add 0.14 changes to NEWS

NEWS

@@ -1,3 +1,97 @@
+* Release 0.14 (06 Nov 2019)
+
+Bug fixes:
+Strict checking of DER requirements when parsing SEQUENCE, INTEGER,
+OBJECT IDENTIFIER and BITSTRING objects.
+DER parsers now consistently raise `UnexpectedDER` exception on malformed DER
+encoded byte strings.
+Make sure that both malformed and invalid signatures raise `BadSignatureError`.
+Ensure that all `SigningKey` and `VerifyingKey` methods that should accept
+bytes-like objects actually do accept them (also avoid copying input strings).
+Make `SigningKey.sign_digest_deterministic` use default object hashfunc when
+none was provided.
+`encode_integer` now works for large integers.
+Make `encode_oid` and `remove_object` correctly handle OBJECT IDENTIFIERs
+with large second subidentifier and padding in encoded subidentifiers.
+
+New features:
+Deterministic signature methods now accept `extra_entropy` parameter to further
+randomise the selection of `k` (the nonce) for signature, as specified in
+RFC6979.
+Recovery of public key from signature is now supported.
+Support for SEC1/X9.62 formatted keys, all three encodings are supported:
+"uncompressed", "compressed" and "hybrid". Both string, and PEM/DER will
+automatically accept them, if the size of the key matches the curve.
+Benchmarking application now provides performance numbers that are easier to
+compare against OpenSSL.
+Support for all Brainpool curves (non-twisted).
+
+New API:
+`CurveFp`: `__str__` is now supported.
+`SigningKey.sign_deterministic`, `SigningKey.sign_digest_deterministic` and
+`generate_k`: extra_entropy parameter was added
+`Signature.recover_public_keys` was added
+`VerifyingKey.from_public_key_recovery` and
+`VerifyingKey.from_public_key_recovery_with_digest` were added
+`VerifyingKey.to_string`: `encoding` parameter was added
+`VerifyingKey.to_der` and `SigningKey.to_der`: `point_encoding` parameter was
+added.
+`encode_bitstring`: `unused` parameter was added
+`remove_bitstring`: `expect_unused` parameter was added
+`SECP256k1` is now part of `curves` `*` import
+`Curves`: `__repr__` is now supported
+`VerifyingKey`: `__repr__` is now supported
+
+Deprecations:
+Python 2.5 is not supported any more - dead code removal.
+`from keys import *` will now import only objects defined in that module.
+Trying to decode a malformed point using `VerifyingKey.from_string`
+will rise now the `MalformedPointError` exception (that inherits from
+`AssertionError` but is not it).
+Multiple functions in `numbertheory` are considered deprecated: `phi`,
+`carmichael`, `carmichael_of_factorized`, `carmichael_of_ppower`,
+`order_mod`, `largest_factor_relatively_prime`, `kinda_order_mod`. They will
+now emit `DeprecationWarning` when used. Run the application or test suite
+with `-Wd` option or with `PYTHONWARNINGS=default` environment variable to
+verify if those methods are not used. They will be removed completely in a
+future release.
+`encode_bitstring` and `decode_bitstring` expect the number of unused
+bits to be passed as an argument now. They will emit `DeprecationWarning`
+if they are used in the deprecated way.
+modular_exp: will emit `DeprecationWarning`
+
+Hardening:
+Deterministic signatures now verify that the signature won't leak private
+key through very unlikely selection of `k` value (the nonce).
+Nonce bit size hiding was added (hardening against Minerva attack). Please
+note that it DOES NOT make library secure against side channel attacks (timing
+attacks).
+
+Performance:
+The public key in key generation is not verified twice now, making key
+generation and private key reading about 33% faster.
+Microoptimisation to `inverse_mod` function, increasing performance by about
+40% for all operations.
+
+Maintenance:
+Extended test coverage to newer python versions.
+Fixes to examples in README.md: correct commands, more correct code (now works
+on Python 3).
+Stopped bundling `six`
+Moved sources into `src` subdirectory
+Made benchmarking script standalone (runnable either with `tox -e speed`, or
+after installation, with `python speed.py`)
+Now test coverage reported to coveralls is branch coverage, not line coverage
+Autodetection of curves supported by OpenSSL (test suite compatibility with
+Fedora OpenSSL package).
+More readable error messages (exceptions) in `der` module.
+Documentation to `VerifyingKey`, `SigningKey` and signature encoder/decoder
+functions added.
+Added measuring and verifying condition coverage to Continuous Integration.
+Big clean-up of the test suite, use pytest parametrisation and hypothesis
+for better test coverage and more precise failure reporting.
+Use platform-provided `math.gcd`, when provided.
+
 * Release 0.13.3 (07 Oct 2019)
 
 Fix CVE-2019-14853 - possible DoS caused by malformed signature decoding and