It's a bit of both.

You might be able to resolve the issue by providing an additional argument (key) in case a caller already has an MD5 key in hand and wishes to use it. How about requiring that they pass exactly one of plaintextpassword or </code>md5password</code>? That removes any ambiguity from the interface, and eliminates any errors caused by people not understanding what is required for the password argument pair.