Revision: 201007 RCL_3
authorDremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
Sat, 20 Feb 2010 00:36:18 +0200
branchRCL_3
changeset 43 9b5a3a9fddf8
parent 34 721a5e5fe251
child 44 ea00662efad9
child 48 eb9b28acd381
Revision: 201007 Kit: 201007
crypto/weakcryptospi/BWINS/RANDOMU.DEF
crypto/weakcryptospi/EABI/randomU.DEF
crypto/weakcryptospi/group/bld.inf
crypto/weakcryptospi/group/random.mmp
crypto/weakcryptospi/group/randsvr.mmp
crypto/weakcryptospi/group/tcryptospi.mmp
crypto/weakcryptospi/inc/randcliserv.h
crypto/weakcryptospi/inc/random.h
crypto/weakcryptospi/inc/random.iby
crypto/weakcryptospi/inc/randsvr.h
crypto/weakcryptospi/inc/randsvrimpl.h
crypto/weakcryptospi/inc/spi/randomplugin.h
crypto/weakcryptospi/source/bigint/bigint.cpp
crypto/weakcryptospi/source/padding/padding.cpp
crypto/weakcryptospi/source/random/messagedigest.cpp
crypto/weakcryptospi/source/random/random.cpp
crypto/weakcryptospi/source/random/randomshim.cpp
crypto/weakcryptospi/source/random/randomshim.h
crypto/weakcryptospi/source/random/randsvr.cpp
crypto/weakcryptospi/source/random/sha1impl.cpp
crypto/weakcryptospi/source/random/sha1shim.cpp
crypto/weakcryptospi/source/random/sha1shim.h
crypto/weakcryptospi/test/tcryptospi/src/randomnumbergeneratorgeneralusagestep.cpp
crypto/weakcryptospi/test/tpadding/tpaddingPKCS1.cpp
crypto/weakcryptospi/test/tplugins/group/tplugin02.mmp
crypto/weakcryptospi/test/tplugins/inc/randomimpl.h
crypto/weakcryptospi/test/tplugins/src/randomimpl.cpp
crypto/weakcryptospi/test/trandom/t_random.cpp
cryptomgmtlibs/securitytestfw/test/autotesting/sdp_bld.inf
cryptomgmtlibs/securitytestfw/test/testhandler2/t_tefinput.cpp
cryptomgmtlibs/securityutils/inc/securityerr.h
cryptoplugins/cryptospiplugins/group/softwarecrypto.mmp
cryptoplugins/cryptospiplugins/source/softwarecrypto/dsakeypairgenimpl.cpp
cryptoplugins/cryptospiplugins/source/softwarecrypto/randomimpl.cpp
cryptoplugins/cryptospiplugins/source/softwarecrypto/randomimpl.h
cryptoplugins/cryptospiplugins/test/h4drv/crypto_h4_plugin/randomimpl.cpp
cryptoplugins/cryptospiplugins/test/h4drv/crypto_h4_plugin/randomimpl.h
cryptoservices/asnpkcs/test/tpkcs8enc/pkcs8Tester.cpp
cryptoservices/certificateandkeymgmt/twtlscert/CorruptionTest.cpp
cryptoservices/filebasedcertificateandkeystores/test/tkeystore/t_export.cpp
securityanddataprivacytools/securityconfig/conf/securityconfig.confml
securityanddataprivacytools/securityconfig/conf/securityconfig_2001ea7f.crml
securityanddataprivacytools/securitytools/certapp/test/tcertapp/ucs2-bigendian.txt
--- a/crypto/weakcryptospi/BWINS/RANDOMU.DEF	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/BWINS/RANDOMU.DEF	Sat Feb 20 00:36:18 2010 +0200
@@ -12,4 +12,5 @@
 	?SetThreadRandomL@@YAXPAVCRandom@@@Z @ 11 NONAME ; void __cdecl SetThreadRandomL(class CRandom *)
 	?SetThreadRandomLC@@YAXPAVCRandom@@@Z @ 12 NONAME ; void __cdecl SetThreadRandomLC(class CRandom *)
 	?RandomL@TRandom@@SAXAAVTDes8@@@Z @ 13 NONAME ; void TRandom::RandomL(class TDes8 &)
+	?SecureRandomL@TRandom@@SAXAAVTDes8@@@Z @ 14 NONAME ; void TRandom::SecureRandomL(class TDes8 &)
 
--- a/crypto/weakcryptospi/EABI/randomU.DEF	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/EABI/randomU.DEF	Sat Feb 20 00:36:18 2010 +0200
@@ -15,4 +15,5 @@
 	_ZN7TRandom6RandomER5TDes8 @ 14 NONAME
 	_ZTI13CSystemRandom @ 15 NONAME ; #<TI>#
 	_ZN7TRandom7RandomLER5TDes8 @ 16 NONAME
+	_ZN7TRandom13SecureRandomLER5TDes8 @ 17 NONAME
 
--- a/crypto/weakcryptospi/group/bld.inf	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/group/bld.inf	Sat Feb 20 00:36:18 2010 +0200
@@ -57,9 +57,6 @@
 #ifdef SYMBIAN_OLD_EXPORT_LOCATION
 ../inc/spi/rulecharacteristics.h		/epoc32/include/rulecharacteristics.h
 #endif
-#ifdef SYMBIAN_OLD_EXPORT_LOCATION
-../inc/randsvrimpl.h 				/epoc32/include/randsvrimpl.h
-#endif
 #endif
 
 
@@ -82,7 +79,6 @@
 ../inc/hash.h SYMBIAN_OS_LAYER_PUBLIC_EXPORT_PATH(hash.h)
 ../inc/random.h SYMBIAN_OS_LAYER_PUBLIC_EXPORT_PATH(random.h)
 ../inc/keyidentifierutil.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(keyidentifierutil.h)
-../inc/randcliserv.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(randcliserv.h)
 ../inc/pkcs5kdf.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(pkcs5kdf.h)
 ../inc/pkcs12kdf.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(pkcs12kdf.h)
 
@@ -106,7 +102,6 @@
 crypto.mmp	BUILD_AS_ARM 		// Don't build for thumb 
 #endif
 hash.mmp
-randsvr.mmp
 random.mmp
 pbe.mmp
 cryptospisetup.mmp
--- a/crypto/weakcryptospi/group/random.mmp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/group/random.mmp	Sat Feb 20 00:36:18 2010 +0200
@@ -19,7 +19,7 @@
 /**
 @file
 
-@SYMPurpose random.dll Pseudo-random number generator server, client-side
+@SYMPurpose random.dll Pseudo-random number generator interface
 */
 
 TARGET			random.dll
@@ -35,6 +35,7 @@
 
 USERINCLUDE	../inc
 USERINCLUDE	../inc/spi
+USERINCLUDE ../../../cryptomgmtlibs/securityutils/inc
 USERINCLUDE	../../../cryptoplugins/cryptospiplugins/source/softwarecrypto
 OS_LAYER_SYSTEMINCLUDE
 OS_LAYER_ESTLIB_SYSTEMINCLUDE
--- a/crypto/weakcryptospi/group/randsvr.mmp	Tue Jan 26 13:18:49 2010 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,49 +0,0 @@
-/*
-* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-*
-*/
-
-
-/**
-@file
-
-@SYMPurpose randsvr.exe Pseudo-random number generator server
-*/
-
-TARGET			randsvr.exe
-CAPABILITY ProtServ
-TARGETTYPE		EXE
-UNPAGED
-
-UID      0x0 0x100066dc
-VENDORID 0x70000001
-
-SOURCEPATH	../source/random
-SOURCE          randsvr.cpp sha1shim.cpp messagedigest.cpp
-SOURCE          sha1impl.cpp
-
-USERINCLUDE 	../inc
-USERINCLUDE 	../source/hash
-USERINCLUDE 	../../../cryptoplugins/cryptospiplugins/source/softwarecrypto
-USERINCLUDE	../inc/spi
-OS_LAYER_SYSTEMINCLUDE
-OS_LAYER_ESTLIB_SYSTEMINCLUDE
-LIBRARY         euser.lib 
-
-
-START WINS
-BASEADDRESS     0x7b130000
-END
-SMPSAFE
--- a/crypto/weakcryptospi/group/tcryptospi.mmp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/group/tcryptospi.mmp	Sat Feb 20 00:36:18 2010 +0200
@@ -113,6 +113,7 @@
 USERINCLUDE     ..
 USERINCLUDE     ../test/tcryptospi/src
 USERINCLUDE	../inc/spi
+USERINCLUDE ../../../cryptomgmtlibs/securityutils/inc
 
 
 OS_LAYER_SYSTEMINCLUDE_SYMBIAN
--- a/crypto/weakcryptospi/inc/randcliserv.h	Tue Jan 26 13:18:49 2010 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,63 +0,0 @@
-/*
-* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-*
-*/
-
-
-/**
- @file 
- @publishedPartner
- @released
-*/
-
-#ifndef __RANDCLISERV_H__
-#define __RANDCLISERV_H__
-
-_LIT(KRandomServerLib,"randsvr");
-_LIT(KRandomServerName,"!RandomServer");
-
-class TServerStart
-/**
- * @publishedPartner
- * @released
- */
-	{
-public:
-	TServerStart(TRequestStatus& aStatus);
-	TPtrC AsCommand() const;
-	/**
-	 * @internalAll
-	 */
-	TServerStart();
-	/**
-	 * @internalAll
-	 */
-	TInt GetCommand();
-	/**
-	 * @internalAll
-	 */
-	void SignalL();
-private:
-	TThreadId iId;
-	TRequestStatus* iStatus;
-	};
-
-inline TServerStart::TServerStart(TRequestStatus& aStatus)
-	:iId(RThread().Id()),iStatus(&aStatus)
-	{aStatus=KRequestPending;}
-inline TPtrC TServerStart::AsCommand() const
-	{return TPtrC(reinterpret_cast<const TText*>(this),sizeof(TServerStart)/sizeof(TText));}
-
-#endif // __RANDCLISERV_H__
--- a/crypto/weakcryptospi/inc/random.h	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/inc/random.h	Sat Feb 20 00:36:18 2010 +0200
@@ -40,10 +40,15 @@
 
 	/**
 	 * Implementations of this method should fill the passed
-	 * buffer with securely generated random data up to the 
-	 * current length, discarding any current contents.
+	 * buffer with the generated pseudo-random data up to the
+	 * current length, discarding any current contents. The 
+	 * implementations should leave with KErrNotSecure when 
+	 * the generated random data is not secure enough. 
 	 *
-	 * @param aDest The buffer in to which to write random data.
+	 * @param aDest The buffer to fill with random data
+	 * @leave KErrNotSecure Random data generated is not 
+	 *        secure enough for crytographic operations
+	 *        otherwise, leaves with any other system wide error code.
 	 *
 	 */
 	virtual void GenerateBytesL(TDes8& aDest) = 0;
@@ -56,20 +61,19 @@
 
 /**
  *
- * Sets a secure random number generator implementation to use
- * for this thread.
+ * Sets a pseudo-random number generator implementation to use for this thread.
  * 
- * @param aRNG The secure random number generator to use.
+ * @param aRNG The pseudo-random number generator to use.
  *
  */
 IMPORT_C void SetThreadRandomL(CRandom* aRNG);
 
 /**
  *
- * Sets a secure random number generator implementation to use
+ * Sets a pseudo-random number generator implementation to use
  * for this thread, placing it on the cleanup stack.
  * 
- * @param aRNG The secure random number generator to use.
+ * @param aRNG The pseudo-random number generator to use.
  *
  */
 IMPORT_C void SetThreadRandomLC(CRandom* aRNG);
@@ -87,11 +91,14 @@
 
 /**
  *
- * Generates cryptographically secure random data, filling
- * the provided buffer up to its current length, discarding
- * any data that it may currently contain.
+ * Generates pseudo-random data.
+ * Fills the provided buffer up to its current length,
+ * discarding any data that it may currently contain.
  *
  * @param aDest The buffer to fill with random data
+ * @leave KErrNotSecure The random data generated is  
+ *        not secure enough for cryptographic operations
+ *        otherwise, leaves with any other system wide error codes. 
  *
  */
 IMPORT_C void GenerateRandomBytesL(TDes8& aDest);
@@ -100,9 +107,8 @@
 class CSystemRandom : public CRandom
 /**
  *
- * This default secure random number generator uses
- * system state to generate entropy for the generation
- * of cryptographically secure random numbers.
+ * This default pseudo-random number generator uses system state 
+ * to generate entropy for the generation of random numbers.
  *
  * @publishedAll
  * @released
@@ -114,7 +120,7 @@
 
 	/**
 	 *
-	 * Constructs a new system random number generator.
+	 * Constructs a new pseudo-random number generator.
 	 *
 	 * @return A ready-to-use random number generator.
 	 */
@@ -122,7 +128,7 @@
 	
 	/**
 	 *
-	 * Constructs a new system random number generator,
+	 * Constructs a new pseudo-random number generator,
 	 * and places it on the cleanup stack.
 	 *
 	 * @return A ready-to-use random number generator.
@@ -132,13 +138,14 @@
 	
 	/**
 	 *
-	 * Implements the contract as specified in the base
-	 * class, CRandom, filling the buffer supplied with
-	 * cryptographically secure random data up to its
-	 * current length, discarding its current content.
+	 * Implements the contract as specified in the base class,  CRandom, filling the buffer
+	 * supplied with random data  up to its current length, discarding its current content.
+	 * It will leave with KErrNotSecure when the generated random data is not secure enough.
 	 *
 	 * @param aDest The buffer to which to write random data
-	 *
+	 * @leave KErrNotSecure The generated random data is not secure enough for cryptographic operations 
+	 *        otherwise, leaves with any other system wide error codes.
+	 *        
 	 */
 	virtual void GenerateBytesL(TDes8& aDest);
 	
@@ -156,8 +163,7 @@
 class TRandom
 /**
  *
- * The user interface to the system cryptographically 
- * secure random number generator.
+ * The user interface to the random number generator.
  *
  * @publishedAll
  * @released
@@ -167,8 +173,14 @@
 
 	/**
 	 * 
-	 * Fills the provided buffer with secure random data up to its
-	 * current length, discarding any current content.
+	 * Fills the provided buffer with pseudo-random data up to its current length, 
+	 * discarding any current content.
+	 *
+	 * This method will not return secure random numbers for some time after the phone boot-up. Because,
+	 * pseudo-random number generator will take some time to attain a secure state by collecting enough 
+	 * entropy samples after the boot-up. Till that time, the pseudo-random numbers generated may not be
+	 * cryptographically secure and there is no way to get to know about it with this API. 
+	 * So, if explcit notification on the strength of the random numbers is necessary, use TRandom::SecureRandomL.
 	 *
 	 * @param aDestination The buffer in which to write the random data.
 	 * @deprecated Use RandomL() instead
@@ -177,16 +189,40 @@
 	 */
 	IMPORT_C static void Random(TDes8& aDestination);
 
-	/**
+	/**	
 	 * 
-	 * Fills the provided buffer with secure random data up to its
-	 * current length, discarding any current content.
+	 * Fills the provided buffer with pseudo-random data up to its current length,
+	 * discarding any current content.
+	 *
+	 * This method will not return secure random numbers for some time after the phone boot-up. Because,
+     * pseudo-random number generator will take some time to attain a secure state by collecting enough 
+     * entropy samples after the boot-up. Till that time, the pseudo-random numbers generated may not be
+     * cryptographically secure and there is no way to get to know about it with this API. 
+     * So, if explcit notification on the strength of the random numbers is necessary, use TRandom::SecureRandomL.
 	 *
 	 * @param aDestination The buffer in which to write the random data.
 	 * @leave This function can leave under low memory conditions
 	 *
 	 */
 	IMPORT_C static void RandomL(TDes8& aDestination);
+	
+	/**
+	 * 
+	 * Fills the provided buffer with the pseudo-random data up to its current length, discarding any current
+	 * content of the descriptor. When this method returns normally (with out leave), the system state is secure
+	 * and hence the random numbers generated are cryptographically secure as well. When this method leaves with
+	 * the error code KErrNotSecure, the system internal state is not secure and hence the random numbers too.
+	 * 
+	 * Though this method leaves when the system internal state is not secure, still the descriptor will be filled 
+	 * with pseudo-random bytes. This random data may or may not be secure enough. Recommended to treat these numbers 
+	 * as not secure.
+	 *
+	 * @param aDestination The buffer in which to write the random data.
+	 * @leave KErrNotSecure The generated random numbers is not secure enough for cryptographic operations.
+	 *        Otherwise, leaves with some other system wide error codes.
+	 *
+	 */
+	IMPORT_C static void SecureRandomL(TDes8& aDestination);
 	};
 
 class RRandomSession:public RSessionBase
@@ -205,7 +241,7 @@
 	
 	/**
 	 * 
-	 * Fills the provided buffer with secure random data up to its
+	 * Fills the provided buffer with pseudo-random data up to its
 	 * current length, discarding any current content.
 	 *
 	 * @param aDestination The buffer in to which to write the random data 
@@ -215,7 +251,7 @@
 	
 	/**
 	 *
-	 * Opens a new session with the random number server.
+	 * Opens a new session with the random number generator.
 	 *
 	 */
 	IMPORT_C void ConnectL(void);
--- a/crypto/weakcryptospi/inc/random.iby	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/inc/random.iby	Sat Feb 20 00:36:18 2010 +0200
@@ -23,7 +23,6 @@
 ROM_IMAGE[0] {
 #endif
 file=ABI_DIR\BUILD_DIR\random.dll	sys\bin\random.dll
-file=ABI_DIR\BUILD_DIR\randsvr.exe	sys\bin\randsvr.exe
 #ifdef __SECURITY_TEST_ROM__
 }
 #endif
--- a/crypto/weakcryptospi/inc/randsvr.h	Tue Jan 26 13:18:49 2010 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,38 +0,0 @@
-/*
-* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-* Random Server Codes
-*
-*/
-
-
-/**
- @file 
- @internalComponent
- @released
-*/
- 
-#ifndef __RANDSVR_H__
-#define __RANDSVR_H__
-
-#include <e32base.h>
-#include <hash.h>
-
-#ifndef SYMBIAN_ENABLE_SPLIT_HEADERS
-#include <randsvrimpl.h>
-#endif
-
-TInt RunRandomServer(TAny* /*someParameters*/);
-
-#endif // __RANDSVR_H__
--- a/crypto/weakcryptospi/inc/randsvrimpl.h	Tue Jan 26 13:18:49 2010 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,79 +0,0 @@
-/*
-* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-* Random Server Codes
-*
-*/
-
-
-/**
- @file 
- @internalTechnology
-*/
- 
-#ifndef RANDSVRIMPL_H
-#define RANDSVRIMPL_H
-
-#include <hash.h>
-
-
-const TInt KRandomBlockSize=1024;
-const TInt KRandomPoolSize=2048;
-
-class CRandomScheduler:public CActiveScheduler
-	{
-public:
-	static TBool New(void);
-	void Error(TInt aError) const;
-	};
-
-class CRandomSession;
-
-class CRandomServer : public CServer2
-	{
-public:
-	static CRandomServer* NewL(void);
-	~CRandomServer(void);
-	CSession2* NewSessionL(const TVersion& aVersion, const RMessage2& aMessage) const;
-	friend class CRandomSession;
-private:
-	CRandomServer(void);
-	void ConstructL(void);
-	void Stir(void);
-	TPtrC8 GetRandom(void); 
-	CMessageDigest* Hash(void) const;
-	static TInt Tick(TAny* aPointer);
-	TUint8* iPool;
-	TInt iPoolIn;
-	TInt iPoolOut;
-	TInt iQuality;
-	TBool iFast;
-	CMessageDigest* iHash;
-	CPeriodic* iTicker;
-	};
-
-class CRandomSession : public CSession2 
-	{
-public:
-	enum { KRandomRequest };
-	static CRandomSession* NewL(CRandomServer* aServer);
-	~CRandomSession(void);
-	void ServiceL(const RMessage2& aMessage);
-private:
-	TInt FillBuffer(const RMessage2& aMessage);
-	CRandomServer* iServer;
-	CRandomSession(CRandomServer* aServer);
-	};
-
-#endif // RANDSVRIMPL_H
--- a/crypto/weakcryptospi/inc/spi/randomplugin.h	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/inc/spi/randomplugin.h	Sat Feb 20 00:36:18 2010 +0200
@@ -31,7 +31,7 @@
 namespace CryptoSpi
 	{
 	/**
-	A cryptographically secure pseudo-random number generator (CSPRNG)
+	A pseudo-random number generator (PRNG).
 	Generates random numbers derived from entropy obtained from another
 	source, usually a hardware random number generator or if unavailable,
 	from a combination variety of unpredictable system variables, added
@@ -42,11 +42,18 @@
 	    {
 	    public:
 	        /**
-	        Generate enough random bytes to fill the supplied descriptor
-	        If there is not enough entropy available, or another error
-	        occurs (e.g. out of memory) then this method may leave.
-	        @param aDest The returned generated random bytes
-	        */
+	         * Implementations of this method should fill the passed
+	         * buffer with the generated pseudo-random data up to the
+	         * current length, discarding any current contents. The 
+	         * implementations should leave with KErrNotSecure when 
+	         * the generated random data is not secure enough. 
+	         *
+	         * @param aDest The buffer to fill with random data
+	         * @leave KErrNotSecure Random data generated is not 
+	         *        secure enough for crytographic operations
+	         *        otherwise, leaves with any other system wide error code.
+	         *
+	         */
 	        virtual void GenerateRandomBytesL(TDes8& aDest) = 0;
 	    };
 
@@ -55,11 +62,20 @@
 	    {
 	    public:
 	        /**
-	        Generate enough random bytes to fill the supplied descriptor
-	        If there is not enough entropy available, or another error
-	        occurs (e.g. out of memory) then this method may leave.
-	        @param aDest The returned generated random bytes
-	        */
+	         * Implementations of this method should fill the passed
+	         * buffer with the generated pseudo-random data up to the
+	         * current length, discarding any current contents. The 
+	         * implementations should leave with KErrNotSecure when 
+	         * the generated random data is not secure enough. 
+	         *
+	         * @param aDest The buffer to fill with random data
+	         * @param aStatus The argument to carry the asynchonous request completion
+	         *        status to notify the client when buffer is filled with random data.  
+	         * @leave KErrNotSecure Random data generated is not 
+	         *        secure enough for crytographic operations
+	         *        otherwise, leaves with any other system wide error code.
+	         *
+	         */
 	        virtual void GenerateRandomBytesL(TDes8& aDest, TRequestStatus& aStatus) = 0;
 
 	        /**
--- a/crypto/weakcryptospi/source/bigint/bigint.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/source/bigint/bigint.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -805,7 +805,9 @@
 	CleanGrowL(words);
 	TPtr8 buf((TUint8*)(Ptr()), bytes, WordsToBytes(Size()));
 	TUint bitpos = aBits % BYTE_BITS;
-	GenerateRandomBytesL(buf);
+	TRAPD(err, GenerateRandomBytesL(buf));
+	if((err != KErrNone) && (err != KErrNotSecure))
+	    User::Leave(err);
 	//mask with 0 all bits above the num requested in the most significant byte
 	if(bitpos)
 		{
--- a/crypto/weakcryptospi/source/padding/padding.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/source/padding/padding.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -295,7 +295,9 @@
 	TInt startOfData=BlockSize()-aInput.Length();
 	aOutput[1]=2;				// Block type 2 (public key operation)
 	TBuf8<256> rnd(256);
-	GenerateRandomBytesL(rnd);
+	TRAPD(err, GenerateRandomBytesL(rnd));
+	if((err != KErrNone) && (err != KErrNotSecure))
+	    User::Leave(err);
 
 	TInt i = 2;
 	TInt j = 0;
@@ -307,7 +309,9 @@
 			}
 		if (++j==256)
 			{
-			GenerateRandomBytesL(rnd);
+			TRAP(err, GenerateRandomBytesL(rnd));
+			if((err != KErrNone) && (err != KErrNotSecure))
+				User::Leave(err);
 			j=0;
 			}
 		}
--- a/crypto/weakcryptospi/source/random/messagedigest.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,70 +0,0 @@
-/*
-* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-* hash.cpp
-* (c) 1999-2003 Symbian Ltd. All rights reserved
-*
-*/
-
-
-/**
- @file
-*/
-
-#include <e32std.h>
-#include <hash.h>
-#include "sha1shim.h"
-
-CMessageDigest::CMessageDigest(void):CBase()
-{}
-
-CMessageDigest::CMessageDigest(const CMessageDigest& /*aMD*/):CBase()
-{}
-
-CMessageDigest::~CMessageDigest(void)
-{}
-
-TInt CMessageDigest::GetExtension(TUint aExtensionId, TAny*& a0, TAny* a1)
-	{
-	return Extension_(aExtensionId, a0, a1);
-	}
-
-
-//////////////////////////////////////////////////////////////////
-//	Factory class to create CMessageDigest derived objects
-//////////////////////////////////////////////////////////////////
-CMessageDigest* CMessageDigestFactory::NewDigestL(CMessageDigest::THashId aHashId)
-{
-	CMessageDigest* hash = NULL;
-	switch (aHashId)
-	{
-	case (CMessageDigest::ESHA1):
-		{
-			hash = CSHA1Shim::NewL();
-			break;
-		}
-	default:	
-		User::Leave(KErrNotSupported);
-	}
-
-	return (hash);
-}
-
-CMessageDigest* CMessageDigestFactory::NewDigestLC(CMessageDigest::THashId aHashId)
-{
-	CMessageDigest* hash = CMessageDigestFactory::NewDigestL(aHashId);
-	CleanupStack::PushL(hash);
-	return (hash);
-}
-
--- a/crypto/weakcryptospi/source/random/random.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/source/random/random.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -24,9 +24,6 @@
 #include <e32math.h>
 #include <random.h>
 #include <hash.h>
-
-#include "randsvr.h"
-#include "randcliserv.h"
 #include "randomshim.h"
 
 extern "C" {
@@ -93,6 +90,12 @@
 	// Method replaced by shim
 	TRandomShim::RandomL(aDestination);
 	}
+	
+EXPORT_C void TRandom::SecureRandomL(TDes8& aDestination)
+	{
+	// Method replaced by shim
+	TRandomShim::SecureRandomL(aDestination);
+	}
 
 EXPORT_C RRandomSession::RRandomSession(void)
 	{
@@ -114,4 +117,3 @@
 	TRandomShim::Random(aDestination);
 	return KErrNone;
 	}
-
--- a/crypto/weakcryptospi/source/random/randomshim.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/source/random/randomshim.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -28,7 +28,7 @@
 #include <cryptospi/plugincharacteristics.h>
 #include "keys.h"
 #include <e32debug.h>
-
+#include "securityerr.h"
 
 using namespace CryptoSpi;
 
@@ -53,7 +53,7 @@
 	}
 
 void CRandomShim::GenerateBytesL(TDes8& aDest)
-	{
+	{	
 	iRandomImpl->GenerateRandomBytesL(aDest);
 	}
 
@@ -65,10 +65,10 @@
 	{
 	delete iRandomImpl;
 	}
-
+	
 void CRandomShim::ConstructL()
 	{
-	CRandomFactory::CreateRandomL(iRandomImpl, KRandomUid, NULL);
+	CRandomFactory::CreateRandomL(iRandomImpl, KRandomUid, NULL);	
 	}
 
 /**
@@ -87,7 +87,7 @@
 		}
 	TRAPD(ret2, rand->GenerateBytesL(aDest));
 	delete rand;
-	if (ret2 != KErrNone)
+	if ((ret2 != KErrNone) && (ret2 != KErrNotSecure))
 		{
 		// this method can't leave so the cleanup stack can't be used (because of PushL()) 
 		// so we just delete the randon shim here if GenerateBytesL() leaves
@@ -99,7 +99,21 @@
 	{
 	CRandomShim* rand = CRandomShim::NewL();
 	CleanupStack::PushL(rand);
-	rand->GenerateBytesL(aDest);
+	
+	TRAPD(error, rand->GenerateBytesL(aDest));
 	CleanupStack::PopAndDestroy(rand); // Use a singleton, avoid new overhead?
+	
+	// This method should leave on low memory conditions.
+	if(error == KErrNoMemory)
+		{
+		User::Leave(error);	
+		}
+	}	
+
+void TRandomShim::SecureRandomL(TDes8& aDest)
+	{
+	CRandomShim* rand = CRandomShim::NewLC();	
+	
+	rand->GenerateBytesL(aDest);
+	CleanupStack::PopAndDestroy(rand);	
 	}
-
--- a/crypto/weakcryptospi/source/random/randomshim.h	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/source/random/randomshim.h	Sat Feb 20 00:36:18 2010 +0200
@@ -44,7 +44,7 @@
 private:
 	CRandomShim();
 	CRandomShim(const CRandomShim&);
-	CRandomShim& operator=(const CRandomShim&);
+	CRandomShim& operator=(const CRandomShim&);	
 	void ConstructL();
 
 private:
@@ -56,6 +56,7 @@
 public:
 	static void Random(TDes8& aDestination);
 	static void RandomL(TDes8& aDestination);
+	static void SecureRandomL(TDes8& aDestination);
 	};
 
 #endif // __RANDOMSHIM_H__
--- a/crypto/weakcryptospi/source/random/randsvr.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,255 +0,0 @@
-/*
-* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-*
-*/
-
-
-/**
- @file
-*/
-
-#include "randsvr.h"
-#include "randcliserv.h"
-#include "sha1shim.h"
-#include <e32math.h>
-#include "randsvrimpl.h"
-
-//const TInt KFastTickTimer=1000000;			// These are testing numbers!
-//const TInt KSlowTickTimer=30000000;
-const TInt KThreshold=1024;
-
-const TInt KFastTickTimer=30000000;			// These are the real numbers!
-const TInt KSlowTickTimer=0x7fffffff;
-
-using namespace CryptoSpi;
-
-void SignalClient()
-//
-// Signal the owning thread that the server has started successfully
-// This may itself fail
-//
-	{
-	RProcess::Rendezvous(KErrNone);
-	}
-
-
-TInt RunRandomServer(TAny* /*aUnused*/)
-	{
-
-	__UHEAP_MARK;
-
-	CTrapCleanup* cleanup=CTrapCleanup::New();
-	if (!cleanup)
-		{
-		return KErrNoMemory;
-		}
-
-	TInt ret = User::RenameThread(KRandomServerName);
-
-	__ASSERT_ALWAYS(ret==KErrNone,User::Panic(KRandomServerName,KErrServerTerminated));
-
-	if (CRandomScheduler::New())
-		return KErrNoMemory;
-	CRandomServer* random(0);
-	TRAP(ret, random = CRandomServer::NewL());
-	if (ret != KErrNone)
-		return ret;
-	random->Start(KRandomServerName);
-	// Initialisation complete, now signal the client
-	SignalClient();
-	
-	CRandomScheduler::Start();
-	delete random;
-	delete cleanup;
-
-	__UHEAP_MARKEND;
-	return KErrNone;
-	}
-
-TBool CRandomScheduler::New(void)
-	{
-	CRandomScheduler* rs;
-	rs=new CRandomScheduler;
-	CRandomScheduler::Install(rs);
-	return (rs == NULL);
-	}
-
-void CRandomScheduler::Error(TInt /*aError*/) const 
-	{
-	User::Panic(KRandomServerName, 3);
-	}
-
-CRandomServer::CRandomServer(void) : CServer2(EPriorityLow)
-	{
-	}
-
-CRandomServer::~CRandomServer(void)
-	{
-	// This should never happen....but in case it does:
-	delete iHash;
-	delete iTicker;
-	delete iPool;
-	}
-
-CRandomServer* CRandomServer::NewL(void)
-	{
-	CRandomServer* self = new (ELeave) CRandomServer;
-	CleanupStack::PushL(self);
-	self->ConstructL();
-	CleanupStack::Pop(self);
-	return self;
-	}
-
-void CRandomServer::ConstructL(void)
-	{
-	iPool=new (ELeave) TUint8[KRandomPoolSize];
-	iHash=CSHA1Shim::NewL();
-	iPoolIn=0;
-	iPoolOut=0;
-	iTicker=CPeriodic::NewL(EPriorityLow);
-	TCallBack callback(Tick,this);
-	iTicker->Start(KFastTickTimer,KFastTickTimer,callback);		// **** these figures might need tweaking!
-	iQuality=0;
-	iFast=ETrue;
-	}
-
-TInt CRandomServer::Tick(TAny* aServer)
-	{
-	CRandomServer* svr=(CRandomServer*)aServer;
-	svr->Stir();
-	svr->iQuality+=30;
-	if (svr->iFast)
-		{
-		if (svr->iQuality>KThreshold)
-			{
-			TCallBack callback(Tick,svr);
-			svr->iTicker->Cancel();
-			svr->iTicker->Start(KSlowTickTimer,KSlowTickTimer,callback);		// **** these figures might need tweaking!
-			svr->iFast=EFalse;
-			}
-		}
-	if (svr->iQuality>(KRandomPoolSize<<3))
-		{
-		svr->iQuality=(KRandomPoolSize<<3);
-		}
-	return ETrue;
-	}
-
-CSession2* CRandomServer::NewSessionL(const TVersion& /*aVersion*/, const RMessage2& /*aMessage*/) const
-	{
-	return CRandomSession::NewL(const_cast<CRandomServer*>(this));
-	//CRandomSession::NewL(CONST_CAST(CRandomServer*,this),Message().Client());
-	}
-
-TPtrC8 CRandomServer::GetRandom(void)
-	{
-	TPtr8 res(&iPool[iPoolOut],iHash->HashSize(),iHash->HashSize());
-	iPoolOut+=iHash->HashSize();
-	if ((iPoolOut+iHash->HashSize())>KRandomPoolSize)
-		{
-		iPoolOut=0;
-		}
-	return iHash->Hash(res);
-	}
-
-CMessageDigest* CRandomServer::Hash(void) const
-	{
-	return iHash;
-	}
-
-void CRandomServer::Stir(void) 
-	{
-	TInt rnd;
-	rnd=Math::Random();
-	TPtrC8 r((TUint8*)&rnd,sizeof(TInt));
-	iHash->Hash(r);
-	TPtr8 dest(&iPool[iPoolIn],iHash->HashSize());
-	dest.Copy(iHash->Hash(dest));
-	iPoolIn+=iHash->HashSize();
-	if ((iPoolIn+iHash->HashSize())>KRandomPoolSize)
-		{
-		iPoolIn=0;
-		}
-	}
-
-CRandomSession* CRandomSession::NewL(CRandomServer* aServer)
-	{
-	CRandomSession* self;
-	self=new (ELeave) CRandomSession(aServer);
-	return self;
-	}
-
-CRandomSession::CRandomSession(CRandomServer* aServer) : CSession2(), iServer(aServer)
-	{
-	}
-
-CRandomSession::~CRandomSession(void)
-	{
-	}
-
-void CRandomSession::ServiceL(const RMessage2& aMessage)
-	{
-	switch (aMessage.Function())
-		{
-	case KRandomRequest:
-		{
-		TInt ret = FillBuffer(aMessage);
-		aMessage.Complete(ret);
-		break;
-		}
-	default:
-		aMessage.Complete(KErrNotSupported);
-		break;
-		};
-	}
-
-TInt CRandomSession::FillBuffer(const RMessage2& aMessage)
-	{
-	TInt length = aMessage.Int1();
-	iServer->iQuality -= length;
-	if (iServer->iQuality<0)
-		{
-		iServer->iQuality=0;
-		}
-	if (!iServer->iFast)
-		{
-		if (iServer->iQuality<KThreshold)
-			{
-			TCallBack callback(CRandomServer::Tick,iServer);
-			iServer->iTicker->Cancel();
-			iServer->iTicker->Start(KFastTickTimer,KFastTickTimer,callback);		// **** these figures might need tweaking!
-			iServer->iFast=ETrue;
-			}
-		}
-	TBuf8<KRandomBlockSize> buf(0);
-	iServer->Stir();
-	TInt i;
-	TInt hashsize=iServer->Hash()->HashSize();
-	for (i=0; i+hashsize < length; i+=hashsize)
-		{
-		buf.Append(iServer->GetRandom());
-		iServer->Stir();
-		}
-	TPtrC8 ptr(iServer->GetRandom().Ptr(), length-i);
-	buf.Append(ptr);
-	
-	TRAPD(ret, aMessage.WriteL(0, buf));
-	return ret;
-	}
-
-GLDEF_C TInt E32Main(void)
-	{
-	return RunRandomServer(NULL);
-	}
--- a/crypto/weakcryptospi/source/random/sha1impl.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,743 +0,0 @@
-/*
-* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-* software sha1 implementation
-* software sha1 implementation
-*
-*/
-
-
-/**
- @file
-*/
-
-#include "sha1impl.h"
-
-#include <cryptospi/hashplugin.h>
-#include "pluginconfig.h"
-#define EXPANDLOOP
-
-
-using namespace SoftwareCrypto;
-	
-CSHA1Impl* CSHA1Impl::NewL()
-	{
-	CSHA1Impl* self=new (ELeave) CSHA1Impl();
-	self->Reset();
-	return self;						
-	}
-												
-CSHA1Impl::CSHA1Impl() : iHash(KSHA1HashSize)
-	{		
-	}
-
-void CSHA1Impl::Reset()
-	{
-	iA=0x67452301;
-	iB=0xefcdab89;
-	iC=0x98badcfe;
-	iD=0x10325476;
-	iE=0xc3d2e1f0;
-	iNh=0;
-	iNl=0;
-	}
-	
-TUid CSHA1Impl::ImplementationUid()
-	{
-	return KCryptoPluginSha1Uid;
-	}
-
-void CSHA1Impl::GetCharacteristicsL(const TCharacteristics*& aPluginCharacteristics)
-	{
-	aPluginCharacteristics=NULL;
-	TInt hashNum=sizeof(KHashCharacteristics)/sizeof(THashCharacteristics*);
-	for (TInt i=0;i<hashNum;i++)
-		{
-		if (KHashCharacteristics[i]->cmn.iImplementationUID == ImplementationUid().iUid)
-			{
-			aPluginCharacteristics = KHashCharacteristics[i];
-			break;
-			}
-		}	
-	}
-
-TPtrC8 CSHA1Impl::Hash(const TDesC8& aMessage)
-	{
-	TPtrC8 ptr(KNullDesC8());
-	DoUpdate(aMessage.Ptr(),aMessage.Size());
-	StoreState();
-	DoFinal();
-	ptr.Set(iHash);
-	RestoreState();
-	return ptr;
-	}
-
-// This assumes a big-endian architecture
-void CSHA1Impl::DoUpdate(const TUint8* aData,TUint aLength)
-	{
-	while((aLength / 4) > 0 && (iNl % 4 == 0))
-		{
-		iData[iNl>>2] = aData[0] << 24 | aData[1] << 16 | aData[2] << 8 | aData[3];
-		iNl+=4;
-		aData+=4;
-		aLength-=4;
-		if(iNl==64) 
-			{
-			Block();
-			iNh+=64;
-			iNl=0;
-			}
-		}
-
-	while(aLength--)
-		{
-		switch (iNl&3) 
-			{
-			case 0:
-				iData[iNl>>2]=((TUint)(*aData))<<24;
-				break;
-			case 1:
-				iData[iNl>>2]|=((TUint)(*aData))<<16;
-				break;
-			case 2:
-				iData[iNl>>2]|=((TUint)(*aData))<<8;
-				break;
-			case 3:
-				iData[iNl>>2]|=((TUint)(*aData));
-				break;
-			default:
-				break;
-			};
-			aData++;
-			iNl++;
-			if(iNl==64) 
-				{
-				Block();
-				iNh+=64;
-				iNl=0;
-				}
-		}
-	}
-
-static inline TUint CSHA1_F(const TUint x,const TUint y,const TUint z)
-	{
-	return (x&y) | (~x&z);
-	}
-
-static inline TUint CSHA1_G(const TUint x,const TUint y,const TUint z)
-	{
-	return x^y^z;
-	}
-
-static inline TUint CSHA1_H(const TUint x,const TUint y,const TUint z)
-	{
-	return (x&y) | (x&z) | (y&z);
-	}
-
-/*static inline TUint CSHA1_I(const TUint x,const TUint y,const TUint z)
-	{
-	return x^y^z;
-	}*/
-
-#ifdef EXPANDLOOP
-
-#ifdef MACRO
-
-#define CSHA1_16(x,y,z,u,t,v,w)					v=CMD_R(x,5)+CSHA1_F(y,z,u)+t+w+0x5a827999;\
-												y=CMD_R(y,30);t=v;
-#define CSHA1_20(x,y,z,u,t,v,w0,w3,w8,w14,w16)  v=w3^w8^w14^w16;w0=CMD_R(v,1);\
-												CSHA1_16(x,y,z,u,t,v,w0);
-#define CSHA1_40(x,y,z,u,t,v,w0,w3,w8,w14,w16)	v=w3^w8^w14^w16;w0=CMD_R(v,1);\
-												v=CMD_R(x,5)+CSHA1_G(y,z,u)+t+w0+0x6ed9eba1;\
-												y=CMD_R(y,30);t=v;
-#define CSHA1_60(x,y,z,u,t,v,w0,w3,w8,w14,w16)	v=w3^w8^w14^w16;w0=CMD_R(v,1);\
-												v=CMD_R(x,5)+CSHA1_H(y,z,u)+t+w0+0x8f1bbcdc;\
-												y=CMD_R(y,30);t=v;
-#define CSHA1_80(x,y,z,u,t,v,w0,w3,w8,w14,w16)	v=w3^w8^w14^w16;w0=CMD_R(v,1);\
-												v=CMD_R(x,5)+CSHA1_G(y,z,u)+t+w0+0xca62c1d6;\
-												y=CMD_R(y,30);t=v;
-#else
-
-static inline void CSHA1_16(const TUint x, TUint& y, const TUint z,
-							const TUint u, TUint& t, TUint& v, const TUint w)
-	{
-	v = CMD_R(x,5) + CSHA1_F(y,z,u) + t + w + 0x5a827999;
-	y = CMD_R(y,30);
-	t = v;
-	}
-
-static inline void CSHA1_20(const TUint x,TUint& y,const TUint z,
-							const TUint u,TUint& t,TUint& v,
-							TUint& w0,const TUint w3,const TUint w8,
-							const TUint w14,const TUint w16)
-	{
-	v = w3 ^ w8 ^ w14 ^ w16;
-	w0 = CMD_R(v,1);
-	CSHA1_16(x,y,z,u,t,v,w0);
-	}
-
-static inline void CSHA1_40(const TUint x,TUint& y,const TUint z,
-							const TUint u,TUint& t,TUint& v,
-							TUint& w0,const TUint w3,const TUint w8,
-							const TUint w14,const TUint w16)
-	{
-	v = w3 ^ w8 ^ w14 ^ w16;
-	w0 = CMD_R(v,1);
-	v = CMD_R(x,5) + CSHA1_G(y,z,u) + t + w0 + 0x6ed9eba1;
-	y = CMD_R(y,30);
-	t = v;
-	}
-
-static inline void CSHA1_60(const TUint x,TUint& y,const TUint z,
-							const TUint u,TUint& t,TUint& v,
-							TUint& w0,const TUint w3,const TUint w8,
-							const TUint w14,const TUint w16)
-	{
-	v = w3 ^ w8 ^ w14 ^ w16;
-	w0 = CMD_R(v,1);
-	v = CMD_R(x,5) + CSHA1_H(y,z,u) + t + w0 + 0x8f1bbcdc;
-	y = CMD_R(y,30);
-	t = v;
-	}
-
-static inline void CSHA1_80(const TUint x,TUint& y,const TUint z,
-							const TUint u,TUint& t,TUint& v,
-							TUint& w0,const TUint w3,const TUint w8,
-							const TUint w14,const TUint w16)
-	{
-	v = w3 ^ w8 ^ w14 ^ w16;
-	w0 = CMD_R(v,1);
-	v = CMD_R(x,5) + CSHA1_G(y,z,u) + t + w0 + 0xca62c1d6;
-	y = CMD_R(y,30);
-	t = v;
-	}
-
-#endif // MACRO
-#endif // EXPANDLOOP
-
-#ifdef WEIDAI
-
-template <class T> inline T rotlFixed(T x, unsigned int y)
-{
-	ASSERT(y < sizeof(T)*8);
-	return (x<<y) | (x>>(sizeof(T)*8-y));
-}
-
-template<> inline TUint32 rotlFixed<TUint32>(TUint32 x, unsigned int y)
-{
-	ASSERT(y < 32);
-	return y ? CMD_R(x, y) : x;
-}
-
-#define blk0(i) (W[i] = iData[i])
-#define blk1(i) (W[i&15] = rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1))
-
-#define f1(x,y,z) (z^(x&(y^z)))
-#define f2(x,y,z) (x^y^z)
-#define f3(x,y,z) ((x&y)|(z&(x|y)))
-#define f4(x,y,z) (x^y^z)
-
-/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
-#define R0(v,w,x,y,z,i) z+=f1(w,x,y)+blk0(i)+0x5A827999+rotlFixed(v,5);w=rotlFixed(w,30);
-#define R1(v,w,x,y,z,i) z+=f1(w,x,y)+blk1(i)+0x5A827999+rotlFixed(v,5);w=rotlFixed(w,30);
-#define R2(v,w,x,y,z,i) z+=f2(w,x,y)+blk1(i)+0x6ED9EBA1+rotlFixed(v,5);w=rotlFixed(w,30);
-#define R3(v,w,x,y,z,i) z+=f3(w,x,y)+blk1(i)+0x8F1BBCDC+rotlFixed(v,5);w=rotlFixed(w,30);
-#define R4(v,w,x,y,z,i) z+=f4(w,x,y)+blk1(i)+0xCA62C1D6+rotlFixed(v,5);w=rotlFixed(w,30);
-
-#endif // WEIDAI
-
-void CSHA1Impl::Block()
-	{
-#ifdef WEIDAI
-	TUint32 W[16];
-    /* Copy context->state[] to working vars */
-    TUint32 a = iA;
-    TUint32 b = iB;
-    TUint32 c = iC;
-    TUint32 d = iD;
-    TUint32 e = iE;
-    
-	/* 4 rounds of 20 operations each. Loop unrolled. */
-    
-	R0(a,b,c,d,e, 0); 
-	R0(e,a,b,c,d, 1); 
-	R0(d,e,a,b,c, 2); 
-	R0(c,d,e,a,b, 3);
-    R0(b,c,d,e,a, 4); 
-	R0(a,b,c,d,e, 5); 
-	R0(e,a,b,c,d, 6); 
-	R0(d,e,a,b,c, 7);
-    R0(c,d,e,a,b, 8); 
-	R0(b,c,d,e,a, 9); 
-	R0(a,b,c,d,e,10); 
-	R0(e,a,b,c,d,11);
-    R0(d,e,a,b,c,12); 
-	R0(c,d,e,a,b,13); 
-	R0(b,c,d,e,a,14); 
-	R0(a,b,c,d,e,15);
-
-    R1(e,a,b,c,d,16); 
-	R1(d,e,a,b,c,17); 
-	R1(c,d,e,a,b,18); 
-	R1(b,c,d,e,a,19);
-
-    R2(a,b,c,d,e,20); 
-	R2(e,a,b,c,d,21); 
-	R2(d,e,a,b,c,22); 
-	R2(c,d,e,a,b,23);
-    R2(b,c,d,e,a,24); 
-	R2(a,b,c,d,e,25); 
-	R2(e,a,b,c,d,26); 
-	R2(d,e,a,b,c,27);
-    R2(c,d,e,a,b,28); 
-	R2(b,c,d,e,a,29); 
-	R2(a,b,c,d,e,30); 
-	R2(e,a,b,c,d,31);
-    R2(d,e,a,b,c,32); 
-	R2(c,d,e,a,b,33); 
-	R2(b,c,d,e,a,34); 
-	R2(a,b,c,d,e,35);
-    R2(e,a,b,c,d,36); 
-	R2(d,e,a,b,c,37); 
-	R2(c,d,e,a,b,38); 
-	R2(b,c,d,e,a,39);
-
-    R3(a,b,c,d,e,40); 
-	R3(e,a,b,c,d,41); 
-	R3(d,e,a,b,c,42); 
-	R3(c,d,e,a,b,43);
-    R3(b,c,d,e,a,44); 
-	R3(a,b,c,d,e,45); 
-	R3(e,a,b,c,d,46); 
-	R3(d,e,a,b,c,47);
-    R3(c,d,e,a,b,48); 
-	R3(b,c,d,e,a,49); 
-	R3(a,b,c,d,e,50); 
-	R3(e,a,b,c,d,51);
-    R3(d,e,a,b,c,52); 
-	R3(c,d,e,a,b,53); 
-	R3(b,c,d,e,a,54); 
-	R3(a,b,c,d,e,55);
-    R3(e,a,b,c,d,56); 
-	R3(d,e,a,b,c,57); 
-	R3(c,d,e,a,b,58); 
-	R3(b,c,d,e,a,59);
-
-    R4(a,b,c,d,e,60); 
-	R4(e,a,b,c,d,61); 
-	R4(d,e,a,b,c,62); 
-	R4(c,d,e,a,b,63);
-    R4(b,c,d,e,a,64); 
-	R4(a,b,c,d,e,65); 
-	R4(e,a,b,c,d,66); 
-	R4(d,e,a,b,c,67);
-    R4(c,d,e,a,b,68); 
-	R4(b,c,d,e,a,69); 
-	R4(a,b,c,d,e,70); 
-	R4(e,a,b,c,d,71);
-    R4(d,e,a,b,c,72); 
-	R4(c,d,e,a,b,73); 
-	R4(b,c,d,e,a,74); 
-	R4(a,b,c,d,e,75);
-    R4(e,a,b,c,d,76); 
-	R4(d,e,a,b,c,77); 
-	R4(c,d,e,a,b,78); 
-	R4(b,c,d,e,a,79);
-    
-	/* Add the working vars back into context.state[] */
-    iA += a;
-    iB += b;
-    iC += c;
-    iD += d;
-    iE += e;
-    /* Wipe variables */
-    a = b = c = d = e = 0;
-	Mem::FillZ(W, sizeof(W));
-#else
-	TUint tempA=iA;
-	TUint tempB=iB;
-	TUint tempC=iC;
-	TUint tempD=iD;
-	TUint tempE=iE;
-	TUint temp=0;
-
-#ifdef EXPANDLOOP
-	CSHA1_16(tempA,tempB,tempC,tempD,tempE,temp,iData[0]);
-	CSHA1_16(temp,tempA,tempB,tempC,tempD,tempE,iData[1]);
-	CSHA1_16(tempE,temp,tempA,tempB,tempC,tempD,iData[2]);
-	CSHA1_16(tempD,tempE,temp,tempA,tempB,tempC,iData[3]);
-	CSHA1_16(tempC,tempD,tempE,temp,tempA,tempB,iData[4]);
-	CSHA1_16(tempB,tempC,tempD,tempE,temp,tempA,iData[5]);
-	CSHA1_16(tempA,tempB,tempC,tempD,tempE,temp,iData[6]);
-	CSHA1_16(temp,tempA,tempB,tempC,tempD,tempE,iData[7]);
-	CSHA1_16(tempE,temp,tempA,tempB,tempC,tempD,iData[8]);
-	CSHA1_16(tempD,tempE,temp,tempA,tempB,tempC,iData[9]);
-	CSHA1_16(tempC,tempD,tempE,temp,tempA,tempB,iData[10]);
-	CSHA1_16(tempB,tempC,tempD,tempE,temp,tempA,iData[11]);
-	CSHA1_16(tempA,tempB,tempC,tempD,tempE,temp,iData[12]);
-	CSHA1_16(temp,tempA,tempB,tempC,tempD,tempE,iData[13]);
-	CSHA1_16(tempE,temp,tempA,tempB,tempC,tempD,iData[14]);
-	CSHA1_16(tempD,tempE,temp,tempA,tempB,tempC,iData[15]);
-	/*
-	i = 16;
-	TUint temp1 = tempA;
-	tempA = 
-	*/
-#else
-    TUint i=0;
-	while (i<16) 
-		{
-		temp = CMD_R(tempA,5) + CSHA1_F(tempB,tempC,tempD) + tempE + iData[i++] + 0x5a827999;
-		tempE = tempD;
-		tempD = tempC;
-		tempC = CMD_R(tempB,30);
-		tempB = tempA;
-		tempA = temp;
-		}
-#endif
-
-#ifdef EXPANDLOOP
-	CSHA1_20(tempC,tempD,tempE,temp,tempA,tempB,iData[16],iData[13],iData[8],iData[2],iData[0]);
-	CSHA1_20(tempB,tempC,tempD,tempE,temp,tempA,iData[17],iData[14],iData[9],iData[3],iData[1]);
-	CSHA1_20(tempA,tempB,tempC,tempD,tempE,temp,iData[18],iData[15],iData[10],iData[4],iData[2]);
-	CSHA1_20(temp,tempA,tempB,tempC,tempD,tempE,iData[19],iData[16],iData[11],iData[5],iData[3]);
-	//i = 20;
-#else
-	while (i<20) 
-		{
-		temp=iData[i-3] ^ iData[i-8] ^ iData[i-14] ^ iData[i-16];
-		iData[i]=CMD_R(temp,1);
-		temp = CMD_R(tempA,5) + CSHA1_F(tempB,tempC,tempD) + tempE + iData[i++] + 0x5a827999; 
-		tempE = tempD;
-		tempD = tempC; 
-		tempC = CMD_R(tempB,30); 
-		tempB = tempA; 
-		tempA = temp;
-		}
-#endif
-
-#ifdef EXPANDLOOP
-	CSHA1_40(tempE,temp,tempA,tempB,tempC,tempD,iData[20],iData[17],iData[12],iData[6],iData[4]);
-	CSHA1_40(tempD,tempE,temp,tempA,tempB,tempC,iData[21],iData[18],iData[13],iData[7],iData[5]);
-	CSHA1_40(tempC,tempD,tempE,temp,tempA,tempB,iData[22],iData[19],iData[14],iData[8],iData[6]);
-	CSHA1_40(tempB,tempC,tempD,tempE,temp,tempA,iData[23],iData[20],iData[15],iData[9],iData[7]);
-	CSHA1_40(tempA,tempB,tempC,tempD,tempE,temp,iData[24],iData[21],iData[16],iData[10],iData[8]);
-	CSHA1_40(temp,tempA,tempB,tempC,tempD,tempE,iData[25],iData[22],iData[17],iData[11],iData[9]);
-	CSHA1_40(tempE,temp,tempA,tempB,tempC,tempD,iData[26],iData[23],iData[18],iData[12],iData[10]);
-	CSHA1_40(tempD,tempE,temp,tempA,tempB,tempC,iData[27],iData[24],iData[19],iData[13],iData[11]);
-	CSHA1_40(tempC,tempD,tempE,temp,tempA,tempB,iData[28],iData[25],iData[20],iData[14],iData[12]);
-	CSHA1_40(tempB,tempC,tempD,tempE,temp,tempA,iData[29],iData[26],iData[21],iData[15],iData[13]);
-	CSHA1_40(tempA,tempB,tempC,tempD,tempE,temp,iData[30],iData[27],iData[22],iData[16],iData[14]);
-	CSHA1_40(temp,tempA,tempB,tempC,tempD,tempE,iData[31],iData[28],iData[23],iData[17],iData[15]);
-	CSHA1_40(tempE,temp,tempA,tempB,tempC,tempD,iData[32],iData[29],iData[24],iData[18],iData[16]);
-	CSHA1_40(tempD,tempE,temp,tempA,tempB,tempC,iData[33],iData[30],iData[25],iData[19],iData[17]);
-	CSHA1_40(tempC,tempD,tempE,temp,tempA,tempB,iData[34],iData[31],iData[26],iData[20],iData[18]);
-	CSHA1_40(tempB,tempC,tempD,tempE,temp,tempA,iData[35],iData[32],iData[27],iData[21],iData[19]);
-	CSHA1_40(tempA,tempB,tempC,tempD,tempE,temp,iData[36],iData[33],iData[28],iData[22],iData[20]);
-	CSHA1_40(temp,tempA,tempB,tempC,tempD,tempE,iData[37],iData[34],iData[29],iData[23],iData[21]);
-	CSHA1_40(tempE,temp,tempA,tempB,tempC,tempD,iData[38],iData[35],iData[30],iData[24],iData[22]);
-	CSHA1_40(tempD,tempE,temp,tempA,tempB,tempC,iData[39],iData[36],iData[31],iData[25],iData[23]);
-	//i = 40;
-#else
-	while (i<40) 
-		{
-		temp = iData[i-3] ^ iData[i-8] ^ iData[i-14] ^ iData[i-16];
-		iData[i] = CMD_R(temp,1);
-
-		temp = CMD_R(tempA,5) + CSHA1_G(tempB,tempC,tempD) + tempE + iData[i++] + 0x6ed9eba1; 
-		tempE = tempD; 
-		tempD = tempC; 
-		tempC = CMD_R(tempB,30); 
-		tempB = tempA; 
-		tempA = temp;
-		}
-#endif
-
-#ifdef EXPANDLOOP
-	CSHA1_60(tempC,tempD,tempE,temp,tempA,tempB,iData[40],iData[37],iData[32],iData[26],iData[24]);
-	CSHA1_60(tempB,tempC,tempD,tempE,temp,tempA,iData[41],iData[38],iData[33],iData[27],iData[25]);
-	CSHA1_60(tempA,tempB,tempC,tempD,tempE,temp,iData[42],iData[39],iData[34],iData[28],iData[26]);
-	CSHA1_60(temp,tempA,tempB,tempC,tempD,tempE,iData[43],iData[40],iData[35],iData[29],iData[27]);
-	CSHA1_60(tempE,temp,tempA,tempB,tempC,tempD,iData[44],iData[41],iData[36],iData[30],iData[28]);
-	CSHA1_60(tempD,tempE,temp,tempA,tempB,tempC,iData[45],iData[42],iData[37],iData[31],iData[29]);
-	CSHA1_60(tempC,tempD,tempE,temp,tempA,tempB,iData[46],iData[43],iData[38],iData[32],iData[30]);
-	CSHA1_60(tempB,tempC,tempD,tempE,temp,tempA,iData[47],iData[44],iData[39],iData[33],iData[31]);
-	CSHA1_60(tempA,tempB,tempC,tempD,tempE,temp,iData[48],iData[45],iData[40],iData[34],iData[32]);
-	CSHA1_60(temp,tempA,tempB,tempC,tempD,tempE,iData[49],iData[46],iData[41],iData[35],iData[33]);
-	CSHA1_60(tempE,temp,tempA,tempB,tempC,tempD,iData[50],iData[47],iData[42],iData[36],iData[34]);
-	CSHA1_60(tempD,tempE,temp,tempA,tempB,tempC,iData[51],iData[48],iData[43],iData[37],iData[35]);
-	CSHA1_60(tempC,tempD,tempE,temp,tempA,tempB,iData[52],iData[49],iData[44],iData[38],iData[36]);
-	CSHA1_60(tempB,tempC,tempD,tempE,temp,tempA,iData[53],iData[50],iData[45],iData[39],iData[37]);
-	CSHA1_60(tempA,tempB,tempC,tempD,tempE,temp,iData[54],iData[51],iData[46],iData[40],iData[38]);
-	CSHA1_60(temp,tempA,tempB,tempC,tempD,tempE,iData[55],iData[52],iData[47],iData[41],iData[39]);
-	CSHA1_60(tempE,temp,tempA,tempB,tempC,tempD,iData[56],iData[53],iData[48],iData[42],iData[40]);
-	CSHA1_60(tempD,tempE,temp,tempA,tempB,tempC,iData[57],iData[54],iData[49],iData[43],iData[41]);
-	CSHA1_60(tempC,tempD,tempE,temp,tempA,tempB,iData[58],iData[55],iData[50],iData[44],iData[42]);
-	CSHA1_60(tempB,tempC,tempD,tempE,temp,tempA,iData[59],iData[56],iData[51],iData[45],iData[43]);
-	//i = 60;
-#else
-	while (i<60) 
-		{
-		temp = iData[i-3] ^ iData[i-8] ^ iData[i-14] ^ iData[i-16];
-		iData[i] = CMD_R(temp,1);
-
-		temp = CMD_R(tempA,5) + CSHA1_H(tempB,tempC,tempD) + tempE + iData[i++] + 0x8f1bbcdc; 
-		tempE = tempD; 
-		tempD = tempC; 
-		tempC = CMD_R(tempB,30); 
-		tempB = tempA; 
-		tempA = temp;
-		}
-#endif
-
-#ifdef EXPANDLOOP
-	CSHA1_80(tempA,tempB,tempC,tempD,tempE,temp,iData[60],iData[57],iData[52],iData[46],iData[44]);
-	CSHA1_80(temp,tempA,tempB,tempC,tempD,tempE,iData[61],iData[58],iData[53],iData[47],iData[45]);
-	CSHA1_80(tempE,temp,tempA,tempB,tempC,tempD,iData[62],iData[59],iData[54],iData[48],iData[46]);
-	CSHA1_80(tempD,tempE,temp,tempA,tempB,tempC,iData[63],iData[60],iData[55],iData[49],iData[47]);
-	CSHA1_80(tempC,tempD,tempE,temp,tempA,tempB,iData[64],iData[61],iData[56],iData[50],iData[48]);
-	CSHA1_80(tempB,tempC,tempD,tempE,temp,tempA,iData[65],iData[62],iData[57],iData[51],iData[49]);
-	CSHA1_80(tempA,tempB,tempC,tempD,tempE,temp,iData[66],iData[63],iData[58],iData[52],iData[50]);
-	CSHA1_80(temp,tempA,tempB,tempC,tempD,tempE,iData[67],iData[64],iData[59],iData[53],iData[51]);
-	CSHA1_80(tempE,temp,tempA,tempB,tempC,tempD,iData[68],iData[65],iData[60],iData[54],iData[52]);
-	CSHA1_80(tempD,tempE,temp,tempA,tempB,tempC,iData[69],iData[66],iData[61],iData[55],iData[53]);
-	CSHA1_80(tempC,tempD,tempE,temp,tempA,tempB,iData[70],iData[67],iData[62],iData[56],iData[54]);
-	CSHA1_80(tempB,tempC,tempD,tempE,temp,tempA,iData[71],iData[68],iData[63],iData[57],iData[55]);
-	CSHA1_80(tempA,tempB,tempC,tempD,tempE,temp,iData[72],iData[69],iData[64],iData[58],iData[56]);
-	CSHA1_80(temp,tempA,tempB,tempC,tempD,tempE,iData[73],iData[70],iData[65],iData[59],iData[57]);
-	CSHA1_80(tempE,temp,tempA,tempB,tempC,tempD,iData[74],iData[71],iData[66],iData[60],iData[58]);
-	CSHA1_80(tempD,tempE,temp,tempA,tempB,tempC,iData[75],iData[72],iData[67],iData[61],iData[59]);
-	CSHA1_80(tempC,tempD,tempE,temp,tempA,tempB,iData[76],iData[73],iData[68],iData[62],iData[60]);
-	CSHA1_80(tempB,tempC,tempD,tempE,temp,tempA,iData[77],iData[74],iData[69],iData[63],iData[61]);
-	CSHA1_80(tempA,tempB,tempC,tempD,tempE,temp,iData[78],iData[75],iData[70],iData[64],iData[62]);
-	CSHA1_80(temp,tempA,tempB,tempC,tempD,tempE,iData[79],iData[76],iData[71],iData[65],iData[63]);
-#else
-	const TUint total=KSHA1BlockSize*5; // 16 * 5 = 80
-	while (i<total) 
-		{
-		temp = iData[i-3] ^ iData[i-8] ^ iData[i-14] ^ iData[i-16];
-		iData[i] = CMD_R(temp,1);
-
-		temp = CMD_R(tempA,5) + CSHA1_I(tempB,tempC,tempD) + tempE + iData[i++] + 0xca62c1d6; 
-		tempE = tempD; 
-		tempD = tempC; 
-		tempC = CMD_R(tempB,30); 
-		tempB = tempA; 
-		tempA = temp;
-		}
-#endif
-
-#ifdef EXPANDLOOP
-	iA+=tempE;
-	iB+=temp;
-	iC+=tempA;
-	iD+=tempB;
-	iE+=tempC;
-#else
-	iA+=tempA;
-	iB+=tempB;
-	iC+=tempC;
-	iD+=tempD;
-	iE+=tempE;
-#endif // EXPANDLOOP
-#endif // WEIDAI
-	}
-
-void CSHA1Impl::DoFinal()
-	{
-	iNh += iNl;
-	const TUint ul128=128;
-	switch (iNl&3) 
-		{
-		case 0:
-			iData[iNl>>2] = ul128<<24;
-			break;
-		case 1:
-			iData[iNl>>2] += ul128<<16;
-			break;
-		case 2:
-			iData[iNl>>2] += ul128<<8;
-			break;
-		case 3:
-			iData[iNl>>2] += ul128;
-			break;
-		default:
-			break;
-		};
-	if (iNl>=56) 
-		{
-		if (iNl<60)
-			iData[15]=0;		
-		Block();
-		Mem::FillZ(iData,14*sizeof(TUint));
-		} 
-	else
-		{
-		const TUint offset=(iNl+4)>>2; //+4 to account for the word added in the
-		//switch statement above
-		Mem::FillZ(iData+offset,(14-offset)*sizeof(TUint));
-		}
-
-	// this will fail if the total input length is longer than 2^32 in bits
-	//(2^31 in bytes) which is roughly half a gig.
-	iData[14]=0;
-	iData[15]=iNh<<3;//number in bits
-	Block();
-	//
-	// Generate hash value into iHash
-	//
-	TUint tmp=iA;
-	iHash[3]=(TUint8)(tmp & 255);
-	iHash[2]=(TUint8)((tmp >>= 8) & 255);
-	iHash[1]=(TUint8)((tmp >>= 8) & 255);
-	iHash[0]=(TUint8)((tmp >>= 8) & 255);
-
-	tmp=iB;
-	iHash[7]=(TUint8)(tmp & 255);
-	iHash[6]=(TUint8)((tmp >>= 8) & 255);
-	iHash[5]=(TUint8)((tmp >>= 8) & 255);
-	iHash[4]=(TUint8)((tmp >>= 8) & 255);
-
-	tmp=iC;
-	iHash[11]=(TUint8)(tmp & 255);
-	iHash[10]=(TUint8)((tmp >>= 8) & 255);
-	iHash[9]=(TUint8)((tmp >>= 8) & 255);
-	iHash[8]=(TUint8)((tmp >>= 8) & 255);
-
-	tmp=iD;
-	iHash[15]=(TUint8)(tmp & 255);
-	iHash[14]=(TUint8)((tmp >>= 8) & 255);
-	iHash[13]=(TUint8)((tmp >>= 8) & 255);
-	iHash[12]=(TUint8)((tmp >>= 8) & 255);
-	
-	tmp=iE;
-	iHash[19]=(TUint8)(tmp & 255);
-	iHash[18]=(TUint8)((tmp >>= 8) & 255);
-	iHash[17]=(TUint8)((tmp >>= 8) & 255);
-	iHash[16]=(TUint8)((tmp >>= 8) & 255);
-	}
-
-void CSHA1Impl::RestoreState()
-	{
-	iA = iACopy;
-	iB = iBCopy;
-	iC = iCCopy;
-	iD = iDCopy;
-	iE = iECopy;
-	iNl = iNlCopy;
-	iNh = iNhCopy;	
-	Mem::Copy(&iData[0], &iDataCopy[0], KSHA1BlockSize*5*sizeof(TUint)); 
-	}
-
-void CSHA1Impl::StoreState()
-	{
-	iACopy = iA;
-	iBCopy = iB;
-	iCCopy = iC;
-	iDCopy = iD;
-	iECopy = iE;
-	iNlCopy = iNl;
-	iNhCopy = iNh;	
-	Mem::Copy(&iDataCopy[0], &iData[0], KSHA1BlockSize*5*sizeof(TUint));
-	}
-
-// Implemented in hmacimpl.cpp or softwarehashbase.cpp
-// but required as derived from MHash. No coverage here.
-#ifdef _BullseyeCoverage
-#pragma suppress_warnings on
-#pragma BullseyeCoverage off
-#pragma suppress_warnings off
-#endif
-
-void CSHA1Impl::SetOperationModeL(TUid /*aOperationMode*/)
-	{
-	User::Leave(KErrNotSupported);
-	}
-
-void CSHA1Impl::SetKeyL(const CKey& /*aKey*/)
-	{
-	User::Leave(KErrNotSupported);
-	}
-
-TAny* CSHA1Impl::GetExtension(TUid /*aExtensionId*/)
-	{
-	return NULL;	
-	}
-
-CExtendedCharacteristics* CSHA1Impl::CreateExtendedCharacteristicsL()
-	{
-	// Not supported
-	return NULL;
-	}
-
-// The following methods are kept for compatibility but are not used by 
-// randsvr.exe (via SHA1Shim). So, Turn off coverage for these.
-MHash* CSHA1Impl::ReplicateL()
-	{	 
-	return CSHA1Impl::NewL();
-	}
-	
-MHash* CSHA1Impl::CopyL()
-	{
-	return new(ELeave) CSHA1Impl(*this);	
-	}
-
-void CSHA1Impl::Update(const TDesC8& aMessage)
-	{
-	DoUpdate(aMessage.Ptr(),aMessage.Size());	
-	}
-	
-TPtrC8 CSHA1Impl::Final(const TDesC8& aMessage)
-	{
-	TPtrC8 ptr(KNullDesC8());
-	if (aMessage!=KNullDesC8())
-		{
-		DoUpdate(aMessage.Ptr(),aMessage.Size());			
-		}
-	DoFinal();
-	ptr.Set(iHash);
-	Reset();
-	return ptr;
-	}
-
-// Since CreateExtendedCharacteristicsL is not supported, the method which using it also can not be supported.
-const CExtendedCharacteristics* CSHA1Impl::GetExtendedCharacteristicsL()
-	{
-	return CSHA1Impl::CreateExtendedCharacteristicsL();
-	}
-
-// These methods can only be covered from SHA1Shim, but not get covered because the 
-// SHA1Shim not get destroyed anywhere(may be a long runing service). So, these are excluded.
-CSHA1Impl::CSHA1Impl(const CSHA1Impl& aSHA1Impl)
-	: iHash(aSHA1Impl.iHash),iA(aSHA1Impl.iA),iB(aSHA1Impl.iB),iC(aSHA1Impl.iC),iD(aSHA1Impl.iD),iE(aSHA1Impl.iE),
-	iNl(aSHA1Impl.iNl),iNh(aSHA1Impl.iNh)
-	{
-	(void)Mem::Copy(iData, aSHA1Impl.iData, KSHA1BlockSize*5);
-	}
-
-CSHA1Impl* CSHA1Impl::NewLC()
-	{
-	CSHA1Impl* self=NewL();
-	CleanupStack::PushL(self);
-	return self;						
-	}
-
-void CSHA1Impl::Close()
-	{
-	delete this;	
-	}
-
-CSHA1Impl::~CSHA1Impl()
-	{	
-	}
--- a/crypto/weakcryptospi/source/random/sha1shim.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,151 +0,0 @@
-/*
-* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-* hashshim.cpp
-* hash shim implementation
-* hash shim implementation
-*
-*/
-
-
-/**
- @file
-*/
-
-#include "sha1shim.h"
-#include "sha1impl.h"
-#include <cryptospi/cryptospidef.h>
-#include <cryptospi/plugincharacteristics.h>
-
-
-using namespace CryptoSpi;
-using namespace SoftwareCrypto;
-
-//
-// Implementation of SHA1 shim
-//	
-	
-CSHA1Shim* CSHA1Shim::NewL()
-	{
-	CSHA1Shim* self=CSHA1Shim::NewLC();
-	CleanupStack::Pop();
-	return self;
-	}
-
-CSHA1Shim* CSHA1Shim::NewLC()
-	{
-	CSHA1Shim* self=new(ELeave) CSHA1Shim();
-	CleanupStack::PushL(self);
-	self->ConstructL();
-	return self;
-	}
-
-CSHA1Shim::CSHA1Shim()
-	{
-	}
-	
-CSHA1Shim::~CSHA1Shim()
-	{
-	iHashImpl->Close();
-	}
-
-void CSHA1Shim::ConstructL()
-	{
-	iHashImpl=CSHA1Impl::NewL();
-	}
-
-TInt CSHA1Shim::HashSize()
-	{
-	const TCharacteristics* ptr(NULL);
-	TRAPD(err, iHashImpl->GetCharacteristicsL(ptr);)
-	if (err)
-		{
-		return err;
-		}
-	const THashCharacteristics* hashPtr=static_cast<const THashCharacteristics*>(ptr);
-	return hashPtr->iOutputSize/8;
-	}
-
-TPtrC8 CSHA1Shim::Hash(const TDesC8& aMessage)
-	{
-	return iHashImpl->Hash(aMessage);
-	}
-
-// The following methods are kept for linkage compatibility
-// but are not used by randsvr.exe. Turn off coverage for these
-#ifdef _BullseyeCoverage
-#pragma suppress_warnings on
-#pragma BullseyeCoverage off
-#pragma suppress_warnings off
-#endif
-
-void CSHA1Shim::Reset()
-	{
-	// Provide a stub for compatibility; not used in random server
-	ASSERT(EFalse);
-	}
-
-void CSHA1Shim::RestoreState()
-	{
-	// Provide a stub for compatibility; not used in random server
-	ASSERT(EFalse);
-	}
-
-void CSHA1Shim::StoreState()
-	{
-	// Provide a stub for compatibility; not used in random server
-	ASSERT(EFalse);
-	}
-
-CMessageDigest* CSHA1Shim::CopyL()
-	{
-	// Provide a stub for compatibility; not used in random server
-	User::Leave(KErrNotSupported);
-	return NULL;
-	}
-
-CMessageDigest* CSHA1Shim::ReplicateL()
-	{
-	// Provide a stub for compatibility; not used in random server
-	User::Leave(KErrNotSupported);
-	return NULL;
-	}
-
-TInt CSHA1Shim::BlockSize()
-	{
-	// Provide a stub for compatibility; not used in random server
-	ASSERT(EFalse);
-	return 0;
-	}
-
-TPtrC8 CSHA1Shim::Final(const TDesC8& /*aMessage*/)
-	{
-	// Provide a stub for compatibility; not used in random server
-	ASSERT(EFalse);
-	return NULL;
-	}
-
-TPtrC8 CSHA1Shim::Final()
-	{
-	// Provide a stub for compatibility; not used in random server
-	ASSERT(EFalse);
-	return NULL;
-	}
-
-void CSHA1Shim::Update(const TDesC8& /*aMessage*/)
-	{
-	// Provide a stub for compatibility; not used in random server
-	ASSERT(EFalse);
-	}
-
--- a/crypto/weakcryptospi/source/random/sha1shim.h	Tue Jan 26 13:18:49 2010 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-/*
-* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-* hashshim.h
-* hash shim classes definition
-*
-*/
-
-
-/**
- @file
- @internalComponent
- @released
-*/
-
-#ifndef __HASHSHIM_H__
-#define __HASHSHIM_H__
-
-#include <e32def.h>
-#include <hash.h>
-#include <cryptospi/cryptohashapi.h>
-#include "sha1impl.h"
-
-//
-// SHA1 shim class
-//
-
-NONSHARABLE_CLASS(CSHA1Shim) : public CMessageDigest
-	{
-public:
-	static CSHA1Shim* NewL();
-	static CSHA1Shim* NewLC();
-	~CSHA1Shim();
-	CMessageDigest* CopyL();
-	TInt BlockSize();
-	TInt HashSize()	;
-	void Update(const TDesC8& aMessage);
-	TPtrC8 Final(const TDesC8& aMessage);
-	TPtrC8 Final();
-	void Reset();
-	TPtrC8 Hash(const TDesC8& aMessage);
-	CMessageDigest* ReplicateL();
-	void RestoreState();
-	void StoreState();
-	
-private:	
-	CSHA1Shim();
-	void ConstructL();
-	
-private:
-	SoftwareCrypto::CSHA1Impl* iHashImpl;
-	};
-
-#endif
--- a/crypto/weakcryptospi/test/tcryptospi/src/randomnumbergeneratorgeneralusagestep.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/test/tcryptospi/src/randomnumbergeneratorgeneralusagestep.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -21,9 +21,10 @@
  @file
  @internalTechnology
 */
-#include "randomnumbergeneratorgeneralusagestep.h"
+#include <cryptospi/cryptorandomapi.h>
 
-#include <cryptospi/cryptorandomapi.h>
+#include "securityerr.h"
+#include "randomnumbergeneratorgeneralusagestep.h"
 
 
 using namespace CryptoSpi;
@@ -86,13 +87,13 @@
 				
 				INFO_PRINTF2(_L("*** Original Content: %S ***"),&originalState);
 				
-				TRAP_LOG(err,randomImpl->GenerateRandomBytesL(randomStr));
+				TRAP(err,randomImpl->GenerateRandomBytesL(randomStr));
 				
 				//Copy the 8bit descriptor to 16bit using using a conversion macro
 				TBuf<50> randomResult;
 				randomResult.Copy(randomStr);
 					
-				if((randomResult != KEmptyString) && (randomResult != originalState) && (err == KErrNone))
+				if((randomResult != KEmptyString) && (randomResult != originalState) && ((err == KErrNone) || (err == KErrNotSecure)))
 					{
 					INFO_PRINTF1(_L("*** Random Number Generator - General Usage : PASS ***"));
 					SetTestStepResult(EPass);	
@@ -101,8 +102,7 @@
 					{
 					ERR_PRINTF1(_L("*** FAIL: Failed to Fill Random String ***"));
 					SetTestStepResult(EFail);	
-					}
-	
+					}	
 				}
 			else
 				{
--- a/crypto/weakcryptospi/test/tpadding/tpaddingPKCS1.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/test/tpadding/tpaddingPKCS1.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -18,6 +18,7 @@
 
 #include <random.h>
 #include <padding.h>
+#include <securityerr.h>
 #include "tpaddingPKCS1.h"
 
 CTestPadPKCS1::CTestPadPKCS1()
@@ -281,7 +282,10 @@
       in[0] = 0;
       in[1] = 2;
       TBuf8<256> rnd(256);
-      GenerateRandomBytesL(rnd);
+      TRAPD(err, GenerateRandomBytesL(rnd));
+      if((err != KErrNone) && (err != KErrNotSecure))
+          User::Leave(err);
+
 
       TInt k = 2;
       TInt j = 0;
@@ -294,7 +298,9 @@
          
          if (++j%256 == 0)
          {
-            GenerateRandomBytesL(rnd);
+         TRAP(err, GenerateRandomBytesL(rnd));
+         if((err != KErrNone) && (err != KErrNotSecure))
+             User::Leave(err);
          }
       }
       in[endOfPadding] = 0; // delimiter
@@ -306,7 +312,7 @@
      comp.Append(text);
       }
 
-      TRAPD(err, padding->UnPadL(in, out));
+      TRAP(err, padding->UnPadL(in, out));
       TEST(err == KErrNone);
 
 	  TEST(out == comp);		  
--- a/crypto/weakcryptospi/test/tplugins/group/tplugin02.mmp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/test/tplugins/group/tplugin02.mmp	Sat Feb 20 00:36:18 2010 +0200
@@ -40,6 +40,7 @@
 USERINCLUDE		../inc/tplugin02
 USERINCLUDE 	../../../inc
 USERINCLUDE 	../../../inc/spi
+USERINCLUDE 	../../../../../cryptomgmtlibs/securityutils/inc
 
 OS_LAYER_SYSTEMINCLUDE_SYMBIAN
 
--- a/crypto/weakcryptospi/test/tplugins/inc/randomimpl.h	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/test/tplugins/inc/randomimpl.h	Sat Feb 20 00:36:18 2010 +0200
@@ -61,48 +61,7 @@
 		~CRandomImpl();
 		
 	private:
-		TUid iImplementationUid;
-	
-		};
-
-	class TRandomImpl {
-	/**
-	 * The user interface to the system cryptographically 
-	 * secure random number generator.
-	 */
-	public:
-		
-		/**
-		 * Fills the provided buffer with secure random data up to its
-		 * current length, discarding any current content.
-		 *
-		 * @param aDestination The buffer in which to write the random data.
-		 */
-		static void Random(TDes8& aDestination);
-		};
-	
-	class RRandomSessionImpl : public RSessionBase
-	/**
-	 * The client interface to the system random number generator. End
-	 * users should use TRandom instead of this interface.
-	 *
-	 */
-		{
-	public:
-		RRandomSessionImpl();
-		
-		/**
-		 * Fills the provided buffer with secure random data up to its
-		 * current length, discarding any current content.
-		 *
-		 * @param aDestination The buffer in to which to write the random data 
-		 */
-		TInt GetRandom(TDes8& aDestination);
-		
-		/**
-		 * Opens a new session with the random number server.
-		 */
-		void ConnectL();
+		TUid iImplementationUid;	
 		};
 	}
 
--- a/crypto/weakcryptospi/test/tplugins/src/randomimpl.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/test/tplugins/src/randomimpl.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -21,22 +21,13 @@
 */
 
 #include <e32std.h>
+#include <e32math.h>
 #include <e32debug.h>
 
 #include "randomimpl.h"
 #include "pluginentry.h"
 #include "pluginconfig.h"
-
-#include "randsvr.h"
-#include "randcliserv.h"
-#include "randsvrimpl.h"
-
-_LIT(KRandomServerImg,"z:\\sys\\bin\\randsvr.exe");		// DLL/EXE name
-_LIT(KRandomServerConnect, "Randsvr connect");
-_LIT(KRandomServerGet, "Randsvr get");
-
-const TUid KServerUid3={0x100066dc};
-
+#include "securityerr.h"
 
 using namespace SoftwareCrypto;
 
@@ -54,31 +45,24 @@
 	return self;
 	}
 
-void CRandomImpl::GenerateRandomBytesL(TDes8& aDest)
-	{
-	TRandomImpl::Random(aDest);
+void CRandomImpl::GenerateRandomBytesL(TDes8& aDestination)
+	{	
+    // Call the Math library to populate the buffer with random data.   
+    TRAPD(err, Math::RandomL(aDestination));    
+    if(err != KErrNone)
+        {
+        // As the end users are interested only in the security aspect of the output but not 
+        // the internal states, accordingly translate the kernel side error code if required.
+        err = (err == KErrNotReady) ? KErrNotSecure : err;
+        
+        User::Leave(err);
+        }
 	}
 
 CRandomImpl::CRandomImpl(TUid aImplementationUid) : iImplementationUid(aImplementationUid)
 	{
 	}
 
-void TRandomImpl::Random(TDes8& aDestination)
-	{
-	RRandomSessionImpl rs;
-	TRAPD(ret,rs.ConnectL());
-	if (ret != KErrNone)
-		{
-		User::Panic(KRandomServerConnect, ret);
-		}
-	TInt err=rs.GetRandom(aDestination);
-	if (err != KErrNone)
-		{
-		User::Panic(KRandomServerGet, err);
-		}
-	rs.Close();
-	}
-
 void CRandomImpl::GetCharacteristicsL(const TCharacteristics*& aPluginCharacteristics)
 	{
 	TInt randomNum = sizeof(KRandomCharacteristics)/sizeof(TRandomCharacteristics*);
@@ -128,76 +112,3 @@
 void CRandomImpl::Reset()
 	{
 	}
-
-RRandomSessionImpl::RRandomSessionImpl(void)
-	{
-	}
-
-static TInt StartServer()
-// Borrowed from AndrewT's server startup code.
-// Start the server process/thread which lives in an EPOCEXE object
-//
-	{
-	
-	const TUidType serverUid(KNullUid,KNullUid,KServerUid3);
-
-	//
-	// EPOC and EKA2 is easy, we just create a new server process. Simultaneous
-	// launching of two such processes should be detected when the second one
-	// attempts to create the server object, failing with KErrAlreadyExists.
-	//
-	RProcess server;
-	TInt r=server.Create(KRandomServerImg, KNullDesC, serverUid);
-
-	if (r!=KErrNone)
-		return r;
-	TRequestStatus stat;
-	server.Rendezvous(stat);
-	if (stat!=KRequestPending)
-		server.Kill(0);		// abort startup
-	else
-		server.Resume();	// logon OK - start the server
-	User::WaitForRequest(stat);		// wait for start or death
-	// we can't use the 'exit reason' if the server panicked as this
-	// is the panic 'reason' and may be '0' which cannot be distinguished
-	// from KErrNone
-	r=(server.ExitType()==EExitPanic) ? KErrGeneral : stat.Int();
-	server.Close();
-	return r;
-
-	}
-
-void RRandomSessionImpl::ConnectL(void)
-	{
-	TInt retry=2;
-	for (;;)
-		{
-		// Magic number 1 below is the number of asynchronous message slots
-		TInt r = CreateSession(KRandomServerName,TVersion(0,0,0), 1);
-		if (r == KErrNone)
-			   User::Leave(r);   // Connected okay
-		if (r != KErrNotFound && r != KErrServerTerminated)
-			   User::Leave(r);   // Something else happened
-		if (--retry == 0)
-			User::Leave(r);      // Give up after a while
-		r = StartServer();       // Try starting again
-		if (r != KErrNone && r != KErrAlreadyExists)
-			User::Leave(r);
-		}
-	}
-
-TInt RRandomSessionImpl::GetRandom(TDes8& aDestination)
-	{
-	TInt desclength = aDestination.Length();
-	for ( TInt i = 0; i < desclength; i += KRandomBlockSize)
-		{
-		TInt getlen = Min(KRandomBlockSize, desclength - i);
-		TPtr8 buffer(&aDestination[i], KRandomBlockSize, KRandomBlockSize);
-		TInt err = SendReceive(CRandomSession::KRandomRequest, TIpcArgs(&buffer, getlen));
-		if (err != KErrNone)
-			{
-			return err;
-			}
-		}
-	return KErrNone;
-	}
--- a/crypto/weakcryptospi/test/trandom/t_random.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/crypto/weakcryptospi/test/trandom/t_random.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -27,8 +27,10 @@
 #include <random.h>
 #include <f32file.h>
 
-RTest test(_L("Random Number Generator Tests"));
+RTest test(_L("Random Number Generator"));
 
+TInt gTestPassCount = 0;
+TInt gTestRequestCount = 10;
 TInt gNumberOfRandomNumbers=10000;
 
 /** Wraps a console and logs output to a file. */
@@ -301,8 +303,7 @@
 void DoTestsL(void)
 
 	{
-	test.Printf(_L("  Run random tests with normal salting\r\n"));
-    
+	test.Printf(_L("Run random tests with normal salting\r\n"));    
 	TInt i;
 	TBuf8<16> buf2;
 	for (i=0;i<16;i++)
@@ -310,23 +311,39 @@
 		buf2.SetLength(i);
 		TRandom::RandomL(buf2);
 		}
+	
 	HBufC8* buf=HBufC8::NewMaxL(gNumberOfRandomNumbers);
+	CleanupStack::PushL(buf);
 	TPtr8 buffer=buf->Des();
-	for (i=0;i<11;i++)
+	test.Printf(_L("\nRequesting for random numbers.\n"));
+	for (i=0;i<gTestRequestCount;i++)
 		{
-		User::After(10000000);
-		TPtr8 thePtr(buf->Des());
-		thePtr.FillZ();
-	//	Generate the random data	
+		TPtr8 thePtr(buf->Des());		
+		//	Generate the random data	
 		TRandom::RandomL(buffer);
 		if (buf->Length()!=gNumberOfRandomNumbers)
+		    {
 			User::Leave(KErrGeneral);
-
-
-		WriteFile(buffer.Ptr(),_L("User.rnd"));
-		test.Printf(_L("."));
-		}
-	delete buf;
+		    }
+		++gTestPassCount;
+	    test.Printf(_L("."));
+		}	
+	
+	// Request for Secure Random numbers.
+	test.Printf(_L("\nRequesting for cryptographically secure random numbers.\n"));
+    for (i=0;i<gTestRequestCount;i++)
+        {
+        TPtr8 thePtr(buf->Des());        
+		// Generate the random data    
+        TRAP_IGNORE(TRandom::SecureRandomL(buffer));
+        if (buf->Length() != gNumberOfRandomNumbers)
+            {
+            User::Leave(KErrGeneral);
+            }
+        ++gTestPassCount;
+        test.Printf(_L("."));
+        }
+	CleanupStack::PopAndDestroy(buf);
 	}
 
 void TestsL(void)
@@ -338,10 +355,6 @@
 	test.SetConsole(con);
 	
 	DoTestsL();
-	
-	//	If test reached here, no tests failed, otherwise it would have panicked
-	//	and terminated prematurely. Print this out for tester's reference.	
-	test.Printf(_L("\n0 tests failed out of 11\r\n"));
 	}
 
 GLDEF_C TInt E32Main(void)
@@ -355,13 +368,11 @@
 	test.Start(_L(" @SYMTestCaseID:SEC-CRYPTOSPI-RANDOM-0001 Starting random number generator tests\r\n"));
 	CConsoleBase* originalConsole = test.Console();
 
-	TRAPD(ret,TestsL());
-	if (ret)
-		{
-		test.Printf(_L("Unexpected leave\r\n"));
-		// Print something to let the build system know we failed
-		test.Printf(_L("\n1 tests failed out of 11\r\n"));
-		}	
+	TRAPD(ret,TestsL());   
+    // Infor the user about the test cases' status.
+    test.Printf(_L("\n%d tests failed out of %d\r\n"), ((2*gTestRequestCount) - gTestPassCount), 2*gTestRequestCount);
+    
+    test (ret == KErrNone);
 	test.End();
 
 	if (test.Console() != originalConsole)
--- a/cryptomgmtlibs/securitytestfw/test/autotesting/sdp_bld.inf	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptomgmtlibs/securitytestfw/test/autotesting/sdp_bld.inf	Sat Feb 20 00:36:18 2010 +0200
@@ -66,7 +66,6 @@
 
 #include "os/security/authorisation/userpromptservice/group/bld.inf"
 #include "os/security/authorisation/userpromptutils/group/bld.inf"
-#include "app/techview/securityapps/securityupstechview/group/bld.inf"
 
 
 #ifdef SYMBIAN_AUTH_SERVER
--- a/cryptomgmtlibs/securitytestfw/test/testhandler2/t_tefinput.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptomgmtlibs/securitytestfw/test/testhandler2/t_tefinput.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -527,6 +527,10 @@
 			{
 			aReturnTag.Copy(_L8("\r\n\t\t<return>KErrBadPassphrase</return>"));
 			}
+	else if(aErrCode == KErrNotSecure)
+			{
+			aReturnTag.Copy(_L8("\r\n\t\t<return>KErrNotSecure</return>"));
+			}
 	else if(aErrCode == KErrKeyNotWeakEnough)
 			{
 			aReturnTag.Copy(_L8("\r\n\t\t<return>KErrKeyNotWeakEnough</return>"));
--- a/cryptomgmtlibs/securityutils/inc/securityerr.h	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptomgmtlibs/securityutils/inc/securityerr.h	Sat Feb 20 00:36:18 2010 +0200
@@ -33,6 +33,13 @@
 
 
 
+/**
+	Operation in progress or its result is not secure.
+**/
+const TInt KErrNotSecure        			= -11001;
+
+
+
 /** 
 	If the key size is larger than that allowed 
 	by the cipher strength restrictions of the crypto 
@@ -43,9 +50,8 @@
 
 
 /**
-	If the padding on a block does not conform to the
-	specifications of the algorithm.	 
-**/	
+	Length of the padding data is invalid.
+**/
 const TInt KErrInvalidPadding				= -11003;
 
 
@@ -111,9 +117,11 @@
 **/
 const TInt KErrPrivateKeyNotFound			= -11011;
 
+
+
 /**
 	If a setting in the repository is not found.
 **/
-const TInt KErrSettingNotFound					= -11012;	
+const TInt KErrSettingNotFound				= -11012;	
 
 #endif	//	__SECURITYERR_H__
--- a/cryptoplugins/cryptospiplugins/group/softwarecrypto.mmp	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/group/softwarecrypto.mmp	Sat Feb 20 00:36:18 2010 +0200
@@ -37,7 +37,8 @@
 USERINCLUDE		../../../crypto/weakcryptospi/inc
 USERINCLUDE		../../../crypto/weakcryptospi/source
 USERINCLUDE		../../../crypto/weakcryptospi/source/bigint
-USERINCLUDE	../../../crypto/weakcryptospi/inc/spi
+USERINCLUDE		../../../crypto/weakcryptospi/inc/spi
+USERINCLUDE		../../../cryptomgmtlibs/securityutils/inc
 OS_LAYER_SYSTEMINCLUDE
 
 SOURCEPATH	../source/softwarecrypto
--- a/cryptoplugins/cryptospiplugins/source/softwarecrypto/dsakeypairgenimpl.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/source/softwarecrypto/dsakeypairgenimpl.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -29,6 +29,7 @@
 #include "mont.h"
 #include "sha1impl.h"
 #include <random.h>
+#include <securityerr.h>
 
 
 const TUint KShaSize = 20;
@@ -287,7 +288,9 @@
 	
 	do 
 		{
-		GenerateRandomBytesL(seed);
+	    TRAPD(err, GenerateRandomBytesL(seed));
+	    if((err != KErrNone) && (err != KErrNotSecure))
+	        User::Leave(err);
 		}
 	while(!GeneratePrimesL(seed, c, p, aKeySize, q));
 	
--- a/cryptoplugins/cryptospiplugins/source/softwarecrypto/randomimpl.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/source/softwarecrypto/randomimpl.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -21,26 +21,16 @@
 */
 
 #include <e32std.h>
+#include <e32math.h>
 #include <e32debug.h>
 
 #include "randomimpl.h"
 #include "pluginentry.h"
 #include "pluginconfig.h"
-
-#include "randsvr.h"
-#include "randcliserv.h"
-#include "randsvrimpl.h"
-
-_LIT(KRandomServerImg,"z:\\sys\\bin\\randsvr.exe");		// DLL/EXE name
-_LIT(KRandomServerConnect, "Randsvr connect");
-_LIT(KRandomServerGet, "Randsvr get");
-
-const TUid KServerUid3={0x100066dc};
-
+#include "securityerr.h"
 
 using namespace SoftwareCrypto;
 
-
 CRandomImpl* CRandomImpl::NewL(void)
 	{
 	CRandomImpl* self = new(ELeave)CRandomImpl();
@@ -54,31 +44,23 @@
 	return self;
 	}
 
-void CRandomImpl::GenerateRandomBytesL(TDes8& aDest)
+void CRandomImpl::GenerateRandomBytesL(TDes8& aDestination)
 	{
-	TRandomImpl::Random(aDest);
+	// Call the Math library to populate the buffer with random data.	
+	TRAPD(err, Math::RandomL(aDestination));	
+	if(err != KErrNone)
+	    {
+	    // As the end users are interested only in the security aspect of the output but not 
+        // the internal states, accordingly translate the kernel side error code if required.
+        err = (err == KErrNotReady) ? KErrNotSecure : err;
+	    User::Leave(err);
+	    }
 	}
 
 CRandomImpl::CRandomImpl(void)
 	{
 	}
 
-void TRandomImpl::Random(TDes8& aDestination)
-	{
-	RRandomSessionImpl rs;
-	TRAPD(ret,rs.ConnectL());
-	if (ret != KErrNone)
-		{
-		User::Panic(KRandomServerConnect, ret);
-		}
-	TInt err=rs.GetRandom(aDestination);
-	if (err != KErrNone)
-		{
-		User::Panic(KRandomServerGet, err);
-		}
-	rs.Close();
-	}
-
 void CRandomImpl::GetCharacteristicsL(const TCharacteristics*& aPluginCharacteristics)
 	{
 	TInt randomNum = sizeof(KRandomCharacteristics)/sizeof(TRandomCharacteristics*);
@@ -124,81 +106,6 @@
 	{
 	}
 
-RRandomSessionImpl::RRandomSessionImpl(void)
-	{
-	}
-
-static TInt StartServer()
-// Borrowed from AndrewT's server startup code.
-// Start the server process/thread which lives in an EPOCEXE object
-//
-	{
-	
-	const TUidType serverUid(KNullUid,KNullUid,KServerUid3);
-
-	//
-	// EPOC and EKA2 is easy, we just create a new server process. Simultaneous
-	// launching of two such processes should be detected when the second one
-	// attempts to create the server object, failing with KErrAlreadyExists.
-	//
-	RProcess server;
-	TInt r=server.Create(KRandomServerImg, KNullDesC, serverUid);
-
-	if (r!=KErrNone)
-		return r;
-	TRequestStatus stat;
-	server.Rendezvous(stat);
-	if (stat!=KRequestPending)
-		server.Kill(0);		// abort startup
-	else
-		server.Resume();	// logon OK - start the server
-	User::WaitForRequest(stat);		// wait for start or death
-	// we can't use the 'exit reason' if the server panicked as this
-	// is the panic 'reason' and may be '0' which cannot be distinguished
-	// from KErrNone
-	r=(server.ExitType()==EExitPanic) ? KErrGeneral : stat.Int();
-	server.Close();
-	return r;
-
-	}
-
-void RRandomSessionImpl::ConnectL(void)
-	{
-	TInt retry=2;
-	for (;;)
-		{
-		// Magic number 1 below is the number of asynchronous message slots
-		TInt r = CreateSession(KRandomServerName,TVersion(0,0,0), 1);
-		if (r == KErrNone) return;
-		// We used to leave with KErrNone, but this is inefficient and
-		// provokes an emulator problem in User::Leave which causes tpbe to crash
-		// if (r == KErrNone) User::Leave(r);   // Connected okay
-		if (r != KErrNotFound && r != KErrServerTerminated)
-			   User::Leave(r);   // Something else happened
-		if (--retry == 0)
-			User::Leave(r);      // Give up after a while
-		r = StartServer();       // Try starting again
-		if (r != KErrNone && r != KErrAlreadyExists)
-			User::Leave(r);
-		}
-	}
-
-TInt RRandomSessionImpl::GetRandom(TDes8& aDestination)
-	{
-	TInt desclength = aDestination.Length();
-	for ( TInt i = 0; i < desclength; i += KRandomBlockSize)
-		{
-		TInt getlen = Min(KRandomBlockSize, desclength - i);
-		TPtr8 buffer(&aDestination[i], KRandomBlockSize, KRandomBlockSize);
-		TInt err = SendReceive(CRandomSession::KRandomRequest, TIpcArgs(&buffer, getlen));
-		if (err != KErrNone)
-			{
-			return err;
-			}
-		}
-	return KErrNone;
-	}
-
 // Methods which are not supported can be excluded from the coverage.
 #ifdef _BullseyeCoverage
 #pragma suppress_warnings on
--- a/cryptoplugins/cryptospiplugins/source/softwarecrypto/randomimpl.h	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/source/softwarecrypto/randomimpl.h	Sat Feb 20 00:36:18 2010 +0200
@@ -63,52 +63,6 @@
 	private:
 		TUid iImplementationUid;
 		};
-
-	class TRandomImpl 
-	/**
-	 * The user interface to the system cryptographically 
-	 * secure random number generator.
-	 *
-	 * @internalComponent
-	 * @released
-	 */
-		{
-	public:
-		
-		/**
-		 * Fills the provided buffer with secure random data up to its
-		 * current length, discarding any current content.
-		 *
-		 * @param aDestination The buffer in which to write the random data.
-		 */
-		static void Random(TDes8& aDestination);
-		};
-	
-	class RRandomSessionImpl : public RSessionBase
-	/**
-	 * The client interface to the system random number generator. End
-	 * users should use TRandom instead of this interface.
-	 *
-	 * @internalAll
-	 * @released
-	 */
-		{
-	public:
-		RRandomSessionImpl();
-		
-		/**
-		 * Fills the provided buffer with secure random data up to its
-		 * current length, discarding any current content.
-		 *
-		 * @param aDestination The buffer in to which to write the random data 
-		 */
-		TInt GetRandom(TDes8& aDestination);
-		
-		/**
-		 * Opens a new session with the random number server.
-		 */
-		void ConnectL();
-		};
 	}
 
 #endif // __CRYPTOAPI_RANDOMIMPL_H__
--- a/cryptoplugins/cryptospiplugins/test/h4drv/crypto_h4_plugin/randomimpl.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/test/h4drv/crypto_h4_plugin/randomimpl.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -28,11 +28,6 @@
 #include "pluginentry.h"
 #include "pluginconfig.h"
 
-#include "randsvr.h"
-#include "randcliserv.h"
-
-
-
 using namespace HwCrypto;
 
 _LIT(KLddFileName,"cryptoldd.ldd");
--- a/cryptoplugins/cryptospiplugins/test/h4drv/crypto_h4_plugin/randomimpl.h	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptoplugins/cryptospiplugins/test/h4drv/crypto_h4_plugin/randomimpl.h	Sat Feb 20 00:36:18 2010 +0200
@@ -73,32 +73,6 @@
 		TUid iImplementationUid;
 		RCryptoDriver iCryptoDriver;
 		};
-
-	class RRandomSessionImpl : public RSessionBase
-	/**
-	 * The client interface to the system random number generator. End
-	 * users should use TRandom instead of this interface.
-	 *
-	 * @internalAll
-	 * @released
-	 */
-		{
-	public:
-		RRandomSessionImpl();
-		
-		/**
-		 * Fills the provided buffer with secure random data up to its
-		 * current length, discarding any current content.
-		 *
-		 * @param aDestination The buffer in to which to write the random data 
-		 */
-		TInt GetRandom(TDes8& aDestination);
-		
-		/**
-		 * Opens a new session with the random number server.
-		 */
-		void ConnectL();
-		};
 	}
 
 #endif // __CRYPTOAPI_RANDOMIMPL_H__
--- a/cryptoservices/asnpkcs/test/tpkcs8enc/pkcs8Tester.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptoservices/asnpkcs/test/tpkcs8enc/pkcs8Tester.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -30,9 +30,9 @@
 #include <pbebase.h>
 #include <pbedata.h>
 #include <random.h>
-#include <asymmetrickeys.h>
- 
+#include <asymmetrickeys.h> 
 #include <bigint.h>
+#include <securityerr.h>
   
 #include "pkcs8tester.h"
 
@@ -157,7 +157,9 @@
 	HBufC8* saltc = HBufC8::NewMaxLC(16);
 	TPtr8 salt(saltc->Des());
 	salt.FillZ(); 
-	rand->GenerateBytesL(salt);
+	TRAPD(err, rand->GenerateBytesL(salt));
+	if((err != KErrNone) && (err != KErrNotSecure))
+		User::Leave(err);
 
 	HBufC8* ivc = HBufC8::NewMaxLC(8);
 	
@@ -229,13 +231,17 @@
 	HBufC8* saltc = HBufC8::NewMaxLC(16);
 	TPtr8 salt(saltc->Des());
 	salt.FillZ(); 
-	rand->GenerateBytesL(salt);
+	TRAPD(err, rand->GenerateBytesL(salt));
+	if((err != KErrNone) && (err != KErrNotSecure))
+		User::Leave(err);
 
 	HBufC8* ivc = HBufC8::NewMaxLC(8);
 	
 	TPtr8 iv(ivc->Des());
 	iv.FillZ(); 
-	rand->GenerateBytesL(iv);
+	TRAP(err, rand->GenerateBytesL(iv));
+	if((err != KErrNone) && (err != KErrNotSecure))
+		User::Leave(err);
 	
 	CPBEncryptParms* params = CPBEncryptParms::NewLC(ECipher3DES_CBC, salt, iv, 2048);
 	CPBEncryptElement* encryptElement = CPBEncryptElement::NewLC(pass, *params);
--- a/cryptoservices/certificateandkeymgmt/twtlscert/CorruptionTest.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptoservices/certificateandkeymgmt/twtlscert/CorruptionTest.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -27,6 +27,7 @@
 
 #include <bigint.h>
 #include <hash.h>
+#include <securityerr.h>
 
 TInt CCorruptionTest::nInstances = 0;
 _LIT(KCorruptLogFile, "WTLSCERTCorruptLog.txt");
@@ -172,7 +173,9 @@
 			HBufC8* rand = HBufC8::NewLC(5);
 			TPtr8 pRand = rand->Des();
 			pRand.SetLength(5);
-			random->GenerateBytesL(pRand);
+			TRAPD(err, random->GenerateBytesL(pRand));
+			if((err != KErrNone) && (err != KErrNotSecure))
+				User::Leave(err);
 			TUint num = 0;
 			for (TInt k = 0; k < 4 ; k++)
 				{
@@ -197,7 +200,7 @@
 			iCorruptOut->writeNewLine();
 			//try to make corrupt cert
 			CWTLSCertificate* cert = NULL;
-			TRAPD(err, cert = CWTLSCertificate::NewL(pBuf));
+			TRAP(err, cert = CWTLSCertificate::NewL(pBuf));
 			CleanupStack::PushL(cert);
 			if (err == KErrNone)
 				{
--- a/cryptoservices/filebasedcertificateandkeystores/test/tkeystore/t_export.cpp	Tue Jan 26 13:18:49 2010 +0200
+++ b/cryptoservices/filebasedcertificateandkeystores/test/tkeystore/t_export.cpp	Sat Feb 20 00:36:18 2010 +0200
@@ -30,6 +30,7 @@
 #include <x509keys.h>
 #include <pbe.h>
 #include <pbedata.h>
+#include <securityerr.h>
 
 
 const TInt KKeyStoreEmpty = -1199;
@@ -104,13 +105,17 @@
 		HBufC8* saltc = HBufC8::NewMaxLC(KDefaultSaltSize);           
 		TPtr8 salt(saltc->Des());
 		salt.FillZ(); 
-		rand->GenerateBytesL(salt);
+		TRAPD(err, rand->GenerateBytesL(salt));
+		if((err != KErrNone) && (err != KErrNotSecure))
+			User::Leave(err);
 
 		HBufC8* ivc = HBufC8::NewMaxLC(KDESBlockBytes);          
 	
 		TPtr8 iv(ivc->Des());
 		iv.FillZ(); 
-		rand->GenerateBytesL(iv);	
+		TRAP(err, rand->GenerateBytesL(iv));
+		if((err != KErrNone) && (err != KErrNotSecure))
+			User::Leave(err);
 
 		ASSERT(!iPbeParams);
 		iPbeParams = CPBEncryptParms::NewL(ECipherDES_CBC, salt, iv, 2048); 
Binary file securityanddataprivacytools/securityconfig/conf/securityconfig.confml has changed
Binary file securityanddataprivacytools/securityconfig/conf/securityconfig_2001ea7f.crml has changed
Binary file securityanddataprivacytools/securitytools/certapp/test/tcertapp/ucs2-bigendian.txt has changed