From caf73f885afef1e4eff3ff6d2323b62f050d7eea Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Thu, 20 Nov 2025 13:01:18 +0100
Subject: [PATCH 1/2] library: check_config: remove references to secp192
 curves

Support for these curves is being removed from tf-psa-crypto, so we need
to remove all the references also in this repo.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 library/mbedtls_check_config.h | 2 --
 1 file changed, 2 deletions(-)

diff --git a/library/mbedtls_check_config.h b/library/mbedtls_check_config.h
index 3107c11077..855e4e3674 100644
--- a/library/mbedtls_check_config.h
+++ b/library/mbedtls_check_config.h
@@ -42,9 +42,7 @@
     defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \
     defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \
     defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \
-    defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \
     defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \
-    defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \
     defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
     defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \
     defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)

From 65ec4cc771e9461b4d79a45cb9bb8a54d645ff1c Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Thu, 20 Nov 2025 13:16:59 +0100
Subject: [PATCH 2/2] tests: scripts: make enabling of secp192 curves fault
 tolerant in test_psa_crypto_without_heap

This is temporary but still required in order to have this commit merged
before the crypto#570, where these curves are really removed.
These lines will be removed in a follow-up PR once crypto#570 is merged.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 tests/scripts/components-configuration-crypto.sh | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index 637dbd0fd9..6ac6d17c6f 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -92,11 +92,13 @@ component_test_psa_crypto_without_heap() {
     scripts/config.py unset-all "^PSA_WANT_ALG_RSA_"
     # EC-JPAKE use calloc/free in PSA core
     scripts/config.py unset PSA_WANT_ALG_JPAKE
-    # Enable p192[k|r]1 curves which are disabled by default in tf-psa-crypto.
-    # This is required to get the proper test coverage otherwise there are
-    # tests in 'test_suite_psa_crypto_op_fail' that would never be executed.
-    scripts/config.py set PSA_WANT_ECC_SECP_K1_192
-    scripts/config.py set PSA_WANT_ECC_SECP_R1_192
+    # Curves p192[k|r]1 were disabled by default in TF-PSA-Crypto 1.0 so they
+    # were enabled here in order to get full test coverage. Support for these
+    # curves has completely been removed, but due to interdependency between
+    # CIs (mbedtls vs tf-psa-crypto) we still need to keep these lines here for
+    # a while. They will be removed in #10518
+    scripts/config.py set PSA_WANT_ECC_SECP_K1_192 || true
+    scripts/config.py set PSA_WANT_ECC_SECP_R1_192 || true
     scripts/config.py set TF_PSA_CRYPTO_ALLOW_REMOVED_MECHANISMS || true
 
     # Accelerate all PSA features (which are still enabled in CRYPTO_CONFIG_H).