Bump cryptography from 3.4.6 to 35.0.0

[dependabot]

Bumps cryptography from 3.4.6 to 35.0.0.

Changelog

Sourced from cryptography's changelog.

35.0.0 - 2021-09-29

* Changed the :ref:`version scheme <api-stability:versioning>`. This will
  result in us incrementing the major version more frequently, but does not
  change our existing backwards compatibility policy.
* **BACKWARDS INCOMPATIBLE:** The X.509 certificate parser no longer allows
  negative serial numbers. :rfc:`5280` has always prohibited these.
* **BACKWARDS INCOMPATIBLE:** Invalid ASN.1 found during :doc:`/x509/index`
  parsing will raise an error on initial parse rather than when the invalid
  field is accessed.
* Rust is now required for building ``cryptography``, the
  ``CRYPTOGRAPHY_DONT_BUILD_RUST`` environment variable is no longer
  respected.
* Parsers for :doc:`/x509/index` no longer use OpenSSL and have been
  rewritten in Rust. This should be backwards compatible (modulo the items
  listed above) and improve both security and performance.
* Added support for OpenSSL 3.0.0 as a compilation target.
* Added support for
  :class:`~cryptography.hazmat.primitives.hashes.SM3` and
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SM4`,
  when using OpenSSL 1.1.1. These algorithms are provided for compatibility
  in regions where they may be required, and are not generally recommended.
* We now ship ``manylinux_2_24`` and ``musllinux_1_1`` wheels, in addition to
  our ``manylinux2010`` and ``manylinux2014`` wheels. Users on distributions
  like Alpine Linux should ensure they upgrade to the latest ``pip`` to
  correctly receive wheels.
* Added ``rfc4514_attribute_name`` attribute to :attr:`x509.NameAttribute
  <cryptography.x509.NameAttribute.rfc4514_attribute_name>`.
* Added :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC`.
.. _v3-4-8:
3.4.8 - 2021-08-24

* Updated Windows, macOS, and ``manylinux`` wheels to be compiled with
  OpenSSL 1.1.1l.
.. _v3-4-7:
3.4.7 - 2021-03-25



Updated Windows, macOS, and manylinux wheels to be compiled with
OpenSSL 1.1.1k.

.. _v3-4-6:

Commits

• c7fbef7 bump for 35.0 release (#6333)
• 82d3f2b update release.py (#6332)
• 00c54b5 docs: shift image to latest 20.04 (#6331)
• cb73c72 Bump smallvec from 1.6.1 to 1.7.0 in /src/rust (#6329)
• 90a564e build our wheels from tag so we can upload sdist last (#6328)
• cf9e576 fix changelog to remove inaccurate statement (#6327)
• 329a795 Improve changelog for cryptography.x509 changes (#6326)
• 0f2c416 add CRL pyopenssl fallback (#6325)
• 57e5176 remove unneeded bindings (#6324)
• baa6ff1 Bump dessant/lock-threads from 2.1.2 to 3 (#6323)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)