diff --git a/Makefile b/Makefile
index 2b6857b5b..6e0e584ce 100644
--- a/Makefile
+++ b/Makefile
@@ -882,6 +882,10 @@ else
 	CRYPTO_SUPPORT := 0
 endif #($(MEASURED_BOOT)-$(TRUSTED_BOARD_BOOT))
 
+ifneq ($(filter 1 2 3,$(CRYPTO_SUPPORT)),)
+CRYPTO_LIB := $(BUILD_PLAT)/lib/libmbedtls.a
+endif
+
 # SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled.
 ifeq ($(SDEI_SUPPORT)-$(SDEI_IN_FCONF),0-1)
         $(error "SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled")
@@ -1756,8 +1760,8 @@ else
 	$(q)set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL))
 endif #(UNIX_MK)
 
-$(BUILD_PLAT)/romlib/romlib.bin $(BUILD_PLAT)/lib/libwrappers.a $&: $(BUILD_PLAT)/lib/libmbedtls.a $(BUILD_PLAT)/lib/libfdt.a $(BUILD_PLAT)/lib/libc.a
-	$(q)${MAKE} PLAT_DIR=${PLAT_DIR} BUILD_PLAT=${BUILD_PLAT} ENABLE_BTI=${ENABLE_BTI} ARM_ARCH_MINOR=${ARM_ARCH_MINOR} INCLUDES=$(call escape-shell,$(INCLUDES)) DEFINES=$(call escape-shell,$(DEFINES)) --no-print-directory -C ${ROMLIBPATH} all
+$(BUILD_PLAT)/romlib/romlib.bin $(BUILD_PLAT)/lib/libwrappers.a $&: $(BUILD_PLAT)/lib/libfdt.a $(BUILD_PLAT)/lib/libc.a $(CRYPTO_LIB)
+	$(q)${MAKE} PLAT_DIR=${PLAT_DIR} BUILD_PLAT=${BUILD_PLAT} ENABLE_BTI=${ENABLE_BTI} CRYPTO_SUPPORT=${CRYPTO_SUPPORT} ARM_ARCH_MINOR=${ARM_ARCH_MINOR} INCLUDES=$(call escape-shell,$(INCLUDES)) DEFINES=$(call escape-shell,$(DEFINES)) --no-print-directory -C ${ROMLIBPATH} all
 
 memmap: all
 ifdef UNIX_MK
diff --git a/lib/romlib/Makefile b/lib/romlib/Makefile
index bc31a2f3b..01a039567 100644
--- a/lib/romlib/Makefile
+++ b/lib/romlib/Makefile
@@ -12,17 +12,26 @@ ROMLIB_GEN  = ./romlib_generator.py
 BUILD_DIR   = $(BUILD_PLAT)/romlib
 LIB_DIR     = $(BUILD_PLAT)/lib
 WRAPPER_DIR = $(BUILD_PLAT)/libwrapper
-LIBS        = $(LIB_DIR)/libmbedtls.a $(LIB_DIR)/libfdt.a $(LIB_DIR)/libc.a
+LIBS        = $(LIB_DIR)/libfdt.a $(LIB_DIR)/libc.a
 INC         = $(INCLUDES:-I%=-I../../%)
 PPFLAGS     = $(INC) $(DEFINES) -P -x assembler-with-cpp -D__LINKER__ -MD -MP -MT $(BUILD_DIR)/romlib.ld
 OBJS        = $(BUILD_DIR)/jmptbl.o $(BUILD_DIR)/init.o
 MAPFILE     = $(BUILD_PLAT)/romlib/romlib.map
 
-ifneq ($(PLAT_DIR),)
-        WRAPPER_SOURCES = $(sort $(shell $(ROMLIB_GEN) genwrappers -b $\
-                $(WRAPPER_DIR) --list ../../$(PLAT_DIR)/jmptbl.i))
+PROCESSED_JMPTBL = ../../$(PLAT_DIR)/jmptbl.i
 
-        WRAPPER_OBJS = $(WRAPPER_SOURCES:.s=.o)
+# Determine if mbedtls is needed
+ifneq ($(filter $(CRYPTO_SUPPORT),1 2 3),)
+    PROCESSED_JMPTBL = $(BUILD_DIR)/jmptbl_processed.i
+    $(shell mkdir -p $(BUILD_DIR) && cat ../../$(PLAT_DIR)/jmptbl.i ../../$(PLAT_DIR)/jmptbl_mbedtls.i > $(BUILD_DIR)/jmptbl_processed.i)
+    LIBS += $(LIB_DIR)/libmbedtls.a
+endif
+
+ifneq ($(PLAT_DIR),)
+    # Generate wrapper sources and objects
+    WRAPPER_SOURCES = $(sort $(shell $(ROMLIB_GEN) genwrappers -b $\
+                $(WRAPPER_DIR) --list $(PROCESSED_JMPTBL)))
+    WRAPPER_OBJS = $(WRAPPER_SOURCES:.s=.o)
 endif
 
 LDFLAGS := -Wl,--gc-sections -nostdlib
@@ -69,21 +78,21 @@ $(LIB_DIR)/libwrappers.a: $(WRAPPER_DIR)/jmpvar.o $(WRAPPER_OBJS) | $$(@D)/
 	$(s)echo "  AR      $@"
 	$(q)$(aarch64-ar) -rc $@ $(WRAPPER_DIR)/jmpvar.o $(WRAPPER_OBJS)
 
-$(BUILD_DIR)/jmptbl.i: ../../$(PLAT_DIR)/jmptbl.i | $$(@D)/
+$(BUILD_DIR)/jmptbl.i: $(PROCESSED_JMPTBL) | $$(@D)/
 	$(s)echo "  PRE     $@"
 	$(q)$(ROMLIB_GEN) pre --output $@ --deps $(BUILD_DIR)/jmptbl.d $<
 
-$(WRAPPER_SOURCES) $&: $(BUILD_DIR)/jmptbl.i | $$(@D)/
+$(WRAPPER_SOURCES) $&: $(PROCESSED_JMPTBL) | $$(@D)/
 	$(s)echo "  WRP     $<"
 	$(q)$(ROMLIB_GEN) genwrappers --bti=$(ENABLE_BTI) -b $(WRAPPER_DIR) $<
 
 $(WRAPPER_OBJS): $(WRAPPER_DIR)/%.o: $(WRAPPER_DIR)/%.s | $$(@D)/
 
-$(BUILD_DIR)/jmptbl.s: $(BUILD_DIR)/jmptbl.i | $$(@D)/
+$(BUILD_DIR)/jmptbl.s: $(PROCESSED_JMPTBL) | $$(@D)/
 	$(s)echo "  TBL     $@"
 	$(q)$(ROMLIB_GEN) gentbl --output $@ --bti=$(ENABLE_BTI) $<
 
-$(BUILD_DIR)/romlib.ldflags: ../../$(PLAT_DIR)/jmptbl.i | $$(@D)/
+$(BUILD_DIR)/romlib.ldflags: $(PROCESSED_JMPTBL) | $$(@D)/
 	$(s)echo "  LDFLAGS $@"
 	$(q)$(ROMLIB_GEN) link-flags $< > $@
 
diff --git a/plat/arm/board/fvp/jmptbl.i b/plat/arm/board/fvp/jmptbl.i
index 077283e47..a23de733d 100644
--- a/plat/arm/board/fvp/jmptbl.i
+++ b/plat/arm/board/fvp/jmptbl.i
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2018-2023, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@@ -37,28 +37,5 @@ fdt     fdt_get_name
 fdt     fdt_get_alias
 fdt     fdt_node_offset_by_phandle
 fdt     fdt_add_subnode
-mbedtls mbedtls_asn1_get_alg
-mbedtls mbedtls_asn1_get_alg_null
-mbedtls mbedtls_asn1_get_bitstring_null
-mbedtls mbedtls_asn1_get_bool
-mbedtls mbedtls_asn1_get_int
-mbedtls mbedtls_asn1_get_len
-mbedtls mbedtls_asn1_get_tag
-mbedtls mbedtls_free
-mbedtls mbedtls_md
-mbedtls mbedtls_md_get_size
-mbedtls mbedtls_memory_buffer_alloc_init
-mbedtls mbedtls_oid_get_md_alg
-mbedtls mbedtls_oid_get_numeric_string
-mbedtls mbedtls_oid_get_pk_alg
-mbedtls mbedtls_oid_get_sig_alg
-mbedtls mbedtls_pk_free
-mbedtls mbedtls_pk_init
-mbedtls mbedtls_pk_parse_subpubkey
-mbedtls mbedtls_pk_verify_ext
-mbedtls mbedtls_platform_set_snprintf
-mbedtls mbedtls_x509_get_rsassa_pss_params
-mbedtls mbedtls_x509_get_sig_alg
-mbedtls mbedtls_md_info_from_type
 c       exit
 c       atexit
diff --git a/plat/arm/board/fvp/jmptbl_mbedtls.i b/plat/arm/board/fvp/jmptbl_mbedtls.i
new file mode 100644
index 000000000..6e1f01734
--- /dev/null
+++ b/plat/arm/board/fvp/jmptbl_mbedtls.i
@@ -0,0 +1,38 @@
+#
+# Copyright (c) 2024, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+# Platform-specific ROMLIB MbedTLS functions can be added here.
+# During the build process, this file is appended to jmptbl.i
+# if MbedTLS support is required.
+#
+# Format:
+# lib   function        [patch]
+# Example:
+# mbedtls mbedtls_asn1_get_alg
+# mbedtls mbedtls_asn1_get_alg_null patch
+
+mbedtls mbedtls_asn1_get_alg
+mbedtls mbedtls_asn1_get_alg_null
+mbedtls mbedtls_asn1_get_bitstring_null
+mbedtls mbedtls_asn1_get_bool
+mbedtls mbedtls_asn1_get_int
+mbedtls mbedtls_asn1_get_len
+mbedtls mbedtls_asn1_get_tag
+mbedtls mbedtls_free
+mbedtls mbedtls_md
+mbedtls mbedtls_md_get_size
+mbedtls mbedtls_memory_buffer_alloc_init
+mbedtls mbedtls_oid_get_md_alg
+mbedtls mbedtls_oid_get_numeric_string
+mbedtls mbedtls_oid_get_pk_alg
+mbedtls mbedtls_oid_get_sig_alg
+mbedtls mbedtls_pk_free
+mbedtls mbedtls_pk_init
+mbedtls mbedtls_pk_parse_subpubkey
+mbedtls mbedtls_pk_verify_ext
+mbedtls mbedtls_platform_set_snprintf
+mbedtls mbedtls_x509_get_rsassa_pss_params
+mbedtls mbedtls_x509_get_sig_alg
+mbedtls mbedtls_md_info_from_type
diff --git a/plat/arm/board/juno/jmptbl.i b/plat/arm/board/juno/jmptbl.i
index 327a3455d..a62661d18 100644
--- a/plat/arm/board/juno/jmptbl.i
+++ b/plat/arm/board/juno/jmptbl.i
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@@ -36,28 +36,5 @@ fdt     fdt_get_alias
 fdt     fdt_node_offset_by_phandle
 fdt     fdt_subnode_offset
 fdt     fdt_add_subnode
-mbedtls mbedtls_asn1_get_alg
-mbedtls mbedtls_asn1_get_alg_null
-mbedtls mbedtls_asn1_get_bitstring_null
-mbedtls mbedtls_asn1_get_bool
-mbedtls mbedtls_asn1_get_int
-mbedtls mbedtls_asn1_get_len
-mbedtls mbedtls_asn1_get_tag
-mbedtls mbedtls_free
-mbedtls mbedtls_md
-mbedtls mbedtls_md_get_size
-mbedtls mbedtls_memory_buffer_alloc_init
-mbedtls mbedtls_oid_get_md_alg
-mbedtls mbedtls_oid_get_numeric_string
-mbedtls mbedtls_oid_get_pk_alg
-mbedtls mbedtls_oid_get_sig_alg
-mbedtls mbedtls_pk_free
-mbedtls mbedtls_pk_init
-mbedtls mbedtls_pk_parse_subpubkey
-mbedtls mbedtls_pk_verify_ext
-mbedtls mbedtls_platform_set_snprintf
-mbedtls mbedtls_x509_get_rsassa_pss_params
-mbedtls mbedtls_x509_get_sig_alg
-mbedtls mbedtls_md_info_from_type
 c       exit
 c       atexit
diff --git a/plat/arm/board/juno/jmptbl_mbedtls.i b/plat/arm/board/juno/jmptbl_mbedtls.i
new file mode 100644
index 000000000..6e1f01734
--- /dev/null
+++ b/plat/arm/board/juno/jmptbl_mbedtls.i
@@ -0,0 +1,38 @@
+#
+# Copyright (c) 2024, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+# Platform-specific ROMLIB MbedTLS functions can be added here.
+# During the build process, this file is appended to jmptbl.i
+# if MbedTLS support is required.
+#
+# Format:
+# lib   function        [patch]
+# Example:
+# mbedtls mbedtls_asn1_get_alg
+# mbedtls mbedtls_asn1_get_alg_null patch
+
+mbedtls mbedtls_asn1_get_alg
+mbedtls mbedtls_asn1_get_alg_null
+mbedtls mbedtls_asn1_get_bitstring_null
+mbedtls mbedtls_asn1_get_bool
+mbedtls mbedtls_asn1_get_int
+mbedtls mbedtls_asn1_get_len
+mbedtls mbedtls_asn1_get_tag
+mbedtls mbedtls_free
+mbedtls mbedtls_md
+mbedtls mbedtls_md_get_size
+mbedtls mbedtls_memory_buffer_alloc_init
+mbedtls mbedtls_oid_get_md_alg
+mbedtls mbedtls_oid_get_numeric_string
+mbedtls mbedtls_oid_get_pk_alg
+mbedtls mbedtls_oid_get_sig_alg
+mbedtls mbedtls_pk_free
+mbedtls mbedtls_pk_init
+mbedtls mbedtls_pk_parse_subpubkey
+mbedtls mbedtls_pk_verify_ext
+mbedtls mbedtls_platform_set_snprintf
+mbedtls mbedtls_x509_get_rsassa_pss_params
+mbedtls mbedtls_x509_get_sig_alg
+mbedtls mbedtls_md_info_from_type