I would like to do something similar to openssl crl -in crl.pem -CAfile ca.pem (see stackOverflow) with Mbed TLS. I don’t see a method for verifying a CRL (e.g. mbedtls_x509_crl_verify()).
The use-case I’m trying to implement is:
Upload CRL to device
Verify that the uploaded CRL is signed by the trust CA
Is there a way to implement this use-case? (mbedtls_x509_crt_verify() requires a certificate, which may not be available.)