uuidgen, libuuid: UUID v5 not compatible with RFC 4122 #683

aleh-rymasheuski · 2018-08-29T08:53:59Z

$ uuidgen --namespace 00000000-0000-0000-0000-000000000000 --name 'foo' --sha1
aa752cea-8222-5bc8-8cd9-555b090c0ccb

$ echo -n '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0foo' | openssl sha1
(stdin)= aa752cea8222cbc8ecd9555b090c0ccb813cfca4

$ python -c "import uuid ; print(uuid.uuid5(uuid.UUID(int=0), 'foo'))"
aa752cea-8222-5bc8-acd9-555b090c0ccb

(note 8cd9 in uuidgen vs acd9 in Python, and ecd9 in the hash)

For a variant mark that takes two bits (http://pubs.opengroup.org/onlinepubs/9629399/apdxa.htm#tagtcjh_36 DCE variant, "most significant bits (bits 6 and 7) of the clock_seq_hi_and_reserved" from https://tools.ietf.org/html/rfc4122#section-4.3) uuidgen sets bit 5 to zero too: https://github.com/karelzak/util-linux/blob/917f53cf13c36d32c175f80f2074576595830573/libuuid/src/gen_uuid.c#L608

Line 607 sets 3 MSBs to zero, no matter the size of variant.
Line 608 sets 2 MSBs to 0x4, or 3 MSBs to 0x6 or 0x7.

The text was updated successfully, but these errors were encountered:

karelzak · 2018-08-30T13:39:57Z

@pprindeville any comment? :-)

The current version is not fully compatible with RFC4122. It incorrectly encodes UUID variant xxxxxxxx-xxxx-Mxxx-Nxxx-xxxxxxxxxxxx where M is UUID version and N is UUID variant. $ python -c "import uuid ; print(uuid.uuid5(uuid.UUID(int=0), 'foo'))" aa752cea-8222-5bc8-acd9-555b090c0ccb ^^ Old version: $ uuidgen --namespace 00000000-0000-0000-0000-000000000000 --name 'foo' --sha1 aa752cea-8222-5bc8-8cd9-555b090c0ccb ^^ Fixed version: ./uuidgen --namespace 00000000-0000-0000-0000-000000000000 --name 'foo' --sha1; aa752cea-8222-5bc8-acd9-555b090c0ccb ^^ The patch uses uuid_unpack and uuid_pack. It makes code more readable and allow to access proper octens. The same way we already use for time and random based UUIDs. Addresses: #683 Signed-off-by: Karel Zak <kzak@redhat.com>

karelzak · 2018-08-31T10:51:38Z

Fixed. Thanks for your report!

The current version is not fully compatible with RFC4122. It incorrectly encodes UUID variant xxxxxxxx-xxxx-Mxxx-Nxxx-xxxxxxxxxxxx where M is UUID version and N is UUID variant. $ python -c "import uuid ; print(uuid.uuid5(uuid.UUID(int=0), 'foo'))" aa752cea-8222-5bc8-acd9-555b090c0ccb ^^ Old version: $ uuidgen --namespace 00000000-0000-0000-0000-000000000000 --name 'foo' --sha1 aa752cea-8222-5bc8-8cd9-555b090c0ccb ^^ Fixed version: ./uuidgen --namespace 00000000-0000-0000-0000-000000000000 --name 'foo' --sha1; aa752cea-8222-5bc8-acd9-555b090c0ccb ^^ The patch uses uuid_unpack and uuid_pack. It makes code more readable and allow to access proper octens. The same way we already use for time and random based UUIDs. Addresses: util-linux/util-linux#683 Signed-off-by: Karel Zak <kzak@redhat.com>

karelzak closed this as completed Aug 31, 2018

eaaltonen mentioned this issue Mar 30, 2021

Functions and utility for configuring Group Access Control List based Access OP-TEE/optee_client#259

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

uuidgen, libuuid: UUID v5 not compatible with RFC 4122 #683

uuidgen, libuuid: UUID v5 not compatible with RFC 4122 #683

aleh-rymasheuski commented Aug 29, 2018 •

edited

Loading

karelzak commented Aug 30, 2018

karelzak commented Aug 31, 2018

uuidgen, libuuid: UUID v5 not compatible with RFC 4122 #683

uuidgen, libuuid: UUID v5 not compatible with RFC 4122 #683

Comments

aleh-rymasheuski commented Aug 29, 2018 • edited Loading

karelzak commented Aug 30, 2018

karelzak commented Aug 31, 2018

aleh-rymasheuski commented Aug 29, 2018 •

edited

Loading