Hello,
I'm working on generating EC public-private key pairs as well as exporting them using a self signed cert from the nRF5340. I have my code working off target using the latest mbedtls but it seems like the NRF Connect SDK configuration options do not fully support the X.509 module.
To start, the Zephyr config options do not include a way to enable `MBEDTLS_X509_CRT_WRITE_C` support, which is needed for creating certs. This feature must be enabled in the mbed tls config header that is autogenerated by the build system. The configs provide a way for a user generated header to be included for additional #defines, but for some reason this user config is autogenerated as well. If you set `CONFIG_GENERATE_MBEDTLS_CFG_FILE` to `n`, it disables generation of both config files: the mbedtls config file as well as the user cfg file.
I got around this by disabling the autogeneration of the files and copying them myself. I added the proper definitions to enable `MBEDTLS_X509_CRT_WRITE_C` and any other needed dependancies.
The issue I am running into now is that the libmbedx509.a file generated by the build system does not include the necessary functions from x509_write.c. It's as if the mbedtls version included in zephyr/nrfconnect does not compile the necessary files into the library.
Is there any way to work around this easily? I would prefer not to have to integrate the vanilla mbedtls library into the project as there are a lot of nice integrations in the NRF Security framework already.
Thank you for your help
