8206911: javax/xml/crypto/dsig/GenerationTests.java fails in 8u-dev

Reviewed-by: mullan

test/ProblemList.txt

@@ -308,9 +308,6 @@ sun/security/ssl/com/sun/net/ssl/internal/ssl/X509KeyManager/PreferredKey.java
 # 8206909
 com/sun/crypto/provider/CICO/PBEFunc/CICOPBEFuncTest.java       solaris-sparcv9
 
-# 8206911
-javax/xml/crypto/dsig/GenerationTests.java                      solaris-all
-
 # 8206912
 sun/security/krb5/auto/ReplayCacheTestProc.java                 solaris-sparcv9
 

test/javax/xml/crypto/dsig/GenerationTests.java

 /*
- * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -46,6 +46,7 @@ import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.SecureRandom;
+import java.security.Security;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509CRL;
@@ -120,6 +121,9 @@ public class GenerationTests {
 
     private static final String BOGUS = "bogus";
 
+    private static final String OS = System.getProperty("os.name");
+    private static boolean secondChanceGranted = false;
+
     private static final  String xslt = ""
           + "<xsl:stylesheet xmlns:xsl='http://www.w3.org/1999/XSL/Transform'\n"
           + "            xmlns='http://www.w3.org/TR/xhtml1/strict' \n"
@@ -1312,7 +1316,7 @@ public class GenerationTests {
             }
         }
 
-        System.out.println("Test case passed");
+        if (result) System.out.println("Test case passed");
     }
 
     static boolean test_create_detached_signature(String canonicalizationMethod,
@@ -1442,7 +1446,15 @@ public class GenerationTests {
         boolean success = signature.validate(vc);
         if (!success) {
             System.out.println("Core signature validation failed");
-            return false;
+            if (!secondChanceGranted && OS.contains("SunOS")) {
+                removePKCS11Provider();
+                // set up the test again
+                return test_create_detached_signature(canonicalizationMethod,
+                    signatureMethod, digestMethod, transform,
+                    keyInfo, contentType, port);
+            } else {
+                return false;
+            }
         }
 
         success = signature.getSignatureValue().validate(vc);
@@ -1454,6 +1466,18 @@ public class GenerationTests {
         return true;
     }
 
+    /*
+     * Helper method for cases where we're running on unpatched
+     * solaris systems where PKCS11 native libraries are unpatched
+     */
+    private static void removePKCS11Provider() throws Exception {
+        secondChanceGranted = true;
+        Security.removeProvider("SunPKCS11-Solaris");
+        System.out.println("Second chance granted. Provider list: "
+                + Arrays.toString(Security.getProviders()));
+        setup();
+    }
+
     private static final String DSA_Y =
         "070662842167565771936588335128634396171789331656318483584455493822" +
         "400811200853331373030669235424928346190274044631949560438023934623" +