build(deps): bump tlslite-ng from 0.7.6 to 0.8.2

[dependabot]

Bumps tlslite-ng from 0.7.6 to 0.8.2.

Release notes

Sourced from tlslite-ng's releases.

v0.8.2

• Additional test vectors for the RSA implicit rejection mechanism
• fix negotiation of TLS 1.2 Brainpool group IDs in TLS 1.3

v0.8.1

• apply checks to ec_point_formats extension only when negotiating TLS 1.2 or earlier (Ganna Starovoytova)

v0.8.0

• DEPRECATION NOTICE: camelCase method and argument names are considered now deprecated, ones that use underscore_separator are now the primary ones (the procedure to support it is not yet finished, but any new code must follow this new style and new deprecations will be introduced as time goes on. Please run your test suite with -Wd to see where the depracated calls are being made, the python standard DeprecationWarning will be emited there)
• Python 3.2, 3.3, and 3.4 is not supported any more (dropped by python-ecdsa)
• fix compatibility issue with 8192 bit SRP group from RFC 5054
• fix CVE-2018-1000159 - incorrect verification of MAC in MAC then Encrypt mode
• workaround CVE-2020-26263 - Bleichenbacher oracle in RSA decryption. Please note that while the code was fortified, because of peculiarities of python, it's not possible to fully fix it. If you require resistance against side-channel attacks please use a different library.
• fix Python_RSAKey multithreading support - performing private key operation in two threads at the same time could make all future calls return incorrect results
• Python 3.7 support (async is now a keyword) (Pierre Ståhl)
• Python 3.8 test suite compatibility
• Python 3.9 support (slight changes in imaplib caused our wrapper to stop working)
• Compatibility with M2Crypto on Python 3
• fix Python 2 comaptibility issue with X.509 DER parsing (Erkki Vahala)
• TLS 1.3
  • final RFC 8446 support
  • TLS 1.3 specific ciphers (AES-GCM, AES-CCM, AES-CCM8 and Chacha20)
  • TLS 1.3 specific extensions and extension code points
  • 1-RTT handshake mode
  • HelloRetryRequest support
  • PSK with (EC)DH key exchange
  • pure PSK
  • session resumption in TLS 1.3 using PSK tickets
  • padding support (Stanislav Zidek)
  • 0-RTT handshake tolerance (the early data will be ignored but handshake will succeed)
  • cookie extension
  • downgrade sentinels in ServerHello.random
  • TLS Keying Material Exporter support in TLS 1.3 (Simo Sorce)
  • client certificate support (Simo Sorce)
  • KeyUpdate support
  • post-handshake key authentication
• fix minor compatibility issue with Jython2.7 (Filip Goldefus)

... (truncated)

Commits

• c93df82 release 0.8.2
• ef3b623 Merge pull request #541 from tlsfuzzer/rsa-test-vectors
• 821811e require specific ubuntu version for py3.7
• 36dcaae zero padded and 4096 with second to last length
• c03847e More 4096 bit vectors
• b95f6c0 reformat the 3072 and 4096 tests to follow the draft, add few examples
• aa0d560 update 2049 bit RSA test vectors for implicit rejection
• b6a3c71 more test vectors for the 2049 bit RSA key
• 6bd403a Merge pull request #539 from tlsfuzzer/no-brainpool-in-tls1.3
• ecc8441 don't negotiate legacy brainpool IDs in TLS 1.3
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)