PSA Crypto TEST App Changes,Including Wrapper keys

Aasimshaik11 · Aasimshaik11 · commit 6eac6045488b · 2025-09-10T15:33:27.000+05:30
diff --git a/soc/silabs/silabs_siwx917/Kconfig b/soc/silabs/silabs_siwx917/Kconfig
@@ -21,5 +21,9 @@ config MBEDTLS_USER_CONFIG_FILE
 	default "sl_mbedtls_config_zephyr.h" \
 		if PSA_CRYPTO_DRIVER_SILABS_SIWX91X
 
+config TEST_WRAPPED_KEYS
+    bool "wrapper keys"
+    default n
+
 endif
 endif
diff --git a/tests/crypto/psa_crypto/src/aead.c b/tests/crypto/psa_crypto/src/aead.c
@@ -7,6 +7,10 @@
 #include <zephyr/ztest.h>
 #include <psa/crypto.h>
 
+#if defined CONFIG_TEST_WRAPPED_KEYS
+#include "sl_si91x_psa_wrap.h"
+#endif
+
 const uint8_t aes_key_buf[] = {0xea, 0x4f, 0x6f, 0x3c, 0x2f, 0xed, 0x2b, 0x9d,
 			       0xd9, 0x70, 0x8c, 0x2e, 0x72, 0x1a, 0xe0, 0x0f};
 const uint8_t aes_nonce_buf[] = {0xf9, 0x75, 0x80, 0x9d, 0xdb, 0x51,
@@ -45,6 +49,7 @@ const uint8_t chachapoly_expect_cipher_tag_buf[] = {
 
 ZTEST(psa_crypto_test, test_aead_aes_ccm)
 {
+
 	const uint8_t expect_cipher_tag_buf[] = {
 		0xe2, 0x2f, 0x37, 0x3b, 0xeb, 0xf6, 0x4a, 0x3e, 0x9b, 0x87, 0x75, 0x2b, 0xf9,
 		0xdb, 0x34, 0xdc, 0x4d, 0x43, 0x3f, 0x00, 0xf5, 0x5c, 0x3f, 0x53, 0x0c, 0x89,
@@ -61,16 +66,22 @@ ZTEST(psa_crypto_test, test_aead_aes_ccm)
 	psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
 	psa_set_key_algorithm(&attributes, alg);
 
+	#if defined(CONFIG_TEST_WRAPPED_KEYS) && CONFIG_TEST_WRAPPED_KEYS
+		printf("Test Wrapper keys enabled\n");
+		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+							  PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_VOLATILE_PERSISTENT_WRAP_IMPORT));
+	#endif
 	zassert_equal(psa_import_key(&attributes, aes_key_buf, sizeof(aes_key_buf), &key_id),
 		      PSA_SUCCESS, "Failed to import key");
-
+	
 	zassert_equal(psa_aead_encrypt(key_id, alg, aes_nonce_buf, sizeof(aes_nonce_buf),
 				       aes_ad_buf, sizeof(aes_ad_buf), aes_plaintext,
 				       sizeof(aes_plaintext), cipher_tag_buf,
 				       sizeof(cipher_tag_buf), &out_len),
-		      PSA_SUCCESS, "Failed to encrypt");
-
+		      PSA_SUCCESS, "Failed to perform encrypt");
+	
 	zassert_equal(out_len, sizeof(expect_cipher_tag_buf));
+
 	zassert_mem_equal(cipher_tag_buf, expect_cipher_tag_buf, sizeof(expect_cipher_tag_buf));
 
 	zassert_equal(psa_aead_decrypt(key_id, alg, aes_nonce_buf, sizeof(aes_nonce_buf),
@@ -79,13 +90,16 @@ ZTEST(psa_crypto_test, test_aead_aes_ccm)
 		      PSA_SUCCESS, "Failed to decrypt");
 
 	zassert_equal(out_len, sizeof(aes_plaintext));
+
 	zassert_mem_equal(decrypted, aes_plaintext, sizeof(aes_plaintext));
 
 	zassert_equal(psa_destroy_key(key_id), PSA_SUCCESS, "Failed to destroy key");
+
 }
 
 ZTEST(psa_crypto_test, test_aead_aes_gcm)
 {
+
 	const uint8_t expect_cipher_tag_buf[] = {
 		0x0f, 0x51, 0xf7, 0xa8, 0x3c, 0x5b, 0x5a, 0xa7, 0x96, 0xb9, 0x70, 0x25, 0x9c,
 		0xdd, 0xfe, 0x8f, 0x9a, 0x15, 0xa5, 0xc5, 0xeb, 0x48, 0x5a, 0xf5, 0x78, 0xfb,
@@ -102,16 +116,22 @@ ZTEST(psa_crypto_test, test_aead_aes_gcm)
 	psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
 	psa_set_key_algorithm(&attributes, alg);
 
+	#if defined(CONFIG_TEST_WRAPPED_KEYS) && CONFIG_TEST_WRAPPED_KEYS
+	printf("Test Wrapper keys enabled\n");
+		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+							  PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_VOLATILE_PERSISTENT_WRAP_IMPORT));
+	#endif
 	zassert_equal(psa_import_key(&attributes, aes_key_buf, sizeof(aes_key_buf), &key_id),
 		      PSA_SUCCESS, "Failed to import key");
 
 	zassert_equal(psa_aead_encrypt(key_id, alg, aes_nonce_buf, sizeof(aes_nonce_buf),
 				       aes_ad_buf, sizeof(aes_ad_buf), aes_plaintext,
 				       sizeof(aes_plaintext), cipher_tag_buf,
 				       sizeof(cipher_tag_buf), &out_len),
-		      PSA_SUCCESS, "Failed to encrypt");
-
+		      PSA_SUCCESS, "Failed to perform encrypt");
+	
 	zassert_equal(out_len, sizeof(expect_cipher_tag_buf));
+
 	zassert_mem_equal(cipher_tag_buf, expect_cipher_tag_buf, sizeof(expect_cipher_tag_buf));
 
 	zassert_equal(psa_aead_decrypt(key_id, alg, aes_nonce_buf, sizeof(aes_nonce_buf),
@@ -120,13 +140,16 @@ ZTEST(psa_crypto_test, test_aead_aes_gcm)
 		      PSA_SUCCESS, "Failed to decrypt");
 
 	zassert_equal(out_len, sizeof(aes_plaintext));
+
 	zassert_mem_equal(decrypted, aes_plaintext, sizeof(aes_plaintext));
 
 	zassert_equal(psa_destroy_key(key_id), PSA_SUCCESS, "Failed to destroy key");
+
 }
 
 ZTEST(psa_crypto_test, test_aead_chacha20_poly1305)
 {
+
 	uint8_t cipher_tag_buf[130]; /* Ciphertext + Tag */
 	uint8_t decrypted[sizeof(chachapoly_plaintext)] = {0};
 	size_t out_len;
@@ -139,29 +162,36 @@ ZTEST(psa_crypto_test, test_aead_chacha20_poly1305)
 	psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
 	psa_set_key_algorithm(&attributes, alg);
 
-	zassert_equal(psa_import_key(&attributes, chachapoly_key_buf, sizeof(chachapoly_key_buf),
-				     &key_id),
+	#if defined(CONFIG_TEST_WRAPPED_KEYS) && CONFIG_TEST_WRAPPED_KEYS
+	printf("Test Wrapper keys enabled\n");
+		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+							  PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_VOLATILE_PERSISTENT_WRAP_IMPORT));
+	#endif
+	zassert_equal(psa_import_key(&attributes, chachapoly_key_buf, sizeof(chachapoly_key_buf), &key_id),
 		      PSA_SUCCESS, "Failed to import key");
-
+	
 	zassert_equal(psa_aead_encrypt(key_id, alg, chachapoly_nonce_buf,
 				       sizeof(chachapoly_nonce_buf), chachapoly_ad_buf,
 				       sizeof(chachapoly_ad_buf), chachapoly_plaintext,
 				       sizeof(chachapoly_plaintext), cipher_tag_buf,
 				       sizeof(cipher_tag_buf), &out_len),
-		      PSA_SUCCESS, "Failed to encrypt");
-
+		      PSA_SUCCESS, "Failed to perform encrypt");
+	
 	zassert_equal(out_len, sizeof(chachapoly_expect_cipher_tag_buf));
+
 	zassert_mem_equal(cipher_tag_buf, chachapoly_expect_cipher_tag_buf,
 			  sizeof(chachapoly_expect_cipher_tag_buf));
-
+	
 	zassert_equal(psa_aead_decrypt(key_id, alg, chachapoly_nonce_buf,
 				       sizeof(chachapoly_nonce_buf), chachapoly_ad_buf,
 				       sizeof(chachapoly_ad_buf), cipher_tag_buf, out_len,
 				       decrypted, sizeof(decrypted), &out_len),
 		      PSA_SUCCESS, "Failed to decrypt");
 
 	zassert_equal(out_len, sizeof(chachapoly_plaintext));
+
 	zassert_mem_equal(decrypted, chachapoly_plaintext, sizeof(chachapoly_plaintext));
 
 	zassert_equal(psa_destroy_key(key_id), PSA_SUCCESS, "Failed to destroy key");
+
 }
diff --git a/tests/crypto/psa_crypto/src/cipher.c b/tests/crypto/psa_crypto/src/cipher.c
@@ -7,6 +7,10 @@
 #include <zephyr/ztest.h>
 #include <psa/crypto.h>
 
+#if defined CONFIG_TEST_WRAPPED_KEYS
+#include "sl_si91x_psa_wrap.h"
+#endif
+
 #include "test_vectors.h"
 
 uint8_t key_256[32] = {
@@ -40,24 +44,29 @@ ZTEST(psa_crypto_test, test_cipher_aes_cbc_256_multipart)
 	psa_set_key_algorithm(&attributes, alg);
 	psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
 	psa_set_key_bits(&attributes, 256);
-	if (IS_ENABLED(TEST_WRAPPED_KEYS)) {
+
+	#if defined(CONFIG_TEST_WRAPPED_KEYS) && CONFIG_TEST_WRAPPED_KEYS
+		printf("Test Wrapper keys enabled\n");
 		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
-							  PSA_KEY_PERSISTENCE_VOLATILE, 1));
+							  PSA_KEY_PERSISTENCE_VOLATILE, 0));
 		zassert_equal(psa_generate_key(&attributes, &key_id), PSA_SUCCESS,
 			      "Failed to generate key");
-	} else {
+	#else 
 		zassert_equal(psa_import_key(&attributes, key_256, sizeof(key_256), &key_id),
 			      PSA_SUCCESS, "Failed to import key");
-	}
+	#endif
 	psa_reset_key_attributes(&attributes);
 
 	zassert_equal(psa_cipher_encrypt_setup(&operation, key_id, alg), PSA_SUCCESS,
 		      "Failed to begin encrypt operation");
+
 	zassert_equal(psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len), PSA_SUCCESS,
 		      "Failed to generate IV");
+
 	zassert_equal(psa_cipher_update(&operation, plaintext, sizeof(plaintext), ciphertext,
 					sizeof(ciphertext), &ciphertext_len),
 		      PSA_SUCCESS, "Failed to update encrypt operation");
+
 	zassert_equal(psa_cipher_finish(&operation, ciphertext + ciphertext_len,
 					sizeof(ciphertext) - ciphertext_len, &ciphertext_len),
 		      PSA_SUCCESS, "Failed to finish encrypt operation");
@@ -69,12 +78,16 @@ ZTEST(psa_crypto_test, test_cipher_aes_cbc_256_multipart)
 
 	zassert_equal(psa_cipher_decrypt_setup(&operation, key_id, alg), PSA_SUCCESS,
 		      "Failed to begin decrypt operation");
+
 	zassert_equal(psa_cipher_set_iv(&operation, iv, sizeof(iv)), PSA_SUCCESS,
 		      "Failed to set IV");
+
 	zassert_equal(psa_cipher_update(&operation, ciphertext, sizeof(ciphertext), decrypted,
 					sizeof(decrypted), &decrypted_len),
 		      PSA_SUCCESS, "Failed to update decrypt operation");
+
 	zassert_equal(decrypted_len, sizeof(decrypted), "Decrypted length mismatch");
+
 	zassert_equal(psa_cipher_finish(&operation, decrypted + decrypted_len,
 					sizeof(decrypted) - decrypted_len, &decrypted_len),
 		      PSA_SUCCESS, "Failed to finish decrypt operation");
@@ -96,15 +109,17 @@ ZTEST(psa_crypto_test, test_cipher_aes_cbc_256_single)
 	psa_set_key_algorithm(&attributes, alg);
 	psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
 	psa_set_key_bits(&attributes, 256);
-	if (IS_ENABLED(TEST_WRAPPED_KEYS)) {
+
+	#if defined(CONFIG_TEST_WRAPPED_KEYS) && CONFIG_TEST_WRAPPED_KEYS
+		printf("Test Wrapper keys enabled\n");
 		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
-							  PSA_KEY_PERSISTENCE_VOLATILE, 1));
+							  PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_VOLATILE_PERSISTENT_WRAP_IMPORT));
 		zassert_equal(psa_generate_key(&attributes, &key_id), PSA_SUCCESS,
 			      "Failed to generate key");
-	} else {
+	#else
 		zassert_equal(psa_import_key(&attributes, key_256, sizeof(key_256), &key_id),
 			      PSA_SUCCESS, "Failed to import key");
-	}
+	#endif
 	psa_reset_key_attributes(&attributes);
 
 	zassert_equal(psa_cipher_encrypt(key_id, alg, plaintext, sizeof(plaintext),
@@ -120,17 +135,8 @@ ZTEST(psa_crypto_test, test_cipher_aes_cbc_256_single)
 		      PSA_SUCCESS, "Failed to perform one-shot decrypt operation");
 
 	zassert_equal(decrypted_len, sizeof(decrypted), "Decrypted length mismatch");
-	zassert_mem_equal(decrypted, plaintext, sizeof(plaintext));
-
-	ciphertext_buffer_256[0] += 1;
-	zassert_equal(psa_cipher_decrypt(key_id, alg, ciphertext_buffer_256, ciphertext_len,
-					 decrypted, sizeof(decrypted), &decrypted_len),
-		      PSA_SUCCESS,
-		      "Failed to perform one-shot decrypt operation with modified ciphertext");
 
-	zassert_equal(decrypted_len, sizeof(decrypted), "Decrypted length mismatch");
-	zassert(memcmp(decrypted, plaintext, sizeof(plaintext)) != 0,
-		"Decrypted modified data identical to original plaintext");
+	zassert_mem_equal(decrypted, plaintext, sizeof(plaintext));
 
 	psa_destroy_key(key_id);
 }
@@ -145,16 +151,18 @@ ZTEST(psa_crypto_test, test_cipher_aes_ecb_128_single)
 	psa_set_key_algorithm(&attributes, alg);
 	psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
 	psa_set_key_bits(&attributes, 128);
-	if (IS_ENABLED(TEST_WRAPPED_KEYS)) {
-		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
-							  PSA_KEY_PERSISTENCE_VOLATILE, 1));
 
+	#if defined(CONFIG_TEST_WRAPPED_KEYS) && CONFIG_TEST_WRAPPED_KEYS
+		printf("Test Wrapper keys enabled\n");
+		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+							  PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_VOLATILE_PERSISTENT_WRAP_IMPORT));
 		zassert_equal(psa_generate_key(&attributes, &key_id), PSA_SUCCESS,
 			      "Failed to generate key");
-	} else {
+	#else
 		zassert_equal(psa_import_key(&attributes, key_128, sizeof(key_128), &key_id),
 			      PSA_SUCCESS, "Failed to import key");
-	}
+	#endif
+
 	psa_reset_key_attributes(&attributes);
 
 	zassert_equal(psa_cipher_encrypt(key_id, alg, plaintext, sizeof(plaintext), ciphertext,
@@ -167,18 +175,10 @@ ZTEST(psa_crypto_test, test_cipher_aes_ecb_128_single)
 	zassert_equal(psa_cipher_decrypt(key_id, alg, ciphertext, ciphertext_len, decrypted,
 					 sizeof(decrypted), &decrypted_len),
 		      PSA_SUCCESS, "Failed to perform one-shot decrypt operation");
-	zassert_equal(decrypted_len, sizeof(decrypted), "Decrypted length mismatch");
-	zassert_mem_equal(decrypted, plaintext, sizeof(plaintext));
-
-	ciphertext[0] += 1;
-	zassert_equal(psa_cipher_decrypt(key_id, alg, ciphertext, ciphertext_len, decrypted,
-					 sizeof(decrypted), &decrypted_len),
-		      PSA_SUCCESS,
-		      "Failed to perform one-shot decrypt operation with modified ciphertext");
 
 	zassert_equal(decrypted_len, sizeof(decrypted), "Decrypted length mismatch");
-	zassert(memcmp(decrypted, plaintext, sizeof(plaintext)) != 0,
-		"Decrypted modified data identical to original plaintext");
+
+	zassert_mem_equal(decrypted, plaintext, sizeof(plaintext));
 
 	psa_destroy_key(key_id);
 }
@@ -194,6 +194,12 @@ ZTEST(psa_crypto_test, test_cipher_chacha20_single)
 	psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
 	psa_set_key_algorithm(&attributes, alg);
 
+	#if defined(CONFIG_TEST_WRAPPED_KEYS) && CONFIG_TEST_WRAPPED_KEYS
+		printf("Test Wrapper keys enabled\n");
+		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
+							  PSA_KEY_PERSISTENCE_VOLATILE, 0));
+	#endif
+
 	zassert_equal(psa_import_key(&attributes, key_256, sizeof(key_256), &key_id), PSA_SUCCESS,
 		      "Failed to import key");
 
@@ -209,5 +215,8 @@ ZTEST(psa_crypto_test, test_cipher_chacha20_single)
 					 sizeof(decrypted), &out_len),
 		      PSA_SUCCESS, "Failed to decrypt");
 
+	zassert(memcmp(ciphertext_buffer_256, plaintext, sizeof(plaintext)) != 0,
+		"Ciphertext identical to plaintext");
+
 	zassert_mem_equal(decrypted, plaintext, sizeof(plaintext));
 }
diff --git a/tests/crypto/psa_crypto/src/hash.c b/tests/crypto/psa_crypto/src/hash.c
@@ -22,7 +22,8 @@ ZTEST(psa_crypto_test, test_hash_sha256)
 
 	zassert_equal(psa_hash_compute(PSA_ALG_SHA_256, plaintext, sizeof(plaintext), hash_buf,
 				       sizeof(hash_buf), &hash_len),
-		      PSA_SUCCESS, "Failed to compute hash");
+		      PSA_SUCCESS, "Failed to perform hash");
+
 	zassert_equal(hash_len, sizeof(expect_sha256_hash), "Hash length mismatch");
 	zassert_mem_equal(hash_buf, expect_sha256_hash, sizeof(expect_sha256_hash),
 			  "Hash mismatch");
@@ -55,7 +56,10 @@ ZTEST(psa_crypto_test, test_hash_sha256_multipart)
 
 	zassert_equal(psa_hash_finish(&hash_op, hash_buf, sizeof(hash_buf), &hash_len), PSA_SUCCESS,
 		      "Failed to finish hash");
+
 	zassert_equal(hash_len, sizeof(expect_sha256_hash), "Hash length mismatch");
+
 	zassert_mem_equal(hash_buf, expect_sha256_hash, sizeof(expect_sha256_hash),
 			  "Hash mismatch");
+
 }
diff --git a/tests/crypto/psa_crypto/src/key_agreement.c b/tests/crypto/psa_crypto/src/key_agreement.c
@@ -7,6 +7,10 @@
 #include <zephyr/ztest.h>
 #include <psa/crypto.h>
 
+#if defined CONFIG_TEST_WRAPPED_KEYS
+#include "sl_si91x_psa_wrap.h"
+#endif
+
 static const uint8_t client_private_key[] = {
 	0xB0, 0x76, 0x51, 0xEA, 0x20, 0xF0, 0x28, 0xA8, 0x16, 0xEE, 0x01,
 	0xB0, 0xD1, 0x06, 0x2A, 0x7C, 0x81, 0x58, 0xE8, 0x84, 0xE9, 0xBC,
@@ -44,10 +48,12 @@ ZTEST(psa_crypto_test, test_key_agreement_ecdh_25519)
 	psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY));
 	psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE);
 	psa_set_key_algorithm(&attributes, PSA_ALG_ECDH);
-	if (IS_ENABLED(TEST_WRAPPED_KEYS)) {
+
+	#if defined(CONFIG_TEST_WRAPPED_KEYS) && CONFIG_TEST_WRAPPED_KEYS
+		printf("Test Wrapper keys enabled\n");
 		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
-							  PSA_KEY_PERSISTENCE_VOLATILE, 1));
-	}
+							  PSA_KEY_PERSISTENCE_VOLATILE, 0));
+	#endif
 	zassert_equal(psa_import_key(&attributes, client_private_key, sizeof(client_private_key),
 				     &key_id),
 		      PSA_SUCCESS, "Failed to import client key");
@@ -57,6 +63,7 @@ ZTEST(psa_crypto_test, test_key_agreement_ecdh_25519)
 					    sizeof(server_public_key), shared_secret_buf,
 					    sizeof(shared_secret_buf), &shared_secret_len),
 		      PSA_SUCCESS, "Failed to perform key agreement with server");
+
 	zassert_equal(psa_destroy_key(key_id), PSA_SUCCESS, "Failed to destroy client key");
 
 	/* Import server key */
@@ -66,7 +73,7 @@ ZTEST(psa_crypto_test, test_key_agreement_ecdh_25519)
 	psa_set_key_algorithm(&attributes, PSA_ALG_ECDH);
 	if (IS_ENABLED(TEST_WRAPPED_KEYS)) {
 		psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
-							  PSA_KEY_PERSISTENCE_VOLATILE, 1));
+							  PSA_KEY_PERSISTENCE_VOLATILE, 0));
 	}
 	zassert_equal(psa_import_key(&attributes, server_private_key, sizeof(server_private_key),
 				     &key_id),
@@ -77,6 +84,7 @@ ZTEST(psa_crypto_test, test_key_agreement_ecdh_25519)
 					    sizeof(client_public_key), shared_secret_buf,
 					    sizeof(shared_secret_buf), &shared_secret_len),
 		      PSA_SUCCESS, "Failed to perform key agreement with client");
+
 	zassert_equal(psa_destroy_key(key_id), PSA_SUCCESS, "Failed to destroy server key");
 
 	/* Verify shared secret */
diff --git a/tests/crypto/psa_crypto/src/sign.c b/tests/crypto/psa_crypto/src/sign.c
diff --git a/tests/crypto/psa_crypto/testcase.yaml b/tests/crypto/psa_crypto/testcase.yaml
