diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 8005dcb2f..ef29b77db 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -193,15 +193,6 @@ psa_status_t mbedtls_psa_register_se_key(
 
 /**@}*/
 
-/**
- * \brief PSA random deinitialization.
- *
- * This function frees the RNG implementation used by PSA.
- *
- * This is an Mbed TLS extension.
- */
-void mbedtls_psa_random_free(void);
-
 /**
  * \brief Library deinitialization.
  *
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 6caab03e1..c90119fe4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -7327,16 +7327,14 @@ static void mbedtls_psa_random_init(mbedtls_psa_random_context_t *rng)
 
 /** Deinitialize the PSA random generator.
  */
-void mbedtls_psa_random_free(void)
+static void mbedtls_psa_random_free(mbedtls_psa_random_context_t *rng)
 {
-    if (global_data.rng_state != RNG_NOT_INITIALIZED) {
 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
-        memset(&global_data.rng, 0, sizeof(global_data.rng));
+    memset(rng, 0, sizeof(*rng));
 #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
-        mbedtls_psa_drbg_free(MBEDTLS_PSA_RANDOM_STATE);
-        global_data.rng.entropy_free(&global_data.rng.entropy);
+    mbedtls_psa_drbg_free(MBEDTLS_PSA_RANDOM_STATE);
+    rng->entropy_free(&rng->entropy);
 #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
-    }
 }
 
 /** Seed the PSA random generator.
@@ -7663,7 +7661,9 @@ psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
 void mbedtls_psa_crypto_free(void)
 {
     psa_wipe_all_key_slots();
-    mbedtls_psa_random_free();
+    if (global_data.rng_state != RNG_NOT_INITIALIZED) {
+        mbedtls_psa_random_free(&global_data.rng);
+    }
     /* Wipe all remaining data, including configuration.
      * In particular, this sets all state indicator to the value
      * indicating "uninitialized". */
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index cc530e22c..8564d352a 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -91,9 +91,7 @@ static int invalidate_psa(invalidate_method_t invalidate_method)
     }
 
     PSA_ASSERT(psa_crypto_init());
-
     ASSERT_PSA_PRISTINE();
-
     return 1;
 
 exit: