Update cryptography dependency to v3.1.1

[MichaIng]

Breaking change

None

Proposed change

A newer cryptography module is required for Ed25519 support, e.g. to allow Apple TV authentication.

• Changelog
• Commits

Type of change

• Dependency upgrade
• Bugfix (non-breaking change which fixes an issue)
• New integration (thank you!)
• New feature (which adds functionality to an existing integration)
• Breaking change (fix/feature causing existing functionality to break)
• Code quality improvements to existing code or addition of tests

Example entry for configuration.yaml:

# Example configuration.yaml

Additional information

I was not able to test every HA integration with it but playing a bid around did not reveal any issue + I could not find a hint why 2.9.2 was a limit before, so probably it was just the latest version on last dependency update.

• This PR fixes or closes issue: fixes Problem with Openssl postlund/pyatv#831
• This PR is related to issue: Problem with Openssl postlund/pyatv#831
• Link to documentation pull request:

Checklist

• The code change is tested and works locally.
• Local tests pass. Your PR cannot be merged unless tests pass
• There is no commented out code in this PR.
• I have followed the development checklist
• The code has been formatted using Black (black --fast homeassistant tests)
• Tests have been added to verify that the new code works.

If user exposed functionality or configuration variables are added/changed:

• Documentation added/updated for www.home-assistant.io

If the code communicates with devices, web services, or third-party tools:

• The manifest file has all fields filled out correctly.
  Updated and included derived files by running: python3 -m script.hassfest.
• New or updated dependencies have been added to requirements_all.txt.
  Updated by running python3 -m script.gen_requirements_all.
• Untested files have been added to .coveragerc.

The integration reached or maintains the following Integration Quality Scale:

• No score or internal
• 🥈 Silver
• 🥇 Gold
• 🏆 Platinum

To help with the load of incoming pull requests:

• I have reviewed two other open pull requests in this repository.

[homeassistant]

Hi @MichaIng,

It seems you haven't yet signed a CLA. Please do so here.

Once you do that we will be able to review and accept this pull request.

Thanks!

[MichaIng]

I ran:

pip3 install -r requirements_all.txt
pip3 check

and got:

temperusb 1.5.3 has requirement pyusb>=1.0.0rc1, but you have pyusb 1.0.0b1.
skybellpy 0.6.1 has requirement colorlog==3.0.1, but you have colorlog 4.2.1.
simplisafe-python 9.3.0 has requirement voluptuous<0.12.0,>=0.11.7, but you have voluptuous 0.12.0. # !! caused by #40401
samsungtvws 1.4.0 has requirement websocket-client==0.56.0, but you have websocket-client 0.54.0.
saltbox 0.1.3 has requirement beautifulsoup4==4.8.2, but you have beautifulsoup4 4.9.1.
saltbox 0.1.3 has requirement certifi==2019.11.28, but you have certifi 2020.6.20.
saltbox 0.1.3 has requirement idna==2.8, but you have idna 2.10.
saltbox 0.1.3 has requirement requests==2.22.0, but you have requests 2.24.0.
saltbox 0.1.3 has requirement soupsieve==1.9.5, but you have soupsieve 2.0.1.
saltbox 0.1.3 has requirement urllib3==1.25.7, but you have urllib3 1.25.10.
ring-doorbell 0.6.0 has requirement requests==2.22.0, but you have requests 2.24.0.
python-synology 0.9.0 has requirement urllib3<1.25,>=1.24.3, but you have urllib3 1.25.10.
python-miio 0.5.3 has requirement construct<3.0.0,>=2.10.56, but you have construct 2.9.45.
python-miio 0.5.3 has requirement cryptography<3.0,>=2.9, but you have cryptography 3.1.1. # !! caused by this PR
python-miio 0.5.3 has requirement pytz<2020.0,>=2019.3, but you have pytz 2020.1.
python-miio 0.5.3 has requirement zeroconf<0.26.0,>=0.25.1, but you have zeroconf 0.28.5.
python-awair 0.1.1 has requirement voluptuous<0.12.0,>=0.11.7, but you have voluptuous 0.12.0. # !! caused by #40401
pysmarty 0.8 has requirement pymodbus==1.5.2, but you have pymodbus 2.3.0.
pysmappee 0.2.13 has requirement cachetools>=4.0.0, but you have cachetools 2.0.1.
pyrebase4 4.4.0 has requirement oauth2client==4.1.2, but you have oauth2client 4.0.0.
pyicloud 0.9.7 has requirement click<=7.1.1,>=6.0, but you have click 7.1.2.
pyicloud 0.9.7 has requirement keyring<=9.3.1,>=8.0, but you have keyring 21.2.0.
pyicloud 0.9.7 has requirement keyrings.alt<=3.2.0,>=1.0, but you have keyrings-alt 3.4.0.
pyicloud 0.9.7 has requirement tzlocal==2.0.0, but you have tzlocal 2.1.
pyftdi 0.51.2 has requirement pyusb>=1.0.0, but you have pyusb 1.0.0b1.
pyessent 0.13 has requirement requests==2.22.0, but you have requests 2.24.0.
pycognito 0.1.4 has requirement boto3>=1.10.49, but you have boto3 1.9.252.
mycroftapi 2.0 has requirement websocket-client==0.44.0, but you have websocket-client 0.54.0.
mitemp-bt 0.0.3 has requirement btlewrap==0.0.8, but you have btlewrap 0.0.10.
locationsharinglib 4.1.0 has requirement pytz~=2019.2, but you have pytz 2020.1.
locationsharinglib 4.1.0 has requirement requests~=2.21.0, but you have requests 2.24.0.
ibm-watson 4.0.1 has requirement websocket-client==0.48.0, but you have websocket-client 0.54.0.
http3 0.6.7 has requirement h11==0.8.*, but you have h11 0.9.0.
http3 0.6.7 has requirement h2==3.*, but you have h2 2.6.2.
homematicip 0.11.0 has requirement websocket-client>=0.57.0, but you have websocket-client 0.54.0.
homeassistant 0.115.2 has requirement cryptography==2.9.2, but you have cryptography 3.1.1. # expected, solved with this PR
homeassistant 0.115.2 has requirement voluptuous==0.11.7, but you have voluptuous 0.12.0. # expected, solved with #40401
hangups 0.4.11 has requirement protobuf<3.12,>=3.1.0, but you have protobuf 3.13.0.
eebrightbox 0.0.4 has requirement certifi==2018.11.29, but you have certifi 2020.6.20.
eebrightbox 0.0.4 has requirement idna==2.8, but you have idna 2.10.
eebrightbox 0.0.4 has requirement requests==2.21.0, but you have requests 2.24.0.
eebrightbox 0.0.4 has requirement urllib3==1.24.1, but you have urllib3 1.25.10.
botocore 1.13.14 has requirement python-dateutil<2.8.1,>=2.1; python_version >= "2.7", but you have python-dateutil 2.8.1.
boto3 1.9.252 has requirement botocore<1.13.0,>=1.12.252, but you have botocore 1.13.14.
avri-api 0.1.7 has requirement requests==2.22.0, but you have requests 2.24.0.
alarmdecoder 1.13.2 has requirement pyserial==2.7, but you have pyserial 3.4.
airly 0.0.2 has requirement aiohttp==3.5.4, but you have aiohttp 3.6.2.
aiohomekit 0.2.53 has requirement cryptography<3.0.0,>=2.9.2, but you have cryptography 3.1.1. # !! caused by this PR
aioguardian 1.0.1 has requirement voluptuous<0.12.0,>=0.11.7, but you have voluptuous 0.12.0. # !! caused by #40401
abodepy 1.1.0 has requirement colorlog==3.0.1, but you have colorlog 4.2.1.

• As you can see in two cases dependencies require cryptography<3.0 and would hence require an update as well.
• There are three cases caused by the similar PR Update voluptuous to 0.12.0 #40401 that was already merged, so you might want to have a look into this.

Shall I try to resolve those two conflicts caused by this PR by updating the two affected dependencies as well, or how do you handle such?

EDIT:

• In terms of the other PR, voluptuous has been updated just two days ago and the three incompatible modules have not yet adopted, time will solve.
• aiohimekit will support the new cryptography module with next release: Jc2k/aiohomekit@f29f54b
• python-miio still lacks cryptography v3 support: https://github.com/rytilahti/python-miio/blob/master/pyproject.toml#L26

[springstan]

@MichaIng please add a link to the change logs or differences to the PR description :)

[MichaIng]

• Changelog
• Commits

Added to initial post as well.

[springstan]

@Jc2k could you release a new version of aiohomekit to support the new cryptography version?

@rytilahti could you add support for the new version of cryptography to python-miio?

[Jc2k]

Thanks for the ping, I'll push a release this morning.

[rytilahti]

Thanks for the ping from my side, too. I'll try to find some time this week to bump the dependency.

[springstan]

Closing this PR as the cryptography dependency has already been updated.

[nick2525]

Still doesn't work on OpenSSL 1.1.1, cryptography-3.3.1 ed25519 is not supported by this version of OpenSSL

[frenck]

@nick2525 This is a closed and handled PR from October. If you have an issue, please open up an issue instead of commenting on handled PRs. They are not trackable, issues are. Thanks 👍