diff --git a/mo/tokens.py b/mo/tokens.py
index afe36b846b40dbfadf2b81672f62a16e6da87d31..97a7077544e26d86f2fad2545163deab08245db8 100644
--- a/mo/tokens.py
+++ b/mo/tokens.py
@@ -1,5 +1,6 @@
 # Podepsané tokeny
 
+import hashlib
 import hmac
 import urllib.parse
 from typing import Optional, List
@@ -8,9 +9,7 @@ import mo.config as config
 
 
 def _sign_token(token: str, use: str) -> str:
-    key = '-'.join(('sign-token', use, config.SECRET_KEY))
-    mac = hmac.HMAC(key.encode('us-ascii'), token.encode('us-ascii'), 'sha256')
-    return mac.hexdigest()[:16]
+    return sign(token, 'token-' + use)
 
 
 def sign_token(fields: List[str], use: str) -> str:
@@ -27,3 +26,18 @@ def verify_token(token: str, use: str) -> Optional[List[str]]:
     if _sign_token(':'.join(enc_fields), use) != sign:
         return None
     return [urllib.parse.unquote(f) for f in enc_fields]
+
+
+def sign(msg: str, use: str) -> str:
+    """Podpis parametrizovaný tajným klíčem a účelem."""
+
+    key = use + '#' + config.SECRET_KEY
+    mac = hmac.HMAC(key.encode('us-ascii'), msg.encode('us-ascii'), 'sha256')
+    return mac.hexdigest()[:16]
+
+
+def hash(msg: str, use: str) -> str:
+    """Hešovací funkce parametrizovaná tajným klíčem a účelem."""
+
+    m = '#'.join((use, config.SECRET_KEY, msg)).encode('us-ascii')
+    return hashlib.sha256(m).hexdigest()