TrustedMetadataSet: test cases into test functions

Split big test functions into smaller test functions and add helper
setup methods.
This will allow us when we have a unit test failure to easier and faster
understand what's wrong.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>

Author: MVrachev

tests/test_trusted_metadata_set.py

@@ -132,19 +132,20 @@ def test_update_with_invalid_json(self):
 
             update_func(metadata)
 
-    def test_verify_with_threshold(self):
-        # Call verify_with_threshold with non root or targets delegator.
+
+    def test_verify_with_threshold_wrong_delegator(self):
         delegated_role = Metadata.from_bytes(self.metadata["role1"])
         timestamp = Metadata.from_bytes(self.metadata["timestamp"])
         with self.assertRaises(ValueError):
             verify_with_threshold(timestamp, "role1", delegated_role)
 
-        # Call verify_with_threshold with non existent role_name.
+    def test_verify_with_threshold_non_existent_role_name(self):
+        delegated_role = Metadata.from_bytes(self.metadata["role1"])
         targets = Metadata.from_bytes(self.metadata["targets"])
         with self.assertRaises(ValueError):
             verify_with_threshold(targets, "foo", delegated_role)
 
-    def test_invalid_update_root(self):
+    def test_update_root_invalid_type(self):
         # new_root data with invalid snapshot type
         invalid_type_data = json.loads(self.metadata["root"])
         invalid_type_data["signed"]["_type"] = "snapshot"
@@ -155,6 +156,7 @@ def test_invalid_update_root(self):
         with self.assertRaises(exceptions.RepositoryError):
             self.trusted_set.update_root(invalid_type_data)
 
+    def test_update_root_new_root_cannot_be_verified_with_threshold(self):
         # new_root data with threshold which cannot be verified.
         modified_threshold_data = copy.deepcopy(
             json.loads(self.metadata["root"])
@@ -164,10 +166,11 @@ def test_invalid_update_root(self):
         with self.assertRaises(exceptions.UnsignedMetadataError):
             self.trusted_set.update_root(modified_threshold_data)
 
-        # new_root.signed.version has the same version as old root
+    def test_update_root_new_root_ver_same_as_trusted_root_ver(self):
         with self.assertRaises(exceptions.ReplayedMetadataError):
             self.trusted_set.update_root(self.metadata["root"])
 
+    def test_update_root_after_successful_root_update(self):
         # if _root_update_finished, then fail when calling update_root
         self.trusted_set.root_update_finished()
         with self.assertRaises(RuntimeError):
@@ -193,21 +196,27 @@ def _sign_modified_obj(
         signature = metadata_obj.sign(sslib_signer)
         return signature.to_dict()
 
-    def test_update_timestamp(self):
+
+    def _setup_update_snapshot_or_timestamp_test(self):
         self.trusted_set.root_update_finished()
         self.trusted_set.update_timestamp(self.metadata["timestamp"])
+
+    def test_update_timestamp_new_timestamp_ver_below_trusted_ver(self):
+        self._setup_update_snapshot_or_timestamp_test()
         # new_timestamp.version < trusted_timestamp.version
         self.trusted_set.timestamp.signed.version = 2
         with self.assertRaises(exceptions.ReplayedMetadataError):
             self.trusted_set.update_timestamp(self.metadata["timestamp"])
-        self.trusted_set.timestamp.signed.version = 1
 
+    def test_update_timestamp_snapshot_ver_below_trusted_snapshot_ver(self):
+        self._setup_update_snapshot_or_timestamp_test()
         # new_timestamp.snapshot.version < trusted_timestamp.snapshot.version
         self.trusted_set.timestamp.signed.meta["snapshot.json"].version = 2
         with self.assertRaises(exceptions.ReplayedMetadataError):
             self.trusted_set.update_timestamp(self.metadata["timestamp"])
-        self.trusted_set.timestamp.signed.meta["snapshot.json"].version = 1
 
+    def test_update_timestamp_snapshot_ver_below_trusted_snapshot_ver(self):
+        self._setup_update_snapshot_or_timestamp_test()
         # new_timestamp has expired
         timestamp = Metadata.from_bytes(self.metadata["timestamp"])
         timestamp.signed.expires = datetime.strptime(
@@ -218,6 +227,7 @@ def test_update_timestamp(self):
         with self.assertRaises(exceptions.ExpiredMetadataError):
             self.trusted_set.update_timestamp(new_timestamp_byte_data)
 
+
     def _calculate_modified_hashes(
         self, true_hashes,
         data: bytes
@@ -231,9 +241,8 @@ def _calculate_modified_hashes(
             modified_hashes[algo] = observed_hash
         return modified_hashes
 
-    def test_update_snapshot(self):
-        self.trusted_set.root_update_finished()
-        self.trusted_set.update_timestamp(self.metadata["timestamp"])
+    def test_update_snapshot_new_snapshot_invalid_type(self):
+        self._setup_update_snapshot_or_timestamp_test()
         # new_snapshot data with invalid targets type
         invalid_type_data = json.loads(self.metadata["snapshot"])
         invalid_type_data["signed"]["_type"] = "targets"
@@ -248,14 +257,17 @@ def test_update_snapshot(self):
 
         with self.assertRaises(exceptions.RepositoryError):
             self.trusted_set.update_snapshot(invalid_type_data)
-        self.trusted_set.timestamp.signed.meta["snapshot.json"].hashes = true_hashes
+
+    def test_update_snapshot_after_targets_updated(self):
+        self._setup_update_snapshot_or_timestamp_test()
         # cannot update snapshot after targets update completes or targets != None
         targets_obj = Metadata.from_bytes(self.metadata["targets"])
         self.trusted_set._trusted_set["targets"] = targets_obj
         with self.assertRaises(RuntimeError):
             self.trusted_set.update_snapshot(self.metadata["snapshot"])
-        del self.trusted_set._trusted_set["targets"]
 
+    def test_update_snapshot_with_invalid_json(self):
+        self._setup_update_snapshot_or_timestamp_test()
         #  Deserialization error - failed to decode the new_snapshot JSON.
         timestamp_meta = self.trusted_set.timestamp.signed.meta["snapshot.json"]
         true_hashes = timestamp_meta.hashes or {}
@@ -268,24 +280,29 @@ def test_update_snapshot(self):
             self.trusted_set.update_snapshot(b'{""sig": }')
         self.trusted_set.timestamp.signed.meta["snapshot.json"].hashes = true_hashes
 
+    def test_update_snapshot_cannot_verify_snapshot_with_threshold(self):
+        self._setup_update_snapshot_or_timestamp_test()
         # root data with threshold which cannot be verified for new_snapshot
         self.trusted_set.root.signed.roles["snapshot"].threshold = 2
         with self.assertRaises(exceptions.UnsignedMetadataError):
             self.trusted_set.update_snapshot(self.metadata["snapshot"])
         self.trusted_set.root.signed.roles["snapshot"].threshold = 1
 
+    def test_update_snapshot_version_different_timestamp_snapshot_version(self):
+        self._setup_update_snapshot_or_timestamp_test()
         # new_snapshot.version != trusted timestamp.meta["snapshot"].version
         self.trusted_set.timestamp.signed.meta["snapshot.json"].version = 2
         with self.assertRaises(exceptions.BadVersionNumberError):
             self.trusted_set.update_snapshot(self.metadata["snapshot"])
         self.trusted_set.timestamp.signed.meta["snapshot.json"].version = 1
 
 
-    def test_update_snapshot_after_succesfull_update(self):
-        self.trusted_set.root_update_finished()
-        self.trusted_set.update_timestamp(self.metadata["timestamp"])
+    def _setup_update_snapshot_after_successful_update_test(self):
+        self._setup_update_snapshot_or_timestamp_test()
         self.trusted_set.update_snapshot(self.metadata["snapshot"])
 
+    def test_update_snapshot_after_successful_update_new_snapshot_no_meta(self):
+        self._setup_update_snapshot_after_successful_update_test()
         # Test removing a meta_file in new_snapshot compared to the old snapshot
         snapshot_obj = Metadata.from_bytes(self.metadata["snapshot"])
         snapshot_obj.signed.meta = {}
@@ -301,63 +318,69 @@ def test_update_snapshot_after_succesfull_update(self):
 
         with self.assertRaises(exceptions.RepositoryError):
             self.trusted_set.update_snapshot(modified_snapshot_data)
-        self.trusted_set.timestamp.signed.meta["snapshot.json"].hashes = true_hashes
 
+    def test_update_snapshot_after_succesfull_update_new_snapshot_meta_version_different(self):
+        self._setup_update_snapshot_after_successful_update_test()
         # snapshot.meta["project1"].version != new_snapshot.meta["project1"].version
         for meta_file_path in self.trusted_set.snapshot.signed.meta.keys():
             self.trusted_set.snapshot.signed.meta[meta_file_path].version = 2
         with self.assertRaises(exceptions.BadVersionNumberError):
             self.trusted_set.update_snapshot(self.metadata["snapshot"])
-        for meta_file_path in self.trusted_set.snapshot.signed.meta.keys():
-            self.trusted_set.snapshot.signed.meta[meta_file_path].version = 1
 
+    def test_update_snapshot_after_succesfull_expired_new_snapshot(self):
+        self._setup_update_snapshot_after_successful_update_test()
         # new_snapshot has expired
         snapshot_obj = Metadata.from_bytes(self.metadata["snapshot"])
         snapshot_obj.signed.expires = datetime.strptime(
             "1970-01-01T00:00:00Z", "%Y-%m-%dT%H:%M:%SZ"
         )
         self._sign_modified_obj("snapshot", snapshot_obj)
         modified_snapshot_data = json.dumps(snapshot_obj.to_dict()).encode()
+        timestamp_meta = self.trusted_set.timestamp.signed.meta["snapshot.json"]
+        true_hashes = timestamp_meta.hashes or {}
         modified_hashes = self._calculate_modified_hashes(
             true_hashes, modified_snapshot_data
         )
         self.trusted_set.timestamp.signed.meta["snapshot.json"].hashes = modified_hashes
+        # remove length so it doesn't intervene the validation.
+        self.trusted_set.timestamp.signed.meta["snapshot.json"].length = None
         with self.assertRaises(exceptions.ExpiredMetadataError):
             self.trusted_set.update_snapshot(modified_snapshot_data)
-        self.trusted_set.timestamp.signed.meta["snapshot.json"].hashes = true_hashes
 
-    def test_update_targets(self):
+
+    def setup_update_targets_test(self):
         self.trusted_set.root_update_finished()
         self.trusted_set.update_timestamp(self.metadata["timestamp"])
         self.trusted_set.update_snapshot(self.metadata["snapshot"])
-        
+
+    def test_update_targets_no_meta_in_snapshot(self):
+        self.setup_update_targets_test()
         # remove meta information with information about targets from snapshot
         self.trusted_set.snapshot.signed.meta = {}
         with self.assertRaises(exceptions.RepositoryError):
             self.trusted_set.update_targets(self.metadata["targets"])
-        snapshot = Metadata.from_bytes(self.metadata["snapshot"])
-        self.trusted_set.snapshot.signed.meta = snapshot.signed.meta
 
+    def test_update_targets_hash_different_than_snapshot_meta_hash(self):
+        self.setup_update_targets_test()
         # observed_hash != stored hash in snapshot meta for targets
         true_hashes = {}
         for target_path, meta_file in self.trusted_set.snapshot.signed.meta.items():
             true_hashes[target_path] = meta_file.hashes
             self.trusted_set.snapshot.signed.meta[target_path].hashes = {"sha256": "b"}
-        with self.assertRaises(exceptions.BadHashError):
+        with self.assertRaises(exceptions.RepositoryError):
             self.trusted_set.update_targets(self.metadata["targets"])
-        # Return to the original hash values
-        for target_path in true_hashes.keys():
-            self.trusted_set.snapshot.signed.meta[target_path].hashes = \
-                true_hashes[target_path]
 
+    def test_update_targets_version_different_snapshot_meta_version(self):
+        self.setup_update_targets_test()
         # new_delegate.signed.version != meta.version stored in snapshot
         for target_path in self.trusted_set.snapshot.signed.meta.keys():
             self.trusted_set.snapshot.signed.meta[target_path].version = 2
         with self.assertRaises(exceptions.BadVersionNumberError):
             self.trusted_set.update_targets(self.metadata["targets"])
-        self.trusted_set.snapshot.signed.meta[target_path].version = 1
 
-        # new_delegate has expired
+    def test_update_targets_expired_new_target(self):
+        self.setup_update_targets_test()
+        # new_delegated_target has expired
         targets_obj = Metadata.from_bytes(self.metadata["targets"])
         targets_obj.signed.expires = datetime.strptime(
             "1970-01-01T00:00:00Z", "%Y-%m-%dT%H:%M:%SZ"