[ANN] botan-bindings & botan-low released

Today, I am happy to announce the initial release of the botan-bindings and botan-low packages to hackage.

This is the result of more than 7 months of sustained effort to provide a series of bindings to the Botan C++ cryptography library, and was made possible through support from the Haskell Foundation and funding provided by Mercury.

Botan is an open-source, BSD-licensed C++ cryptography library with an extensive suite of cryptographic algorithms and utilities, ranging from simple hashes and ciphers to complete protocol implementations of SRP6, X509, and TLS, and even post-quantum cryptography algorithm. Botan is developed and maintained by an active community, has been audited in the past, and provides a Haskell-compatible C FFI.

As such, it provides a stable, portable cryptography library on which to build a type-safe, functional cryptographic ecosystem, by providing much of the necessary ‘cryptographic kitchen sink’.

These packages attempt to provide a lightweight wrapper to the Botan C FFI, with minimal dependencies.


The botan-bindings library contains raw bindings and is an almost direct, 1-1 translation of the C API into Haskell FFI calls using the CApiFFI language extension. As such, it exposes and operates over C FFI types, and requires buffer and pointer and pointer management. This library only exposes FFI calls and constants, and is suitable for building your own abstraction over Botan.


The botan-low library contains low-level bindings which wrap the FFI calls into IO actions. This library handles the translation between buffers and ByteStrings, and throw exceptions in the case of errors, but is otherwise be a fairly faithful translation of the Botan interface. This library is suitable for everyday use, but will be superceded in ergonomics by the high-level botan, which isn’t far behind.

Installation, Usage, and Tutorials

This library requires the botan-3 C++ library to be installed in order to function. Please follow the instructions in the README or the official Botan C++ installation instructions for more detail.

You will need to add botan-low as a package dependency in order to use it. Simply add it to your [project].cabal under the build-depends stanza:


After that, there is an entire series of tutorials that can be found in the README and in the haddock documentation.


This project was tested with the following GHC versions:

  • 9.2.8
  • 9.4.7
  • 9.6.3
  • 9.8.1

This project has unit tests that pass, (aside from a few algorithm-specific failures that are being taken care of).


botan-bindings 0.0.1 - 2024/02/13

Initial release.

botan-low 0.0.1 - 2024/02/13

Initial release.

Future work

Work on the high-level botan is ongoing; several modules have recently reached gold-standard status, and a whole host of cryptographic typeclasses are being developed in tandem with data families in order to provide a high level of per-algorithm type safety and ergonomics that we expect from an idiomatic Haskell interface. It’s looking fantastic, so you should follow the devlog for more up-to-date details!