Introduction
=================================
Botan is a BSD-licensed crypto library for C++. It provides
applications with the ability to use a number of cryptographic
algorithms, as well as SSL/TLS, X.509 certificates and CRLs, PKCS #10
certificate requests, a filter/pipe message processing system, and a
wide variety of other features. A third party open source
implementation of `SSHv2 `_
that uses botan is also available.
The core of botan is written in C++98 with no dependencies besides the
STL and the rest of the ISO standard library, but the library also
includes optional modules which make further assumptions about their
environment, providing features such as compression (using zlib or
bzip2), entropy gathering, and secure memory allocation. Assembly
implementations of key algorithms like SHA-1 and multiple precision
integer routines for x86 and x86-64 processors are also included.
It runs on most common operating systems and can be used with a number
of different commercial and open source compilers. It is already
included in most major Linux and BSD distros, as well as in Cygwin and
MacPorts. The :ref:`build log ` contains information about
recently tested targets.
The primary system targets are 32 and 64 bit CPUs, with a flat memory
address space of at least 32 bits. Given the choice between optimizing
for 32 bit systems and 64 bit systems, 64 bit is preferred, on the
general theory that where performance is a real concern, modern 64 bit
processors are the obvious choice. Smaller devices like handhelds,
settop boxes, and smart phones may also be capable.
It was started as a personal project by `Jack Lloyd
`_, who continues to be the maintainer and
release manager. Since the first release in 2001, many individuals and
organizations have contributed bug fixes and new features. There have
been over 140 releases in the decade since the first publicly released
version; the :ref:`release notes ` and news archive have
more information about the release history.
In addition to C++ you can use botan from Python or Perl, though the
current bindings only wrap portions of the library.
See the :ref:`faq` for a list of common questions and answers.
If you need help or have questions, send a mail to the `development
mailing list
`_.
"Philosophical" bug reports, announcements of programs using the
library, and related topics are also welcome.
If you find what you believe to be a bug, please file a ticket in
`Bugzilla `_.
A useful reference while reading this manual is the `Doxygen
documentation `_.
Recommended Reading
---------------------------------
It's a very good idea if you have some knowledge of cryptography
*before* trying to use the library. This is an area where it is very
easy to make mistakes, and where things are often subtle and/or
counterintuitive. Obviously the library tries to provide things at
a high level precisely to minimize the number of ways things can go
wrong, but naive use will almost certainly not result in a secure
system.
Especially recommended are:
- *Cryptography Engineering*
Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno
- *Security Engineering -- A Guide to Building Dependable Distributed Systems*
Ross Anderson
- *Handbook of Applied Cryptography* Alfred J. Menezes, Paul C. Van
Oorschot, and Scott A. Vanstone (available online at
http://www.cacr.math.uwaterloo.ca/hac/)