Bump cryptography from 2.3 to 2.8

[dependabot[bot]]

Bumps cryptography from 2.3 to 2.8.

Changelog

*Sourced from [cryptography's changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst).* > 2.8 - 2019-10-16 > ~~~~~~~~~~~~~~~~ > > * Updated Windows, macOS, and ``manylinux`` wheels to be compiled with > OpenSSL 1.1.1d. > * Added support for Python 3.8. > * Added class methods > :meth:`Poly1305.generate_tag > ` > and > :meth:`Poly1305.verify_tag > ` > for Poly1305 sign and verify operations. > * Deprecated support for OpenSSL 1.0.1. Support will be removed in > ``cryptography`` 2.9. > * We now ship ``manylinux2010`` wheels in addition to our ``manylinux1`` > wheels. > * Added support for ``ed25519`` and ``ed448`` keys in the > :class:`~cryptography.x509.CertificateBuilder`, > :class:`~cryptography.x509.CertificateSigningRequestBuilder`, > :class:`~cryptography.x509.CertificateRevocationListBuilder` and > :class:`~cryptography.x509.ocsp.OCSPResponseBuilder`. > * ``cryptography`` no longer depends on ``asn1crypto``. > * :class:`~cryptography.x509.FreshestCRL` is now allowed as a > :class:`~cryptography.x509.CertificateRevocationList` extension. > > .. _v2-7: > > 2.7 - 2019-05-30 > ~~~~~~~~~~~~~~~~ > > * **BACKWARDS INCOMPATIBLE:** We no longer distribute 32-bit ``manylinux1`` > wheels. Continuing to produce them was a maintenance burden. > * **BACKWARDS INCOMPATIBLE:** Removed the > ``cryptography.hazmat.primitives.mac.MACContext`` interface. The ``CMAC`` and > ``HMAC`` APIs have not changed, but they are no longer registered as > ``MACContext`` instances. > * Updated Windows, macOS, and ``manylinux1`` wheels to be compiled with > OpenSSL 1.1.1c. > * Removed support for running our tests with ``setup.py test``. Users > interested in running our tests can continue to follow the directions in our > :doc:`development documentation`. > * Add support for :class:`~cryptography.hazmat.primitives.poly1305.Poly1305` > when using OpenSSL 1.1.1 or newer. > * Support serialization with ``Encoding.OpenSSH`` and ``PublicFormat.OpenSSH`` > in > :meth:`Ed25519PublicKey.public_bytes > ` > . > * Correctly allow passing a ``SubjectKeyIdentifier`` to > ... (truncated)

Commits

- [`25494f9`](https://github.com/pyca/cryptography/commit/25494f96d57b8995ee2fde099146b1192582ee1b) Bump versions for 2.8 release ([#5014](https://github-redirect.dependabot.com/pyca/cryptography/issues/5014)) - [`d220d7b`](https://github.com/pyca/cryptography/commit/d220d7ba56e1559b2b2fb7ff7dabf62202466eb7) Don’t downgrade pip on windows wheel building ([#5015](https://github-redirect.dependabot.com/pyca/cryptography/issues/5015)) - [`dc7f138`](https://github.com/pyca/cryptography/commit/dc7f138ea6ac12e5ab7275f1284665a529175cbf) Comply with PEP 508 by using platform_python_implementation ([#5006](https://github-redirect.dependabot.com/pyca/cryptography/issues/5006)) - [`16d3ae1`](https://github.com/pyca/cryptography/commit/16d3ae1b8e96b4c112c0f17911b5d14f0ed20385) UniversalString needs to be encoded as UCS-4 ([#5000](https://github-redirect.dependabot.com/pyca/cryptography/issues/5000)) - [`ae13fec`](https://github.com/pyca/cryptography/commit/ae13fec7fcf795afc198a14daaaf6e33b0513647) Fixes [#5010](https://github-redirect.dependabot.com/pyca/cryptography/issues/5010) -- test and build 3.8 wheels ([#5013](https://github-redirect.dependabot.com/pyca/cryptography/issues/5013)) - [`9c759d0`](https://github.com/pyca/cryptography/commit/9c759d08870d972f1d84e8543130bfb26be4e442) update openssls ([#4995](https://github-redirect.dependabot.com/pyca/cryptography/issues/4995)) - [`e575e3d`](https://github.com/pyca/cryptography/commit/e575e3d482f976c4a1f3203d63ea0f5007a49a2a) update our test to be more robust wrt some changes from upstream ([#4993](https://github-redirect.dependabot.com/pyca/cryptography/issues/4993)) - [`7b2b3a6`](https://github.com/pyca/cryptography/commit/7b2b3a65800b7c004399da5b3b6f431aa30946cc) Simplify implementing sequence methods ([#4987](https://github-redirect.dependabot.com/pyca/cryptography/issues/4987)) - [`3bf44b7`](https://github.com/pyca/cryptography/commit/3bf44b7c847cc5983834355af84b19e96c535652) update libressl and pypy2.7 and pypy3.5 ([#4989](https://github-redirect.dependabot.com/pyca/cryptography/issues/4989)) - [`97570e6`](https://github.com/pyca/cryptography/commit/97570e64456a98d6b34258fac4857126c24c5235) we're done here ([#4991](https://github-redirect.dependabot.com/pyca/cryptography/issues/4991)) - Additional commits viewable in [compare view](https://github.com/pyca/cryptography/compare/2.3...2.8)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/loris-imageserver/loris/network/alerts).

[dependabot[bot]]

Superseded by #515.