Jose

------------------
- Fixed handling of expiration exceptions during selection of decryption method
(patch contributed by yuriikonovaliuk)

------------------
- Allowed to decrypt JWE compliant tokens (patch contributed by
yuriikonovaliuk)

Note: Tokens generated by `encrypt` are not JWE spec compliant. Prior to this
patch `decrypt` was not able to decrypt JWE spec compliant tokens as well.

------------------
- Fixed bug in authentication tag computation (patch contributed by jaimeperez)

Important: This is a backwards incompatible change, in that tokens produced in this version will not be decipherable by tokens < 1.0.0. The jwe hash string used was changed to use an empty string rather than "." to fall in line with https://tools.ietf.org/html/rfc7518#section-5.2.2.1

------------------
- Fixed critical JWT vulnerability (patch contributed by yuriikonovaliuk)

Important: Only unencrypted tokens are vulnerable. This fix lead to backward
incompatible change to `verify` function signature.

------------------
- RFC compliance fixes (patch contributed by jaimeperez)

Important: This change introduces a temporarily injected key (__v) in order to
distinguish between legacy and newly issued tokens. This allows for the use
of either token as to not break backwards compatibility and (possibly)
degrade user experience. This will be removed for v1.0.

In order to verify whether or not clients are using a legacy token, the
application code can verify whether or not the key "__v" is contained in the
headers (this can be done after deserialize_compact). The existence of the key
identifies a newly created token.

------------------
- Unpinned pycrypto dependency (patch contributed by kuba)
- Added CLI exposing "decrypt" command
- Added custom exceptions, making client error handling easier