Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Major changing for Guid (UUID) core processing. Moving up to Fnv-1a-128 based algorithms #51

Open
3F opened this issue Aug 21, 2021 · 1 comment
Open

Major changing for Guid (UUID) core processing. Moving up to Fnv-1a-128 based algorithms #51

3F opened this issue Aug 21, 2021 · 1 comment
Labels
core enhancement
Milestone
3.0

Comments

@3F
Copy link
Owner

3F commented Aug 21, 2021

Here, I was saying about Huid (-> Fnv-1a-128 (-> LX4Cnh)) which provides related fastest generating UUID in a .NET System.Guid compatible manner.

Today's MvsSln relies on MD5 (or SHA-1, edition for DllExport) when generating and comparing something from strings using Guid.

For example, XProject.PId and related Guid-like hashing

MvsSln/MvsSln/Core/XProject.cs

Lines 752 to 766 in 2cc2dd8

PId = CalculatePId(prj);
}
protected Guid CalculatePId(Project prj)
{
if(Project == null) {
return Guid.Empty;
}
return (
FindGuid(prj)
+ ProjectItem.projectConfig
+ ProjectItem.solutionConfig
)
.Guid();

This, of course, should not affect any well known Guids for VS/msbuild support. Only parts where must be generating a new one from input string. However, this invalidates the previously generated values which may require a complete re-evaluation in some cases.

Please feedback if this upgrading may cause problems and cannot be adapted in some used infrastructure etc.
@3F 3F added this to the 3.0 milestone Aug 21, 2021
3F added a commit that referenced this issue Jun 9, 2024
@3F
New build options: MvsSlnFeatureGuidSha1 and MvsSlnFeatureHuid
187f0e9 
Part of Issue #51

MvsSlnFeatureHuid via Huid 1.0.0 https://github.com/3F/Huid/releases/tag/1.0
@3F
Copy link
Owner Author

3F commented Jun 9, 2024
edited
Loading

Starting with 187f0e9, you can define the following:

  • MvsSlnFeatureHuid=true to enable implementation on Huid
  • MvsSlnFeatureGuidSha1=true to use Sha-1 based hashing (edition for DllExport up to 1.7.4)

Note:

  1. Huid (Fnv-1a-128 (via LX4Cnh)) and Sha-1 hashing works in Guids.domainMvsSln (the base),
    while implementation on MD5 uses initial vector.

  2. Remember, the default md5 for MvsSln 2.x is not FIPS compliant (according to the use of the System.Security.Cryptography implementation) and can cause the problems like this. I won't re-implement md5 beyond System.Security.Cryptography because 👇

  3. ! MvsSln doesn't use any weak algorithms (md5, Fnv1a, LX4Cnh, sha1, ...) for security related purposes. Only for UUID related things.

  4. MvsSlnFeatureHuid via AdditionalProperties in ProjectReference may cause problems

<ProjectReference Include="...MvsSln.csproj">
    ...
  <AdditionalProperties>MvsSlnFeatureHuid=true</AdditionalProperties>

because we're using a common.props

@3F 3F removed the review label Jun 9, 2024
3F added a commit to 3F/DllExport that referenced this issue Jun 9, 2024
@3F
Updated MvsSln 2.7 with Huid implementation:
1d66cba 
MvsSlnFeatureHuid=true 3F/MvsSln#51 (comment)
@3F 3F mentioned this issue Jun 9, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
core enhancement
Projects
None yet
Milestone
3.0
Development

No branches or pull requests
1 participant
@3F