From: shyouhei@... Date: 2017-05-27T01:31:17+00:00 Subject: [ruby-core:81405] [Ruby trunk Bug#13603] SecureRandom.uuid is not valid v4 and/or RFC 4122 Issue #13603 has been updated by shyouhei (Shyouhei Urabe). Is this a matter of our test code, or the actual output of SecureRandom.uuid does not conform the RFC? ---------------------------------------- Bug #13603: SecureRandom.uuid is not valid v4 and/or RFC 4122 https://bugs.ruby-lang.org/issues/13603#change-65115 * Author: kulikov-im (Evgeniy Kulikov) * Status: Open * Priority: Normal * Assignee: * Target version: * ruby -v: ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-darwin16] * Backport: 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: UNKNOWN ---------------------------------------- https://www.ietf.org/rfc/rfc4122.txt (#4.4) --- (reopen from https://bugs.ruby-lang.org/issues/10093#change-65105) current test is https://github.com/ruby/ruby/blob/ruby_2_4/test/test_securerandom.rb#L174 ```ruby def test_uuid uuid = @it.uuid assert_equal(36, uuid.size) assert_match(/\A\h{8}-\h{4}-\h{4}-\h{4}-\h{12}\z/, uuid) end ``` thats not valid Here Golang example of test-case - https://github.com/satori/go.uuid/blob/master/uuid_test.go#L589 must check: - UUID Version ```ruby uuid.bytes[6] >> 4 == 4 ``` - RFC4122 ```ruby (uuid.bytes[8] & 0xc0) | 0x80 == 0x80 ``` valid test-case is: ```ruby def test_uuid uuid = @it.uuid assert_equal(36, uuid.size) # Check UUID Version: assert_equal(uuid.bytes[6] >> 4, 4) # Check RFC4122 assert_equal((uuid[8] & 0xc0) | 0x80, 0x80) assert_match(/\A\h{8}-\h{4}-\h{4}-\h{4}-\h{12}\z/, uuid) end ``` This problem has to be from ruby version 1.9.3 to 2.4.1 (current) -- https://bugs.ruby-lang.org/ Unsubscribe: