Bump cryptography from 2.9.2 to 3.0 in /backend

[dependabot]

Bumps cryptography from 2.9.2 to 3.0.

Changelog

Sourced from cryptography's changelog.

3.0 - 2020-07-20

* **BACKWARDS INCOMPATIBLE:** Removed support for passing an
  :class:`~cryptography.x509.Extension` instance to
  :meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`,
  as per our deprecation policy.
* **BACKWARDS INCOMPATIBLE:** Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has
  been removed (2.9.1+ is still supported).
* **BACKWARDS INCOMPATIBLE:** Dropped support for macOS 10.9, macOS users must
  upgrade to 10.10 or newer.
* **BACKWARDS INCOMPATIBLE:** RSA
  :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key`
  no longer accepts ``public_exponent`` values except 65537 and 3 (the latter
  for legacy purposes).
* **BACKWARDS INCOMPATIBLE:** X.509 certificate parsing now enforces that the
  ``version`` field contains a valid value, rather than deferring this check
  until :attr:`~cryptography.x509.Certificate.version` is accessed.
* Deprecated support for Python 2. At the time there is no time table for
  actually dropping support, however we strongly encourage all users to upgrade
  their Python, as Python 2 no longer receives support from the Python core
  team.
If you have trouble suppressing this warning in tests view the :ref:FAQ entry addressing this issue <faq-howto-handle-deprecation-warning>.

Added support for OpenSSH serialization format for
ec, ed25519, rsa and dsa private keys:
:func:~cryptography.hazmat.primitives.serialization.load_ssh_private_key
for loading and
:attr:~cryptography.hazmat.primitives.serialization.PrivateFormat.OpenSSH
for writing.
Added support for OpenSSH certificates to
:func:~cryptography.hazmat.primitives.serialization.load_ssh_public_key.
Added :meth:~cryptography.fernet.Fernet.encrypt_at_time and
:meth:~cryptography.fernet.Fernet.decrypt_at_time to
:class:~cryptography.fernet.Fernet.
Added support for the :class:~cryptography.x509.SubjectInformationAccess
X.509 extension.
Added support for parsing
:class:~cryptography.x509.SignedCertificateTimestamps in OCSP responses.
Added support for parsing attributes in certificate signing requests via
:meth:~cryptography.x509.CertificateSigningRequest.get_attribute_for_oid.
Added support for encoding attributes in certificate signing requests via
:meth:~cryptography.x509.CertificateSigningRequestBuilder.add_attribute.
On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL's
built-in CSPRNG instead of its own OS random engine because these versions of
OpenSSL properly reseed on fork.
Added initial support for creating PKCS12 files with
:func:~cryptography.hazmat.primitives.serialization.pkcs12.serialize_key_and_certificates.
</tr></table> ... (truncated)

Commits

• b0d9bdc prep 3.0 for release (#5327)
• 6bd3faa Tell people to use black in our dev docs (#5328)
• 60aa044 Paint it Black by the Rolling Stones (#5324)
• 4a245a6 test FIPS mode on centos8 (#5323)
• 2fdb747 PKCS12 support (#5325)
• 972c886 refactor DH a bit to generate less parameters (#5326)
• 31359f3 fix grammar in error message (#5322)
• 084da16 disable the osrandom engine on 1.1.1d+ (#5317)
• 1604ea7 test exceptions and properly reject duplicate attributes in csrbuilder (#5319)
• b8656fc Implement deepcopy for x509 certificates (#5318)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #213.