crypto: Allow for MBEDTLS_FORCE_LEGACY_MD/_CIPHER

-This adds Kconfis that can be used to signal that legacy MD/CIPHER
 functionality must be used even though MBEDTLS_PSA_CRYPTO_CLIENT is
 set. This is done to allow TF-M miminmal configuration to work
 (as it doesn't enable anything other than RNG). The real solution
 is to port to use PSA crypto APIs, so these configurations can be
 removed

Signed-off-by: Frank Audun Kvamtrø <[email protected]>

subsys/nrf_security/Kconfig.legacy

@@ -819,6 +819,20 @@ config MBEDTLS_512_SMALLER
 
 endmenu # SHA - Secure Hash Algorithm
 
+config MBEDTLS_FORCE_LEGACY_MD
+	bool
+	prompt "Force using legacy crypto for MD"
+	default y if BUILD_WITH_TFM && TFM_PROFILE_TYPE_MINIMAL
+	help
+	  Should only be used when TF-M MINIMAL profile is used
+
+config MBEDTLS_FORCE_LEGACY_CIPHER
+	bool
+	prompt "Force using legacy crypto for cipher"
+	default y if BUILD_WITH_TFM && TFM_PROFILE_TYPE_MINIMAL
+	help
+	  Should only be used when TF-M MINIMAL profile is used
+
 endif #MBEDTLS_LEGACY_CRYPTO_C
 
 config MBEDTLS_CIPHER_C
@@ -870,4 +884,5 @@ config MBEDTLS_PEM_WRITE_C
 	prompt "Support writing PEM files"
 	depends on MBEDTLS_BASE64_C
 
+
 endmenu # Legacy mbed TLS crypto APIs