diff --git a/scripts/base/protocols/http/file-hash.bro b/scripts/base/protocols/http/file-hash.bro
index 7e8e5cceaf..aa0a8298a0 100644
--- a/scripts/base/protocols/http/file-hash.bro
+++ b/scripts/base/protocols/http/file-hash.bro
@@ -13,16 +13,16 @@ export {
 	redef record Info += {
 		## MD5 sum for a file transferred over HTTP calculated from the 
 		## response body.
-		md5:             string   &log &optional;
+		md5:             string     &log &optional;
 		
 		## This value can be set per-transfer to determine per request
 		## if a file should have an MD5 sum generated.  It must be
 		## set to T at the time of or before the first chunk of body data.
-		calc_md5:        bool     &default=F;
+		calc_md5:        bool       &default=F;
 		
 		## Indicates if an MD5 sum is being calculated for the current 
 		## request/response pair.
-		calculating_md5: bool     &default=F;
+		md5_handle: opaque of md5   &optional;
 	};
 	
 	## Generate MD5 sums for these filetypes.
@@ -41,13 +41,12 @@ event http_entity_data(c: connection, is_orig: bool, length: count, data: string
 		if ( c$http$calc_md5 || 
 		     (c$http?$mime_type && generate_md5 in c$http$mime_type) )
 			{
-			c$http$calculating_md5 = T;
-			md5_hash_init(c$id);
+			c$http$md5_handle = md5_hash_init();
 			}
 		}
 	
-	if ( c$http$calculating_md5 )
-		md5_hash_update(c$id, data);
+	if ( c$http?$md5_handle )
+		md5_hash_update(c$http$md5_handle, data);
 	}
 	
 ## In the event of a content gap during a file transfer, detect the state for
@@ -55,11 +54,11 @@ event http_entity_data(c: connection, is_orig: bool, length: count, data: string
 ## incorrect anyway.
 event content_gap(c: connection, is_orig: bool, seq: count, length: count) &priority=5
 	{
-	if ( is_orig || ! c?$http || ! c$http$calculating_md5 ) return;
+	if ( is_orig || ! c?$http || ! c$http?$md5_handle ) return;
 	
 	set_state(c, F, is_orig);
-	c$http$calculating_md5 = F;
-	md5_hash_finish(c$id);
+	md5_hash_finish(c$http$md5_handle); # Ignore return value.
+	delete c$http$md5_handle;
 	}
 
 ## When the file finishes downloading, finish the hash and generate a notice.
@@ -67,11 +66,11 @@ event http_message_done(c: connection, is_orig: bool, stat: http_message_stat) &
 	{
 	if ( is_orig || ! c?$http ) return;
 	
-	if ( c$http$calculating_md5 )
+	if ( c$http?$md5_handle )
 		{
 		local url = build_url_http(c$http);
-		c$http$calculating_md5 = F;
-		c$http$md5 = md5_hash_finish(c$id);
+		c$http$md5 = md5_hash_finish(c$http$md5_handle);
+    delete c$http$md5_handle;
 		
 		NOTICE([$note=MD5, $msg=fmt("%s %s %s", c$id$orig_h, c$http$md5, url),
 		        $sub=c$http$md5, $conn=c, $URL=url]);
@@ -82,11 +81,12 @@ event connection_state_remove(c: connection) &priority=-5
 	{
 	if ( c?$http_state && 
 	     c$http_state$current_response in c$http_state$pending &&
-	     c$http_state$pending[c$http_state$current_response]$calculating_md5 )
+	     c$http_state$pending[c$http_state$current_response]?$md5_handle )
 		{
 		# The MD5 sum isn't going to be saved anywhere since the entire 
 		# body wouldn't have been seen anyway and we'd just be giving an
 		# incorrect MD5 sum.
-		md5_hash_finish(c$id);
+		md5_hash_finish(c$http$md5_handle);
+    delete c$http$md5_handle;
 		}
 	}
diff --git a/scripts/base/protocols/smtp/entities.bro b/scripts/base/protocols/smtp/entities.bro
index e158d045e0..a20c262d56 100644
--- a/scripts/base/protocols/smtp/entities.bro
+++ b/scripts/base/protocols/smtp/entities.bro
@@ -16,33 +16,33 @@ export {
 
 	type EntityInfo: record {
 		## This is the timestamp of when the MIME content transfer began.
-		ts:               time    &log;
-		uid:              string  &log;
-		id:               conn_id &log;
+		ts:               time            &log;
+		uid:              string          &log;
+		id:               conn_id         &log;
 		## A count to represent the depth of this message transaction in a 
 		## single connection where multiple messages were transferred.
-		trans_depth:      count  &log;
+		trans_depth:      count           &log;
 		## The filename seen in the Content-Disposition header.
-		filename:         string  &log &optional;
+		filename:         string          &log &optional;
 		## Track how many bytes of the MIME encoded file have been seen.
-		content_len:      count   &log &default=0;
+		content_len:      count           &log &default=0;
 		## The mime type of the entity discovered through magic bytes identification.
-		mime_type:        string  &log &optional;
+		mime_type:        string          &log &optional;
 		
 		## The calculated MD5 sum for the MIME entity.
-		md5:              string  &log &optional;
+		md5:              string          &log &optional;
 		## Optionally calculate the file's MD5 sum.  Must be set prior to the 
 		## first data chunk being see in an event.
-		calc_md5:         bool    &default=F;
+		calc_md5:         bool            &default=F;
 		## This boolean value indicates if an MD5 sum is being calculated 
 		## for the current file transfer.
-		calculating_md5:  bool    &default=F;
+		md5_handle:       opaque of md5   &optional;
 		
 		## Optionally write the file to disk.  Must be set prior to first 
 		## data chunk being seen in an event.
-		extract_file:     bool    &default=F;
+		extract_file:     bool            &default=F;
 		## Store the file handle here for the file currently being extracted.
-		extraction_file:  file    &log &optional;
+		extraction_file:  file            &log &optional;
 	};
 
 	redef record Info += {
@@ -126,18 +126,16 @@ event mime_segment_data(c: connection, length: count, data: string) &priority=-5
 
 	if ( c$smtp$current_entity$content_len == 0 )
 		{
-		if ( generate_md5 in c$smtp$current_entity$mime_type && ! never_calc_md5 )
-			c$smtp$current_entity$calc_md5 = T;
+		local entity = c$smtp$current_entity;
+		if ( generate_md5 in entity$mime_type && ! never_calc_md5 )
+			entity$calc_md5 = T;
 
-		if ( c$smtp$current_entity$calc_md5 )
-			{
-			c$smtp$current_entity$calculating_md5 = T;
-			md5_hash_init(c$id);
-			}
+		if ( entity$calc_md5 )
+			entity$md5_handle = md5_hash_init();
 		}
 
-	if ( c$smtp$current_entity$calculating_md5 )
-		md5_hash_update(c$id, data);
+	if ( c$smtp$current_entity?$md5_handle )
+		md5_hash_update(entity$md5_handle, data);
 }
 
 ## In the event of a content gap during the MIME transfer, detect the state for
@@ -147,10 +145,11 @@ event content_gap(c: connection, is_orig: bool, seq: count, length: count) &prio
 	{
 	if ( is_orig || ! c?$smtp || ! c$smtp?$current_entity ) return;
 
-	if ( c$smtp$current_entity$calculating_md5 )
+  local entity = c$smtp$current_entity;
+	if ( entity?$md5_handle )
 		{
-		c$smtp$current_entity$calculating_md5 = F;
-		md5_hash_finish(c$id);
+		md5_hash_finish(entity$md5_handle);
+    delete entity$md5_handle;
 		}
 	}
 
@@ -161,12 +160,14 @@ event mime_end_entity(c: connection) &priority=-3
 	if ( ! c?$smtp || ! c$smtp?$current_entity )
 		return;
 
-	if ( c$smtp$current_entity$calculating_md5 )
+  local entity = c$smtp$current_entity;
+	if ( entity?$md5_handle )
 		{
-		c$smtp$current_entity$md5 = md5_hash_finish(c$id);
+		entity$md5 = md5_hash_finish(entity$md5_handle);
+    delete entity$md5_handle;
 
 		NOTICE([$note=MD5, $msg=fmt("Calculated a hash for a MIME entity from %s", c$id$orig_h),
-				$sub=c$smtp$current_entity$md5, $conn=c]);
+				$sub=entity$md5, $conn=c]);
 		}
 	}
 
diff --git a/testing/btest/bifs/md5.test b/testing/btest/bifs/md5.test
index 5a9715edf1..b022302c59 100644
--- a/testing/btest/bifs/md5.test
+++ b/testing/btest/bifs/md5.test
@@ -4,16 +4,16 @@
 print md5_hash("one");
 print md5_hash("one", "two", "three");
 
-md5_hash_init("a");
-md5_hash_init("b");
+local a = md5_hash_init();
+local b = md5_hash_init();
 
-md5_hash_update("a", "one");
-md5_hash_update("b", "one");
-md5_hash_update("b", "two");
-md5_hash_update("b", "three");
+md5_hash_update(a, "one");
+md5_hash_update(b, "one");
+md5_hash_update(b, "two");
+md5_hash_update(b, "three");
 
-print md5_hash_finish("a");
-print md5_hash_finish("b");
+print md5_hash_finish(a);
+print md5_hash_finish(b);
 
 print md5_hmac("one");
 print md5_hmac("one", "two", "three");
diff --git a/testing/btest/bifs/sha1.test b/testing/btest/bifs/sha1.test
index 85c8df99c5..7bbd8b002e 100644
--- a/testing/btest/bifs/sha1.test
+++ b/testing/btest/bifs/sha1.test
@@ -4,13 +4,13 @@
 print sha1_hash("one");
 print sha1_hash("one", "two", "three");
 
-sha1_hash_init("a");
-sha1_hash_init("b");
+local a = sha1_hash_init();
+local b = sha1_hash_init();
 
-sha1_hash_update("a", "one");
-sha1_hash_update("b", "one");
-sha1_hash_update("b", "two");
-sha1_hash_update("b", "three");
+sha1_hash_update(a, "one");
+sha1_hash_update(b, "one");
+sha1_hash_update(b, "two");
+sha1_hash_update(b, "three");
 
-print sha1_hash_finish("a");
-print sha1_hash_finish("b");
+print sha1_hash_finish(a);
+print sha1_hash_finish(b);
diff --git a/testing/btest/bifs/sha256.test b/testing/btest/bifs/sha256.test
index 7451f2fad3..a1c17f7113 100644
--- a/testing/btest/bifs/sha256.test
+++ b/testing/btest/bifs/sha256.test
@@ -4,13 +4,13 @@
 print sha256_hash("one");
 print sha256_hash("one", "two", "three");
 
-sha256_hash_init("a");
-sha256_hash_init("b");
+local a = sha256_hash_init();
+local b = sha256_hash_init();
 
-sha256_hash_update("a", "one");
-sha256_hash_update("b", "one");
-sha256_hash_update("b", "two");
-sha256_hash_update("b", "three");
+sha256_hash_update(a, "one");
+sha256_hash_update(b, "one");
+sha256_hash_update(b, "two");
+sha256_hash_update(b, "three");
 
-print sha256_hash_finish("a");
-print sha256_hash_finish("b");
+print sha256_hash_finish(a);
+print sha256_hash_finish(b);