v4.0.3: - Fix issue with support for deprecated PyOpenSSL certificates

• Fix issue with support for deprecated PyOpenSSL certificates

  • Fully remove the ca_path parameter; add docs for signature location pinning

v4.0.2

• XAdES signing: remove duplicate timezone information from SigningTime (#266)

v4.0.1

• Verifier: Accept PyOpenSSL cert input, add deprecation warning

v4.0.0: - Replace PyOpenSSL with Cryptography (#260)

• Replace PyOpenSSL with Cryptography (#260)

  - This is a major infrastructure change that replaces core
    certificate parsing, key processing, signature validation, and
    certificate chain validation functions previously provided by
    PyOpenSSL with those provided by Cryptography. Care was taken to
    preserve the exisitng API, including exception types, but many
    error messages raised in various error conditions have changed. If
    you see unexpected behavior and you have reason to believe it is
    incorrect, please file an issue.
  
  - Breaking change: the ca_path parameter, previously used to specify
    CA certificate stores, is no longer supported. Use the ca_pem_file
    parameter instead.
  

  • Raise error when invalid certificate string is passed as input to signer

  • Fix public key matching for ECDSA (#245)

v3.2.2: - Update upper bound on lxml dependency to allow lxml 5

• Update upper bound on lxml dependency to allow lxml 5

  • Bump minimum dependency versions to align with Ubuntu 20.04

  • Test and release infrastructure improvements

v3.2.1

• Use dataclass.replace in SignatureReference construction. Fixes #231

v3.2.0

• Roundtrip referenced XML nodes before c14n to detach them from parent document when verifying (#225)

v3.1.1

• Add type attribute to XAdES signed properties reference (#224)

v3.1.0

• Use distinct default for payload c14n. Fixes #217

• Deprecate SHA1

• Test and documentation improvements

v3.0.2

• Remove incorrect deprecation of xml-c14n11 URI