Re: [13] RFR 8228456: Enhance tests after JDK-8217375

[Weijun Wang]

Hi Philipp,

Most are fine but PreserveRawManifestEntryAndDigest.java is still very slow and 
fails intermittently.

The problem is due to jarsignerProc(). Since you have parallel=true for the 
test providers, many jarsigner processes would run at the same time and some of 
our test machines cannot load so many processes (they are also running other 
jobs).

I read about the place when jarsignerProc() is called and seems you want to 
make sure the first file is signed by A and the second is not. Can we do this 
using JarFile API? Does you have other things to check in 
getExpectedJarSignerOutputUpdatedContentNotValidatedBySignerA()?

How about we remove the `jarsigner -verify` call? Like this:

         // double-check reading the files with a verifying JarFile
         try (JarFile jar = new JarFile(jarFilename4, true)) {
             if (firstAddedFilename != null) {
                 JarEntry je1 = jar.getJarEntry(firstAddedFilename);
                 jar.getInputStream(je1).readAllBytes();
-                assertTrue(je1.getCodeSigners().length > 0);
+                CodeSigner[] ss = je1.getCodeSigners();
+                assertTrue(ss.length == 2);
+                assertTrue(containsSignerA(ss));
             }
             if (secondAddedFilename != null) {
                 JarEntry je2 = jar.getJarEntry(secondAddedFilename);
                 jar.getInputStream(je2).readAllBytes();
-                assertTrue(je2.getCodeSigners().length > 0);
+                CodeSigner[] ss = je2.getCodeSigners();
+                assertTrue(ss.length == 1);
+                assertFalse(containsSignerA(ss));
             }
         }
 
@@ -392,6 +380,17 @@
         }
     }
 
+    private static boolean containsSignerA(CodeSigner[] ss) {
+        for (CodeSigner s : ss) {
+            X509Certificate x = (X509Certificate)
+                    s.getSignerCertPath().getCertificates().get(0);
+            if (x.getSubjectX500Principal().toString().equals("CN=A")) {
+                return true;
+            }
+        }
+        return false;
+    }
+

Thanks,
Max

> On Jul 22, 2019, at 10:02 AM, Weijun Wang <weijun.w...@oracle.com> wrote:
> 
> Please take a review at
> 
>   http://cr.openjdk.java.net/~weijun/8228456/webrev.00/
> 
> The change is contributed by Philipp Kunz. Since we are now in RDP 2 and we 
> are not allowed to fix non-test P3 (and lower) bugs. I've removed all src/ 
> changes in Philipp's patch (If I read correctly, is mostly on renaming 
> methods, and brings no behavior change) and made necessary change in test 
> codes to use original method names.
> 
> I haven't read the changes yet. I only made sure they pass on my own system. 
> Oracle's test farm is in maintenance during the weekend.
> 
> Thanks,
> Max
>