|Portability||non-portable (NoImplicitPrelude, depends on non-portable internal module)|
|Maintainer||Peter Trško <email@example.com>|
ApacheMD5 is one of the hash algorithms used by Apache HTTP server for basic authentication. It is Apache specific, but e.g. nginx supports this algorithm since version 1.0.3 http://wiki.nginx.org/HttpAuthBasicModule#auth_basic_user_file.
This is a naive implementation that doesn't aim for high speed, but to be
reasonably fast it uses
MD5() function from OpenSSL library so during
compilation you'll nead to have it installed including header files.
Many Linux distributions have separate dev packages for this.
Apache comes with utility named
htpasswd that allows to create,
delete and update flat files normally named
.htpasswd that store pairs
of usernames and passwords. While both this utility and Apache support
more algorithms most of them rely on UNIX
crypt() function. ApacheMD5
is not one of them and therefore it is suitable for cross-platform
usage. See also
htpasswd documentation on
Example: Creating htpasswd-like entry
apacheMD5 function is not identical to what
does. To create
htpasswd-like entry one needs to do:
import Data.ByteString (ByteString) import qualified Data.ByteString.Char8 as C8 (concat, pack, singleton) import Data.Digest.ApacheMD5 (Salt, apacheMD5, unSalt) htpasswdEntry :: ByteString -> ByteString -> Salt -> ByteString htpasswdEntry username password salt = C8.concat [ username , C8.pack ":$apr1$" , unSalt salt , C8.singleton '$' , apacheMD5 password salt ]
Taking password and salt this function produces resulting ApacheMD5 hash which is already base 64 encoded.
Apache MD5 hash salt. When constructing
.htpasswd file it is necessary
for the salt to be consisting of octets from
alpha64 "set". This newtype
mkSalt smart constructor are here to ensure such invariant.