Assertions and APIs format hashes differently
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Snap Store Server |
New
|
Undecided
|
Unassigned | ||
snapd |
New
|
Undecided
|
Samuele Pedroni |
Bug Description
It seems the snap-sha3-384 value returned as a header when downloading a snap from the rest api is not the same value as that in the same snap's snap-revision declaration. But, one needs the snap-sha3-384 to obtain the snap-revision, and this is needed to install a snap asserted.
I have an armhf uc20 pi3 that contains a snap with snapd control.
I am trying to use the snapd rest api to download the current revision of learnit snap, then download its assertions, so that I can ack the assertions followed by installing the snap (asserted). The context is a customer's desire to separate download from actual refresh since the download might be slow (cellular) in order to minimize device service interruption.
learnit snap on armhf is currently rev 24 on latest/stable:
knitzsche@ubuntu:~$ snap info learnit
name: learnit
summary: Learn through flash card tests
publisher: Kyle Nitzsche (knitzsche)
store-url: https:/
contact: <email address hidden>
license: LGPL-3.0+
description: |
Learn through flashcards from external card files
snap-id: OHILDGdP7v0yZmk
channels:
latest/stable: 1 2021-07-22 (24) 1MB -
latest/candidate: ↑
latest/beta: ↑
latest/edge: 1 2021-07-23 (29) 1MB -
After running snap download learnit, here's the key data from the assert file:
knitzsche@ubuntu:~$ grep -A5 "type: snap-revision" learnit_24.assert
type: snap-revision
authority-id: canonical
snap-sha3-384: j73cFx0pIMoX4U2
developer-id: oXBKQ6XsXgTcTNV
snap-id: OHILDGdP7v0yZmk
snap-revision: 24
Note the snap-sha3-384 value.
Now, in sudo snap run --shell of my snapd-control snap, I download learnit blob from latest: note the Snap-sha3-384 is DIFFERENT than above:
knitzsche@ubuntu:~$ sudo snap run --shell test-snapdapi.dev
root@ubuntu:
* Trying /run/snapd.
* Connected to localhost (/run/snapd.socket) port 80 (#0)
> POST /v2/download HTTP/1.1
> Host: localhost
> User-Agent: curl/7.68.0
> Accept: */*
> Content-Type: application/json
> Content-Length: 43
>
} [43 bytes data]
* upload completely sent off: 43 out of 43 bytes
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-
< Content-Length: 1032192
< Content-Type: application/
< Snap-Download-
< Snap-Length: 1032192
< Snap-Sha3-384: 8fbddc171d2920c
< Date: Thu, 30 Sep 2021 13:58:37 GMT
<
{ [14619 bytes data]
* Connection #0 to host localhost left intact
root@ubuntu:
If I try to use the provided Snap-sha3-384 value to obtain the snap-revision assertion, it is not returned:
root@ubuntu:
root@ubuntu:
tags: | added: docs |
summary: |
- snap-sha3-384 mismatch + Assertions and APIs format hashes differently |
comprehensive picture of released learnit snaps: $ snapcraft status learnit
candidate 0.2 2
beta 0.2 2
edge 1 25
candidate ↑ ↑
beta ↑ ↑
edge 1 28
candidate ↑ ↑
beta ↑ ↑
edge 1 29
candidate - -
beta - -
edge 0.4 9
candidate - -
beta - -
edge 1 27
candidate - -
beta - -
edge 1 26
Track Arch Channel Version Revision
latest amd64 stable 1 23
arm64 stable 0.4 7
armhf stable 1 24
i386 stable - -
ppc64el stable - -
s390x stable - -