Scheduled daily dependency update on saturday

[pyup-bot]

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

httplib2	0.9.2	»	0.10.3	PyPI | Changelog | Repo
cryptography	1.4	»	2.0.2	PyPI | Changelog | Repo

Changelogs

httplib2 0.9.2 -> 0.10.3

0.10.3

Fix certificate validation on Python<=2.7.8 without ssl.CertificateError
httplib2/httplib2#45

0.10.2

Just a reupload of 0.10.1, which was broken for Python3
because wheel distribution doesn't play well with our 2/3 split code base.
httplib2/httplib2#43

0.10.1

This is the first release by new httplib2 team. See post by Joe
https://bitworking.org/news/2016/03/an_update_on_httplib2

Remove VeriSign Class 3 CA from trusted certs
https://googleonlinesecurity.blogspot.com/2015/12/proactive-measures-in-digital.html

Add IdenTrust DST Root CA X3
httplib2/httplib2#26

Support for specifying the SSL protocol version (Python v2)
https://github.com/jcgregorio/httplib2/issues/329

On App Engine use urlfetch's default deadline if None is passed.

Fix TypeError on AppEngine “init() got an unexpected keyword argument 'ssl_version’”
httplib2/httplib2#12

Send SNI data for SSL connections on Python 2.7.9+
Verify the server hostname if certificate validation is enabled
httplib2/httplib2#13

Add proxy_headers argument to ProxyInfo constructor
httplib2/httplib2#21

Make disable_ssl_certificate_validation work with Python 3.5.
httplib2/httplib2#15

Fix socket error handling
httplib2/httplib2@eb74685
httplib2/httplib2@e7f6e62

cryptography 1.4 -> 2.0.2

2.0.1

• Fixed a compilation bug affecting OpenBSD.
• Altered the manylinux1 wheels to statically link OpenSSL instead of
  dynamically linking and bundling the shared object. This should resolve
  crashes seen when using uwsgi or other binaries that link against
  OpenSSL independently.
• Fixed the stack level for the signer and verifier warnings.

2.0

• BACKWARDS INCOMPATIBLE: Support for Python 3.3 has been dropped.
• We now ship manylinux1 wheels linked against OpenSSL 1.1.0f. These wheels
  will be automatically used with most Linux distributions if you are running
  the latest pip.
• Deprecated the use of signer on
  :class:~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey,
  :class:~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey,
  and
  :class:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey
  in favor of sign.
• Deprecated the use of verifier on
  :class:~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey,
  :class:~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey,
  and
  :class:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey
  in favor of verify.
• Added support for parsing
  :class:~cryptography.x509.certificate_transparency.SignedCertificateTimestamp
  objects from X.509 certificate extensions.
• Added support for
  :class:~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305.
• Added support for
  :class:~cryptography.hazmat.primitives.ciphers.aead.AESCCM.
• Added
  :class:~cryptography.hazmat.primitives.ciphers.aead.AESGCM, a "one shot"
  API for AES GCM encryption.
• Added support for :doc:/hazmat/primitives/asymmetric/x25519.
• Added support for serializing and deserializing Diffie-Hellman parameters
  with
  :func:~cryptography.hazmat.primitives.serialization.load_pem_parameters,
  :func:~cryptography.hazmat.primitives.serialization.load_der_parameters,
  and
  :meth:~cryptography.hazmat.primitives.asymmetric.dh.DHParameters.parameter_bytes
  .
• The extensions attribute on :class:~cryptography.x509.Certificate,
  :class:~cryptography.x509.CertificateSigningRequest,
  :class:~cryptography.x509.CertificateRevocationList, and
  :class:~cryptography.x509.RevokedCertificate now caches the computed
  Extensions object. There should be no performance change, just a
  performance improvement for programs accessing the extensions attribute
  multiple times.

1.9

• BACKWARDS INCOMPATIBLE: Elliptic Curve signature verification no longer
  returns True on success. This brings it in line with the interface's
  documentation, and our intent. The correct way to use
  :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.verify
  has always been to check whether or not
  :class:~cryptography.exceptions.InvalidSignature was raised.
• BACKWARDS INCOMPATIBLE: Dropped support for macOS 10.7 and 10.8.
• BACKWARDS INCOMPATIBLE: The minimum supported PyPy version is now 5.3.
• Python 3.3 support has been deprecated, and will be removed in the next
  cryptography release.
• Add support for providing tag during
  :class:~cryptography.hazmat.primitives.ciphers.modes.GCM finalization via
  :meth:~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag.
• Fixed an issue preventing cryptography from compiling against
  LibreSSL 2.5.x.
• Added
  :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.key_size
  and
  :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.key_size
  as convenience methods for determining the bit size of a secret scalar for
  the curve.
• Accessing an unrecognized extension marked critical on an X.509 object will
  no longer raise an UnsupportedExtension exception, instead an
  :class:~cryptography.x509.UnrecognizedExtension object will be returned.
  This behavior was based on a poor reading of the RFC, unknown critical
  extensions only need to be rejected on certificate verification.
• The CommonCrypto backend has been removed.
• MultiBackend has been removed.
• Whirlpool and RIPEMD160 have been deprecated.

1.8.2

• Fixed a compilation bug affecting OpenSSL 1.1.0f.
• Updated Windows and macOS wheels to be compiled against OpenSSL 1.1.0f.

1.8.1

• Fixed macOS wheels to properly link against 1.1.0 rather than 1.0.2.

1.8

• Added support for Python 3.6.
• Windows and macOS wheels now link against OpenSSL 1.1.0.
• macOS wheels are no longer universal. This change significantly shrinks the
  size of the wheels. Users on macOS 32-bit Python (if there are any) should
  migrate to 64-bit or build their own packages.
• Changed ASN.1 dependency from pyasn1 to asn1crypto resulting in a
  general performance increase when encoding/decoding ASN.1 structures. Also,
  the pyasn1_modules test dependency is no longer required.
• Added support for
  :meth:~cryptography.hazmat.primitives.ciphers.CipherContext.update_into on
  :class:~cryptography.hazmat.primitives.ciphers.CipherContext.
• Added
  :meth:~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKeyWithSerialization.private_bytes
  to
  :class:~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKeyWithSerialization.
• Added
  :meth:~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKey.public_bytes
  to
  :class:~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKey.
• :func:~cryptography.hazmat.primitives.serialization.load_pem_private_key
  and
  :func:~cryptography.hazmat.primitives.serialization.load_der_private_key
  now require that password must be bytes if provided. Previously this
  was documented but not enforced.
• Added support for subgroup order in :doc:/hazmat/primitives/asymmetric/dh.

1.7.2

• Updated Windows and macOS wheels to be compiled against OpenSSL 1.0.2k.

1.7.1

• Fixed a regression in int_from_bytes where it failed to accept
  bytearray.

1.7

• Support for OpenSSL 1.0.0 has been removed. Users on older version of OpenSSL
  will need to upgrade.
• Added support for Diffie-Hellman key exchange using
  :meth:~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange.
• The OS random engine for OpenSSL has been rewritten to improve compatibility
  with embedded Python and other edge cases. More information about this change
  can be found in the
  pull request <https://github.com/pyca/cryptography/pull/3229>_.

1.6

• Deprecated support for OpenSSL 1.0.0. Support will be removed in
  cryptography 1.7.
• Replaced the Python-based OpenSSL locking callbacks with a C version to fix
  a potential deadlock that could occur if a garbage collection cycle occurred
  while inside the lock.
• Added support for :class:~cryptography.hazmat.primitives.hashes.BLAKE2b and
  :class:~cryptography.hazmat.primitives.hashes.BLAKE2s when using OpenSSL
  1.1.0.
• Added
  :attr:~cryptography.x509.Certificate.signature_algorithm_oid support to
  :class:~cryptography.x509.Certificate.
• Added
  :attr:~cryptography.x509.CertificateSigningRequest.signature_algorithm_oid
  support to :class:~cryptography.x509.CertificateSigningRequest.
• Added
  :attr:~cryptography.x509.CertificateRevocationList.signature_algorithm_oid
  support to :class:~cryptography.x509.CertificateRevocationList.
• Added support for :class:~cryptography.hazmat.primitives.kdf.scrypt.Scrypt
  when using OpenSSL 1.1.0.
• Added a workaround to improve compatibility with Python application bundling
  tools like PyInstaller and cx_freeze.
• Added support for generating a
  :meth:~cryptography.x509.random_serial_number.
• Added support for encoding IPv4Network and IPv6Network in X.509
  certificates for use with :class:~cryptography.x509.NameConstraints.
• Added :meth:~cryptography.x509.Name.public_bytes to
  :class:~cryptography.x509.Name.
• Added :class:~cryptography.x509.RelativeDistinguishedName
• :class:~cryptography.x509.DistributionPoint now accepts
  :class:~cryptography.x509.RelativeDistinguishedName for
  :attr:~cryptography.x509.DistributionPoint.relative_name.
  Deprecated use of :class:~cryptography.x509.Name as
  :attr:~cryptography.x509.DistributionPoint.relative_name.
• :class:~cryptography.x509.Name now accepts an iterable of
  :class:~cryptography.x509.RelativeDistinguishedName. RDNs can
  be accessed via the :attr:~cryptography.x509.Name.rdns
  attribute. When constructed with an iterable of
  :class:~cryptography.x509.NameAttribute, each attribute becomes
  a single-valued RDN.
• Added
  :func:~cryptography.hazmat.primitives.asymmetric.ec.derive_private_key.
• Added support for signing and verifying RSA, DSA, and ECDSA signatures with
  :class:~cryptography.hazmat.primitives.asymmetric.utils.Prehashed
  digests.

1.5.3

• SECURITY ISSUE: Fixed a bug where HKDF would return an empty
  byte-string if used with a length less than algorithm.digest_size.
  Credit to Markus Döring for reporting the issue. CVE-2016-9243

1.5.2

• Updated Windows and OS X wheels to be compiled against OpenSSL 1.0.2j.

1.5.1

• Updated Windows and OS X wheels to be compiled against OpenSSL 1.0.2i.
• Resolved a UserWarning when used with cffi 1.8.3.
• Fixed a memory leak in name creation with X.509.
• Added a workaround for old versions of setuptools.
• Fixed an issue preventing cryptography from compiling against
  OpenSSL 1.0.2i.

1.5

• Added
  :func:~cryptography.hazmat.primitives.asymmetric.padding.calculate_max_pss_salt_length.
• Added "one shot"
  :meth:~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey.sign
  and
  :meth:~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey.verify
  methods to DSA keys.
• Added "one shot"
  :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign
  and
  :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.verify
  methods to ECDSA keys.
• Switched back to the older callback model on Python 3.5 in order to mitigate
  the locking callback problem with OpenSSL <1.1.0.
• :class:~cryptography.x509.CertificateBuilder,
  :class:~cryptography.x509.CertificateRevocationListBuilder, and
  :class:~cryptography.x509.RevokedCertificateBuilder now accept timezone
  aware datetime objects as method arguments
• cryptography now supports OpenSSL 1.1.0 as a compilation target.

That's it for now!

Happy merging! 🤖

[pyup-bot]

Closing this in favor of #179