Add functionality to the Crypto Module to create P12 certs containing…

… the PK

src/System Application/App/Cryptography Management/src/DotNetReadOnlySpanWrapper/X509CertificateWrapper.cs

@@ -0,0 +1,14 @@
+using System;
+using System.Security.Cryptography.X509Certificates;
+using System.Runtime.Versioning;
+
+namespace X509CertificateWrapper
+{
+    public class X509CertificateWrapper
+    {
+        public static string CreateBase64FromPem(string certPem, string keyPem, string password)
+        {
+            return Convert.ToBase64String(X509Certificate2.CreateFromPem(certPem, keyPem).Export(X509ContentType.Pkcs12, password));
+        }
+    }
+}

src/System Application/App/Cryptography Management/src/DotNetReadOnlySpanWrapper/X509CertificateWrapper.csproj

@@ -0,0 +1,7 @@
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+</Project>

src/System Application/App/Cryptography Management/src/RSAImpl.Codeunit.al

@@ -247,4 +247,10 @@ codeunit 1476 "RSA Impl." implements "Signature Algorithm v2"
                 DotNetRSASignaturePadding := DotNetRSASignaturePadding.Pss;
         end;
     end;
+
+    [NonDebuggable]
+    internal procedure ExportRSAPrivateKeyPem(): Text
+    begin
+        exit(DotNetRSA.ExportRSAPrivateKeyPem());
+    end;
 }

src/System Application/App/Cryptography Management/src/X509Certificate2.Codeunit.al

@@ -334,4 +334,16 @@ codeunit 1286 X509Certificate2
     begin
         X509Certificate2Impl.GetCertificateSerialNumberAsASCII(CertBase64Value, Password, SerialNumberASCII);
     end;
+
+    /// <summary>
+    /// Creates a new instance of X509Certificate2 from the specified Base64 encoded certificate value. The certificate is exported as Base64 encoded string.
+    /// </summary>
+    /// <param name="CertificateBase64">The Base64 encoded certificate in PEM format.</param>
+    /// <param name="PrivateKeyXmlString">The private key in XML format.</param>
+    /// <param name="Password">The password to protect the private key.</param>
+    /// <returns>The Base64 encoded certificate including the private key.</returns>
+    procedure CreateFromPemAndExportAsBase64(CertificateBase64: Text; PrivateKeyXmlString: SecretText; Password: SecretText) CertBase64Value: Text
+    begin
+        exit(X509Certificate2Impl.CreateFromPemAndExportAsBase64(CertificateBase64, PrivateKeyXmlString, Password));
+    end;
 }

src/System Application/App/Cryptography Management/src/X509Certificate2Impl.Codeunit.al

@@ -213,4 +213,29 @@ codeunit 1285 "X509Certificate2 Impl."
 
         exit(SerialNumberASCII);
     end;
+
+    [NonDebuggable]
+    procedure CreateFromPemAndExportAsBase64(CertBase64: Text; PrivateKeyXmlString: SecretText; Password: SecretText): Text
+    var
+        RSA: Codeunit "RSA Impl.";
+        X509CertificateWrapper: DotNet X509CertificateWrapper;
+        BeginCertTok: Label '-----BEGIN CERTIFICATE-----', Locked = true;
+        EndCertTok: Label '-----END CERTIFICATE-----', Locked = true;
+    begin
+        if CertBase64 = '' then
+            exit;
+
+        if PrivateKeyXmlString.IsEmpty() then
+            exit;
+
+        if Password.IsEmpty() then
+            exit;
+
+        if not CertBase64.StartsWith(BeginCertTok) then
+            CertBase64 := BeginCertTok + CertBase64 + EndCertTok;
+
+        RSA.FromSecretXmlString(PrivateKeyXmlString);
+
+        exit(X509CertificateWrapper.CreateBase64FromPem(CertBase64, RSA.ExportRSAPrivateKeyPem(), Password.Unwrap()));
+    end;
 }

src/System Application/App/Cryptography Management/src/dotnet.al

@@ -50,5 +50,9 @@ dotnet
 
     }
 
+    assembly("X509CertificateWrapper")
+    {
+        type(X509CertificateWrapper.X509CertificateWrapper; X509CertificateWrapper) { }
+    }
 }