Update expired metadata tests logic

ivanayov · ivanayov · commit ed0d0b8dbf2d · 2022-02-18T18:13:38.000+02:00
This change improves the logic of expired metadata tests, so that
it is explicitly visible what the expiry time and the versions are
and when update/refresh is called in that period

Signed-off-by: Ivana Atanasova &lt;iyovcheva@vmware.com&gt;
diff --git a/tests/test_updater_top_level_update.py b/tests/test_updater_top_level_update.py
@@ -310,43 +310,66 @@ def test_new_timestamp_unsigned(self) -> None:
 
     @patch.object(datetime, "datetime", wraps=datetime.datetime)
     def test_expired_timestamp_version_rollback(self, mock_time: Mock) -> None:
+
+        now = datetime.datetime.utcnow()
+        self.sim.timestamp.expires = now.replace(
+            microsecond=0
+        ) + datetime.timedelta(days=7)
+
+        self.sim.timestamp.version = 2
+
+        # Make a successful update of valid metadata which stores it in cache
         self._run_refresh()
 
+        self.sim.timestamp.version = 1
+
+        self.sim.timestamp.expires = now.replace(
+            microsecond=0
+        ) + datetime.timedelta(days=21)
+
         mock_time.utcnow.return_value = (
-            datetime.datetime.utcnow() + datetime.timedelta(seconds=1)
+            datetime.datetime.utcnow() + datetime.timedelta(days=18)
         )
         with patch("datetime.datetime", mock_time):
-            # Check for a rollback attack
-            self.sim.timestamp.version = 2
-            self._run_refresh()
-
-            self.sim.timestamp.version = 1
+            # Check that a rollback protection is performed even if
+            # local timestamp has expired
             with self.assertRaises(BadVersionNumberError):
                 self._run_refresh()
 
-            self._assert_version_equals(Timestamp.type, 2)
+        self._assert_version_equals(Timestamp.type, 2)
 
     @patch.object(datetime, "datetime", wraps=datetime.datetime)
     def test_expired_timestamp_snapshot_rollback(self, mock_time: Mock) -> None:
+
+        now = datetime.datetime.utcnow()
+        self.sim.timestamp.expires = now.replace(
+            microsecond=0
+        ) + datetime.timedelta(days=7)
+
+        # Bump the snapshot version number to 3
+        self.sim.update_snapshot()
+        self.sim.update_snapshot()
+
+        # Make a successful update of valid metadata which stores it in cache
         self._run_refresh()
 
+        self.sim.snapshot.version = 1
+        # Snapshot version number is set to 2, which is still less than 3
+        self.sim.update_snapshot()
+        self.sim.timestamp.expires = now.replace(
+            microsecond=0
+        ) + datetime.timedelta(days=21)
+
         mock_time.utcnow.return_value = (
-            datetime.datetime.utcnow() + datetime.timedelta(seconds=1)
+            datetime.datetime.utcnow() + datetime.timedelta(days=18)
         )
         with patch("datetime.datetime", mock_time):
-            # Check for a rollback attack.
-            self.sim.snapshot.version = 2
-            self.sim.update_timestamp()  # timestamp v2
-            self._run_refresh()
-
-            # Snapshot meta version is smaller than previous
-            self.sim.timestamp.snapshot_meta.version = 1
-            self.sim.timestamp.version += 1  # timestamp v3
-
+            # Assert that rollback protection is done even if
+            # local timestamp has expired
             with self.assertRaises(BadVersionNumberError):
                 self._run_refresh()
 
-            self._assert_version_equals(Timestamp.type, 2)
+        self._assert_version_equals(Timestamp.type, 3)
 
     def test_new_timestamp_version_rollback(self) -> None:
         # Check for a rollback attack
@@ -709,19 +732,27 @@ def test_expired_metadata(self, mock_time: Mock) -> None:
         # Test that expired local timestamp/snapshot can be used for updating
         # from remote
 
+        now = datetime.datetime.utcnow()
+        self.sim.timestamp.expires = now.replace(
+            microsecond=0
+        ) + datetime.timedelta(days=7)
+
         # Make a successful update of valid metadata which stores it in cache
         self._run_refresh()
 
-        # Simulate expired local metadata by mocking system time one second ahead
+        self.sim.targets.version += 1
+        self.sim.update_snapshot()
+        self.sim.timestamp.expires = now.replace(
+            microsecond=0
+        ) + datetime.timedelta(days=21)
+
+        # Mocking time so that local timestam has expired
+        # but the new timestamp has not
         mock_time.utcnow.return_value = (
-            datetime.datetime.utcnow() + datetime.timedelta(seconds=1)
+            datetime.datetime.utcnow() + datetime.timedelta(days=18)
         )
         with patch("datetime.datetime", mock_time):
-            self.sim.targets.version += 1
-            self.sim.update_snapshot()
-        # Create a new updater and perform a second update while
-        # the metadata is already stored in cache (metadata dir)
-        self._run_refresh()
+            self._run_refresh()
 
         # Assert that the final version of timestamp/snapshot is version 2
         # which means a successful refresh is performed
