lok: create certificate and private key with insertCertificate

Change-Id: Ie114068d9aec5259f9f7ed395c5dfeecf8bb787d
Reviewed-on: https://gerrit.libreoffice.org/61915
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>

2 files changed, 40 insertions, 14 deletions

diff --git a/desktop/qa/desktop_lib/test_desktop_lib.cxx b/desktop/qa/desktop_lib/test_desktop_lib.cxx
index bd8b08f9fac8..aeb4f0692c42 100644
--- a/desktop/qa/desktop_lib/test_desktop_lib.cxx
+++ b/desktop/qa/desktop_lib/test_desktop_lib.cxx
@@ -2261,24 +2261,37 @@ void DesktopLOKTest::testInsertCertificate()
 {
     comphelper::LibreOfficeKit::setActive();
 
+    // Load the document, save it into a temp file and load that file again
     LibLODocument_Impl* pDocument = loadDoc("blank_text.odt");
+    utl::TempFile aTempFile;
+    aTempFile.EnableKillingFile();
+    CPPUNIT_ASSERT(pDocument->pClass->saveAs(pDocument, aTempFile.GetURL().toUtf8().getStr(), "odt", nullptr));
+    closeDoc();
+
+    mxComponent = loadFromDesktop(aTempFile.GetURL(), "com.sun.star.text.TextDocument");
+    pDocument = new LibLODocument_Impl(mxComponent);
 
     Scheduler::ProcessEventsToIdle();
     CPPUNIT_ASSERT(mxComponent.is());
     pDocument->m_pDocumentClass->initializeForRendering(pDocument, "{}");
 
-    OUString aFileURL;
-    createFileURL("certificate.der", aFileURL);
-
-    SvFileStream aStream(aFileURL, StreamMode::READ);
-    sal_uInt64 nSize = aStream.remainingSize();
-
+    OUString aCertificateURL;
+    createFileURL("certificate.der", aCertificateURL);
+    SvFileStream aCertificateStream(aCertificateURL, StreamMode::READ);
     std::vector<unsigned char> aCertificate;
-    aCertificate.resize(nSize);
-    aStream.ReadBytes(aCertificate.data(), nSize);
-
-    bool bResult = pDocument->m_pDocumentClass->insertCertificate(pDocument, aCertificate.data(), int(aCertificate.size()));
-    CPPUNIT_ASSERT(bResult);
+    aCertificate.resize(aCertificateStream.remainingSize());
+    aCertificateStream.ReadBytes(aCertificate.data(), aCertificateStream.remainingSize());
+
+    OUString aPrivateKeyURL;
+    createFileURL("pkey.der", aPrivateKeyURL);
+    SvFileStream aPrivateKeyStream(aPrivateKeyURL, StreamMode::READ);
+    std::vector<unsigned char> aPrivateKey;
+    aPrivateKey.resize(aPrivateKeyStream.remainingSize());
+    aPrivateKeyStream.ReadBytes(aPrivateKey.data(), aPrivateKeyStream.remainingSize());
+
+    pDocument->m_pDocumentClass->insertCertificate(pDocument,
+                        aCertificate.data(), int(aCertificate.size()),
+                        aPrivateKey.data(), int(aPrivateKey.size()));
 
     comphelper::LibreOfficeKit::setActive(false);
 }
diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx
index 2a13775dcc64..b08c6d694f4a 100644
--- a/desktop/source/lib/init.cxx
+++ b/desktop/source/lib/init.cxx
@@ -76,6 +76,7 @@
 #include <com/sun/star/xml/crypto/SEInitializer.hpp>
 #include <com/sun/star/xml/crypto/XSEInitializer.hpp>
 #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp>
+#include <com/sun/star/xml/crypto/XCertificateCreator.hpp>
 #include <com/sun/star/security/DocumentDigitalSignatures.hpp>
 #include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
 #include <com/sun/star/security/XCertificate.hpp>
@@ -691,7 +692,9 @@ static char* doc_getPartInfo(LibreOfficeKitDocument* pThis, int nPart);
 
 static bool doc_insertCertificate(LibreOfficeKitDocument* pThis,
                                   const unsigned char* pCertificateBinary,
-                                  const int pCertificateBinarySize);
+                                  const int nCertificateBinarySize,
+                                  const unsigned char* pPrivateKeyBinary,
+                                  const int nPrivateKeyBinarySize);
 
 static int doc_getSignatureState(LibreOfficeKitDocument* pThis);
 
@@ -3601,7 +3604,9 @@ static void doc_postWindow(LibreOfficeKitDocument* /*pThis*/, unsigned nLOKWindo
 }
 
 // CERTIFICATE AND DOCUMENT SIGNING
-static bool doc_insertCertificate(LibreOfficeKitDocument* /*pThis*/, const unsigned char* pCertificateBinary, const int nCertificateBinarySize)
+static bool doc_insertCertificate(LibreOfficeKitDocument* /*pThis*/,
+                                  const unsigned char* pCertificateBinary, const int nCertificateBinarySize,
+                                  const unsigned char* pPrivateKeyBinary, const int nPrivateKeySize)
 {
     if (!xContext.is())
         return false;
@@ -3614,11 +3619,19 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* /*pThis*/, const unsig
 
     uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment;
     xSecurityEnvironment = xSecurityContext->getSecurityEnvironment();
+    uno::Reference<xml::crypto::XCertificateCreator> xCertificateCreator(xSecurityEnvironment, uno::UNO_QUERY);
+
+    if (!xCertificateCreator.is())
+        return false;
 
     uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize);
     std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin());
 
-    uno::Reference<security::XCertificate> xCertificate = xSecurityEnvironment->createCertificateFromRaw(aCertificateSequence);
+    uno::Sequence<sal_Int8> aPrivateKeySequence(nPrivateKeySize);
+    std::copy(pPrivateKeyBinary, pPrivateKeyBinary + nPrivateKeySize, aPrivateKeySequence.begin());
+
+    uno::Reference<security::XCertificate> xCertificate;
+    xCertificate = xCertificateCreator->createDERCertificateWithPrivateKey(aCertificateSequence, aPrivateKeySequence);
 
     if (!xCertificate.is())
         return false;