diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 9f0b13541..896235b35 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1174,6 +1174,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 75c7ea8a5..959b9ecc4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -787,16 +787,25 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
         {
             mbedtls_pk_context pk;
             int ret;
-            mbedtls_pk_init( &pk );
             if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
             {
+#if defined(MBEDTLS_RSA_C)
+                mbedtls_pk_init( &pk );
                 pk.pk_info = &mbedtls_rsa_info;
                 pk.pk_ctx = slot->data.rsa;
+#else
+                return( PSA_ERROR_NOT_SUPPORTED );
+#endif
             }
             else
             {
+#if defined(MBEDTLS_ECP_C)
+                mbedtls_pk_init( &pk );
                 pk.pk_info = &mbedtls_eckey_info;
                 pk.pk_ctx = slot->data.ecp;
+#else
+                return( PSA_ERROR_NOT_SUPPORTED );
+#endif
             }
             if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
                 ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );