Botan provides a number of different
cryptographic algorithms and primitives, including:
- Public key encryption algorithms RSA, ElGamal, DLIES
(padding schemes OAEP, PKCS #1 v1.5)
- Public key signature algorithms RSA, DSA, ECDSA,
GOST 34.10-2001, Nyberg-Rueppel, Rabin-Williams
(padding schemes PSS, PKCS #1 v1.5, X9.31)
- Key agreement techniques Diffie-Hellman and ECDH
- Hash functions SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, Skein-512,
Blue Midnight Wish-512, Whirlpool, Tiger,
RIPEMD-160, RIPEMD-128, HAS-160, GOST 34.11,
MD2, MD4, MD5, FORK-256
- Authentication codes HMAC, CMAC (aka OMAC1), CBC-MAC, ANSI X9.19 DES-MAC,
and the protocol-specific SSLv3 authentication code
- Block cipher modes ECB, CBC, CBC/CTS, CFB, OFB, CTR, and XTS
and authenticated cipher mode EAX
- AES (Rijndael) and AES candidates Serpent, Twofish, MARS, CAST-256, RC6
- DES, and variants 3DES and DESX
- National/telecom block ciphers SEED, KASUMI, MISTY1, GOST 28147, Skipjack
- Other block ciphers including Blowfish, CAST-128, IDEA, Noekeon,
TEA, XTEA, RC2, RC5, SAFER-SK, and Square
- Stream ciphers ARC4, Salsa20/XSalsa20, Turing, and WiderWake4+1
- Block cipher constructions Luby-Rackoff and Lion
- Checksums Adler32, CRC24, CRC32
- X.509 certificates (including generating new self-signed and CA certs) and CRLs
- PKCS #10 certificate requests
- PBKDF1 from PKCS #5 v1.5, PBKDF2 from PKCS #5 v2.0,
OpenPGP S2K (string to key) from RFC 2440
- KDF1 and KDF2 from IEEE 1363
- PRFs from ANSI X9.42, SSL v3.0, TLS v1.0