November 24, 2021.

Changelog:

• [Breaking change] Keyed and non-keyed BLAKE2b have been split into two separate modules (orion::hazardous::mac::blake2b and orion::hazardous::hash::blake2::blake2b respectively). The keyed now returns a Tag instead of Digest (#208).
• [Breaking change] Tags (not only those used by BLAKE2b, but all) now implement Drop but no longer implement Copy (#208).
• [Breaking change] seal_chunk() used in streaming AEAD now take StreamTag by reference (#212) (by 24seconds).

0.16.1

Date: November 3, 2021.

Changelog:

• Add support for X25519 using fiat-crypto Curve25519 field arithmetic (new modules orion::hazardous::ecc and orion::kex) (#197).
• Implement serde Serialize and Deserialize for relevant types (#192) (by Vince Mutolo).
• Fix incorrect documentation of SHA256 streaming state (#196).
• Add is_empty() to newtypes (#206).
• Add documentation for correct use of streaming AEAD API with StreamTag::Finish (#139).
• Convert uses of assert!(a == b) to assert_eq!(a, b) where possible (#210) (by Emmanuel Leblond).
• Derive Clone + Copy for StreamTag (#211) (by 24seconds).
• Harden security of GitHub Actions CI/CD (#200) (by Vince Mutolo).
• Re-export HMAC Tags used in their corresponding HKDF API (#224).
• Fix warnings from CI jobs and bump MSRV to 1.52.0 (#222) (#223).
• Update benchmarks (#214).
• Render feature badges for API on docs.rs (#238).
• Add new Crate Features page to wiki (#215).

0.16.0

Date: March 29, 2021.

Changelog:

• [Breaking change] Moved all libraries to the https://github.com/orion-rs organization and added Vince Mutolo as a maintainer (#191).
• [Breaking change] Use Argon2i parameters from PasswordHash in pwhash::hash_password_verify() (#138) (by Vince Mutolo).
• [Breaking change] Limit high-level, variable-length newtype's input to isize::MAX (#130).
• [Breaking change] Add support for SHA256 and SHA384 (#152, #181, #162, #183).
• [Breaking change] Add support for HMAC-SHA(256/384), PBKDF2-HMAC-SHA(256/384) and HKDF-HMAC-SHA(256/384) (#171, #153, #154, #170).
• [Breaking change] Remove orion::kdf::derive_key_verify() and orion::hazardous::kdf::hkdf::verify() (#179, #184).
• [Breaking change] Convert StreamTag used in orion::hazardous::aead::streaming and orion::aead::streaming to lower-case acronyms (i.e StreamTag::MESSAGE -> StreamTag::Message) (#190).
• Use new intra-doc links (#134, #185) along with other small improvements to documentation.
• Update fuzzing targets (#182).
• Add documentation for user-awareness of potential sensitive data in out-parameters during password-hash verification (#178, #187) (contrib. by Vince Mutolo).
• Replace base64 dependency with ct-codecs to support constant-time encoding & decoding in orion::pwhash::PasswordHash (#188, #189).
• Refactor property-based tests to use the #[quickcheck] attribute, introducing quickcheck_macros as a dev-dependency (#180).
• Bump MSRV to 1.51.0.

... (truncated)

Commits

• cfa2c0c 0.17.0
• f14af89 Let seal_chunk taks reference of streamtag
• 2b00fc1 Separate interfaces for BLAKE2b in keyed and non-keyed mode (#209)
• ae33cae 0.16.1 (#247)
• 71744b8 ci: bump actions/checkout from 2.3.5 to 2.4.0 (#246)
• bd47798 README updated crate features section and link to draft wiki (#242)
• b6e368f x25519: Remove doc comment that is outdated since #221
• 0679281 Update doc-build instructions in README to also build feature-badges
• b436fba doc: doc_cfg when on docs.rs (#240)
• 723d9ef Update README MSRV
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.