Botan is a library, written in C++, which provides a fairly high level and C++-ish interface to a number of different crypto algorithms. In addition to the bare algorithms Botan also supports a number of standards and de-facto standards.
Botan is the Japanese name for the peony flower. This name has the following advantages: it's distinctive, it's easy enough to pronounce, and it has nothing to do with crypto or C++.
Gregory Petrosyan mentions that, by an interesting coincidence, 'botan' also means something roughly analogous to 'geek' in Russian.
There is a third-party SSH implementation using Botan which is available from NetSieben under both commercial and open-source licensing terms. Check that site for further information about the SSH library.
There is also a project, Ajisai, which implements SSL and TLS using Botan. This library should currently be considered alpha quality. Finally, there is an add-on that adds basic support for CMS (the crypto underneath S/MIME) in misc/cms in the source distribution, but it is very incomplete, currently unmaintained, and may not even compile with the latest release.
The most common stumbling block is a compiler that is buggy or can't handle modern C++ (specifically, C++98). See this list of recent build results for a sense of which platforms are actively being tested.
Botan currently has support for the crypto accellerators made by AEP Systems, and can easily be extended to support other hardware accellerators in the future; there is also a document explaining how to get your hardware supported by Botan.
Does your main function wrap all code inside a try/catch block? If an exception is thrown and is not caught, many runtimes simply crash the process without providing any sort of diagnostic.
You must create a Botan::LibraryInitializer object in order for anything in Botan to work. This is not actually entirely true, but it's a useful first order approximation (and is almost certainly the problem if you observe a Botan exception about initialization problems). See the API documentation for details.
Yes, Botan is thread safe. However, because mutual exclusion depends on OS specific code, you must load a module to help. POSIX threads and Win32 critical sections are both supported out of the box, other thread libraries are very easy to add. To enable thread safe operation, include "thread_safe" in the string you pass to Botan::LibraryInitializer. If for whatever reason a working mutex implementation cannot be found, LibraryInitializer will throw an exception rather than continue operating in a bad state.
There is a bug in the compiler with regards to classes defined within functions. A post to the devel mailing list contains a patch that fixes the problem. Visual Studio 2005 does not have this bug.
There is a bug in the configuration script in some versions that causes the script to get confused. You can workaround this problem by invoking the script as "perl ./configure.pl" (note the leading ./)
The primary author/maintainer of Botan (Jack Lloyd) has several years of experience performing application code review for security flaws, and has performed several FIPS 140 validations of hardware and software crypto implementations. However Botan has never undergone an impartial third-party security review and thus it is entirely possible/probable that a number of exploitable flaws remain in the source. (If your company is interested in funding/shepherding such a review of the Botan source, please contact the maintainers).
There has been one known security flaw. Between versions 0.7.8 (Feb 2002) and 1.3.7 (Dec 2003), the es_unix module, which runs Unix programs to gather entropy for seeding a random number generator, ran programs by invoking the popen library function with commands with no leading directory names. This mean setuid or setgid programs that used Botan could be tricked into executing arbitrary programs via manipulation of the PATH variable. Later versions will only search through specific (presumably safe) directories like /usr/bin; the list of directories to search can be controlled by the application.
Botan does not make any particular effort to defend against side-channel attacks such as differential power analysis or techniques that derive data based on cache eviction rates. These attacks are very difficult to defend against and are typically very hardware-specific.
Algorithm implementations that do defend against side-channel attacks could be introduced via an engine module. That would allow the side-channel protections to apply to all users without requiring any direct library code changes.
Botan's public key implementations do attempt to defend against timing attacks; random blinding is used to protect all RSA, Rabin-Williams, ElGamal, and Diffie-Hellman private key operations.
You can do any combination of: