utils: add UuidUtils.nameUUIDFromBytes

[weizhouapache]

Description

The method UUID.nameUUIDFromBytes uses MD5 (Message Digest Algorithm 5) which is considered cryptographically broken and deprecated for most security-related purposes.

This PR adds UuidUtils.nameUUIDFromBytes to replace UUID.nameUUIDFromBytes.
In the next releases we could implement the method using SHA-256 or so.

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)
• build/CI
• test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

• Major
• Minor

Bug Severity

• BLOCKER
• Critical
• Major
• Minor
• Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

[codecov]

Codecov Report

Attention: Patch coverage is 14.00000% with 43 lines in your changes missing coverage. Please review.

Project coverage is 16.57%. Comparing base (be22bfe) to head (5546835).
Report is 13 commits behind head on main.

Files with missing lines	Patch %	Lines
...nserver/resource/Xenserver625StorageProcessor.java	14.28%	6 Missing ⚠️
...ervisor/xenserver/resource/CitrixResourceBase.java	0.00%	4 Missing ⚠️
...cloud/storage/resource/VmwareStorageProcessor.java	0.00%	3 Missing ⚠️
.../storage/resource/NfsSecondaryStorageResource.java	0.00%	3 Missing ⚠️
...isor/hyperv/discoverer/HypervServerDiscoverer.java	0.00%	2 Missing ⚠️
...oud/hypervisor/vmware/resource/VmwareResource.java	0.00%	2 Missing ⚠️
...rvisor/kvm/discoverer/LibvirtServerDiscoverer.java	0.00%	2 Missing ⚠️
utils/src/main/java/com/cloud/utils/UuidUtils.java	33.33%	2 Missing ⚠️
...n/java/com/cloud/agent/resource/DummyResource.java	0.00%	1 Missing ⚠️
.../com/cloud/agent/api/ModifyStoragePoolCommand.java	50.00%	1 Missing ⚠️
... and 17 more

Additional details and impacted files

@@            Coverage Diff            @@
##               main   #11136   +/-   ##
=========================================
  Coverage     16.57%   16.57%           
+ Complexity    13971    13970    -1     
=========================================
  Files          5743     5743           
  Lines        510648   510651    +3     
  Branches      62105    62105           
=========================================
+ Hits          84641    84644    +3     
- Misses       416534   416535    +1     
+ Partials       9473     9472    -1     

Flag	Coverage Δ
uitests	3.90% <ø> (ø)
unittests	17.47% <14.00%> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sureshanaparti]

code lgtm

[sureshanaparti]

@blueorangutan package

[blueorangutan]

@sureshanaparti a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 14039

[weizhouapache]

@blueorangutan test

[blueorangutan]

@weizhouapache a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

[blueorangutan]

[SF] Trillian test result (tid-13685)
Environment: kvm-ol8 (x2), Advanced Networking with Mgmt server ol8
Total time taken: 58458 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr11136-t13685-kvm-ol8.zip
Smoke tests completed. 141 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File

[DaanHoogland]

@weizhouapache , 👍 but if I read this correctly it doesn’t change anything (yet), does it? I am all for proxying liberaries and even standard packages, but what are the plans for implementation?

[weizhouapache]

@weizhouapache , 👍 but if I read this correctly it doesn’t change anything (yet), does it? I am all for proxying liberaries and even standard packages, but what are the plans for implementation?

@DaanHoogland
exactly, it does not change anything.

We will implement the method with SHA-256 instead. However, we need to make sure that there is no regression, especially for the environment upgraded from older versions, because the method will return a different value.