diff --git a/library/pkwrite.c b/library/pkwrite.c
index d135060e4..dcd3263b2 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -168,11 +168,11 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
     if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE )
     {
         size_t buffer_size = *p - start;
-        psa_key_slot_t* key_slot = ( psa_key_slot_t* ) key->pk_ctx;
+        psa_key_slot_t* key_slot = (psa_key_slot_t*) key->pk_ctx;
         if ( psa_export_public_key( *key_slot, start, buffer_size, &len )
              != PSA_SUCCESS )
         {
-            return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
         }
         else
         {
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index c932c6816..40964258b 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -43,7 +43,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_EC
 x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
 
 Certificate Request check opaque Server5 ECDSA, key_usage
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
 
 Certificate write check Server1 SHA1
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index f1aeaa0c6..8fe3b841d 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -45,12 +45,17 @@ static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen )
 
     md_info = mbedtls_md_info_from_type( csr.sig_md );
     if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 )
-        return ( MBEDTLS_ERR_X509_BAD_INPUT_DATA );/* Note: this can't happen except after an internal error */
+    {
+        /* Note: this can't happen except after an internal error */
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+    }
 
     if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk,
                        csr.sig_md, hash, mbedtls_md_get_size( md_info ),
                        csr.sig.p, csr.sig.len ) != 0 )
+    {
         return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED );
+    }
 
     return( 0 );
 }
@@ -156,13 +161,13 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage,
     if( cert_type != 0 )
         TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
 
-    ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ),
+    ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1,
                              rnd_pseudo_rand, &rnd_info );
     TEST_ASSERT( ret == 0 );
 
     pem_len = strlen( (char *) buf );
     buf[pem_len] = '\0';
-    TEST_ASSERT( x509_crt_verifycsr( buf, pem_len+1 ) == 0 );
+    TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 );
 
 exit:
     mbedtls_x509write_csr_free( &req );