Python Binding

New in version 1.11.14.

The Python binding is based on the ffi module of botan and the ctypes module of the Python standard library.

Versioning

botan.version_major()

Returns the major number of the library version (currently, 1)

botan.version_minor()

Returns the minor number of the library version (currently, 11)

botan.version_patch()

Returns the patch number of the library version (currently, 14)

botan.version_string()

Returns a free form version string for the library

Random Number Generators

class botan.rng(rng_type = 'system')
Type ‘user’ also allowed (userspace HKDF RNG seeded from system rng). The system RNG is very cheap to create, as just a single file handle or CSP handle is kept open, from first use until shutdown, no matter how many ‘system’ rng instances are created. Thus it is easy to use the RNG in a one-off way, with botan.rng().get(32).
get(length)

Return some bits

reseed(bits = 256)

Meaningless on system RNG, on userspace RNG causes a reseed/rekey

Hash Functions

class botan.hash_function(algo)

Algo is a string (eg ‘SHA-1’, ‘SHA-384’, ‘Skein-512’)

clear()

Clear state

output_length()
update(x)

Add some input

final()

Returns the hash of all input provided, resets for another message.

Message Authentication Codes

class botan.message_authentication_code(algo)

Algo is a string (eg ‘HMAC(SHA-256)’, ‘Poly1305’, ‘CMAC(AES-256)’)

clear()
output_length()
set_key(key)

Set the key

update(x)

Add some input

final()

Returns the MAC of all input provided, resets for another message with the same key.

Ciphers

class botan.cipher(object, algo, encrypt = True)

The algorithm is spcified as a string (eg ‘AES-128/GCM’, ‘Serpent/OCB(12)’, ‘Threefish-512/EAX’).

Set the second param to False for decryption

tag_length()

Returns the tag length (0 for unauthenticated modes)

default_nonce_length()

Returns default nonce length

update_granularity()

Returns update block size. Call to update() must provide input of exactly this many bytes

is_authenticated()

Returns True if this is an AEAD mode

valid_nonce_length(nonce_len)

Returns True if nonce_len is a valid nonce len for this mode

clear()

Resets all state

set_key(key)

Set the key

start(nonce)

Start processing a message using nonce

update(txt)

Consumes input text and returns output. Input text must be of update_granularity() length. Alternately, always call finish with the entire message, avoiding calls to update entirely

finish(txt = None)

Finish processing (with an optional final input). May throw if message authentication checks fail, in which case all plaintext previously processed must be discarded. You may call finish() with the entire message

Bcrypt

botan.bcrypt(passwd, rng, work_factor = 10)

Provided the password and an RNG object, returns a bcrypt string

botan.check_bcrypt(passwd, bcrypt)

Check a bcrypt hash against the provided password, returning True iff the password matches.

PBKDF

botan.pbkdf(algo, password, out_len, iterations = 100000, salt = rng().get(12))

Runs a PBKDF2 algo specified as a string (eg ‘PBKDF2(SHA-256)’, ‘PBKDF2(CMAC(Blowfish))’). Runs with n iterations with meaning depending on the algorithm. The salt can be provided or otherwise is randomly chosen. In any case it is returned from the call.

Returns out_len bytes of output (or potentially less depending on the algorithm and the size of the request).

Returns tuple of salt, iterations, and psk

botan.pbkdf_timed(algo, password, out_len, ms_to_run = 300, salt = rng().get(12))

Runs for as many iterations as needed to consumed ms_to_run milliseconds on whatever we’re running on. Returns tuple of salt, iterations, and psk

KDF

botan.kdf(algo, secret, out_len, salt)

Public Key

class botan.public_key(object)
fingerprint(hash = 'SHA-256')
class botan.private_key(algo, param, rng)

Constructor creates a new private key. The parameter type/value depends on the algorithm. For “rsa” is is the size of the key in bits. For “ecdsa” and “ecdh” it is a group name (for instance “secp256r1”). For “ecdh” there is also a special case for group “curve25519” (which is actually a completely distinct key type with a non-standard encoding).

get_public_key()

Return a public_key object

export()

Public Key Operations

class botan.pk_op_encrypt(pubkey, padding)
encrypt(msg, rng)
class botan.pk_op_decrypt(privkey, padding)
decrypt(msg)
class botan.pk_op_sign(privkey, hash_w_padding)
update(msg)
finish(rng)
class botan.pk_op_verify(pubkey, hash_w_padding)
update(msg)
check_signature(signature)
class botan.pk_op_key_agreement(privkey, kdf)
public_value()

Returns the public value to be passed to the other party

agree(other, key_len, salt)

Returns a key derived by the KDF.