add new test scenarios
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 653467b..b0cfe20 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -389,7 +389,7 @@
 void key_policy( int usage_arg, int alg_arg )
 {
     int key_slot = 1;
-    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
+    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
     unsigned char key[32] = {0};
     psa_key_policy_t policy_set = {0};
     psa_key_policy_t policy_get = {0};
@@ -423,3 +423,55 @@
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+    unsigned char key[32] = {0};
+    unsigned char* keypair = NULL;
+    size_t key_size = 0;
+    size_t signature_length = 0;
+    psa_key_policy_t policy = {0};
+    int actual_status = PSA_SUCCESS;
+        
+    memset( key, 0x2a, sizeof( key ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    switch( usage_arg )
+    {
+        case PSA_KEY_USAGE_EXPORT:
+            keypair = unhexify_alloc( key_hex, &key_size );
+            TEST_ASSERT( keypair != NULL );
+            key_type = PSA_KEY_TYPE_RSA_KEYPAIR;
+            TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 keypair, key_size ) == PSA_SUCCESS );
+            actual_status = psa_asymmetric_sign( key_slot, 
+                            ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
+                            NULL, 0, &signature_length );
+            break;
+        
+        case PSA_KEY_USAGE_SIGN:
+            key_type = PSA_KEY_TYPE_AES;
+            TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+            actual_status = psa_export_key( key_slot, NULL, 0, NULL );
+            break;
+        default:
+            break;
+    }
+
+    TEST_ASSERT( actual_status == expected_status );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */