Make MBEDTLS_USE_PSA_CRYPTO no longer a selectable option
The macro MBEDTLS_USE_PSA_CRYPTO is now always defined. It is no longer a
configuration option.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h
index d669f4c..40ef083 100644
--- a/include/mbedtls/config_adjust_legacy_crypto.h
+++ b/include/mbedtls/config_adjust_legacy_crypto.h
@@ -48,6 +48,20 @@
#endif
#endif /* _MINGW32__ || (_MSC_VER && (_MSC_VER <= 1900)) */
+
+/**
+ * \def MBEDTLS_USE_PSA_CRYPTO
+ *
+ * Make the X.509 and TLS libraries use PSA for cryptographic operations as
+ * much as possible, and enable new APIs for using keys handled by PSA Crypto.
+ *
+ * \note This is a legacy symbol which still exists for backward compatibility.
+ * Up to Mbed TLS 3.x, it was not enabled by default. Now it is always
+ * enabled, and it will eventually disappear from the code base. This
+ * is not part of the public API of TF-PSA-Crypto or of Mbed TLS >=4.0.
+ */
+#define MBEDTLS_USE_PSA_CRYPTO
+
/* Auto-enable CIPHER_C when any of the unauthenticated ciphers is builtin
* in PSA. */
#if defined(MBEDTLS_PSA_CRYPTO_C) && \