2 releases

0.1.1 Sep 24, 2024
0.1.0 Sep 24, 2024

#533 in Cryptography

28 downloads per month

Apache-2.0

10KB
165 lines

A lightweight crate for retrieving the unique machine ID without needing root/admin privileges. Uses OS APIs only and does not spawn new processes!

IDs sources

  • Windows: the MachineGuid value from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography (Identifying Unique Windows Installation)
  • Linux: /etc/machine-id with a fallback to /var/lib/dbus/machine-id (man page)
  • macOS: IOPlatformUUID
  • FreeBSD: CTL_KERN : KERN_HOSTUUID sysctl(3) with a fallback to /etc/hostid
  • Other Unix: like FreeBSD, requires testing!
  • Not yet implemented:
    • iOS
    • Android

Security Considerations

A machine ID uniquely identifies the host and should be treated as confidential, avoiding exposure in untrusted environments. If your application requires a stable unique identifier, avoid using the machine as it is. Instead, hash the machine ID securely with a fixed, application-specific salt.

[!WARNING]
Hashing IDs is not only a best practice today, if you store the ID somewhere (like your remote server), you actually must do it by law according to GDPR (see identifiers) and similar regulations.

[!TIP]
Virtual machines deployed from the same template often share the same machine ID. To differentiate them, include the MAC address when hashing.

Dependencies

~0.5–11MB
~67K SLoC