https://devzone.nordicsemi.com/f/nordic-q-a/78313/cannot-use-psa-cryptography-api-with-ncs-tf-m-mbedtlsHi, I want to use TrustedFirmware-M as a secure backend for an application that uses Mbed TLS in the non-secure domain, and this seems to be artificially limited - the MBEDTLS_USE_PSA_CRYPTO configuration flag is never enabled in the Mbed TLS config fileen-USTelligent Community 13Fri, 06 Aug 2021 14:05:47 GMThttps://devzone.nordicsemi.com/thread/323795?ContentTypeID=1Fri, 06 Aug 2021 14:05:47 GMT137ad170-7792-4731-bb38-c0d22fbe4515:cb8da7c8-86c3-4af0-b983-4075a59545d8Didrik Rokhaug<p>Hi,</p> <p>Our implementation enables the MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER option, which is incompatible with USE_PSA_CRYPTO.</p> <p><a href="https://github.com/nrfconnect/sdk-nrfxlib/blob/1a894638c438ce738c101b2c35894c9ffa2beb95/nrf_security/configs/nrf-config.h.template#L1256">https://github.com/nrfconnect/sdk-nrfxlib/blob/1a894638c438ce738c101b2c35894c9ffa2beb95/nrf_security/configs/nrf-config.h.template#L1256</a></p> <p>However, on the master branch, we do have a sample that shows how to do TLS with TF-M: <a href="https://github.com/nrfconnect/sdk-nrf/tree/master/samples/crypto/psa_tls">https://github.com/nrfconnect/sdk-nrf/tree/master/samples/crypto/psa_tls</a></p> <p>Best regards,</p> <p>Didrik</p><div style="clear:both;"></div>