Bump ecdsa from 0.17.0 to 0.19.0

[dependabot]

Bumps ecdsa from 0.17.0 to 0.19.0.

Release notes

Sourced from ecdsa's releases.

ecdsa 0.19.0

New API:

• to_ssh in VerifyingKey and SigningKey, supports Ed25519 keys only (Pablo Mazzini)

New features:

• Support for twisted Brainpool curves

Doc fix:

• Fix curve equation in glossary
• Documentation for signature encoding and signature decoding functions

Maintenance:

• Dropped official support for 3.3 and 3.4 (because of problems running them in CI, not because it's actually incompatible; support for 2.6 and 2.7 is unaffected)
• Fixes around hypothesis parameters
• Officially support Python 3.11 and 3.12
• Small updates to test suite to make it work with 3.11 and 3.12 and new releases of test dependencies
• Dropped the internal _rwlock module as it's unused
• Added mutation testing to CI, lots of speed-ups to the test suite to make it happen
• Removal of unnecessary six.b literals (Alexandre Detiste)

Deprecations:

• int_to_string, string_to_int, and digest_integer from ecdsa.ecdsa module are now considered deprecated, they will be removed in a future release

ecdsa 0.18.0

New features:

• Support for EdDSA (Ed25519, Ed448) signature creation and verification.
• Support for Ed25519 and Ed448 in PKCS#8 and public key files.
• Support for point precomputation for EdDSA.

New API:

• CurveEdTw class to represent the Twisted Edwards curve parameters.
• PointEdwards class to represent points on Twisted Edwards curve and provide point arithmetic on it.
• curve_by_name in curves module to get a Curve object by providing curve name.

... (truncated)

Changelog

Sourced from ecdsa's changelog.

• Release 0.19.0 (08 Apr 2024)

New API:

• to_ssh in VerifyingKey and SigningKey, supports Ed25519 keys only (Pablo Mazzini)

New features:

• Support for twisted Brainpool curves

Doc fix:

• Fix curve equation in glossary
• Documentation for signature encoding and signature decoding functions

Maintenance:

• Dropped official support for 3.3 and 3.4 (because of problems running them in CI, not because it's actually incompatible; support for 2.6 and 2.7 is unaffected)
• Fixes aroung hypothesis parameters
• Officially support Python 3.11 and 3.12
• Small updates to test suite to make it work with 3.11 and 3.12 and new releases of test dependencies
• Dropped the internal _rwlock module as it's unused
• Added mutation testing to CI, lots of speed-ups to the test suite to make it happen
• Removal of unnecessary six.b literals (Alexandre Detiste)

Deprecations:

• int_to_string, string_to_int, and digest_integer from ecdsa.ecdsa module are now considered deprecated, they will be removed in a future release

• Release 0.18.0 (09 Jul 2022)

New API:

• curve_by_name in curves module to get a Curve object by providing curve name.

Bug fix:

• Make the VerifyingKey encoded with explicit parameters use the same kind of point encoding for public key and curve generator.
• Better handling of malformed curve parameters (as in CVE-2022-0778); make python-ecdsa raise MalformedPointError instead of AssertionError.

Doc fix:

• Publish the documentation on https://ecdsa.readthedocs.io/, include explanation of basics of handling of ECC data formats and how to use the library for elliptic curve arithmetic.
• Make object names more consistent, make them into hyperlinks on the readthedocs documentation.
• Make security note more explicit (Ian Rodney)

... (truncated)

Commits

• be70016 Merge pull request #337 from tlsfuzzer/release-0.19
• 217735b allow early exit from worker processes when running mutation testing
• 6e7adff don't check rate if no tests executed
• c56030e make coveralls submission work with py2.6 again
• 66d0d74 add release notes for 0.19.0 release
• 0d5a38c Merge pull request #156 from tomato42/cosmic-ray
• 02c8350 be more permissive for the PR mutation test coverage
• 4845e8f better is_prime()
• 09f0d10 add hard timeout for test mutation test suite
• e16173b two digit precision for the mutation score badge
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)