v4.3.1

• Fix comparison logic for ECDSA public keys (#290)

v4.3.0: - Remove registration for ec.SECT* ECDSA curves (#289)

• Remove registration for ec.SECT* ECDSA curves (#289)

  • Fix key info matching behavior (#287)

v4.2.2

• Support default namespace with no xmlns="" undeclarations in sign/verify round-trip (#286)

v4.2.1

• Add legacy SigningCertificate with IssuerSerial for XAdES interoperability (#282)

v4.2.0: - Align behaviour of expect_references with docs (#279).

• Align behaviour of expect_references with docs (#279).
  Passing expect_references=True to verify(...) now results in a list
  of verify_results, irrespective of the number of references in the
  signature.

  • Accept lxml 6.x

v4.1.0

• Add options to exclude the C14N Transform element in signatures (#274)

v4.0.5

• Use Python 3.9 compatible typing expression

v4.0.4: This release contains security fixes for two security advisories:

This release contains security fixes for two security advisories:

• Signature verification with HMAC is vulnerable to an algorithm confusion attack
  (GHSA-6vx8-pcwv-xhf4)

• Signature verification with HMAC is vulnerable to a timing attack
  (GHSA-gmhf-gg8w-jw42)

v4.0.3: - Fix issue with support for deprecated PyOpenSSL certificates

• Fix issue with support for deprecated PyOpenSSL certificates

  • Fully remove the ca_path parameter; add docs for signature location pinning

v4.0.2

• XAdES signing: remove duplicate timezone information from SigningTime (#266)