Revert to original guarding for mbedtls_internal_aes_encrypt/decrypt

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c
index 0f96db0..b9145ea 100644
--- a/tf-psa-crypto/drivers/builtin/src/aes.c
+++ b/tf-psa-crypto/drivers/builtin/src/aes.c
@@ -841,6 +841,7 @@
                AES_RT3(MBEDTLS_BYTE_3(Y0));     \
     } while (0)
 
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * AES-ECB block encryption
  */
@@ -964,7 +965,7 @@
     return 0;
 }
 #endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
-
+#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
 /*
  * Our intrinsics-based implementation of AESNI requires the round keys to be
  * aligned on a 16-byte boundary. We take care of this before creating them,