Project

General

Profile

Bug #13603

SecureRandom.uuid is not valid v4 and/or RFC 4122

Added by kulikov-im (Evgeniy Kulikov) about 2 years ago. Updated 24 days ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
ruby -v:
ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-darwin16]
[ruby-core:81401]

Description

https://www.ietf.org/rfc/rfc4122.txt (#4.4)

(reopen from https://bugs.ruby-lang.org/issues/10093#change-65105)

current test is https://github.com/ruby/ruby/blob/ruby_2_4/test/test_securerandom.rb#L174

def test_uuid
  uuid = @it.uuid
  assert_equal(36, uuid.size)
  assert_match(/\A\h{8}-\h{4}-\h{4}-\h{4}-\h{12}\z/, uuid)
end

thats not valid

Here Golang example of test-case - https://github.com/satori/go.uuid/blob/master/uuid_test.go#L589

must check:

  • UUID Version
uuid.bytes[6] >> 4 == 4
  • RFC4122
(uuid.bytes[8] & 0xc0) | 0x80 == 0x80

valid test-case is:

def test_uuid
  uuid = @it.uuid

  assert_equal(36, uuid.size)

  # Check UUID Version:
  assert_equal(uuid.bytes[6] >> 4, 4)

  # Check RFC4122
  assert_equal((uuid[8] & 0xc0) | 0x80, 0x80)

  assert_match(/\A\h{8}-\h{4}-\h{4}-\h{4}-\h{12}\z/, uuid)
end

This problem has to be from ruby version 1.9.3 to 2.4.1 (current)

Associated revisions

Revision 5fef46ae
Added by jeremyevans (Jeremy Evans) 24 days ago

Test SecureRandom.uuid format

SecureRandom uses v4 UUIDs, which are completely random except for
6 bits, 4 in the version field and 2 in the clk_seq_hi_res field.
Add a test that those bit patterns are set correctly for v4 UUIDs,
per RFC 4122 section 4.4.

Fixes [Bug #13603]

History

Updated by shyouhei (Shyouhei Urabe) about 2 years ago

Is this a matter of our test code, or the actual output of SecureRandom.uuid does not conform the RFC?

Updated by kulikov-im (Evgeniy Kulikov) about 2 years ago

shyouhei (Shyouhei Urabe) wrote:

Is this a matter of our test code, or the actual output of SecureRandom.uuid does not conform the RFC?

test-case from repo (https://github.com/ruby/ruby/blob/ruby_2_4/test/test_securerandom.rb#L174) doesn't check version and specification

i have mistake in my issue (code above), whats need:

Later, I can write example


Now i have some problems with hex-decode in ruby

#3

Updated by jeremyevans (Jeremy Evans) 24 days ago

  • Status changed from Open to Closed

Applied in changeset git|5fef46ae0dedaab359f55bc3680f4278eb7da98d.


Test SecureRandom.uuid format

SecureRandom uses v4 UUIDs, which are completely random except for
6 bits, 4 in the version field and 2 in the clk_seq_hi_res field.
Add a test that those bit patterns are set correctly for v4 UUIDs,
per RFC 4122 section 4.4.

Fixes [Bug #13603]

Also available in: Atom PDF