This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author gregory.p.smith
Recipients Zooko.Wilcox-O'Hearn, christian.heimes, corona10, gregory.p.smith, jstasiak, kmaork, larry, mgorny, oconnor663, xtreak
Date 2022-03-22.19:19:04
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
hashlib creator and other maintainer here: I do not think it was a good idea for us to add blake2 to hashlib the way we did. So blake3 should not be presumed as a given, at least not done in the same manner.


While OpenSSL gained _some_ blake2 support in 2016, around when we were adding it to hashlib (not a coincidence), we made a mistake: We offered an overly complex API. OpenSSL's own support for blake2 is a subset, not sufficient to be used as a replacement for the API we exposed so we are stuck with our vendored copy with no easy way off.

OpenSSL is not going to gain native blake3 support.

Given that I don't want to see us gain new vendored copies of significant but non-critical third party hash code in our tree (Modules/_blake3/impl/ in PR 31686) for anything but a known fixed term need (ex: the sha2 libtomcrypt code is gone from our tree as was clearly going to happen from the start), the only way I think we should include blake3 support is if there is already a plan for that code to leave our tree in the future with a high probability of success.

A `` check for an installed blake3 library to build and link against would be appropriate.

Along with updating relevant CI systems and Windows and macOS release build systems to have that available.  

That'd significantly shrink the PR to reasonable size.

This means blake3 support should be considered optional as anyone doing their own CPython build may not have it.  This is primarily a documentation issue: list it as such and provide one official documented API to detect its availability.  Our binary releases will include it as will most OS distro packagers.  It also means implementation details, performance and platform tuning are **not our problem** but those of the OS distro or external library provider.

Regarding, what Christian says is true, that is on its way out. Do not add new non-trivial statements to it as that just creates more work for those working to untangle the mess. Getting rid of the /impl/ build in favor of an autoconf detected library gets rid of that mess.

I'll file a separate issue to track moving blake2 in the same direction so we can lose it's /impl/.
Date User Action Args
2022-03-22 19:19:04gregory.p.smithsetrecipients: + gregory.p.smith, larry, christian.heimes, mgorny, Zooko.Wilcox-O'Hearn, jstasiak, oconnor663, corona10, xtreak, kmaork
2022-03-22 19:19:04gregory.p.smithsetmessageid: <>
2022-03-22 19:19:04gregory.p.smithlinkissue39298 messages
2022-03-22 19:19:04gregory.p.smithcreate