diff -r 675a964f4eb5 -r 35751d3474b7 cryptoservices/certificateandkeymgmt/tpkixcert/Tactionvalidate.cpp
--- a/cryptoservices/certificateandkeymgmt/tpkixcert/Tactionvalidate.cpp	Tue Jul 21 01:04:32 2009 +0100
+++ b/cryptoservices/certificateandkeymgmt/tpkixcert/Tactionvalidate.cpp	Thu Sep 10 14:01:51 2009 +0300
@@ -1,506 +1,506 @@
-/*
-* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description: 
-*
-*/
-
-
-#include "tactionvalidate.h"
-#include "t_inputextra.h"
-
-_LIT(KChainStart, "<chain>");
-_LIT(KChainEnd, "</chain>");
-_LIT(KIOStart, "<io>");
-_LIT(KIOEnd, "</io>");
-_LIT(KCertPath, "\\pkixtestdata\\");
-
-CActionValidate::~CActionValidate()
-	{
-	if (iPolicies)
-		{
-		iPolicies->ResetAndDestroy();
-		delete iPolicies;
-		iPolicies = 0;
-		}
-
-	delete iValidationResult;
-	delete iChain;
-
-	delete iCertUtils;
-
-	delete iTestChain;
-	delete iTestIO;
-	}
-
-CActionValidate::CActionValidate(RFs& aFs, 
-								 CConsoleBase& aConsole,
-								 Output& aOut)
-: CTestAction(aConsole, aOut), iFs(aFs)
-	{
-	}
-
-
-void CActionValidate::ConstructL(const TTestActionSpec& aTestActionSpec)
-	{
-	CTestAction::ConstructL(aTestActionSpec);
-	HBufC* aBody = HBufC::NewLC(aTestActionSpec.iActionBody.Length());
-	aBody->Des().Copy(aTestActionSpec.iActionBody);
-	TInt pos = 0;
-	TInt err = KErrNone;
-	TPtrC chainBuf = Input::ParseElement(*aBody, KChainStart, KChainEnd, pos, err);
-	iTestChain = CTestChain::NewL(chainBuf);
-	if (!AddParametersL(*aBody, pos))
-		{
-		// There must be at least one IO thing
-		User::Leave(KErrNotFound);
-		}
-	while(AddParametersL(*aBody, pos))
-		{
-		}
-
-	iValidationResult = CPKIXValidationResult::NewL();
-	TDriveUnit sysDrive (RFs::GetSystemDrive());
-	TDriveName driveName(sysDrive.Name());
-	iCertPath.Copy(driveName);
-	iCertPath.Append(KCertPath);
-
-	CleanupStack::PopAndDestroy(aBody);
-	}
-
-void CActionValidate::PerformAction(TRequestStatus& aStatus)
-	{
-	switch (iState)
-		{
-		case EDoValidateTestStart:
-			{
-			__ASSERT_DEBUG(!iChain, User::Panic(_L("CPKIXCertTest"), 1));
-			TRAPD(err, CreateChainL());
-			iState = EDoValidateTestValidate;
-			TRequestStatus* status = &aStatus;
-			User::RequestComplete(status, err);
-			break;
-			}
-
-		case EDoValidateTestValidate:
-			{
-			// 1) write the overall result we expect
-			iOut.writeSpaces(4);
-			iOut.writeString(_L("Expected result = "));
-			iOut.writeString(iTestIO->iError);
-			iOut.writeNewLine();
-
-			// 2) now do the validation
-
-			iTime.UniversalTime();
-	
-			if (iTestIO->iPolicyInput->Count() > 0)
-				{
-				__ASSERT_DEBUG(!iPolicies, User::Panic(_L("CPKIXCertTest"), 1));
-				__ASSERT_DEBUG(iChain, User::Panic(_L("CPKIXCertTest"), 1));
-
-				iPolicies = new (ELeave) CArrayPtrFlat<HBufC> (1);
-				TInt count = iTestIO->iPolicyInput->Count();
-				for (TInt i = 0; i < count; i++)
-					{
-					TPtrC policy = iTestIO->iPolicyInput->MdcaPoint(i);
-					HBufC* pBuf = policy.AllocL();
-					CleanupStack::PushL(pBuf);
-					iPolicies->AppendL(pBuf);
-					CleanupStack::Pop();
-					}
-					
-				iChain->ValidateL(*iValidationResult, iTime, *iPolicies, aStatus);	
-				}
-			else
-				{
-				iChain->ValidateL(*iValidationResult, iTime, aStatus);
-				}
-			iState = EDoValidateTestValidated;
-			}
-			break;
-
-		case EDoValidateTestValidated:
-			{
-			// 3) write the overall result
-			iOut.writeSpaces(4);
-			iOut.writeString(_L("Actual result = "));
-			CCertUtils::WriteError(iValidationResult->Error().iReason, iOut);
-			TBuf<128> iActualResult = CCertUtils::MapError(iValidationResult->Error().iReason);
-			iOut.writeNewLine();
-			iOut.writeNewLine();
-
-			// 4) write the policy info
-			TBool checkingPolicies = 
-				((iTestIO->iIPoliciesSet) || (iTestIO->iOPoliciesSet));
-			if (checkingPolicies)
-				{
-				if (iTestIO->iIPoliciesSet)
-					{
-					// 4.1) policies we supplied
-					iOut.writeSpaces(4);
-					iOut.writeString(_L("Supplied policy set: "));
-					iOut.writeNewLine();
-					WritePolicies(*(iTestIO->iPolicyInput));
-					}
-				if (iTestIO->iOPoliciesSet)
-					{
-					// 4.2) policies we expect
-					iOut.writeSpaces(4);
-					iOut.writeString(_L("Expected user-constrained policy set: "));
-					iOut.writeNewLine();
-					WritePolicies(*(iTestIO->iExpectedPolicyOutput));
-					}
-
-				// 4.3) policies we collected
-				iOut.writeSpaces(4);
-				iOut.writeString(_L("Actual user-constrained policy set: "));
-				iOut.writeNewLine();
-				const CArrayPtrFlat<CX509CertPolicyInfo>& policies = iValidationResult->Policies();
-				TInt actualPolicyCount = policies.Count();
-				for (TInt j = 0; j < actualPolicyCount; j++)
-					{
-					iOut.writeSpaces(8);
-					iOut.writeString(policies.At(j)->Id());
-					iOut.writeNewLine();	
-					}
-				iOut.writeNewLine();	
-
-			//check expected user-constrained policy set == actual user-constrained policy set
-				TBool policyOutputCorrect = ETrue;
-				CDesCArray* expectedPolicies = iTestIO->iExpectedPolicyOutput;
-				TInt expectedPolicyCount = expectedPolicies->MdcaCount();
-				if (expectedPolicyCount == actualPolicyCount)
-					{
-					for (TInt k = 0; k < expectedPolicyCount; k++)
-						{
-						TPtrC expectedPolicy = expectedPolicies->MdcaPoint(k);
-						TBool policyFound = EFalse;
-						for (TInt l = 0; l < actualPolicyCount; l++)
-							{
-							TPtrC actualPolicy = policies.At(l)->Id();
-							if (actualPolicy == expectedPolicy)
-								{
-								policyFound = ETrue;
-								break;
-								}
-							}
-						if (!policyFound)
-							{
-							policyOutputCorrect = EFalse;
-							}	
-						}
-					}
-				else
-					{
-					policyOutputCorrect = EFalse;
-					}
-				iResult = (iTestIO->iError == iActualResult) && (policyOutputCorrect);
-				}
-			else	//! checking policies 
-				{
-				iResult = (iTestIO->iError == iActualResult);
-				}
-			iState = EDoValidateTestFinished;
-			if (iPolicies)
-				{
-				iPolicies->ResetAndDestroy();
-				delete iPolicies;
-				iPolicies = 0;
-				}
-			TRequestStatus* status = &aStatus;
-			User::RequestComplete(status, KErrNone);
-			}
-			break;
-
-		case EDoValidateTestFinished:
-			{
-			__ASSERT_DEBUG(!iPolicies, User::Panic(_L("CPKIXCertTest"), 1));
-			delete iChain;
-			iChain = 0;
-			iState = ERemoveCertsAfterTest;
-			iActionState = EPostrequisite;
-			TRequestStatus* status = &aStatus;
-			User::RequestComplete(status, KErrNone);
-			}
-			break;
-		default:
-			break;
-		}
-	}
-
-TBool CActionValidate::TestResult(TInt /*aError*/)
-	{
-	return 0;
-	}
-	
-void CActionValidate::PerformCancel()
-	{
-	delete iChain;
-	iChain = 0;
-	}
-
-void CActionValidate::AfterOOMFailure()
-	{
-	if (iPolicies)
-		{
-		iPolicies->ResetAndDestroy();
-		delete iPolicies;
-		iPolicies = 0;
-		}
-	}
-	
-void CActionValidate::Reset()
-	{
-	iState = EDoValidateTestStart;
-	if (iPolicies)
-		{
-		iPolicies->ResetAndDestroy();
-		delete iPolicies;
-		iPolicies = 0;
-		}
-	delete iChain;
-	iChain = 0;
-	}
-
-void CActionValidate::DoReportAction()
-	{
-	iConsole.Printf(_L("u"));
-	}
-
-void CActionValidate::DoCheckResult(TInt /*aError*/)
-	{
-	}
-
-TBool CActionValidate::AddParametersL(const TDesC& aBuf, TInt& aPos)
-	{
-	TPtrC ioBuf = Input::ParseElement(aBuf, KIOStart, KIOEnd, aPos);
-	if (ioBuf != KNullDesC)
-		{
-		iTestIO = CTestParameters::NewL(ioBuf);
-		return ETrue;
-		}
-	return EFalse;
-	}
-
-void CActionValidate::WritePolicies(const CDesCArray& aPolicySet)
-	{
-	TInt count = aPolicySet.Count();
-	for (TInt i = 0; i < count; i++)
-		{
-		iOut.writeSpaces(8);
-		iOut.writeString(aPolicySet.MdcaPoint(i));
-		iOut.writeNewLine();
-		}
-	}
-
-/*
-validate using the cert store as a source of root certificates
-*/
-
-CTestAction* CActionValidateWithStore::NewL(RFs& aFs, CConsoleBase& aConsole,
-		Output& aOut, const TTestActionSpec& aTestActionSpec)
-	{
-	CTestAction* self = CActionValidateWithStore::NewLC(aFs, aConsole,
-		aOut, aTestActionSpec);
-	CleanupStack::Pop(self);
-	return self;
-	}
-
-CTestAction* CActionValidateWithStore::NewLC(RFs& aFs, CConsoleBase& aConsole,
-		Output& aOut, const TTestActionSpec& aTestActionSpec)
-	{
-	CActionValidateWithStore* self = new(ELeave) CActionValidateWithStore(aFs, aConsole, aOut);
-	CleanupStack::PushL(self);
-	self->ConstructL(aTestActionSpec);
-	return self;
-	}
-
-CActionValidateWithStore::CActionValidateWithStore(RFs& aFs, CConsoleBase& aConsole,Output& aOut)
-	:CActionValidate(aFs, aConsole, aOut)
-	{
-	}
-
-void CActionValidateWithStore::DoPerformPrerequisite(TRequestStatus& aStatus)
-	{
-	switch (iState)
-		{
-		case ERemoveCertsBeforeTest:
-			__ASSERT_DEBUG(!iCertUtils, User::Panic(_L("CPKIXCertTest"), 1));
-			iCertUtils = CCertUtils::NewL(iFs);
-			iCertUtils->RemoveCertsL(aStatus);
-			iState = EAddRoot;
-			break;
-
-		case EAddRoot:
-			{
-			TUid uid = { 1 };
-			TRAPD(err, iCertUtils->RemoveApplicationL(uid));
-			iCertUtils->AddApplicationL(_L("testpkix"), uid);
-			TUid uid2 = { 2 };
-			TRAP(err, iCertUtils->RemoveApplicationL(uid2));
-			iCertUtils->AddApplicationL(_L("testpkix"), uid2);
-			iCertUtils->AddCertL(iTestChain->iRootCertLabel,
-				EX509Certificate, ECACertificate, 1, iCertPath,
-				iTestChain->iRootCertFileName, 
-				aStatus);	// 1 is trusted for our use
-			iState = EAddIntermediateCerts;
-			break;
-			}
-
-		case EAddIntermediateCerts:
-			{
-			iCertUtils->AddCACertsL(*(iTestChain->iIntermediateCertsFileName), 
-				*(iTestChain->iIntermediateCertsLabel),
-				EX509Certificate, 2, iCertPath, 
-				aStatus);	//2 not trusted for our use
-			iState = EDoValidateTestStart;
-			iActionState = EAction;
-			break;
-			}
-		default:
-			break;
-		}
-	}
-
-void CActionValidateWithStore::DoPerformPostrequisite(TRequestStatus& aStatus)
-	{
-	switch (iState)
-		{
-		case ERemoveCertsAfterTest:
-			iCertUtils->RemoveCertsL(aStatus);
-			iState = EEnd;
-			break;
-
-		case EEnd:
-			{
-			delete iCertUtils;
-			iCertUtils = 0;
-			TRequestStatus* status = &aStatus;
-			iFinished = ETrue;
-			User::RequestComplete(status, KErrNone);
-			}
-			break;
-		default:
-			break;
-		}
-	}
-
-
-void CActionValidateWithStore::CreateChainL()
-	{
-	HBufC8* eeCert = 0;
-			
-	TRAPD(err, 
-		eeCert = Input::ReadFileL(iTestChain->iEECertFileName,
-		iCertPath, iFs));
-	if (err != KErrNone)
-		{
-		iConsole.Printf(_L("Error : couldn't open file "));
-		iConsole.Printf(iTestChain->iEECertFileName);
-		iConsole.Printf(_L("\n"));
-		iOut.writeString(_L("Error : couldn't open file "));
-		iOut.writeString(iTestChain->iEECertFileName);
-		iOut.writeNewLine();
-		User::Leave(err);
-		}
-	CleanupStack::PushL(eeCert);
-	TUid testUid = TUid::Uid(1);
-	iChain = CPKIXCertChain::NewL(iFs, *eeCert, testUid);
-	CleanupStack::PopAndDestroy(eeCert); 
-	}
-
-/*
-validate using a set of candidates root certs supplied by the client
-*/
-CTestAction* CActionValidateWithSuppliedCerts::NewL(RFs& aFs, CConsoleBase& aConsole,
-		Output& aOut, const TTestActionSpec& aTestActionSpec)
-	{
-	CTestAction* self = CActionValidateWithSuppliedCerts::NewLC(aFs, aConsole,
-		aOut, aTestActionSpec);
-	CleanupStack::Pop(self);
-	return self;	
-	}
-
-CTestAction* CActionValidateWithSuppliedCerts::NewLC(RFs& aFs, CConsoleBase& aConsole,
-		Output& aOut, const TTestActionSpec& aTestActionSpec)
-	{
-	CActionValidateWithSuppliedCerts* self = new(ELeave) CActionValidateWithSuppliedCerts(aFs, aConsole, aOut);
-	CleanupStack::PushL(self);
-	self->ConstructL(aTestActionSpec);
-	return self;
-	}
-
-CActionValidateWithSuppliedCerts::CActionValidateWithSuppliedCerts(RFs& aFs, CConsoleBase& aConsole,Output& aOut)
-	:CActionValidate(aFs, aConsole, aOut)
-	{
-	}
-
-void CActionValidateWithSuppliedCerts::ConstructL(const TTestActionSpec& aTestActionSpec)
-	{
-	CActionValidate::ConstructL(aTestActionSpec);
-	iRootCerts = new(ELeave) RPointerArray<CX509Certificate>;
-	}
-
-CActionValidateWithSuppliedCerts::~CActionValidateWithSuppliedCerts()
-	{
-	if (iRootCerts)
-		{
-		iRootCerts->ResetAndDestroy();
-		delete iRootCerts;
-		}
-	delete iEndEntityAndIntermediateCerts;
-	}
-
-void CActionValidateWithSuppliedCerts::DoPerformPrerequisite(TRequestStatus& aStatus)
-	{
-//initialise the big descriptor containing ee cert followed by all intermediate certs
-//and the array of candidate root certs
-
-	HBufC8* eeCert = Input::ReadFileLC(iTestChain->iEECertFileName, iCertPath, iFs);
-	HBufC8* inter = InputExtra::ReadFilesLC(*(iTestChain->iIntermediateCertsFileName), iCertPath, iFs);
-	TInt totalSize = (eeCert->Size()) + (inter->Size());
-	iEndEntityAndIntermediateCerts = HBufC8::NewL(totalSize);
-	TPtr8 pRes = iEndEntityAndIntermediateCerts->Des();
-	pRes.Append(*eeCert);
-	pRes.Append(*inter);
-	CleanupStack::PopAndDestroy(2);//eeCert, inter
-
-	HBufC8* rootBuf = Input::ReadFileLC(iTestChain->iRootCertFileName, iCertPath, iFs);
-	CX509Certificate* root = CX509Certificate::NewL(*rootBuf);
-	CleanupStack::PopAndDestroy(rootBuf);
-	CleanupStack::PushL(root);
-	
-	User::LeaveIfError(iRootCerts->Append(root));
-	CleanupStack::Pop(root);//
-
-	TRequestStatus* status = &aStatus;
-	User::RequestComplete(status, KErrNone);
-	iState = EDoValidateTestStart;
-	iActionState = EAction;
-	}
-
-void CActionValidateWithSuppliedCerts::DoPerformPostrequisite(TRequestStatus& aStatus)
-	{
-	delete iCertUtils;
-	iCertUtils = NULL;
-	TRequestStatus* status = &aStatus;
-	iFinished = ETrue;
-	User::RequestComplete(status, KErrNone);
-	}
-
-void CActionValidateWithSuppliedCerts::CreateChainL()
-	{
-//create chain object
-	iChain = CPKIXCertChain::NewL(iFs, *iEndEntityAndIntermediateCerts, *iRootCerts);
-	}
+/*
+* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: 
+*
+*/
+
+
+#include "tactionvalidate.h"
+#include "t_inputextra.h"
+
+_LIT(KChainStart, "<chain>");
+_LIT(KChainEnd, "</chain>");
+_LIT(KIOStart, "<io>");
+_LIT(KIOEnd, "</io>");
+_LIT(KCertPath, "\\pkixtestdata\\");
+
+CActionValidate::~CActionValidate()
+	{
+	if (iPolicies)
+		{
+		iPolicies->ResetAndDestroy();
+		delete iPolicies;
+		iPolicies = 0;
+		}
+
+	delete iValidationResult;
+	delete iChain;
+
+	delete iCertUtils;
+
+	delete iTestChain;
+	delete iTestIO;
+	}
+
+CActionValidate::CActionValidate(RFs& aFs, 
+								 CConsoleBase& aConsole,
+								 Output& aOut)
+: CTestAction(aConsole, aOut), iFs(aFs)
+	{
+	}
+
+
+void CActionValidate::ConstructL(const TTestActionSpec& aTestActionSpec)
+	{
+	CTestAction::ConstructL(aTestActionSpec);
+	HBufC* aBody = HBufC::NewLC(aTestActionSpec.iActionBody.Length());
+	aBody->Des().Copy(aTestActionSpec.iActionBody);
+	TInt pos = 0;
+	TInt err = KErrNone;
+	TPtrC chainBuf = Input::ParseElement(*aBody, KChainStart, KChainEnd, pos, err);
+	iTestChain = CTestChain::NewL(chainBuf);
+	if (!AddParametersL(*aBody, pos))
+		{
+		// There must be at least one IO thing
+		User::Leave(KErrNotFound);
+		}
+	while(AddParametersL(*aBody, pos))
+		{
+		}
+
+	iValidationResult = CPKIXValidationResult::NewL();
+	TDriveUnit sysDrive (RFs::GetSystemDrive());
+	TDriveName driveName(sysDrive.Name());
+	iCertPath.Copy(driveName);
+	iCertPath.Append(KCertPath);
+
+	CleanupStack::PopAndDestroy(aBody);
+	}
+
+void CActionValidate::PerformAction(TRequestStatus& aStatus)
+	{
+	switch (iState)
+		{
+		case EDoValidateTestStart:
+			{
+			__ASSERT_DEBUG(!iChain, User::Panic(_L("CPKIXCertTest"), 1));
+			TRAPD(err, CreateChainL());
+			iState = EDoValidateTestValidate;
+			TRequestStatus* status = &aStatus;
+			User::RequestComplete(status, err);
+			break;
+			}
+
+		case EDoValidateTestValidate:
+			{
+			// 1) write the overall result we expect
+			iOut.writeSpaces(4);
+			iOut.writeString(_L("Expected result = "));
+			iOut.writeString(iTestIO->iError);
+			iOut.writeNewLine();
+
+			// 2) now do the validation
+
+			iTime.UniversalTime();
+	
+			if (iTestIO->iPolicyInput->Count() > 0)
+				{
+				__ASSERT_DEBUG(!iPolicies, User::Panic(_L("CPKIXCertTest"), 1));
+				__ASSERT_DEBUG(iChain, User::Panic(_L("CPKIXCertTest"), 1));
+
+				iPolicies = new (ELeave) CArrayPtrFlat<HBufC> (1);
+				TInt count = iTestIO->iPolicyInput->Count();
+				for (TInt i = 0; i < count; i++)
+					{
+					TPtrC policy = iTestIO->iPolicyInput->MdcaPoint(i);
+					HBufC* pBuf = policy.AllocL();
+					CleanupStack::PushL(pBuf);
+					iPolicies->AppendL(pBuf);
+					CleanupStack::Pop();
+					}
+					
+				iChain->ValidateL(*iValidationResult, iTime, *iPolicies, aStatus);	
+				}
+			else
+				{
+				iChain->ValidateL(*iValidationResult, iTime, aStatus);
+				}
+			iState = EDoValidateTestValidated;
+			}
+			break;
+
+		case EDoValidateTestValidated:
+			{
+			// 3) write the overall result
+			iOut.writeSpaces(4);
+			iOut.writeString(_L("Actual result = "));
+			CCertUtils::WriteError(iValidationResult->Error().iReason, iOut);
+			TBuf<128> iActualResult = CCertUtils::MapError(iValidationResult->Error().iReason);
+			iOut.writeNewLine();
+			iOut.writeNewLine();
+
+			// 4) write the policy info
+			TBool checkingPolicies = 
+				((iTestIO->iIPoliciesSet) || (iTestIO->iOPoliciesSet));
+			if (checkingPolicies)
+				{
+				if (iTestIO->iIPoliciesSet)
+					{
+					// 4.1) policies we supplied
+					iOut.writeSpaces(4);
+					iOut.writeString(_L("Supplied policy set: "));
+					iOut.writeNewLine();
+					WritePolicies(*(iTestIO->iPolicyInput));
+					}
+				if (iTestIO->iOPoliciesSet)
+					{
+					// 4.2) policies we expect
+					iOut.writeSpaces(4);
+					iOut.writeString(_L("Expected user-constrained policy set: "));
+					iOut.writeNewLine();
+					WritePolicies(*(iTestIO->iExpectedPolicyOutput));
+					}
+
+				// 4.3) policies we collected
+				iOut.writeSpaces(4);
+				iOut.writeString(_L("Actual user-constrained policy set: "));
+				iOut.writeNewLine();
+				const CArrayPtrFlat<CX509CertPolicyInfo>& policies = iValidationResult->Policies();
+				TInt actualPolicyCount = policies.Count();
+				for (TInt j = 0; j < actualPolicyCount; j++)
+					{
+					iOut.writeSpaces(8);
+					iOut.writeString(policies.At(j)->Id());
+					iOut.writeNewLine();	
+					}
+				iOut.writeNewLine();	
+
+			//check expected user-constrained policy set == actual user-constrained policy set
+				TBool policyOutputCorrect = ETrue;
+				CDesCArray* expectedPolicies = iTestIO->iExpectedPolicyOutput;
+				TInt expectedPolicyCount = expectedPolicies->MdcaCount();
+				if (expectedPolicyCount == actualPolicyCount)
+					{
+					for (TInt k = 0; k < expectedPolicyCount; k++)
+						{
+						TPtrC expectedPolicy = expectedPolicies->MdcaPoint(k);
+						TBool policyFound = EFalse;
+						for (TInt l = 0; l < actualPolicyCount; l++)
+							{
+							TPtrC actualPolicy = policies.At(l)->Id();
+							if (actualPolicy == expectedPolicy)
+								{
+								policyFound = ETrue;
+								break;
+								}
+							}
+						if (!policyFound)
+							{
+							policyOutputCorrect = EFalse;
+							}	
+						}
+					}
+				else
+					{
+					policyOutputCorrect = EFalse;
+					}
+				iResult = (iTestIO->iError == iActualResult) && (policyOutputCorrect);
+				}
+			else	//! checking policies 
+				{
+				iResult = (iTestIO->iError == iActualResult);
+				}
+			iState = EDoValidateTestFinished;
+			if (iPolicies)
+				{
+				iPolicies->ResetAndDestroy();
+				delete iPolicies;
+				iPolicies = 0;
+				}
+			TRequestStatus* status = &aStatus;
+			User::RequestComplete(status, KErrNone);
+			}
+			break;
+
+		case EDoValidateTestFinished:
+			{
+			__ASSERT_DEBUG(!iPolicies, User::Panic(_L("CPKIXCertTest"), 1));
+			delete iChain;
+			iChain = 0;
+			iState = ERemoveCertsAfterTest;
+			iActionState = EPostrequisite;
+			TRequestStatus* status = &aStatus;
+			User::RequestComplete(status, KErrNone);
+			}
+			break;
+		default:
+			break;
+		}
+	}
+
+TBool CActionValidate::TestResult(TInt /*aError*/)
+	{
+	return 0;
+	}
+	
+void CActionValidate::PerformCancel()
+	{
+	delete iChain;
+	iChain = 0;
+	}
+
+void CActionValidate::AfterOOMFailure()
+	{
+	if (iPolicies)
+		{
+		iPolicies->ResetAndDestroy();
+		delete iPolicies;
+		iPolicies = 0;
+		}
+	}
+	
+void CActionValidate::Reset()
+	{
+	iState = EDoValidateTestStart;
+	if (iPolicies)
+		{
+		iPolicies->ResetAndDestroy();
+		delete iPolicies;
+		iPolicies = 0;
+		}
+	delete iChain;
+	iChain = 0;
+	}
+
+void CActionValidate::DoReportAction()
+	{
+	iConsole.Printf(_L("u"));
+	}
+
+void CActionValidate::DoCheckResult(TInt /*aError*/)
+	{
+	}
+
+TBool CActionValidate::AddParametersL(const TDesC& aBuf, TInt& aPos)
+	{
+	TPtrC ioBuf = Input::ParseElement(aBuf, KIOStart, KIOEnd, aPos);
+	if (ioBuf != KNullDesC)
+		{
+		iTestIO = CTestParameters::NewL(ioBuf);
+		return ETrue;
+		}
+	return EFalse;
+	}
+
+void CActionValidate::WritePolicies(const CDesCArray& aPolicySet)
+	{
+	TInt count = aPolicySet.Count();
+	for (TInt i = 0; i < count; i++)
+		{
+		iOut.writeSpaces(8);
+		iOut.writeString(aPolicySet.MdcaPoint(i));
+		iOut.writeNewLine();
+		}
+	}
+
+/*
+validate using the cert store as a source of root certificates
+*/
+
+CTestAction* CActionValidateWithStore::NewL(RFs& aFs, CConsoleBase& aConsole,
+		Output& aOut, const TTestActionSpec& aTestActionSpec)
+	{
+	CTestAction* self = CActionValidateWithStore::NewLC(aFs, aConsole,
+		aOut, aTestActionSpec);
+	CleanupStack::Pop(self);
+	return self;
+	}
+
+CTestAction* CActionValidateWithStore::NewLC(RFs& aFs, CConsoleBase& aConsole,
+		Output& aOut, const TTestActionSpec& aTestActionSpec)
+	{
+	CActionValidateWithStore* self = new(ELeave) CActionValidateWithStore(aFs, aConsole, aOut);
+	CleanupStack::PushL(self);
+	self->ConstructL(aTestActionSpec);
+	return self;
+	}
+
+CActionValidateWithStore::CActionValidateWithStore(RFs& aFs, CConsoleBase& aConsole,Output& aOut)
+	:CActionValidate(aFs, aConsole, aOut)
+	{
+	}
+
+void CActionValidateWithStore::DoPerformPrerequisite(TRequestStatus& aStatus)
+	{
+	switch (iState)
+		{
+		case ERemoveCertsBeforeTest:
+			__ASSERT_DEBUG(!iCertUtils, User::Panic(_L("CPKIXCertTest"), 1));
+			iCertUtils = CCertUtils::NewL(iFs);
+			iCertUtils->RemoveCertsL(aStatus);
+			iState = EAddRoot;
+			break;
+
+		case EAddRoot:
+			{
+			TUid uid = { 1 };
+			TRAPD(err, iCertUtils->RemoveApplicationL(uid));
+			iCertUtils->AddApplicationL(_L("testpkix"), uid);
+			TUid uid2 = { 2 };
+			TRAP(err, iCertUtils->RemoveApplicationL(uid2));
+			iCertUtils->AddApplicationL(_L("testpkix"), uid2);
+			iCertUtils->AddCertL(iTestChain->iRootCertLabel,
+				EX509Certificate, ECACertificate, 1, iCertPath,
+				iTestChain->iRootCertFileName, 
+				aStatus);	// 1 is trusted for our use
+			iState = EAddIntermediateCerts;
+			break;
+			}
+
+		case EAddIntermediateCerts:
+			{
+			iCertUtils->AddCACertsL(*(iTestChain->iIntermediateCertsFileName), 
+				*(iTestChain->iIntermediateCertsLabel),
+				EX509Certificate, 2, iCertPath, 
+				aStatus);	//2 not trusted for our use
+			iState = EDoValidateTestStart;
+			iActionState = EAction;
+			break;
+			}
+		default:
+			break;
+		}
+	}
+
+void CActionValidateWithStore::DoPerformPostrequisite(TRequestStatus& aStatus)
+	{
+	switch (iState)
+		{
+		case ERemoveCertsAfterTest:
+			iCertUtils->RemoveCertsL(aStatus);
+			iState = EEnd;
+			break;
+
+		case EEnd:
+			{
+			delete iCertUtils;
+			iCertUtils = 0;
+			TRequestStatus* status = &aStatus;
+			iFinished = ETrue;
+			User::RequestComplete(status, KErrNone);
+			}
+			break;
+		default:
+			break;
+		}
+	}
+
+
+void CActionValidateWithStore::CreateChainL()
+	{
+	HBufC8* eeCert = 0;
+			
+	TRAPD(err, 
+		eeCert = Input::ReadFileL(iTestChain->iEECertFileName,
+		iCertPath, iFs));
+	if (err != KErrNone)
+		{
+		iConsole.Printf(_L("Error : couldn't open file "));
+		iConsole.Printf(iTestChain->iEECertFileName);
+		iConsole.Printf(_L("\n"));
+		iOut.writeString(_L("Error : couldn't open file "));
+		iOut.writeString(iTestChain->iEECertFileName);
+		iOut.writeNewLine();
+		User::Leave(err);
+		}
+	CleanupStack::PushL(eeCert);
+	TUid testUid = TUid::Uid(1);
+	iChain = CPKIXCertChain::NewL(iFs, *eeCert, testUid);
+	CleanupStack::PopAndDestroy(eeCert); 
+	}
+
+/*
+validate using a set of candidates root certs supplied by the client
+*/
+CTestAction* CActionValidateWithSuppliedCerts::NewL(RFs& aFs, CConsoleBase& aConsole,
+		Output& aOut, const TTestActionSpec& aTestActionSpec)
+	{
+	CTestAction* self = CActionValidateWithSuppliedCerts::NewLC(aFs, aConsole,
+		aOut, aTestActionSpec);
+	CleanupStack::Pop(self);
+	return self;	
+	}
+
+CTestAction* CActionValidateWithSuppliedCerts::NewLC(RFs& aFs, CConsoleBase& aConsole,
+		Output& aOut, const TTestActionSpec& aTestActionSpec)
+	{
+	CActionValidateWithSuppliedCerts* self = new(ELeave) CActionValidateWithSuppliedCerts(aFs, aConsole, aOut);
+	CleanupStack::PushL(self);
+	self->ConstructL(aTestActionSpec);
+	return self;
+	}
+
+CActionValidateWithSuppliedCerts::CActionValidateWithSuppliedCerts(RFs& aFs, CConsoleBase& aConsole,Output& aOut)
+	:CActionValidate(aFs, aConsole, aOut)
+	{
+	}
+
+void CActionValidateWithSuppliedCerts::ConstructL(const TTestActionSpec& aTestActionSpec)
+	{
+	CActionValidate::ConstructL(aTestActionSpec);
+	iRootCerts = new(ELeave) RPointerArray<CX509Certificate>;
+	}
+
+CActionValidateWithSuppliedCerts::~CActionValidateWithSuppliedCerts()
+	{
+	if (iRootCerts)
+		{
+		iRootCerts->ResetAndDestroy();
+		delete iRootCerts;
+		}
+	delete iEndEntityAndIntermediateCerts;
+	}
+
+void CActionValidateWithSuppliedCerts::DoPerformPrerequisite(TRequestStatus& aStatus)
+	{
+//initialise the big descriptor containing ee cert followed by all intermediate certs
+//and the array of candidate root certs
+
+	HBufC8* eeCert = Input::ReadFileLC(iTestChain->iEECertFileName, iCertPath, iFs);
+	HBufC8* inter = InputExtra::ReadFilesLC(*(iTestChain->iIntermediateCertsFileName), iCertPath, iFs);
+	TInt totalSize = (eeCert->Size()) + (inter->Size());
+	iEndEntityAndIntermediateCerts = HBufC8::NewL(totalSize);
+	TPtr8 pRes = iEndEntityAndIntermediateCerts->Des();
+	pRes.Append(*eeCert);
+	pRes.Append(*inter);
+	CleanupStack::PopAndDestroy(2);//eeCert, inter
+
+	HBufC8* rootBuf = Input::ReadFileLC(iTestChain->iRootCertFileName, iCertPath, iFs);
+	CX509Certificate* root = CX509Certificate::NewL(*rootBuf);
+	CleanupStack::PopAndDestroy(rootBuf);
+	CleanupStack::PushL(root);
+	
+	User::LeaveIfError(iRootCerts->Append(root));
+	CleanupStack::Pop(root);//
+
+	TRequestStatus* status = &aStatus;
+	User::RequestComplete(status, KErrNone);
+	iState = EDoValidateTestStart;
+	iActionState = EAction;
+	}
+
+void CActionValidateWithSuppliedCerts::DoPerformPostrequisite(TRequestStatus& aStatus)
+	{
+	delete iCertUtils;
+	iCertUtils = NULL;
+	TRequestStatus* status = &aStatus;
+	iFinished = ETrue;
+	User::RequestComplete(status, KErrNone);
+	}
+
+void CActionValidateWithSuppliedCerts::CreateChainL()
+	{
+//create chain object
+	iChain = CPKIXCertChain::NewL(iFs, *iEndEntityAndIntermediateCerts, *iRootCerts);
+	}