{"id":6927,"library":"twofish","title":"Twofish Python Bindings","description":"The `twofish` library provides Python bindings for a C implementation of the Twofish symmetric key block cipher, designed by Niels Ferguson. Twofish is a 128-bit block cipher supporting key sizes up to 256 bits, and was a finalist in the AES competition. The current version is 0.3.0, with the last PyPI release in 2013, and the official GitHub repository was archived in January 2025, indicating it is no longer actively maintained.","status":"abandoned","version":"0.3.0","language":"en","source_language":"en","source_url":"https://github.com/keybase/python-twofish","tags":["cryptography","twofish","encryption","cipher","security"],"install":[{"cmd":"pip install twofish","lang":"bash","label":"Install via pip"}],"dependencies":[],"imports":[{"symbol":"Twofish","correct":"from twofish import Twofish"}],"quickstart":{"code":"from twofish import Twofish\nimport os\n\n# Key must be 16, 24, or 32 bytes (128, 192, or 256 bits)\n# For a real application, use a securely generated random key\nkey = os.urandom(16) # 128-bit key\n\ncipher = Twofish(key)\n\n# Data blocks must be exactly 16 bytes\nplaintext_block = b'This is a 16-byt'\nciphertext_block = cipher.encrypt(plaintext_block)\ndecrypted_block = cipher.decrypt(ciphertext_block)\n\nprint(f\"Original: {plaintext_block}\")\nprint(f\"Encrypted: {ciphertext_block.hex()}\")\nprint(f\"Decrypted: {decrypted_block}\")","lang":"python","description":"This example demonstrates basic encryption and decryption of a single 16-byte block using a 128-bit key. Note that this library explicitly handles only 16-byte blocks, and higher-level cipher modes (like CBC or CTR) must be implemented externally or by using a different library."},"warnings":[{"fix":"Consider migrating to a actively maintained cryptographic library (e.g., `cryptography` or `PyCryptodome`) that provides Twofish or other robust ciphers with full mode support.","message":"The `keybase/python-twofish` GitHub repository, which hosts the code for this PyPI package, was archived by its owner on January 22, 2025. This means the library is no longer actively maintained and will not receive updates or bug fixes.","severity":"breaking","affected_versions":"0.3.0 and older"},{"fix":"For encrypting data larger than 16 bytes or variable-length messages, you must manually implement a secure block cipher mode and appropriate padding. Using the raw block cipher directly for more complex data can lead to severe security vulnerabilities. It is highly recommended to use a more comprehensive cryptographic library that handles these complexities for you.","message":"This library only implements the core Twofish block cipher, operating exclusively on 16-byte (128-bit) data blocks. It *does not* include higher-level cipher modes (such as CBC, CTR, GCM) or padding schemes.","severity":"gotcha","affected_versions":"0.3.0 and older"},{"fix":"Ensure your encryption key is generated securely and precisely matches one of the supported lengths (16, 24, or 32 bytes) before passing it to the `Twofish` constructor.","message":"Keys must be binary strings (bytes in Python 3) and can only be 16, 24, or 32 bytes long (corresponding to 128, 192, or 256 bits). Providing an invalid key length will result in a `KeyError`.","severity":"gotcha","affected_versions":"0.3.0 and older"},{"fix":"For modern Python development, use alternative libraries like `cryptography` or `PyCryptodome`, which offer broad compatibility and active maintenance for Twofish and other cryptographic primitives.","message":"The library explicitly states compatibility with Python 2.6, 2.7, and 3.3. While it might still function on some newer Python 3 versions, it is not officially supported and may encounter compatibility issues or unexpected behavior.","severity":"deprecated","affected_versions":"0.3.0 and older"}],"env_vars":null,"last_verified":"2026-04-15T00:00:00.000Z","next_check":"2026-07-14T00:00:00.000Z","problems":[]}