Support latest LTS (2.28.0 ) release of mbedts

[nullr0ute]

The #88 commit moved to mbedtls 3.0 but it seems MbedTLS has made 2.28.x the new LTS release.

It would be good to be able to support that in the psa-crypto and allow distros to build against their supported version of MBedTLS so that when there's CVEs in MBedTLS the psa-crypto pieces aren't affected and can just consume the distro updates directly.

[ionut-arm]

Hi @nullr0ute !

The psa-crypto-sys crate can work with 2.28.x without any issues (at least from my checks) if you specify the MbedTLS include and lib directories as environment variables. The version that we have in the vendor submodule is used as a fallback if the library isn't available locally, and thus we need to link to it statically. Dynamic linking is only possible by setting MBEDTLS_LIB_DIR and MBEDTLS_INCLUDE_DIR. This applies to Parsec service builds as well.

If you'd like, we can also add some checks on the CI against 2.28.x of MbedTLS, either here or in the Parsec service.