Update expired metadata tests logic

This change improves the logic of expired metadata tests, so that
it is explicitly visible what the expiry time and the versions are
and when update/refresh is called in that period

Signed-off-by: Ivana Atanasova <[email protected]>

Author: ivanayov

tests/test_updater_top_level_update.py

@@ -310,43 +310,66 @@ def test_new_timestamp_unsigned(self) -> None:
 
     @patch.object(datetime, "datetime", wraps=datetime.datetime)
     def test_expired_timestamp_version_rollback(self, mock_time: Mock) -> None:
+
+        now = datetime.datetime.utcnow()
+        self.sim.timestamp.expires = now.replace(microsecond=0) + datetime.timedelta(
+            days=7
+        )
+        self.sim.timestamp.version = 2
+
+        # Make a successful update of valid metadata which stores it in cache
         self._run_refresh()
 
-        mock_time.utcnow.return_value = (
-            datetime.datetime.utcnow() + datetime.timedelta(seconds=1)
+        self.sim.timestamp.version = 1
+
+        self.sim.timestamp.expires = now.replace(microsecond=0) + datetime.timedelta(
+            days=21
         )
-        with patch("datetime.datetime", mock_time):
-            # Check for a rollback attack
-            self.sim.timestamp.version = 2
-            self._run_refresh()
 
-            self.sim.timestamp.version = 1
+        mock_time.utcnow.return_value = (
+            datetime.datetime.utcnow() + datetime.timedelta(
+            days=18
+        ))
+        with patch("datetime.datetime", mock_time):
+            # Check that a rollback protection is performed even if
+            # local timestamp has expired
             with self.assertRaises(BadVersionNumberError):
                 self._run_refresh()
 
-            self._assert_version_equals(Timestamp.type, 2)
+        self._assert_version_equals(Timestamp.type, 2)
 
     @patch.object(datetime, "datetime", wraps=datetime.datetime)
     def test_expired_timestamp_snapshot_rollback(self, mock_time: Mock) -> None:
-        self._run_refresh()
 
-        mock_time.utcnow.return_value = (
-            datetime.datetime.utcnow() + datetime.timedelta(seconds=1)
+        now = datetime.datetime.utcnow()
+        self.sim.timestamp.expires = now.replace(microsecond=0) + datetime.timedelta(
+            days=7
         )
-        with patch("datetime.datetime", mock_time):
-            # Check for a rollback attack.
-            self.sim.snapshot.version = 2
-            self.sim.update_timestamp()  # timestamp v2
-            self._run_refresh()
+        # Bump the snapshot version number to 3
+        self.sim.update_snapshot()
+        self.sim.update_snapshot()
 
-            # Snapshot meta version is smaller than previous
-            self.sim.timestamp.snapshot_meta.version = 1
-            self.sim.timestamp.version += 1  # timestamp v3
+        # Make a successful update of valid metadata which stores it in cache
+        self._run_refresh()
 
+        self.sim.snapshot.version = 1
+        # Snapshot version number is set to 2, which is still less than 3
+        self.sim.update_snapshot()
+        self.sim.timestamp.expires = now.replace(microsecond=0) + datetime.timedelta(
+            days=21
+        )
+
+        mock_time.utcnow.return_value = (
+            datetime.datetime.utcnow() + datetime.timedelta(
+            days=18
+        ))
+        with patch("datetime.datetime", mock_time):
+            # Assert that rollback protection is done even if
+            # local timestamp has expired
             with self.assertRaises(BadVersionNumberError):
                 self._run_refresh()
 
-            self._assert_version_equals(Timestamp.type, 2)
+        self._assert_version_equals(Timestamp.type, 3)
 
     def test_new_timestamp_version_rollback(self) -> None:
         # Check for a rollback attack
@@ -709,19 +732,26 @@ def test_expired_metadata(self, mock_time: Mock) -> None:
         # Test that expired local timestamp/snapshot can be used for updating
         # from remote
 
+        now = datetime.datetime.utcnow()
+        self.sim.timestamp.expires = now.replace(microsecond=0) + datetime.timedelta(
+            days=7
+        )
         # Make a successful update of valid metadata which stores it in cache
         self._run_refresh()
 
-        # Simulate expired local metadata by mocking system time one second ahead
+        self.sim.targets.version += 1
+        self.sim.update_snapshot()
+        self.sim.timestamp.expires = now.replace(microsecond=0) + datetime.timedelta(
+            days=21
+        )
+
+        # Mocking time so that local timestam has expired
+        # but the new timestamp has not
         mock_time.utcnow.return_value = (
-            datetime.datetime.utcnow() + datetime.timedelta(seconds=1)
+            datetime.datetime.utcnow() + datetime.timedelta(days=18)
         )
         with patch("datetime.datetime", mock_time):
-            self.sim.targets.version += 1
-            self.sim.update_snapshot()
-        # Create a new updater and perform a second update while
-        # the metadata is already stored in cache (metadata dir)
-        self._run_refresh()
+            self._run_refresh()
 
         # Assert that the final version of timestamp/snapshot is version 2
         # which means a successful refresh is performed