Using BLAKE2b from hashlib?

[cygnusv]

Cryptography.io's implementation of BLAKE2b doesn't offer any of the additional inputs supported by it (e.g., key, salt, personalization, etc.). This is due to OpenSSL implementation, which apparently won't ship it until version 1.2. However, Python's hashlib provides all that.

Several questions arise: should we move to hashlib? how hard do we want these features? what potential problems may arise in this case?

[michwill]

I do like hashlib, but I am not sure we desperately need all those additional features.
The problem is, of course, compatibility with some languages where implementations with those additional features aren't readily available.

[tuxxy]

I also agree with @michwill. I can see why we need the additional inputs for domain separation and I would like to use them. A concern I share is implementation in other languages. I haven't done the research yet to see the availability of said inputs, I don't think it will be difficult to find compatible libraries. I believe Blake2b to be in the stdlib of Go, for example and should probably offer these additional inputs.

For the time being, 👍 to using hashlib.