https://devzone.nordicsemi.com/f/nordic-q-a/82726/persistent-keys-on-psa-crypto-h-with-tfmHi all, I wonder how to use persistent keys with TFM. Or why persistence works only with ECC Following code works on secure side and keys are persisted just fine. When compiling as &quot;_ns&quot; and using TFM, only ECC persistent keys function returnsen-USTelligent Community 13Mon, 03 Jan 2022 08:44:09 GMThttps://devzone.nordicsemi.com/thread/345586?ContentTypeID=1Mon, 03 Jan 2022 08:44:09 GMT137ad170-7792-4731-bb38-c0d22fbe4515:2471e74b-5e90-4a2a-b60b-87df1c469bf3Einar Thorsrud<p>Hi,</p> <p>I am sorry for the delay.</p> <p>The problem with this is that ITS is not configured to store such large keys. The persistent keys are stored in the ITS storage and the largest possible asset stored is dependent on the configuration here: <a href="https://github.com/nrfconnect/sdk-trusted-firmware-m/blob/336ef5f18546bea384fac0dcf3349ebf5125b885/trusted-firmware-m/config/config_default.cmake#L113">ITS_MAX_ASSET_SIZE</a>.&nbsp;Even though this value seems big enough for the requested RSA key it is not. There is storage overhead added by the PSA APIs which increase the size of the key substantially. Increasing this configuration though will eventually result to the success of of the operation.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/343675?ContentTypeID=1Wed, 15 Dec 2021 14:01:22 GMT137ad170-7792-4731-bb38-c0d22fbe4515:434128df-42d4-42fc-9c88-40564dfa0cd7Einar Thorsrud<p>Hi,</p> <p>I see the same as you, but I did not get to the bottom of this today. I will continue to look into it, though.</p> <p>(Note that TF-M is still experimental, and there are some issues with it. At the same time, the SPM does not provide this features (it provides virtually no crypto related features at all, except RNG), so TF-M is never-the-less the way to go.)</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/343403?ContentTypeID=1Tue, 14 Dec 2021 13:00:51 GMT137ad170-7792-4731-bb38-c0d22fbe4515:1f15c751-83df-44d0-ae78-4b373f5ffdc3hk1234<p>v1.7.1</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/343402?ContentTypeID=1Tue, 14 Dec 2021 12:58:19 GMT137ad170-7792-4731-bb38-c0d22fbe4515:133c02c4-1552-4661-a434-b64051d8ae93Einar Thorsrud<p>Hi,</p> <p>Any key type can be stored with PSA ITS, and that should be the case also when using TF-M (see <a href="https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/samples/crypto/persistent_key_usage/README.html">Crypto: Persistent key storage sample</a>). Which nRF Connect SDK version are you using?</p><div style="clear:both;"></div>