Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.57 to 1.0.58.
- [Release notes](https://github.com/dtolnay/proc-macro2/releases)
- [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.57...1.0.58)

---
updated-dependencies:
- dependency-name: proc-macro2
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* don't use a set

We don't need one here and it creates ordering instability when
iterating over an RDN

* add a test

Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.56 to 1.0.57.
- [Release notes](https://github.com/dtolnay/proc-macro2/releases)
- [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.56...1.0.57)

---
updated-dependencies:
- dependency-name: proc-macro2
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Run full nox rust env in coverage jobs

* Update ci.yml

* Update ci.yml

* fix 1.60 clippy warnings

* warning name changed

* refactor signature algorithm parameters into a separate function

this will be used in the verify_directly_issued_by PR

* fix coverage with more refactoring

Turns out the docs encourage this.

* support X.509 certificate PSS signing

no CSR, CRL, etc

* handle PSS.(MAX_LENGTH, DIGEST_LENGTH), review feedback

* name the kwarg

* test improvements

* skip if sha3 isn't supported

This matter models how x.509 represents these things, and will make it easier to make Extensions an iterator in the future