[Python-ideas] adding digital signature and encryption "hashes" to hashlib?

Bill Janssen janssen at parc.com
Mon Sep 21 17:47:15 CEST 2009

Gregory P. Smith <greg at krypto.org> wrote:

> I don't like the attempt to overload the hash function API.
> Encryption and decryption should not be done using a digest() method.
> That makes no sense.  They are stream APIs with a constant mapping of
> bytes in to bytes out rather than a hash function that always outputs
> a constant number of bytes.

Sure, I could see the stream API, as well, but I think the hashlib
methods actually work pretty well for this, too.  Certainly for
the digital signature portion.

> I wouldn't put signing functions in hashlib itself but any common EVP
> wrapping code under could be shared.  Before doing that I really
> suggest someone fleshes out the API and limits its scope to avoid
> feature creep.

Yes, the right thing to do is to generate a separate module and put it
up in PyPI.  See how it goes.  Further consolidation could be left to
the future.


More information about the Python-ideas mailing list