diff --git a/configure.ac b/configure.ac
index e8be4a18d..a78430fed 100644
--- a/configure.ac
+++ b/configure.ac
@@ -578,7 +578,11 @@ AC_ARG_ENABLE([harden],
 
 if test "$ENABLED_HARDEN" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING"
+    AM_CFLAGS="$AM_CFLAGS -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT"
+    if test "$ENABLED_RNG" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DWC_RSA_BLINDING"
+    fi
 else
     AM_CFLAGS="$AM_CFLAGS -DWC_NO_HARDEN"
 fi
diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
index ce7eecc8b..e6603889d 100644
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -957,9 +957,9 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
 {
     int ret;
 
-#ifndef WC_NO_RNG
     switch (padType)
     {
+#ifndef WC_NO_RNG
         case WC_RSA_PKCSV15_PAD:
             /*WOLFSSL_MSG("wolfSSL Using RSA PKCSV15 padding");*/
             ret = RsaPad(input, inputLen, pkcsBlock, pkcsBlockLen,
@@ -981,6 +981,7 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
                                                hType, mgf, saltLen, bits, heap);
             break;
     #endif
+#endif /* !WC_NO_RNG */
 
     #ifdef WC_RSA_NO_PADDING
         case WC_RSA_NO_PAD:
@@ -1003,9 +1004,6 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
             WOLFSSL_MSG("Unknown RSA Pad Type");
             ret = RSA_PAD_E;
     }
-#else
-    ret = NOT_COMPILED_IN;
-#endif
 
     /* silence warning if not used with padding scheme */
     (void)input;
diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h
index 7fa501c81..b3221b654 100644
--- a/wolfssl/wolfcrypt/random.h
+++ b/wolfssl/wolfcrypt/random.h
@@ -106,7 +106,7 @@
     #include <wolfssl/wolfcrypt/sha256.h>
 #elif defined(HAVE_WNR)
      /* allow whitewood as direct RNG source using wc_GenerateSeed directly */
-#elif defined(HAVE_INTEL_RDSEED) || defined(HAVE_INTEL_RDRAND)
+#elif defined(HAVE_INTEL_RDRAND)
     /* Intel RDRAND or RDSEED */
 #elif !defined(WC_NO_RNG)
     #error No RNG source defined!
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index b65e4dadc..4a8951252 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -1751,7 +1751,8 @@ extern void uITRON4_free(void *p) ;
 #ifndef WC_NO_HARDEN
     #if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
         (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
-        (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS))
+        (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) && \
+            !defined(WC_NO_RNG))
 
         #ifndef _MSC_VER
             #warning "For timing resistance / side-channel attack prevention consider using harden options"