lok: create certificate and private key with insertCertificate

Change-Id: Ie114068d9aec5259f9f7ed395c5dfeecf8bb787d
Reviewed-on: https://gerrit.libreoffice.org/61915
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
(cherry picked from commit c2ceb1f54e85ebc8b38df3f2e4d1113a2fe1cc64)

4 files changed, 49 insertions, 17 deletions

diff --git a/desktop/qa/desktop_lib/test_desktop_lib.cxx b/desktop/qa/desktop_lib/test_desktop_lib.cxx
index 752a14af81ef..f8cab66a0aee 100644
--- a/desktop/qa/desktop_lib/test_desktop_lib.cxx
+++ b/desktop/qa/desktop_lib/test_desktop_lib.cxx
@@ -2261,24 +2261,37 @@ void DesktopLOKTest::testInsertCertificate()
 {
     comphelper::LibreOfficeKit::setActive();
 
+    // Load the document, save it into a temp file and load that file again
     LibLODocument_Impl* pDocument = loadDoc("blank_text.odt");
+    utl::TempFile aTempFile;
+    aTempFile.EnableKillingFile();
+    CPPUNIT_ASSERT(pDocument->pClass->saveAs(pDocument, aTempFile.GetURL().toUtf8().getStr(), "odt", nullptr));
+    closeDoc();
+
+    mxComponent = loadFromDesktop(aTempFile.GetURL(), "com.sun.star.text.TextDocument");
+    pDocument = new LibLODocument_Impl(mxComponent);
 
     Scheduler::ProcessEventsToIdle();
     CPPUNIT_ASSERT(mxComponent.is());
     pDocument->m_pDocumentClass->initializeForRendering(pDocument, "{}");
 
-    OUString aFileURL;
-    createFileURL("certificate.der", aFileURL);
-
-    SvFileStream aStream(aFileURL, StreamMode::READ);
-    sal_uInt64 nSize = aStream.remainingSize();
-
+    OUString aCertificateURL;
+    createFileURL("certificate.der", aCertificateURL);
+    SvFileStream aCertificateStream(aCertificateURL, StreamMode::READ);
     std::vector<unsigned char> aCertificate;
-    aCertificate.resize(nSize);
-    aStream.ReadBytes(aCertificate.data(), nSize);
-
-    bool bResult = pDocument->m_pDocumentClass->insertCertificate(pDocument, aCertificate.data(), int(aCertificate.size()));
-    CPPUNIT_ASSERT(bResult);
+    aCertificate.resize(aCertificateStream.remainingSize());
+    aCertificateStream.ReadBytes(aCertificate.data(), aCertificateStream.remainingSize());
+
+    OUString aPrivateKeyURL;
+    createFileURL("pkey.der", aPrivateKeyURL);
+    SvFileStream aPrivateKeyStream(aPrivateKeyURL, StreamMode::READ);
+    std::vector<unsigned char> aPrivateKey;
+    aPrivateKey.resize(aPrivateKeyStream.remainingSize());
+    aPrivateKeyStream.ReadBytes(aPrivateKey.data(), aPrivateKeyStream.remainingSize());
+
+    pDocument->m_pDocumentClass->insertCertificate(pDocument,
+                        aCertificate.data(), int(aCertificate.size()),
+                        aPrivateKey.data(), int(aPrivateKey.size()));
 
     comphelper::LibreOfficeKit::setActive(false);
 }
diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx
index cb248891e498..79ca5055db1f 100644
--- a/desktop/source/lib/init.cxx
+++ b/desktop/source/lib/init.cxx
@@ -75,6 +75,7 @@
 #include <com/sun/star/xml/crypto/SEInitializer.hpp>
 #include <com/sun/star/xml/crypto/XSEInitializer.hpp>
 #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp>
+#include <com/sun/star/xml/crypto/XCertificateCreator.hpp>
 #include <com/sun/star/security/DocumentDigitalSignatures.hpp>
 #include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
 #include <com/sun/star/security/XCertificate.hpp>
@@ -696,7 +697,9 @@ static char* doc_getPartInfo(LibreOfficeKitDocument* pThis, int nPart);
 
 static bool doc_insertCertificate(LibreOfficeKitDocument* pThis,
                                   const unsigned char* pCertificateBinary,
-                                  const int pCertificateBinarySize);
+                                  const int nCertificateBinarySize,
+                                  const unsigned char* pPrivateKeyBinary,
+                                  const int nPrivateKeyBinarySize);
 
 static int doc_getSignatureState(LibreOfficeKitDocument* pThis);
 
@@ -3684,7 +3687,9 @@ static void doc_postWindow(LibreOfficeKitDocument* /*pThis*/, unsigned nLOKWindo
 }
 
 // CERTIFICATE AND DOCUMENT SIGNING
-static bool doc_insertCertificate(LibreOfficeKitDocument* /*pThis*/, const unsigned char* pCertificateBinary, const int nCertificateBinarySize)
+static bool doc_insertCertificate(LibreOfficeKitDocument* /*pThis*/,
+                                  const unsigned char* pCertificateBinary, const int nCertificateBinarySize,
+                                  const unsigned char* pPrivateKeyBinary, const int nPrivateKeySize)
 {
     if (!xContext.is())
         return false;
@@ -3697,11 +3702,19 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* /*pThis*/, const unsig
 
     uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment;
     xSecurityEnvironment = xSecurityContext->getSecurityEnvironment();
+    uno::Reference<xml::crypto::XCertificateCreator> xCertificateCreator(xSecurityEnvironment, uno::UNO_QUERY);
+
+    if (!xCertificateCreator.is())
+        return false;
 
     uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize);
     std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin());
 
-    uno::Reference<security::XCertificate> xCertificate = xSecurityEnvironment->createCertificateFromRaw(aCertificateSequence);
+    uno::Sequence<sal_Int8> aPrivateKeySequence(nPrivateKeySize);
+    std::copy(pPrivateKeyBinary, pPrivateKeyBinary + nPrivateKeySize, aPrivateKeySequence.begin());
+
+    uno::Reference<security::XCertificate> xCertificate;
+    xCertificate = xCertificateCreator->createDERCertificateWithPrivateKey(aCertificateSequence, aPrivateKeySequence);
 
     if (!xCertificate.is())
         return false;
diff --git a/include/LibreOfficeKit/LibreOfficeKit.h b/include/LibreOfficeKit/LibreOfficeKit.h
index fbbf1822e956..8a4c6d4ad659 100644
--- a/include/LibreOfficeKit/LibreOfficeKit.h
+++ b/include/LibreOfficeKit/LibreOfficeKit.h
@@ -323,7 +323,9 @@ struct _LibreOfficeKitDocumentClass
     /// @see lok::Document::insertCertificate().
     bool (*insertCertificate) (LibreOfficeKitDocument* pThis,
                                 const unsigned char* pCertificateBinary,
-                                const int pCertificateBinarySize);
+                                const int nCertificateBinarySize,
+                                const unsigned char* pPrivateKeyBinary,
+                                const int nPrivateKeyBinarySize);
 
     /// @see lok::Document::getSignatureState().
     int (*getSignatureState) (LibreOfficeKitDocument* pThis);
diff --git a/include/LibreOfficeKit/LibreOfficeKit.hxx b/include/LibreOfficeKit/LibreOfficeKit.hxx
index 077490674f70..f72badaae851 100644
--- a/include/LibreOfficeKit/LibreOfficeKit.hxx
+++ b/include/LibreOfficeKit/LibreOfficeKit.hxx
@@ -561,9 +561,13 @@ public:
      *  Insert certificate (in binary form) to the certificate store.
      */
     bool insertCertificate(const unsigned char* pCertificateBinary,
-                           const int pCertificateBinarySize)
+                           const int pCertificateBinarySize,
+                           const unsigned char* pPrivateKeyBinary,
+                           const int nPrivateKeyBinarySize)
     {
-        return mpDoc->pClass->insertCertificate(mpDoc, pCertificateBinary, pCertificateBinarySize);
+        return mpDoc->pClass->insertCertificate(mpDoc, 
+                                                pCertificateBinary, pCertificateBinarySize, 
+                                                pPrivateKeyBinary, nPrivateKeyBinarySize);
     }
 
     /**