OIDplus generates UUIDs for various object types using UUIDs in the "Custom / Version 8" format as defined in RFC 9562.
The general structure of these UUIDs is:
| Block | Byte | Length | Description |
|---|---|---|---|
| 1 | 0-3 | 1 bit | Reserved, must be 0. |
| 31 bits | OIDplus SystemID (lower 31 bits of the SHA1 hash of the Public Key in raw binary representation) | ||
| 2 | 4-5 | 16 bits | Creation timestamp: Days since 01.01.1970 00:00 GMT; 0 if unknown or not applicable. Max possible: 0xFFFF = 06 June 2149 |
| 3 | 6-7 | 4 bits | UUID Version, must be 0x8 (Custom UUID) |
| 12 bits | Reserved, must be 0x000 | ||
| 4 | 8-9 | 2 bits | UUID Variant, must be 0b10 (RFC 4122) |
| 14 bits | Namespace | ||
| 5 | 10-15 | 48 bits | Data as defined by the namespace |
Every OIDplus system can be identified by a UUID.
The 14-bit namespace has a fixed value of 0, i.e. block 4 has the value of 0x8000.
The 48-bit data has a fixed value of 0x1890afd80709 which is the lower 48 bits of SHA1 of an empty string.
The creation timestamp is currently 0 because OIDplus does not track the creation time of a freshly installed system.
Example: System #1855139287 has the following UUID:
6e932dd7-0000-8000-8000-1890afd80709
It contains the information as follows:
| Block | Description | Value | Interpretation |
|---|---|---|---|
| 1 | System ID | 0x6E932DD7 | SHA1(PubKey) & 0x7FFF.FFFF = 1855139287 |
| 2 | Timestamp | 0x0000 | Unknown |
| 3 | Reserved+Version | 0x8000 | 0x000 | 0x8000 |
| 4 | Namespace+Variant | 0x8000 | 0x0000 | 0x8000 |
| 5 | Data | 0x1890AFD80709 | SHA1('') & 0xFFFF.FFFF.FFFF |
Every user (RA or the Admin) can be identified by a UUID. (Defined hereby, but currently not used in OIDplus)
The 14-bit namespace has a fixed value of 1, i.e. block 4 has the value of 0x8001.
For the Admin account, the 48-bit data has a fixed value of 0x000000000000.
The creation timestamp for the admin is the creation of the system,
which is currently 0 because OIDplus does not track the creation time of a freshly installed system.
For an RA account, the 48-bit data are the lower 48 bits of the SHA1 hash of the email address of the RA. The creation timestamp is the user registration time, which is currently 0 because OIDplus does not track the creation time of a user registration.
Please note: Since there may be collisions in the 48-bit hash, this UUID should only be used for security-relevant applications if the system ensures that there is no collision, e.g. by storing all UUIDs and rejecting new user accounts if their UUID collides with another user.
Example: The user "joe@example.com" on system #1855139287 has the following UUID:
6e932dd7-0000-8000-8001-2938f50e857e
It contains the information as follows:
| Block | Description | Value | Interpretation |
|---|---|---|---|
| 1 | System ID | 0x6E932DD7 | SHA1(PubKey) & 0x7FFF.FFFF = 1855139287 |
| 2 | Timestamp | 0x0000 | Unknown |
| 3 | Reserved+Version | 0x8000 | 0x000 | 0x8000 |
| 4 | Namespace+Variant | 0x8001 | 0x0001 | 0x8000 |
| 5 | Data | 0x2938F50E857E | SHA1('joe@example.com') & 0xFFFF.FFFF.FFFF |
Every log entry can be identified by a UUID. (Defined hereby, but currently not used in OIDplus)
The 14-bit namespace has a fixed value of 2, i.e. block 4 has the value of 0x8002.
The 48-bit data is a sequential number. It can be either sequential and unique for the current day of the given system, or be sequential and unique for the system independent of the day. An example of the latter usage would be using the autoincrement field of the database table. In case the autoincrement field of the database gets lost (e.g. data loss in the log table or fresh install of the system), then the sequence could be incremented by a reasonable value at least for the rest of the current day.
Example: The log entry 1234 on system #1855139287 logged on 30 September 2018 has the following UUID:
6e932dd7-458c-8000-8002-0000000004d2
It contains the information as follows:
| Block | Description | Value | Interpretation |
|---|---|---|---|
| 1 | System ID | 0x6E932DD7 | SHA1(PubKey) & 0x7FFF.FFFF = 1855139287 |
| 2 | Timestamp | 0x458C | 30 September 2018 (17804 days since 1 January 1970) |
| 3 | Reserved+Version | 0x8000 | 0x000 | 0x8000 |
| 4 | Namespace+Variant | 0x8002 | 0x0002 | 0x8000 |
| 5 | Data | 0x0000000004D2 | Sequence 1234 |
Every system configuration entry (the values on the config database table; not the base configuration settings in the userdata folder) can be identified by a UUID. (Defined hereby, but currently not used in OIDplus)
The 14-bit namespace has a fixed value of 3, i.e. block 4 has the value of 0x8003.
The 48-bit data are the 48 bits of the SHA1 hash of the configuration name.
The creation timestamp is currently 0 because OIDplus does not track the creation time of configuration entries.
Example: The configuration value "max_ra_invite_time" on system #1855139287 has the following UUID:
6e932dd7-0000-8000-8003-f14dda42862a
It contains the information as follows:
| Block | Description | Value | Interpretation |
|---|---|---|---|
| 1 | System ID | 0x6E932DD7 | SHA1(PubKey) & 0x7FFF.FFFF = 1855139287 |
| 2 | Timestamp | 0x0000 | Unknown |
| 3 | Reserved+Version | 0x8000 | 0x000 | 0x8000 |
| 4 | Namespace+Variant | 0x8003 | 0x0003 | 0x8000 |
| 5 | Data | 0xF14DDA42862A | SHA1('max_ra_invite_time') & 0xFFFF.FFFF.FFFF |
Each allocation of an alphanumeric (ASN.1) identifier of an OID can be identified by a UUID. (Defined hereby, but currently not used in OIDplus)
The 14-bit namespace has a fixed value of 4, i.e. block 4 has the value of 0x8004.
The 48-bit data is defined as follows:
- The upper 24 bits are the lower 24 bits of the SHA1 hash of the OID.
- The lower 24 bits are the lower 24 bits of the SHA1 hash of the alphanumeric ASN.1 identifier.
Example: The alphanumeric identifier "example" of OID "2.999" on system #1855139287 has the following UUID:
6e932dd7-0000-8000-8004-208ded8a3f8f
It contains the information as follows:
| Block | Description | Value | Interpretation |
|---|---|---|---|
| 1 | System ID | 0x6E932DD7 | SHA1(PubKey) & 0x7FFF.FFFF = 1855139287 |
| 2 | Timestamp | 0x0000 | Unknown |
| 3 | Reserved+Version | 0x8000 | 0x000 | 0x8000 |
| 4 | Namespace+Variant | 0x8004 | 0x0004 | 0x8000 |
| 5 | Data (High) | 0x208DED | SHA1('2.999') & 0xFF.FFFF |
| Data (Low) | 0x8A3F8F | SHA1('example') & 0xFF.FFFF |
Each allocation of a Unicode Label (for OID-IRI) of an OID can be identified by a UUID. (Defined hereby, but currently not used in OIDplus)
The 14-bit namespace has a fixed value of 5, i.e. block 4 has the value of 0x8005.
The 48-bit data is defined as follows:
- The upper 24 bits are the lower 24 bits of the SHA1 hash of the OID.
- The lower 24 bits are the lower 24 bits of the SHA1 hash of the Unicode Label in UTF-8 encoding.
Example: The Unicode Label "Example" of OID "2.999" on system #1855139287 has the following UUID:
6e932dd7-0000-8000-8005-208dedaf9a96
It contains the information as follows:
| Block | Description | Value | Interpretation |
|---|---|---|---|
| 1 | System ID | 0x6E932DD7 | SHA1(PubKey) & 0x7FFF.FFFF = 1855139287 |
| 2 | Timestamp | 0x0000 | Unknown |
| 3 | Reserved+Version | 0x8000 | 0x000 | 0x8000 |
| 4 | Namespace+Variant | 0x8005 | 0x0005 | 0x8000 |
| 5 | Data (High) | 0x208DED | SHA1('2.999') & 0xFF.FFFF |
| Data (Low) | 0xAF9A96 | SHA1(utf8_encode('Example')) & 0xFF.FFFF |
The 14-bit namespace values 6 (block 4 = 0x8006) through 15 (block 4 = 0x800F) are reserved
for future use.
OIDplus automatically assigns a UUID to every object it manages.
The 14-bit namespace is defined as the lower 14 bits of the SHA1 hash of the OIDplus Object Type Plugin OID.
However, the values 0x0 - 0xF are reserved for the other UUID types and must not be used. (In this case,
the object type plugin author shall pick a different OID for their plugin). So block 4 has a range
between 0x8010 till 0xFFFF.
The 48-bit data is defined as the lower 48 bits of the SHA1 hash of the object name without the object type prefix.
Example: The object java:com.example, created on 30 September 2018 on system #1855139287 has the following UUID:
6e932dd7-458c-8000-b9e9-c1e3894d1105
It contains the information as follows:
| Block | Description | Value | Interpretation |
|---|---|---|---|
| 1 | System ID | 0x6E932DD7 | SHA1(PubKey) & 0x7FFF.FFFF = 1855139287 |
| 2 | Timestamp | 0x458C | 30 September 2018 (17804 days since 1 January 1970) |
| 3 | Reserved+Version | 0x8000 | 0x000 | 0x8000 |
| 4 | Namespace+Variant | 0xB9E9 | SHA1('1.3.6.1.4.1.37476.2.5.2.4.8.6') & 0x3FFF | 0x8000 |
| 5 | Data | 0xC1E3894D1105 | SHA1('com.example') & 0xFFFF.FFFF.FFFF |
| Vendor | Namespace | Plugin OID | SHA1 hash | Block 4 | Notes |
|---|---|---|---|---|---|
| n/a | n/a | n/a | n/a | 0x8000 | System |
| n/a | n/a | n/a | n/a | 0x8001 | User/RA |
| n/a | n/a | n/a | n/a | 0x8002 | Logging entry |
| n/a | n/a | n/a | n/a | 0x8003 | Configuration entry |
| n/a | n/a | n/a | n/a | 0x8004 | ASN.1 ID |
| n/a | n/a | n/a | n/a | 0x8005 | Unicode Label (IRI) |
| n/a | n/a | n/a | n/a | 0x8006 | Reserved for system |
| n/a | n/a | n/a | n/a | 0x8007 | Reserved for system |
| n/a | n/a | n/a | n/a | 0x8008 | Reserved for system |
| n/a | n/a | n/a | n/a | 0x8009 | Reserved for system |
| n/a | n/a | n/a | n/a | 0x800A | Reserved for system |
| n/a | n/a | n/a | n/a | 0x800B | Reserved for system |
| n/a | n/a | n/a | n/a | 0x800C | Reserved for system |
| n/a | n/a | n/a | n/a | 0x800D | Reserved for system |
| n/a | n/a | n/a | n/a | 0x800E | Reserved for system |
| n/a | n/a | n/a | n/a | 0x800F | Reserved for system |
| ViaThinkSoft | doi | 1.3.6.1.4.1.37476.2.5.2.4.8.1 | 0x...2259 | 0xA259 | |
| ViaThinkSoft | gs1 | 1.3.6.1.4.1.37476.2.5.2.4.8.2 | 0x...021E | 0x821E | |
| ViaThinkSoft | guid | 1.3.6.1.4.1.37476.2.5.2.4.8.3 | 0x...B924 | 0xB924 | In OIDplus, only the UUID itself will be shown |
| ViaThinkSoft | ipv4 | 1.3.6.1.4.1.37476.2.5.2.4.8.4 | 0x...5AF9 | 0x9AF9 | |
| ViaThinkSoft | ipv6 | 1.3.6.1.4.1.37476.2.5.2.4.8.5 | 0x...55DB | 0x95DB | |
| ViaThinkSoft | java | 1.3.6.1.4.1.37476.2.5.2.4.8.6 | 0x...79E9 | 0xB9E9 | |
| ViaThinkSoft | oid | 1.3.6.1.4.1.37476.2.5.2.4.8.7 | 0x...66D3 | 0xA6D3 | |
| ViaThinkSoft | other | 1.3.6.1.4.1.37476.2.5.2.4.8.8 | 0x...D068 | 0x9068 | |
| ViaThinkSoft | domain | 1.3.6.1.4.1.37476.2.5.2.4.8.9 | 0x...D982 | 0x9982 | |
| ViaThinkSoft | fourcc | 1.3.6.1.4.1.37476.2.5.2.4.8.10 | 0x...B648 | 0xB648 | |
| ViaThinkSoft | aid | 1.3.6.1.4.1.37476.2.5.2.4.8.11 | 0x...2571 | 0xA571 | |
| ViaThinkSoft | php | 1.3.6.1.4.1.37476.2.5.2.4.8.12 | 0x...A6F0 | 0xA6F0 | |
| ViaThinkSoft | mac | 1.3.6.1.4.1.37476.2.5.2.4.8.13 | 0x...91CD | 0x91CD | |
| Frdlweb | circuit | 1.3.6.1.4.1.37553.8.1.8.8.53354196964.27255728261 | 0x...EBD5 | 0xABD5 | |
| Frdlweb | ns | 1.3.6.1.4.1.37476.9000.108.19361.856 | 0x...AF2D | 0xAF2D | |
| Frdlweb | pen | 1.3.6.1.4.1.37553.8.1.8.8.53354196964.32927 | 0x...D31E | 0x931E | |
| Frdlweb | uri | 1.3.6.1.4.1.37553.8.1.8.8.53354196964.39870 | 0x...AA05 | 0xAA05 | |
| Frdlweb | web+fan | 1.3.6.1.4.1.37553.8.1.8.8.53354196964.1958965295 | 0x...F077 | 0xB077 |
(1) When new object types are developed, the plugin author should check
if their "Block 4" hash based on their plugin OID conflicts with the
"Block 4" hashes of plugins from other vendors, and consider
using a different plugin OID in that case.
Between ViaThinkSoft OIDs, the lowest collision is 1.3.6.1.4.1.37476.2.5.2.4.8.186
which collides with 1.3.6.1.4.1.37476.2.5.2.4.8.48.
Add this line to your baseconfig-file (userdata/baseconfig/config.inc.php) to automatically let OIDplus check all third-party object type plugins for hash conflicts:
OIDplus::baseConfig()->setValue('DEBUG', true);
As an alternative, the following script can help you check (and generate a new line for this table):
<?php
$plugin_oid = '2.999'; // your plugin-oid here
if (!str_starts_with($plugin_oid, '1.3.6.1.4.1.37476.2.5.2.4.8.')) {
$coll = [];
for ($i = 1; $i <= 185; $i++) {
// No conflict between ViaThinkSoft OIDs .1 till .185
$block4 = dechex(hexdec(substr(sha1('1.3.6.1.4.1.37476.2.5.2.4.8.'.$i), -4)) & 0x3FFF | 0x8000);
$coll[] = $block4;
}
for ($i=0; $i<=0xF; $i++) {
// 0x8000 - 0x800F are used by the system
$coll[] = dechex(0x8000+$i);
}
$block4 = dechex(hexdec(substr(sha1($plugin_oid), -4)) & 0x3FFF | 0x8000);
if (in_array($block4, $coll)) {
echo "HASH CONFLICT\n";
} else {
echo "| (Author) | (NSName) | $plugin_oid | 0x...".strtoupper(substr(sha1($plugin_oid), -4))." | 0x".strtoupper($block4)." |\n";
}
} else {
$block4 = dechex(hexdec(substr(sha1($plugin_oid), -4)) & 0x3FFF | 0x8000);
echo "| ViaThinkSoft | (NSName) | $plugin_oid | 0x...".strtoupper(substr(sha1($plugin_oid), -4))." | 0x".strtoupper($block4)." |\n";
}
?>
(2) After the release of the object type plugin, please extend this table.
(3) Please also change the array with known namespaces at "UUID Utils": https://github.com/danielmarschall/uuid_mac_utils/blob/master/includes/uuid_utils.inc.php
This allows the interpretation of OIDplus Information Object UUIDs using this tool: https://misc.daniel-marschall.de/tools/uuid_mac_decoder/interprete_uuid.php?uuid=6e932dd7-458c-8000-b9e9-c1e3894d1105