Features
   * Some crypto modules that previously depended on MD or a low-level hash
     module, either unconditionally (RSA, PK, PKCS5, PKCS12, EC J-PAKE), or
     for some features (PEM for encrypted files), are now able to use PSA
     Crypto instead when the legacy API is not available. This means it is
     now possible to use all features from those modules in configurations
     where the built-in implementations of hashes are excluded and the hashes
     are only provided by PSA drivers. In these configurations, you need to
     call `psa_crypto_init()` before you call any function from those
     modules; this is not required in configurations where the built-in
     implementation is still available. Note that some crypto modules and
     features still depend on the built-in implementation of hashes:
     MBEDTLS_HKDF_C (but the PSA HKDF function do not depend on it),
     MBEDTLS_ENTROPY_C, MBEDTLS_HMAC_DRBG_C and MBEDTLS_ECDSA_DETERMINISTIC.
     In particular, for now, compiling without built-in hashes requires use
     of MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG.
   * When MBEDTLS_USE_PSA_CRYPTO is enabled, X.509, TLS 1.2 and TLS 1.3 no
     longer depend on MD. This means it is now possible to use them in
     configurations where the built-in implementations of hashes are excluded
     and the hashes are only provided by PSA drivers.