Hi, I am fairly new to both TLS and using mbed TLS so please excuse my ignorance on this topic. I have searched through the forums but cant seem to find something like that fits the use case I described and was hoping someone could point me in the right direction.
I am looking to generate a certificate using mbed TLS with the restriction that the entity who can sign the certificate is not on my microcontroller itself and can only sign data but not take in a CSR as input to generate a certificate. In other words I have a separate chip, which has a public private key pair, that I need to utilise to help generate the certificate, but all the chip is able to do is generate a signature for a set of data I provided it.
Does mbedTLS have any API calls that can help me in this task? Most of the examples I have tried are either generating a CSR and sending it to a CA or generating a self signed certificate and I have yet to find an example or API that can help me generate a certificate with a provided signature.
Thanks in advance!