--- a/authenticationservices/authenticationserver/test/authtool/authtool.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/authtool/authtool.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -32,7 +32,7 @@
 SOURCEPATH	.
 SOURCE authtool.cpp
 
-SYSTEMINCLUDE /epoc32/include
+OS_LAYER_SYSTEMINCLUDE
 USERINCLUDE ../../inc/authserver
 
 LIBRARY	euser.lib authclient.lib authcommon.lib
--- a/authenticationservices/authenticationserver/test/reftestplugin/group/t_pinplugindlg.mmh	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/reftestplugin/group/t_pinplugindlg.mmh	Fri Mar 12 15:51:07 2010 +0200
@@ -46,10 +46,11 @@
 
 USERINCLUDE		.
 
-SYSTEMINCLUDE   \epoc32\include\techview
-SYSTEMINCLUDE	\epoc32\include\ecom
-SYSTEMINCLUDE 	\epoc32\include
-SYSTEMINCLUDE 	\epoc32\include\test
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(ecom)
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(techview)
+MW_LAYER_SYSTEMINCLUDE_SYMBIAN
 
 SOURCEPATH	    ..\tpinplugindlg
 
--- a/authenticationservices/authenticationserver/test/reftestplugin/group/tpinplugin.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/reftestplugin/group/tpinplugin.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -33,9 +33,9 @@
 
 CAPABILITY TrustedUI ProtServ ReadDeviceData WriteDeviceData Location SurroundingsDD UserEnvironment
 
-SYSTEMINCLUDE 	/epoc32/include
-SYSTEMINCLUDE	/epoc32/include/authserver
-SYSTEMINCLUDE 	/epoc32/include/test
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(authserver)
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
 
 USERINCLUDE		.
 USERINCLUDE		../../../source/common
--- a/authenticationservices/authenticationserver/test/tAuthSvr/group/tAuthPlugin.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tAuthSvr/group/tAuthPlugin.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -45,12 +45,11 @@
 USERINCLUDE		../../../source/client
 USERINCLUDE		../../../inc_private
 
-SYSTEMINCLUDE 	/epoc32/include 
-SYSTEMINCLUDE 	/epoc32/include/ecom
-
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(ecom)
 
 //Use of Test Execute logging functions
-//SYSTEMINCLUDE 	/epoc32/include/test
+//OS_LAYER_SYSTEMINCLUDE(test)
 //LIBRARY			testexecuteutils.lib
 //LIBRARY			testexecutelogclient.lib
 
--- a/authenticationservices/authenticationserver/test/tAuthSvr/group/tAuthSvr.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tAuthSvr/group/tAuthSvr.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -23,8 +23,8 @@
 
 CAPABILITY		AllFiles ReadUserData WriteUserData ReadDeviceData WriteDeviceData TrustedUI
 
-SYSTEMINCLUDE 	/epoc32/include
-SYSTEMINCLUDE 	/epoc32/include/test
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
 
 USERINCLUDE		../../../source/server
 USERINCLUDE		../../../source/common
--- a/authenticationservices/authenticationserver/test/tAuthSvr/group/tMiscAuthPlugin.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tAuthSvr/group/tMiscAuthPlugin.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -39,8 +39,8 @@
 USERINCLUDE		../../../source/common
 USERINCLUDE		../../../source/client
 
-SYSTEMINCLUDE	/epoc32/include
-SYSTEMINCLUDE   /EPOC32/INCLUDE/ECOM
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
 
 LIBRARY		euser.lib
 LIBRARY     ecom.lib
--- a/authenticationservices/authenticationserver/test/tAuthSvr/group/tauthpluginupgrade.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tAuthSvr/group/tauthpluginupgrade.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -45,8 +45,8 @@
 USERINCLUDE		../../../source/common
 USERINCLUDE		../../../source/client
 
-SYSTEMINCLUDE 	/epoc32/include 
-SYSTEMINCLUDE 	/epoc32/include/ecom
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(ecom)
 
 LIBRARY cinidata.lib	// add text INI file parsing ability
 LIBRARY ecom.lib	//ECOM plug-in DLLs must link against ECOM.lib
--- a/authenticationservices/authenticationserver/test/tAuthSvr/group/tauthsvrnc.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tAuthSvr/group/tauthsvrnc.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -22,8 +22,8 @@
 VENDORID		0x70000001
 
 
-SYSTEMINCLUDE 	/epoc32/include
-SYSTEMINCLUDE 	/epoc32/include/test
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
 
 USERINCLUDE		../../../source/server
 USERINCLUDE		../../../source/common
--- a/authenticationservices/authenticationserver/test/tAuthSvr/group/tauthsvrwdd.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tAuthSvr/group/tauthsvrwdd.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -22,8 +22,8 @@
 VENDORID		0x70000001
 CAPABILITY		AllFiles ReadUserData WriteUserData ReadDeviceData WriteDeviceData
 
-SYSTEMINCLUDE 	/epoc32/include
-SYSTEMINCLUDE 	/epoc32/include/test
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
 
 USERINCLUDE		../../../source/server
 USERINCLUDE		../../../source/common
--- a/authenticationservices/authenticationserver/test/tAuthSvr/group/tpostmarketramplugin.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tAuthSvr/group/tpostmarketramplugin.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -46,8 +46,8 @@
 USERINCLUDE		../../../source/common
 USERINCLUDE		../../../source/client
 
-SYSTEMINCLUDE 	/epoc32/include 
-SYSTEMINCLUDE 	/epoc32/include/ecom
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(ecom)
 
 LIBRARY cinidata.lib	// add text INI file parsing ability
 LIBRARY ecom.lib	//ECOM plug-in DLLs must link against ECOM.lib
--- a/authenticationservices/authenticationserver/test/tauthcliserv/tauthcliserv.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tauthcliserv/tauthcliserv.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -31,8 +31,8 @@
 USERINCLUDE		../../inc_private
 USERINCLUDE		../../inc/authserver
 
-SYSTEMINCLUDE	/epoc32/include
-SYSTEMINCLUDE	/epoc32/include/test
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
 
 SOURCEPATH		.
 USERINCLUDE		.
--- a/authenticationservices/authenticationserver/test/tauthdb/tauthdb.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tauthdb/tauthdb.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -41,8 +41,8 @@
 USERINCLUDE		../../inc_private
 USERINCLUDE             ../../inc/authserver
 
-SYSTEMINCLUDE	/epoc32/include
-SYSTEMINCLUDE	/epoc32/include/test
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
 
 LIBRARY			bafl.lib edbms.lib estor.lib efsrv.lib euser.lib
 LIBRARY         testexecuteutils.lib testexecutelogclient.lib
--- a/authenticationservices/authenticationserver/test/tauthkeys/tauthkeys.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tauthkeys/tauthkeys.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -36,8 +36,8 @@
 USERINCLUDE		../../inc_private
 USERINCLUDE ../../inc/authserver
 
-SYSTEMINCLUDE	/epoc32/include
-SYSTEMINCLUDE	/epoc32/include/test
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
 
 LIBRARY			euser.lib
 LIBRARY			efsrv.lib
--- a/authenticationservices/authenticationserver/test/tauthplugins/tauthplugins.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tauthplugins/tauthplugins.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -21,8 +21,8 @@
 UID				0x1000007A 0x10204F0D
 VENDORID		0x70000001
 
-SYSTEMINCLUDE		/epoc32/include
-SYSTEMINCLUDE		/epoc32/include/test
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(test)
 
 USERINCLUDE			.
 USERINCLUDE			../../source/common
--- a/authenticationservices/authenticationserver/test/tauthplugins/testplugins.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tauthplugins/testplugins.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -23,7 +23,7 @@
 
 CAPABILITY			ALL -TCB
 
-SYSTEMINCLUDE		/epoc32/include
+OS_LAYER_SYSTEMINCLUDE
 
 USERINCLUDE			.
 USERINCLUDE			../../source/common
--- a/authenticationservices/authenticationserver/test/tauthplugins/testpluginsupgrade.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/authenticationservices/authenticationserver/test/tauthplugins/testpluginsupgrade.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -25,7 +25,7 @@
 
 VERSION 10.1
 
-SYSTEMINCLUDE		/epoc32/include
+OS_LAYER_SYSTEMINCLUDE
 
 USERINCLUDE			.
 USERINCLUDE			../../source/common
--- a/contentmgmt/referencedrmagent/refcafhelper/group/refcafhelper.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/contentmgmt/referencedrmagent/refcafhelper/group/refcafhelper.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -35,8 +35,9 @@
 
 USERINCLUDE	../inc
 
-SYSTEMINCLUDE	/epoc32/include 
-SYSTEMINCLUDE	/epoc32/include/caf
+OS_LAYER_SYSTEMINCLUDE
+SYSTEMINCLUDE OS_LAYER_PLATFORM_EXPORT_PATH(caf)
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(caf)
 
 LIBRARY		euser.lib
 SMPSAFE
--- a/cryptomgmtlibs/securitytestfw/group/bld.inf	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptomgmtlibs/securitytestfw/group/bld.inf	Fri Mar 12 15:51:07 2010 +0200
@@ -97,6 +97,7 @@
 #endif
 #ifdef SYMBIAN_CRYPTOSPI
 	../test/autotesting/runcrypto_9.5.bat /epoc32/winscw/c/autohardware/runcrypto_9.5.bat
+	../test/autotesting/runhardwarecrypto.bat /epoc32/winscw/c/autohardware/runhardwarecrypto.bat
 #else
 	../test/autotesting/runcrypto_9.4.bat /epoc32/winscw/c/autohardware/runcrypto_9.4.bat
 #endif
--- a/cryptomgmtlibs/securitytestfw/group/t_testhandler2.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptomgmtlibs/securitytestfw/group/t_testhandler2.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -35,7 +35,7 @@
 OS_LAYER_SYSTEMINCLUDE_SYMBIAN
 
 #ifdef SYMBIAN_AUTH_SERVER
-SYSTEMINCLUDE /epoc32/include/authserver
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(authserver)
 #endif
 
 SOURCEPATH	../test/testhandler2
--- a/cryptomgmtlibs/securitytestfw/inc/SecurityTests_sdp_9.5.iby	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptomgmtlibs/securitytestfw/inc/SecurityTests_sdp_9.5.iby	Fri Mar 12 15:51:07 2010 +0200
@@ -57,6 +57,7 @@
 	#include "tpkcs7server.iby"     
 	#include "tpkcs12integrationserver.iby"  	
 	#include "ctframeworktests.iby"
+	#include "cryptotests.iby"
 #else
 	#include "streamingcaf.iby"
 	// iby files for caf
@@ -133,7 +134,11 @@
 	#ifdef SYMBIAN_ENABLE_SDP_WMDRM_SUPPORT
 		data = ZDRIVE\autohardware\runcrypto_wmdrm.bat	               	\runcrypto.bat
 	#else
-		data = ZDRIVE\autohardware\runcrypto_9.5.bat	               	\runcrypto.bat
+		#ifdef __SECURITY_MANDATORY_SWICERTSTORE__
+			data = ZDRIVE\autohardware\runhardwarecrypto.bat				\runcrypto.bat
+		#else
+			data = ZDRIVE\autohardware\runcrypto_9.5.bat	               	\runcrypto.bat
+		#endif
 	#endif
 #else
 	data = ZDRIVE\autohardware\runcrypto_9.4.bat	               	\runcrypto.bat
--- a/cryptomgmtlibs/securitytestfw/test/autotesting/runcrypto_9.5.bat	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptomgmtlibs/securitytestfw/test/autotesting/runcrypto_9.5.bat	Fri Mar 12 15:51:07 2010 +0200
@@ -13,9 +13,6 @@
 @rem
 @rem Description: 
 @rem
-temb
-move c:\temblog.txt c:\testresults\
-move c:\testresults\temblog.txt e:\testresults\temblog.txt
 
 REM hash
 copy /s z:\thash\ c:\thash\
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/cryptomgmtlibs/securitytestfw/test/autotesting/runhardwarecrypto.bat	Fri Mar 12 15:51:07 2010 +0200
@@ -0,0 +1,21 @@
+@rem
+@rem Copyright (c) 2010 Nokia Corporation and/or its subsidiary(-ies).
+@rem All rights reserved.
+@rem This component and the accompanying materials are made available
+@rem under the terms of the License "Eclipse Public License v1.0"
+@rem which accompanies this distribution, and is available
+@rem at the URL "http://www.eclipse.org/legal/epl-v10.html".
+@rem
+@rem Initial Contributors:
+@rem Nokia Corporation - initial contribution.
+@rem
+@rem Contributors:
+@rem
+@rem Description: 
+@rem
+
+// Test the hardware crypto reference test plug-in
+
+temb
+move c:\temblog.txt c:\testresults\
+move c:\testresults\temblog.txt e:\testresults\temblog.txt
\ No newline at end of file
--- a/cryptomgmtlibs/securitytestfw/test/autotesting/testsecurity_sdp_newrom.bat	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptomgmtlibs/securitytestfw/test/autotesting/testsecurity_sdp_newrom.bat	Fri Mar 12 15:51:07 2010 +0200
@@ -35,6 +35,8 @@
 
 sntpclient -savings cbtime01.symbian.intra bantime01.symbian.intra
 
+runcrypto.bat
+
 runupstests.bat
 
 runpkcs12tests.bat
--- a/cryptoplugins/cryptospiplugins/inc/cryptospi_testplugins.iby	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/inc/cryptospi_testplugins.iby	Fri Mar 12 15:51:07 2010 +0200
@@ -18,6 +18,7 @@
 REM H4 Hardware Device Driver
 
 #ifndef __SECURITY_NOTH4__
+#ifdef __SECURITY_MANDATORY_SWICERTSTORE__
 // Proof of concept H4 driver (NOT supported)
 #ifdef __SECURITY_TEST_ROM__
 ROM_IMAGE[0] {
@@ -48,3 +49,4 @@
 file=ABI_DIR\BUILD_DIR\temb.exe 	"sys\bin\temb.exe"
 file=ABI_DIR\BUILD_DIR\tasync.exe 	"sys\bin\tasync.exe"
 #endif
+#endif
--- a/cryptoplugins/cryptospiplugins/test/dummyecchwplugin/group/cryptospihai.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/test/dummyecchwplugin/group/cryptospihai.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -36,7 +36,7 @@
 DEFFILE cryptospihai.def
 
 USERINCLUDE		.
-SYSTEMINCLUDE /epoc32/include
+OS_LAYER_SYSTEMINCLUDE
 USERINCLUDE	../../../../../crypto/weakcryptospi/inc/spi
 USERINCLUDE	../../../../../cryptoservices/filebasedcertificateandkeystores/test/tcryptotokenhai
 
--- a/cryptoplugins/cryptospiplugins/test/dummyecchwplugin/group/dummyecchwplugin.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/test/dummyecchwplugin/group/dummyecchwplugin.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -38,7 +38,7 @@
 
 USERINCLUDE		.
 USERINCLUDE	../../../../../crypto/weakcryptospi/inc/spi
-SYSTEMINCLUDE /epoc32/include
+OS_LAYER_SYSTEMINCLUDE
 
 SOURCEPATH ../src
 SOURCE		pluginentry.cpp
--- a/cryptoplugins/cryptospiplugins/test/h4drv/crypto_h4/cryptoh4.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/test/h4drv/crypto_h4/cryptoh4.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -19,13 +19,13 @@
 #define             NO_EKERN_LIB
 #include 			"kernel/kern_ext.mmh"
 OS_LAYER_SYSTEMINCLUDE_SYMBIAN
-SYSTEMINCLUDE		/epoc32/include/drivers
+SYMBIAN_BASE_SYSTEMINCLUDE(drivers)
 
 #ifdef MARM
 #include			"omap2420.mmh"
-SYSTEMINCLUDE		/epoc32/include/omap_hrp/h4
-SYSTEMINCLUDE		/epoc32/include/omap_hrp/assp/shared
-SYSTEMINCLUDE		/epoc32/include/omap_hrp/assp/omap24xx
+SYMBIAN_OMAP_HRP_SYSTEMINCLUDE(h4)
+SYMBIAN_OMAP_HRP_SYSTEMINCLUDE(assp/shared)
+SYMBIAN_OMAP_HRP_SYSTEMINCLUDE(assp/omap24xx)
 #endif
 
 USERINCLUDE   .
--- a/cryptoservices/certificateandkeymgmt/bwins/X509_v2u.def	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/bwins/X509_v2u.def	Fri Mar 12 15:51:07 2010 +0200
@@ -279,4 +279,5 @@
 	?NewL@CCertificateValidationWarnings@@SAPAV1@H@Z @ 278 NONAME ; class CCertificateValidationWarnings * CCertificateValidationWarnings::NewL(int)
 	?NewLC@CCertificateValidationWarnings@@SAPAV1@H@Z @ 279 NONAME ; class CCertificateValidationWarnings * CCertificateValidationWarnings::NewLC(int)
 	?Warnings@CCertificateValidationWarnings@@QBEABV?$RArray@VTValidationStatus@@@@XZ @ 280 NONAME ; class RArray<class TValidationStatus> const & CCertificateValidationWarnings::Warnings(void) const
+	?SubjectKeyIdL@CX509Certificate@@QAE?AV?$TBuf8@$0BE@@@XZ @ 281 NONAME ; class TBuf8<20> CX509Certificate::SubjectKeyIdL(void)
 
--- a/cryptoservices/certificateandkeymgmt/eabi/x509_v2u.def	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/eabi/x509_v2u.def	Fri Mar 12 15:51:07 2010 +0200
@@ -397,4 +397,5 @@
 	_ZNK30CCertificateValidationWarnings9CertIndexEv @ 396 NONAME
 	_ZTI30CCertificateValidationWarnings @ 397 NONAME
 	_ZTV30CCertificateValidationWarnings @ 398 NONAME
+	_ZN16CX509Certificate13SubjectKeyIdLEv @ 399 NONAME
 
--- a/cryptoservices/certificateandkeymgmt/group/bld.inf	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/group/bld.inf	Fri Mar 12 15:51:07 2010 +0200
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2001-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of the License "Eclipse Public License v1.0"
@@ -505,6 +505,7 @@
 ../tcertstore/tdata/nrcertkey.txt		/epoc32/winscw/c/tcertstore/data/nrcertkey.txt
 ../tcertstore/tdata/signcertkey2.txt	/epoc32/winscw/c/tcertstore/data/signcertkey2.txt
 ../tcertstore/tdata/enciphersigncertkey2.txt	/epoc32/winscw/c/tcertstore/data/enciphersigncertkey2.txt
+../tcertstore/tdata/SelfSignedPrivateKey_pk8.der	/epoc32/winscw/c/tcertstore/data/SelfSignedPrivateKey_pk8.der
 
 ../tcertstore/scripts/certstoreconcurrent1.txt		/epoc32/winscw/c/tcertstoreconcurrent/scripts/certstoreconcurrent1.txt
 ../tcertstore/scripts/certstoreconcurrent2.txt		/epoc32/winscw/c/tcertstoreconcurrent/scripts/certstoreconcurrent2.txt
--- a/cryptoservices/certificateandkeymgmt/inc/x509cert.h	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/inc/x509cert.h	Fri Mar 12 15:51:07 2010 +0200
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 1998-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of the License "Eclipse Public License v1.0"
@@ -616,6 +616,13 @@
 	* @return		The new X.509 certificate object. */
 	IMPORT_C static CX509Certificate* NewLC(const CX509Certificate& aCert);
 
+	/** Retrieves the subject key identifier of a certificate based on the decision whether
+	* it is a CA certificate or not. If it is a CA certificate then returns the stored subject key id 
+	* as an extension in the certificate, any other certificate it returns the keyidentifier as 
+	* calculated by Symbian's proprietary logic.
+	* @return	The subject key identifier for the certificate. */
+	IMPORT_C TKeyIdentifier SubjectKeyIdL();
+				
 	/** Destructor.
 	* 
 	* Frees all resources owned by the object, prior to its destruction. */
--- a/cryptoservices/certificateandkeymgmt/tcertstore/T_unifiedcertstoreadd.cpp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/tcertstore/T_unifiedcertstoreadd.cpp	Fri Mar 12 15:51:07 2010 +0200
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2004-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of the License "Eclipse Public License v1.0"
@@ -637,9 +637,8 @@
 		TPtr8 data(iKeyData->Des());
 		data.FillZ();
 		User::LeaveIfError(file.Read(data, fileSize));
-		CleanupStack::Pop(1);
 	}
-
+	CleanupStack::Pop(1);
 	file.Close();
 }
 
--- a/cryptoservices/certificateandkeymgmt/tcertstore/scripts/unifiedcertstore2-conf1.ini	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/tcertstore/scripts/unifiedcertstore2-conf1.ini	Fri Mar 12 15:51:07 2010 +0200
@@ -1,1071 +1,2333 @@
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-002]
+
 <actionbody>
+
 	<name>A1</name>
+
 	<uid>1</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-003]
+
 <actionbody>
+
 	<name>A2</name>
+
 	<uid>2</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-004]
+
 <actionbody>
+
 	<name>A3</name>
+
 	<uid>3</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-005]
+
 <actionbody>
+
 	<name>A4</name>
+
 	<uid>4</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-007]
+
 <actionbody>
+
 	<ImportData>rsacertkey1.txt</ImportData>
+
 	<keyusage>AllUsagesButNR</keyusage>
+
 	<keylabel>*IMPORTED* RSA key 1</keylabel>
+
 	<keyaccesstype>Extractable</keyaccesstype>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-008]
+
 <actionbody>
+
 	<ImportData>rsacertkey2.txt</ImportData>
+
 	<keyusage>AllUsagesButNR</keyusage>
+
 	<keylabel>*IMPORTED* RSA key 2</keylabel>
+
 	<keyaccesstype>Extractable</keyaccesstype>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-009]
+
 <actionbody>
+
 	<ImportData>rsacertkey3.txt</ImportData>
+
 	<keyusage>AllUsagesButNR</keyusage>
+
 	<keylabel>*IMPORTED* RSA key 3</keylabel>
+
 	<keyaccesstype>Extractable</keyaccesstype>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-010]
+
 <actionbody>
+
 	<mode>write</mode>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-011]
+
 <actionbody>
+
 	<label>*.*</label>
+
 	<deleteallcerts>1</deleteallcerts>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-012]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>BadUserCert</label>
+
 	<issuerkey></issuerkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX1.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-013]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>BadUserCert</label>
+
 	<issuerkey></issuerkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX2.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-014]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>BadUserCert</label>
+
 	<issuerkey></issuerkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX3.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-015]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>CAX1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-016]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>CAX2</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX2.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-017]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>CAX3</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX3.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-018]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX3</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-019]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-020]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 	<issuerdn>c:\unifiedcertstore2\CAX1.cer</issuerdn>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-021]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 	<issuerdn>c:\unifiedcertstore2\CAX1.cer</issuerdn>
+
 	<issuerdn>c:\unifiedcertstore2\CAX2.cer</issuerdn>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX2</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-022]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 	<issuerdn>c:\unifiedcertstore2\CAX1.cer</issuerdn>
+
 	<issuerdn>c:\unifiedcertstore2\CAX2.cer</issuerdn>
+
 	<issuerdn>c:\unifiedcertstore2\CAX3.cer</issuerdn>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX3</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-024]
+
 <actionbody>
+
 	<mode>write</mode>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-025]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX3</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-026]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	<label>CAX1</label>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0001-027]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	<label>CAX3</label>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX3</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002-001]
+
 <actionbody>
+
 	<format>WTLS</format>
+
 	<label>CAW1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAW1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002-002]
+
 <actionbody>
+
 	<format>WTLS</format>
+
 	<label>CAW2</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAW2.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002-003]
+
 <actionbody>
+
 	<format>WTLS</format>
+
 	<label>CAW3</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAW3.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002-004]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX3</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAW1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAW2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAW3</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002-005]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 	<issuerdn>c:\unifiedcertstore2\CAX1.cer</issuerdn>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002-006]
+
 <actionbody>
+
 	<label>CAW1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002-008]
+
 <actionbody>
+
 	<mode>write</mode>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002-009]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX3</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAW1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAW2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAW3</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-001]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>1 2 3</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-002]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>1 1 1</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-003]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<trust>1</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-004]
+
 <actionbody>
+
 	<label>CAX2</label>
+
 	<uid>1</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-005]
+
 <actionbody>
+
 	<label>CAX2</label>
+
 	<uid>1 2 1</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-006]
+
 <actionbody>
+
 	<label>CAX2</label>
+
 	<trust>1</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-007]
+
 <actionbody>
+
 	<label>CAX3</label>
+
 	<uid></uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-008]
+
 <actionbody>
+
 	<label>CAX3</label>
+
 	<trust>1</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-009]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid>1 2 3</uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-010]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<trust>1</trust>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-011]
+
 <actionbody>
+
 	<label>CAX2</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid>1</uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-012]
+
 <actionbody>
+
 	<label>CAX2</label>
+
 </actionbody>
+
 <actionresult>
+
 	<trust>1</trust>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-013]
+
 <actionbody>
+
 	<label>CAX3</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid></uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-014]
+
 <actionbody>
+
 	<label>CAX3</label>
+
 </actionbody>
+
 <actionresult>
+
 	<trust>1</trust>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-015]
+
 <actionbody>
+
 	<label>CAW2</label>
+
 	<uid>1 2 3</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-016]
+
 <actionbody>
+
 	<label>CAW2</label>
+
 	<trust>1</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-017]
+
 <actionbody>
+
 	<label>CAW3</label>
+
 	<uid>1 2</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-018]
+
 <actionbody>
+
 	<label>CAW3</label>
+
 	<trust>1</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-019]
+
 <actionbody>
+
 	<label>CAW1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid></uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-020]
+
 <actionbody>
+
 	<label>CAW1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<trust>0</trust>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-021]
+
 <actionbody>
+
 	<label>CAW2</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid>1 2 3</uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-022]
+
 <actionbody>
+
 	<label>CAW2</label>
+
 </actionbody>
+
 <actionresult>
+
 	<trust>1</trust>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-023]
+
 <actionbody>
+
 	<label>CAW3</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid>1 2</uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0003-024]
+
 <actionbody>
+
 	<label>CAW3</label>
+
 </actionbody>
+
 <actionresult>
+
 	<trust>1</trust>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0004-001]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>1 2</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0004-002]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<trust>1</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0004-003]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid>1 2</uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0004-004]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<trust>1</trust>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0005-001]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>1 2 3 4</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0005-002]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<trust>0</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0005-003]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid>1 2 3 4</uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0005-004]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<trust>0</trust>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0006-001]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>1 2 3</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0006-002]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<trust>1</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0006-003]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid>1 2 3</uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0006-004]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<trust>1</trust>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0007-001]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>1 2 3 4 5</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0007-002]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid>1 2 3</uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0007-003]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<trust>1</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0007-004]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>1 2 3 4</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0007-005]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>1 2 3 4 5 7 8 9</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0007-006]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
+
 <actionresult>
+
 	<uid>1 2 3 4</uid>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-001]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>rsacert1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey>4808f03892fe836e78d048bcefcca4a37913d886</subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\rsacert1.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-002]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>rsacert2</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey>dc448293c7c3ed68c9fabd37db43007136ae2ef4</subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\rsacert2.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-003]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>rsacert3</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey>0b2e1d1d4dbae5fc59a02a5115d2c2910fa796e0</subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\rsacert3.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-004]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAX3</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAW1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAW2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>CAW3</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-005]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>user</ownertype>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>rsacert1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>rsacert2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>rsacert3</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-006]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>user</ownertype>
+
 	</filter>
+
 	<issuerdn>c:\unifiedcertstore2\rsacert1.cer</issuerdn>
+
 </actionbody>
+
 <actionresult>
+
 	// All 3 user certs have same issuer
+
 	<CCTCertInfo><label>rsacert1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>rsacert2</label></CCTCertInfo>
+
 	<CCTCertInfo><label>rsacert3</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-007]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>user</ownertype>
+
 	</filter>
+
 	<issuerdn>c:\unifiedcertstore2\CAX1.cer</issuerdn>
+
 </actionbody>
+
 <actionresult>
+
 	// No user certs with this DN expected
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-008]
+
 <actionbody>
+
 	<label>rsacert1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-009]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAX1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-010]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAX2</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-011]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAX3</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-012]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAW1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-013]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAW2</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-014]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAW3</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-015]
+
 <actionbody>
+
 	<certtype>user</certtype>
+
 	<label>rsacert1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-016]
+
 <actionbody>
+
 	<certtype>user</certtype>
+
 	<label>rsacert2</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0008-017]
+
 <actionbody>
+
 	<certtype>user</certtype>
+
 	<label>rsacert3</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0009-001]
+
 <actionbody>
+
 	<mode>write</mode>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0009-002]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0009-003]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>user</ownertype>
+
 	</filter>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0010-001]
+
 <actionbody>
+
 	<mode>write</mode>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0010-002]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>CAX1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0010-003]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>ca</ownertype>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>CAX1</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0010-004]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>7</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0011-001]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>U5K3</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey>eeda2c6da84f17519ee837eadb8a5289dadfbb26</subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\U5K3.crt</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0011-002]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>U6K5</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey>eeda2c6da84f17519ee837eadb8a5289dadf0000</subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\U6K5.crt</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0011-003]
+
 <actionbody>
+
 	<format>X509URL</format>
+
 	<label>URL3K5</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey>eeda2c6da84f17519ee837eadb8a5289dadf0000</subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\URL3K5.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0011-004]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAX1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0012-001]
+
 <actionbody>
+
 	<format>WTLS</format>
+
 	<label>CAW1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAW1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0012-002]
+
 <actionbody>
+
 	<format>WTLS</format>
+
 	<label>CAW1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAW1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0012-003]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>CAX1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0012-004]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>CAX1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0012-005]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>rsacert3</label>
+
 	<subjectkeyid>0b2e1d1d4dbae5fc59a02a5115d2c2910fa796e0</subjectkeyid>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\rsacert3.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0012-006]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>rsacert3</label>
+
 	<subjectkeyid>0b2e1d1d4dbae5fc59a02a5115d2c2910fa796e0</subjectkeyid>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\rsacert3.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0012-007]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAX1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0012-008]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAW1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0012-009]
+
 <actionbody>
+
 	<certtype>user</certtype>
+
 	<label>rsacert3</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-001]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>CAX1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-002]
+
 <actionbody>
+
 	<format>WTLS</format>
+
 	<label>CAW1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAW1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-003]
+
 <actionbody>
+
 	<format>X509URL</format>
+
 	<label>URL1rsa1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey>4808f03892fe836e78d048bcefcca4a37913d886</subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\URL1K1.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-004]
+
 <actionbody>
+
 	<format>X509URL</format>
+
 	<label>URL2rsa2</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey>dc448293c7c3ed68c9fabd37db43007136ae2ef4</subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\URL2K2.cer</certfile>
+
 	<certowner>user</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-005]
+
 <actionbody>
+
 	<filter>
+
 	<ownertype>user</ownertype>
+
 	<formatflags>X509URL</formatflags>
+
 	</filter>
+
 </actionbody>
+
 <actionresult>
+
 	<CCTCertInfo><label>URL1rsa1</label></CCTCertInfo>
+
 	<CCTCertInfo><label>URL2rsa2</label></CCTCertInfo>
+
 </actionresult>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-006]
+
 <actionbody>
+
 	<label>URL1rsa1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-007]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-008]
+
 <actionbody>
+
 	<label>CAW1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-009]
+
 <actionbody>
+
 	<label>U1K1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-010]
+
 <actionbody>
+
 	<label>URL2rsa2</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0013-011]
+
 <actionbody>
+
 	<label>URL1rsa1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014-001]
+
 <actionbody>
+
 	<mode>write</mode>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014-002]
+
 <actionbody>
+
 	<format>X509</format>
+
 	<label>CAX1</label>
+
 	<issuerkey></issuerkey>
+
 	<subjectkey></subjectkey>
+
 	<certstore>0</certstore>
+
 	<certfile>c:\unifiedcertstore2\CAX1.cer</certfile>
+
 	<certowner>ca</certowner>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014-004]
+
 <actionbody>
+
 	<mode>read</mode>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014-005]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAX1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014-006]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<uid>1</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014-007]
+
 <actionbody>
+
 	<label>CAX1</label>
+
 	<trust>1</trust>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014-009]
+
 <actionbody>
+
 	<mode>write</mode>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014-010]
+
 <actionbody>
+
 	<certtype>ca</certtype>
+
 	<label>CAX1</label>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014-011]
+
 <actionbody>
+
 	<label>*.*</label>
+
 	<deleteallcerts>1</deleteallcerts>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0015-002]
+
 <actionbody>
+
 	<uid>1</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0015-003]
+
 <actionbody>
+
 	<uid>2</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0015-004]
+
 <actionbody>
+
 	<uid>3</uid>
+
 </actionbody>
 
+
+
 [SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0015-005]
+
 <actionbody>
+
 	<uid>4</uid>
+
 </actionbody>
 
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-001]
+
+<actionbody>
+
+	<mode>write</mode>
+
+</actionbody>
+
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-002]
+
+<actionbody>
+	
+	<certtype>ca</certtype>
+	<label>*.*</label>
+	<deleteallcerts>1</deleteallcerts>
+
+</actionbody>
+
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-003]
+
+<actionbody>
+
+	<ImportData>rsacertkey3.txt</ImportData>
+
+	<keyusage>AllUsagesButNR</keyusage>
+
+	<keylabel>Add RSA key 3</keylabel>
+
+	<keyaccesstype>Extractable</keyaccesstype>
+
+</actionbody>
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-004]
+
+<actionbody>
+
+	<format>X509</format>
+
+	<label>rsacert3</label>
+
+	<subjectkeyid></subjectkeyid>
+
+	<certstore>0</certstore>
+
+	<certfile>c:\unifiedcertstore2\rsacert3.cer</certfile>
+
+	<certowner>user</certowner>
+
+</actionbody>
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-005]
+
+<actionbody>
+
+	<filter>
+
+	<usesubjectkeyid>c:\unifiedcertstore2\rsacert3.cer</usesubjectkeyid>
+
+	</filter>
+
+</actionbody>
+
+<actionresult>
+
+	<CCTCertInfo><label>rsacert3</label></CCTCertInfo>
+
+</actionresult>
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-006]
+
+<actionbody>
+
+	<certtype>user</certtype>
+
+	<label>rsacert3</label>
+
+</actionbody>
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-007]
+
+<actionbody>
+
+	<ImportData>SelfSignedPrivateKey_pk8.der</ImportData>
+
+	<keyusage>AllUsagesButNR</keyusage>
+
+	<keylabel>selfsignedprivatekey</keylabel>
+
+	<keyaccesstype>Extractable</keyaccesstype>
+
+</actionbody>
+
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-008]
+
+<actionbody>
+
+	<format>X509</format>
+
+	<label>selfsignedcert</label>
+
+	<issuerkey></issuerkey>
+
+	<subjectkey></subjectkey>
+
+	<certstore>0</certstore>
+
+	<certfile>c:\tcertstore\data\SelfSignedCertificate.der</certfile>
+
+	<certowner>user</certowner>
+
+</actionbody>
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-009]
+
+<actionbody>
+
+	<filter>
+
+	<usesubjectkeyid>c:\tcertstore\data\SelfSignedCertificate.der</usesubjectkeyid>
+
+	</filter>
+
+</actionbody>
+
+<actionresult>
+
+	<CCTCertInfo><label>selfsignedcert</label></CCTCertInfo>
+
+</actionresult>
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-010]
+
+<actionbody>
+
+	<certtype>user</certtype>
+
+	<label>selfsignedcert</label>
+
+</actionbody>
+
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-011]
+
+<actionbody>
+
+	<format>X509</format>
+
+	<label>cacert</label>
+
+	<issuerkey></issuerkey>
+
+	<subjectkey></subjectkey>
+
+	<certstore>0</certstore>
+
+	<certfile>c:\unifiedcertstore2\CAX1.cer</certfile>
+
+	<certowner>ca</certowner>
+
+</actionbody>
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-012]
+
+<actionbody>
+
+	<filter>
+
+	<usesubjectkeyid>c:\unifiedcertstore2\CAX1.cer</usesubjectkeyid>
+
+	</filter>
+
+</actionbody>
+
+<actionresult>
+
+	<CCTCertInfo><label>cacert</label></CCTCertInfo>
+
+</actionresult>
+
+[SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-013]
+
+<actionbody>
+
+	<certtype>ca</certtype>
+
+	<label>cacert</label>
+
+</actionbody>
+
--- a/cryptoservices/certificateandkeymgmt/tcertstore/scripts/unifiedcertstore2-conf1.script	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/tcertstore/scripts/unifiedcertstore2-conf1.script	Fri Mar 12 15:51:07 2010 +0200
@@ -1,5 +1,5 @@
 //
-// Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+// Copyright (c) 2009-2010 Nokia Corporation and/or its subsidiary(-ies).
 // All rights reserved.
 // This component and the accompanying materials are made available
 // under the terms of the License "Eclipse Public License v1.0"
@@ -137,7 +137,6 @@
 
 
 
-
 START_TESTCASE                SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002
 
 //! @SYMTestCaseID            SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0002
@@ -751,7 +750,55 @@
 END_TESTCASE                  SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0014
 
 
+START_TESTCASE                SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId
 
+//! @SYMTestCaseID            SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId
+
+//! @SYMTestCaseDesc          4.1 Test cases for cheking the retrieval of certificates based on subject key identifier.
+
+//!                           
+
+//! @SYMTestActions           1) No Test, Add a private key (rsacertkey)
+
+//!                           2) No Test,Add the end entity certificate (rsacert1) without specifying the subject keyid.
+
+//!                           3) Filter the certificate based on subject key id.
+
+//!                           4) No Test,Add a self signed certificate
+
+//!                           5) Filter the self signed certificate based on subject key id.
+
+//!                           6) No Test,Add a CA certificate
+
+//!                           7) Filter the CA certificate based on subject key id.
+
+RUN_TEST_STEP                 -1    CTestHandler        init                   unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-001
+
+RUN_TEST_STEP                 -1    CTestHandler        deletecert             unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-002
+
+RUN_TEST_STEP                 -1    CTestHandler        importkey              unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-003
+
+RUN_TEST_STEP                 -1    CTestHandler        addcert                unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-004
+
+RUN_TEST_STEP                 -1    CTestHandler        listcert               unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-005
+
+RUN_TEST_STEP                 -1    CTestHandler        deletecert             unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-006
+
+RUN_TEST_STEP                 -1    CTestHandler        importkey              unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-007
+
+RUN_TEST_STEP                 -1    CTestHandler        addcert                unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-008
+
+RUN_TEST_STEP                 -1    CTestHandler        listcert               unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-009
+
+RUN_TEST_STEP                 -1    CTestHandler        deletecert             unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-010
+
+RUN_TEST_STEP                 -1    CTestHandler        addcert                unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-011
+
+RUN_TEST_STEP                 -1    CTestHandler        listcert               unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-012
+
+RUN_TEST_STEP                 -1    CTestHandler        deletecert             unifiedcertstore2-conf1.ini   SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId-013
+
+END_TESTCASE                  SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-FilterOnSubjectKeyId
 
 
 START_TESTCASE                SEC-CERTMAN-UNIFIEDCERTSTORE2-CONF1-0015
--- a/cryptoservices/certificateandkeymgmt/tcertstore/t_certstoredefs.h	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/tcertstore/t_certstoredefs.h	Fri Mar 12 15:51:07 2010 +0200
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2004-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of the License "Eclipse Public License v1.0"
@@ -151,6 +151,8 @@
 _LIT8(KSubjectKeyIdEnd,"</subjectkeyid>");
 _LIT8(KIssuerKeyIdStart,"<issuerkeyid>");
 _LIT8(KIssuerKeyIdEnd,"</issuerkeyid>");
+_LIT8(KUseSubjectKeyIdStart,"<usesubjectkeyid>");
+_LIT8(KUseSubjectKeyIdEnd,"</usesubjectkeyid>");
 
 //  tag for Notification of Change
 _LIT8(KChangeNotifiedStart, "<ChangeNotification>");
--- a/cryptoservices/certificateandkeymgmt/tcertstore/t_filter.cpp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/tcertstore/t_filter.cpp	Fri Mar 12 15:51:07 2010 +0200
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of the License "Eclipse Public License v1.0"
@@ -22,6 +22,7 @@
 #include "t_certstoredefs.h"
 
 #include <ccertattributefilter.h>
+#include <x509cert.h>
 
 CCertAttributeFilter* CFilter::NewL(Output& aOut, 
 									const TDesC8& aFilter)
@@ -81,6 +82,10 @@
 	
 	// Set subjetkeyid filter
 	SetIssuerKeyIdFilter(Input::ParseElement(aFilter, KIssuerKeyIdStart));
+	
+	// Set subjetkeyid using the certificate details
+	SetSubjectKeyIdFromCertFilterL(Input::ParseElement(aFilter, KUseSubjectKeyIdStart));
+		
 	}
 
 void CFilter::SetLabelFilter(const TDesC8& aLabel)
@@ -386,4 +391,22 @@
 		}
 	}
 
+void CFilter::SetSubjectKeyIdFromCertFilterL(const TDesC8& aCertPath)
+	{
+	if(aCertPath != KNullDesC8)
+		{
+		RFs fs;
+		User::LeaveIfError(fs.Connect());
+		CleanupClosePushL(fs);
+		TFileName filename;
+		filename.Copy(aCertPath);
+		HBufC8* buf = Input::ReadFileL(filename, fs);
+		CleanupStack::PushL(buf);
+		CX509Certificate* cert = CX509Certificate::NewLC(buf->Des());
+		TKeyIdentifier id = cert->SubjectKeyIdL();
+		CleanupStack::PopAndDestroy(3, &fs); // buf, cert, fs
+		iFilter->SetSubjectKeyId(id);
+		}
+	}
+
 CCertAttributeFilter* CFilter::iFilter = NULL;
--- a/cryptoservices/certificateandkeymgmt/tcertstore/t_filter.h	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/tcertstore/t_filter.h	Fri Mar 12 15:51:07 2010 +0200
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of the License "Eclipse Public License v1.0"
@@ -64,7 +64,9 @@
 		void SetSubjectKeyIdFilter(const TDesC8& aSubjectKeyId);
 		// Sets the issuerkeyid which is synonymous to the authority key identifier.
 		void SetIssuerKeyIdFilter(const TDesC8& aIssuerKeyId);
-	
+		// Sets the subjetkeyid filter using the certificate.
+		void SetSubjectKeyIdFromCertFilterL(const TDesC8& aCertPath);
+				
 	private:
 		static CCertAttributeFilter* iFilter;
 		Output& iOut;
Binary file cryptoservices/certificateandkeymgmt/tcertstore/tdata/selfsignedprivatekey_pk8.der has changed
--- a/cryptoservices/certificateandkeymgmt/x509/x509cert.cpp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/x509/x509cert.cpp	Fri Mar 12 15:51:07 2010 +0200
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 1998-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of the License "Eclipse Public License v1.0"
@@ -1337,3 +1337,30 @@
 		
 	return KeyIdentifierL();
 	}
+
+EXPORT_C TKeyIdentifier CX509Certificate::SubjectKeyIdL()
+	{
+	// if it is a v1 or v2 type then there is no way of knowing which is a CA, treat all certs as CA as done in the certificate recognizer.
+	if (Version() != 3 )
+		{
+		return SubjectKeyIdentifierL();
+		}
+	
+	// if it is x509 v3 certificate then check for the basic constraint extension.
+	const CX509CertExtension* ext = Extension(KBasicConstraints);
+	if (ext)
+		{
+		CX509BasicConstraintsExt* basic = CX509BasicConstraintsExt::NewLC(ext->Data());
+		TBool markedAsCA = basic->IsCA();
+		CleanupStack::PopAndDestroy(basic);
+		// it can be an intermediate as well as root CA
+		if ( markedAsCA )
+			{
+			return SubjectKeyIdentifierL();
+			}
+		}
+	// For non-CA certs, use the recommended method of computing it from RFC5280, section 4.2.1.2
+	return KeyIdentifierL();									
+		
+	}
+
--- a/cryptoservices/filebasedcertificateandkeystores/test/tcryptotokenhai/tcryptotokenhai.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/filebasedcertificateandkeystores/test/tcryptotokenhai/tcryptotokenhai.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -40,7 +40,7 @@
 SOURCEPATH ../thwkeystore/common
 SOURCE tkeydetails.cpp
 
-SYSTEMINCLUDE 	/epoc32/include 
+OS_LAYER_SYSTEMINCLUDE
 
 USERINCLUDE .
 USERINCLUDE ../thwkeystore/common
--- a/cryptoservices/filebasedcertificateandkeystores/test/thwkeystore/client/thwkeystoreclient.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/filebasedcertificateandkeystores/test/thwkeystore/client/thwkeystoreclient.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -37,13 +37,13 @@
 target 101faaaa.rsc
 end
 
-SYSTEMINCLUDE 	/epoc32/include
+OS_LAYER_SYSTEMINCLUDE
 /*
  * Need to put "/epoc32/include/ecom" as one of the system includes 
  * as cryptotokenregistryinfo.rh has the line, '#include "registryinfo.rh"'
  * in place of '#include <ecom/registryinfo.rh>'
  */
-SYSTEMINCLUDE 	/epoc32/include/ecom
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(ecom)
 
 USERINCLUDE .
 USERINCLUDE	../../../../../crypto/weakcryptospi/inc
--- a/cryptoservices/filebasedcertificateandkeystores/test/tkeystore/tkeystore.mmp	Sat Feb 20 00:36:18 2010 +0200
+++ b/cryptoservices/filebasedcertificateandkeystores/test/tkeystore/tkeystore.mmp	Fri Mar 12 15:51:07 2010 +0200
@@ -80,11 +80,11 @@
 USERINCLUDE ../../../../crypto/weakcrypto/inc
 USERINCLUDE ../../source/generic/client
 USERINCLUDE ../../source/generic/common
-OS_LAYER_SYSTEMINCLUDE
+OS_LAYER_SYSTEMINCLUDE_SYMBIAN
 USERINCLUDE ../../Inc
 
 #if (defined(SYMBIAN_ENABLE_SDP_WMDRM_SUPPORT) && defined(SYMBIAN_ENABLE_SDP_ECC))
-SYSTEMINCLUDE	/epoc32/include/cryptospi
+SYSTEMINCLUDE OS_LAYER_PUBLIC_EXPORT_PATH(cryptospi)
 #endif // SYMBIAN_ENABLE_SDP_WMDRM_SUPPORT && SYMBIAN_ENABLE_SDP_ECC
 
 LIBRARY	euser.lib efsrv.lib ecom.lib cryptography.lib
Binary file securityanddataprivacytools/securityconfig/conf/securityconfig.confml has changed
Binary file securityanddataprivacytools/securityconfig/conf/securityconfig_2001ea7f.crml has changed
Binary file securityanddataprivacytools/securityconfig/conf/securityconfig_2002b28b.crml has changed
--- a/securityanddataprivacytools/securityconfig/group/bld.inf	Sat Feb 20 00:36:18 2010 +0200
+++ b/securityanddataprivacytools/securityconfig/group/bld.inf	Fri Mar 12 15:51:07 2010 +0200
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2006-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of the License "Eclipse Public License v1.0"
@@ -45,6 +45,9 @@
 ../conf/securityconfig.confml            OS_LAYER_EXPORTS_CONFML(securityconfig.confml)
 ../conf/securityconfig_2001ea7f.crml	 OS_LAYER_EXPORTS_CRML(securityconfig_2001ea7f.crml)
 
+// crml file for customizing the OCSP central reposiroty settings - GenerateResponseForMissingUri and EnableGetHttpMethod. 
+../conf/securityconfig_2002b28b.crml	 OS_LAYER_EXPORTS_CRML(securityconfig_2002b28b.crml)
+
 PRJ_TESTEXPORTS
 
 PRJ_MMPFILES