[PYTHON-CRYPTO] Reviving PEP 247: Hashing API

Michael Ströder michael at STROEDER.COM
Thu Sep 20 18:06:55 CEST 2001

Andrew Kuchling wrote:
> On Wed, Sep 19, 2001 at 11:43:20PM -0700, Itamar S.-T. wrote:
> >--- Andrew Kuchling <akuchlin at MEMS-EXCHANGE.ORG>
> >What is the point of having a reset() method at all?
> Erm... umm... hmm...  good point.  reset() isn't in Python's built-in
> md5 and SHA modules at all, so it's an addition from the cryptography
> modules.  I was younger and stupider in those days, so reset()
> probably seemed like a good idea at the time.
> So, forget it; I'll rip reset() out of the PEP and post it to
> c.l.py.announce for any final comments, but the API is now done.

reset() seems handy if creating an hash object takes some time.

E.g. JCA/JCE defines methods reset() without any parameters for
java.security.MessageDigest and javax.crypto.Mac. That seems to be
the same like your proposed semantic where the key has to be stored
in the object. Is that really a problem? Well, if someone pickles
and stores the HMAC object...

Ciao, Michael.

More information about the python-crypto mailing list