Releases: XML-Security/signxml
v4.0.2
v4.0.1
v4.0.0: - Replace PyOpenSSL with Cryptography (#260)
-
Replace PyOpenSSL with Cryptography (#260)
- This is a major infrastructure change that replaces core certificate parsing, key processing, signature validation, and certificate chain validation functions previously provided by PyOpenSSL with those provided by Cryptography. Care was taken to preserve the exisitng API, including exception types, but many error messages raised in various error conditions have changed. If you see unexpected behavior and you have reason to believe it is incorrect, please file an issue. - Breaking change: the ca_path parameter, previously used to specify CA certificate stores, is no longer supported. Use the ca_pem_file parameter instead.-
Raise error when invalid certificate string is passed as input to signer
-
Fix public key matching for ECDSA (#245)
-
v3.2.2: - Update upper bound on lxml dependency to allow lxml 5
-
Update upper bound on lxml dependency to allow lxml 5
-
Bump minimum dependency versions to align with Ubuntu 20.04
-
Test and release infrastructure improvements
-
v3.2.1
v3.2.0
v3.1.1
v3.1.0
v3.0.2
v3.0.1
-
Mark SHA1 as deprecated
-
Aggregate verification settings in SignatureConfiguration dataclass
-
Mark all dataclasses in API as frozen
-
Add ability to assert expected signature location
-
Add ability to assert expected signature algorithms
-
Add ability to assert expected digest algorithms
-
Add MGF1 ("RSASSA-PSS without parameters") algorithm identifiers
-
Remove PSS ("RSASSA-PSS with parameters") and EdDSA algorithm
identifiers (given low usage and no interop examples, we will not be
implementing PSS parameters for now; EdDSA key info additionally has
no standardized way to serialize it) -
Add debug logging of canonicalization outputs
-
Documentation and formatting improvements
-