Reenable BuildInvalidSignatureTwice with better diagnostics

Commit migrated from https://github.com/dotnet/corefx/commit/09c3160b52e1e47b3a92c837337672d1b426e170

diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/tests/ChainTests.cs b/src/libraries/System.Security.Cryptography.X509Certificates/tests/ChainTests.cs
index 3b61c25..983958a 100644 (file)
--- a/src/libraries/System.Security.Cryptography.X509Certificates/tests/ChainTests.cs
+++ b/src/libraries/System.Security.Cryptography.X509Certificates/tests/ChainTests.cs
@@ -856,7 +856,6 @@ tHP28fj0LUop/QFojSZPsaPAW6JvoQ0t4hd6WoyX6z7FsA==
             }
         }
 
-        [ActiveIssue(36124, TestPlatforms.Windows)]
         [Fact]
         public static void BuildInvalidSignatureTwice()
         {
@@ -896,9 +895,9 @@ tHP28fj0LUop/QFojSZPsaPAW6JvoQ0t4hd6WoyX6z7FsA==
                     }
                     else
                     {
-                        Assert.False(valid, $"Chain is valid on execution {iter}");
-
-                        Assert.Equal(3, chain.ChainElements.Count);
+                        // These asserts are "most informative first".
+                        // (There was an interval where valid was reporting as true in CI, but
+                        // that is the least informative failure)
 
                         // Clear UntrustedRoot, if it happened.
                         allFlags &= ~X509ChainStatusFlags.UntrustedRoot;
@@ -906,6 +905,10 @@ tHP28fj0LUop/QFojSZPsaPAW6JvoQ0t4hd6WoyX6z7FsA==
                         Assert.Equal(
                             X509ChainStatusFlags.NotSignatureValid,
                             allFlags);
+
+                        Assert.Equal(3, chain.ChainElements.Count);
+
+                        Assert.False(valid, $"Chain is valid on execution {iter}");
                     }
 
                     chainHolder.DisposeChainElements();