requirements: Update cryptography to version 35.0.0

[bcoles]

This version contains several backwards incompatible changes that need to be reviewed before the library can be updated.

• BACKWARDS INCOMPATIBLE: The :doc:/x509/index PEM parsers now require that the PEM string passed have PEM delimiters of the correct type. For example, parsing a private key PEM concatenated with a certificate PEM will no longer be accepted by the PEM certificate parser.
• BACKWARDS INCOMPATIBLE: The X.509 certificate parser no longer allows negative serial numbers. RFC 5280 has always prohibited these.
• BACKWARDS INCOMPATIBLE: Additional forms of invalid ASN.1 found during :doc:/x509/index parsing will raise an error on initial parse rather than when the malformed field is accessed.

https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst#3500---2021-09-29