Remove legacy_or_psa.h
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/include/mbedtls/legacy_or_psa.h b/include/mbedtls/legacy_or_psa.h
deleted file mode 100644
index e9bdb77..0000000
--- a/include/mbedtls/legacy_or_psa.h
+++ /dev/null
@@ -1,215 +0,0 @@
-/**
- * Macros to express dependencies for code and tests that may use either the
- * legacy API or PSA in various builds. This whole header file is currently
- * for internal use only and both the header file and the macros it defines
- * may change or be removed without notice.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/*
- * Note: applications that are targeting a specific configuration do not need
- * to use these macros; instead they should directly use the functions they
- * know are available in their configuration.
- *
- * Note: code that is purely based on PSA Crypto (psa_xxx() functions)
- * does not need to use these macros; instead it should use the relevant
- * PSA_WANT_xxx macros.
- *
- * Note: code that is purely based on the legacy crypto APIs (mbedtls_xxx())
- * does not need to use these macros; instead it should use the relevant
- * MBEDTLS_xxx macros.
- *
- * These macros are for code that wants to use <crypto feature> and will do so
- * using <legacy API> or PSA depending on <condition>, where:
- * - <crypto feature> will generally be an algorithm (SHA-256, ECDH) but may
- * also be a key type (AES, RSA, EC) or domain parameters (elliptic curve);
- * - <legacy API> will be either:
- * - low-level module API (aes.h, sha256.h), or
- * - an abstraction layer (md.h, cipher.h);
- * - <condition> will be either:
- * - depending on what's available in the build:
- * legacy API used if available, PSA otherwise
- * (this is done to ensure backwards compatibility); or
- * - depending on whether MBEDTLS_USE_PSA_CRYPTO is defined.
- *
- * Examples:
- * - TLS 1.2 will compute hashes using either mbedtls_md_xxx() (and
- * mbedtls_sha256_xxx()) or psa_aead_xxx() depending on whether
- * MBEDTLS_USE_PSA_CRYPTO is defined;
- * - RSA PKCS#1 v2.1 will compute hashes (for padding) using either
- * `mbedtls_md()` if it's available, or `psa_hash_compute()` otherwise;
- * - PEM decoding of PEM-encrypted keys will compute MD5 hashes using either
- * `mbedtls_md5_xxx()` if it's available, or `psa_hash_xxx()` otherwise.
- *
- * Note: the macros are essential to express test dependencies. Inside code,
- * we could instead just use the equivalent pre-processor condition, but
- * that's not possible in test dependencies where we need a single macro.
- * Hopefully, using these macros in code will also help with consistency.
- *
- * The naming scheme for these macros is:
- * MBEDTLS_HAS_feature_VIA_legacy_OR_PSA(_condition)
- * where:
- * - feature is expressed the same way as in PSA_WANT_xxx macros, for example:
- * KEY_TYPE_AES, ALG_SHA_256, ECC_SECP_R1_256;
- * - legacy is either LOWLEVEL or the name of the layer: MD, CIPHER;
- * - condition is omitted if it's based on availability, else it's
- * BASED_ON_USE_PSA.
- *
- * Coming back to the examples above:
- * - TLS 1.2 will determine if it can use SHA-256 using
- * MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
- * for the purposes of negotiation, and in test dependencies;
- * - RSA PKCS#1 v2.1 tests that used SHA-256 will depend on
- * MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
- * - PEM decoding code and its associated tests will depend on
- * MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
- *
- * Note: every time it's possible to use, say SHA-256, via the MD API, then
- * it's also possible to use it via the low-level API. So, code that wants to
- * use SHA-256 via both APIs only needs to depend on the MD macro. Also, it
- * just so happens that all the code choosing which API to use based on
- * MBEDTLS_USE_PSA_CRYPTO (X.509, TLS 1.2/shared), always uses the abstraction
- * layer (sometimes in addition to the low-level API), so we don't need the
- * MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA_BASED_ON_USE_PSA macros.
- * (PK, while obeying MBEDTLS_USE_PSA_CRYPTO, doesn't compute hashes itself,
- * even less makes use of ciphers.)
- *
- * Note: the macros MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA are the minimal
- * condition for being able to use <feature> at all. As such, they should be
- * used for guarding data about <feature>, such as OIDs or size. For example,
- * OID values related to SHA-256 are only useful when SHA-256 can be used at
- * least in some way.
- */
-
-#ifndef MBEDTLS_OR_PSA_HELPERS_H
-#define MBEDTLS_OR_PSA_HELPERS_H
-
-#include "mbedtls/build_info.h"
-#if defined(MBEDTLS_PSA_CRYPTO_C)
-#include "psa/crypto.h"
-#endif /* MBEDTLS_PSA_CRYPTO_C */
-
-/*
- * Hashes
- */
-
-/* Hashes using low-level or PSA based on availability */
-#if defined(MBEDTLS_MD5_C) || \
- (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5))
-#define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_RIPEMD160_C) || \
- (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160))
-#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA1_C) || \
- (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1))
-#define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA224_C) || \
- (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224))
-#define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA256_C) || \
- (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256))
-#define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA384_C) || \
- (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384))
-#define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA512_C) || \
- (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512))
-#define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
-#endif
-
-/* Hashes using MD or PSA based on availability */
-#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \
- (!defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5))
-#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA
-#endif
-#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \
- (!defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160))
-#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA
-#endif
-#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \
- (!defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1))
-#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA
-#endif
-#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \
- (!defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224))
-#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA
-#endif
-#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \
- (!defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256))
-#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
-#endif
-#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \
- (!defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384))
-#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
-#endif
-#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \
- (!defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512))
-#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA
-#endif
-
-/* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */
-#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5))
-#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160))
-#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1))
-#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224))
-#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256))
-#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384))
-#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \
- (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512))
-#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-
-#endif /* MBEDTLS_OR_PSA_HELPERS_H */
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index a424ada..d739237 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -24,7 +24,6 @@
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
-#include "mbedtls/legacy_or_psa.h"
#include "mbedtls/x509.h"
#include "mbedtls/x509_crl.h"
diff --git a/library/hash_info.c b/library/hash_info.c
index dbd021e..37e44c6 100644
--- a/library/hash_info.c
+++ b/library/hash_info.c
@@ -21,7 +21,6 @@
*/
#include "hash_info.h"
-#include "mbedtls/legacy_or_psa.h"
#include "mbedtls/error.h"
typedef struct {
diff --git a/library/oid.c b/library/oid.c
index 3852ed0..622e793 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -28,8 +28,6 @@
#include "mbedtls/error.h"
#include "mbedtls/pk.h"
-#include "mbedtls/legacy_or_psa.h"
-
#include <stdio.h>
#include <string.h>
diff --git a/library/pem.c b/library/pem.c
index b9d6855..8c8f39d 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -39,8 +39,6 @@
#include "psa/crypto.h"
#endif
-#include "mbedtls/legacy_or_psa.h"
-
#if defined(MBEDTLS_MD_CAN_MD5) && \
defined(MBEDTLS_CIPHER_MODE_CBC) && \
(defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C))
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index cc849f1..6fbbe21 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -29,8 +29,6 @@
#include "mbedtls/ssl.h"
#include "ssl_misc.h"
-#include "mbedtls/legacy_or_psa.h"
-
#include <string.h>
/*
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 82b7ea3..ba25389 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -33,8 +33,6 @@
#include "mbedtls/platform_util.h"
#include "mbedtls/constant_time.h"
-#include "mbedtls/legacy_or_psa.h"
-
#include <string.h>
#if defined(MBEDTLS_USE_PSA_CRYPTO)
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index ab14a79..f53e9ec 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -32,7 +32,6 @@
#include "mbedtls/psa_util.h"
#include "hash_info.h"
#endif
-#include "mbedtls/legacy_or_psa.h"
#if defined(MBEDTLS_MD_CAN_MD5)
#include "mbedtls/md5.h"
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 1f9182a..a9c7005 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -44,7 +44,6 @@
#include "mbedtls/psa_util.h"
#include "psa/crypto.h"
#endif
-#include "mbedtls/legacy_or_psa.h"
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#include "mbedtls/oid.h"
diff --git a/library/x509.c b/library/x509.c
index f20b3cf..6f88f3f 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -53,8 +53,6 @@
#include <time.h>
#endif
-#include "mbedtls/legacy_or_psa.h"
-
#define CHECK(code) if ((ret = (code)) != 0) { return ret; }
#define CHECK_RANGE(min, max, val) \
do \
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 46ae43f..70d7e93 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -46,7 +46,6 @@
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#include "hash_info.h"
-#include "mbedtls/legacy_or_psa.h"
void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx)
{
diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c
index 584ba10..cdd69c0 100644
--- a/programs/fuzz/fuzz_dtlsserver.c
+++ b/programs/fuzz/fuzz_dtlsserver.c
@@ -11,7 +11,6 @@
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/timing.h"
#include "mbedtls/ssl_cookie.h"
-#include "mbedtls/legacy_or_psa.h"
#if defined(MBEDTLS_SSL_SRV_C) && \
defined(MBEDTLS_ENTROPY_C) && \
diff --git a/tests/src/certs.c b/tests/src/certs.c
index 9e67a04..8b6b988 100644
--- a/tests/src/certs.c
+++ b/tests/src/certs.c
@@ -23,8 +23,6 @@
#include "mbedtls/build_info.h"
-#include "mbedtls/legacy_or_psa.h"
-
#include "mbedtls/pk.h"
/*
diff --git a/tests/suites/test_suite_constant_time_hmac.function b/tests/suites/test_suite_constant_time_hmac.function
index 8ba6ff4..985d482 100644
--- a/tests/suites/test_suite_constant_time_hmac.function
+++ b/tests/suites/test_suite_constant_time_hmac.function
@@ -1,7 +1,6 @@
/* BEGIN_HEADER */
#include <mbedtls/constant_time.h>
-#include <mbedtls/legacy_or_psa.h>
#include <mbedtls/md.h>
#include <constant_time_internal.h>
#include <hash_info.h>
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index dad4a53..da91f44 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -1,7 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/debug.h"
#include "string.h"
-#include "mbedtls/legacy_or_psa.h"
#include "mbedtls/pk.h"
struct buffer_data {
diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function
index 2c82866..177e09a 100644
--- a/tests/suites/test_suite_ecjpake.function
+++ b/tests/suites/test_suite_ecjpake.function
@@ -1,6 +1,5 @@
/* BEGIN_HEADER */
#include "mbedtls/ecjpake.h"
-#include "mbedtls/legacy_or_psa.h"
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_MD_CAN_SHA256)
static const unsigned char ecjpake_test_x1[] = {
diff --git a/tests/suites/test_suite_oid.function b/tests/suites/test_suite_oid.function
index 5fbc9b5..68b769f 100644
--- a/tests/suites/test_suite_oid.function
+++ b/tests/suites/test_suite_oid.function
@@ -3,7 +3,6 @@
#include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h"
#include "string.h"
-#include "mbedtls/legacy_or_psa.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function
index 9546614..918eae5 100644
--- a/tests/suites/test_suite_pem.function
+++ b/tests/suites/test_suite_pem.function
@@ -3,8 +3,6 @@
#include "mbedtls/pem.h"
#include "mbedtls/des.h"
#include "mbedtls/aes.h"
-#include "mbedtls/legacy_or_psa.h"
-
/* END_HEADER */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index db49f5d..2caa65f 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -8,7 +8,6 @@
#include "mbedtls/rsa.h"
#include "hash_info.h"
-#include "mbedtls/legacy_or_psa.h"
#include <limits.h>
#include <stdint.h>
diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function
index 65722d0..3ac1a77 100644
--- a/tests/suites/test_suite_pkcs12.function
+++ b/tests/suites/test_suite_pkcs12.function
@@ -2,8 +2,6 @@
#include "mbedtls/pkcs12.h"
#include "common.h"
-#include "mbedtls/legacy_or_psa.h"
-
typedef enum {
USE_NULL_INPUT = 0,
USE_GIVEN_INPUT = 1,
diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function
index 09daeb6..7113274 100644
--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@@ -1,8 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/rsa.h"
#include "mbedtls/md.h"
-
-#include "mbedtls/legacy_or_psa.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function
index 2eece0a..c803f97 100644
--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@@ -1,6 +1,5 @@
/* BEGIN_HEADER */
#include "mbedtls/rsa.h"
-#include "mbedtls/legacy_or_psa.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function
index ef48f1e..9f99586 100644
--- a/tests/suites/test_suite_pkcs5.function
+++ b/tests/suites/test_suite_pkcs5.function
@@ -1,6 +1,5 @@
/* BEGIN_HEADER */
#include "mbedtls/pkcs5.h"
-#include "mbedtls/legacy_or_psa.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function
index 0a275b5..1a6858f 100644
--- a/tests/suites/test_suite_pkparse.function
+++ b/tests/suites/test_suite_pkparse.function
@@ -3,7 +3,6 @@
#include "mbedtls/pem.h"
#include "mbedtls/oid.h"
#include "mbedtls/ecp.h"
-#include "mbedtls/legacy_or_psa.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 41a3237..cd8a7b5 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -25,7 +25,6 @@
#else
#define TEST_DRIVER_LOCATION 0x7fffff
#endif
-#include "mbedtls/legacy_or_psa.h"
/* If this comes up, it's a bug in the test code or in the test data. */
#define UNUSED 0xdeadbeef
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 96fc59b..37bed6d 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -1,8 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/rsa.h"
#include "rsa_alt_helpers.h"
-
-#include "mbedtls/legacy_or_psa.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 3ecd6c3..e87aa35 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -7,7 +7,6 @@
#include <ssl_tls13_invasive.h>
#include <test/ssl_helpers.h>
-#include <mbedtls/legacy_or_psa.h>
#include "hash_info.h"
#include <constant_time_internal.h>
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index f347374..ed1dcaf 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -11,8 +11,6 @@
#include "mbedtls/pk.h"
#include "string.h"
-#include "mbedtls/legacy_or_psa.h"
-
#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19
#error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \
than the current threshold 19. To test larger values, please \
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 798863e..0e4062e 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -9,7 +9,6 @@
#include "mbedtls/pk.h"
#include "hash_info.h"
-#include "mbedtls/legacy_or_psa.h"
#if defined(MBEDTLS_RSA_C)
int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen,