diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 098e3f925..635c5bfac 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -655,6 +655,7 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
 
 PSA hash: bad order function calls
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 hash_bad_order:
 
 PSA hash verify: bad arguments
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 6eb9b0abb..2499102a5 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1961,7 +1961,7 @@ void hash_operation_init( )
 
     memset( &zero, 0, sizeof( zero ) );
 
-    /* A default hash operation should not be usable. */
+    /* A freshly-initialized hash operation should not be usable. */
     TEST_EQUAL( psa_hash_update( &func, input, sizeof( input ) ),
                 PSA_ERROR_BAD_STATE );
     TEST_EQUAL( psa_hash_update( &init, input, sizeof( input ) ),
@@ -1999,32 +1999,79 @@ exit:
 /* BEGIN_CASE */
 void hash_bad_order( )
 {
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
     unsigned char input[] = "";
     /* SHA-256 hash of an empty string */
-    unsigned char hash[] = {
+    const unsigned char valid_hash[] = {
         0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
         0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
         0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 };
+    unsigned char hash[sizeof(valid_hash)] = { 0 };
     size_t hash_len;
     psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
 
     PSA_ASSERT( psa_crypto_init( ) );
 
-    /* psa_hash_update without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
+    /* Call update without calling setup beforehand. */
     TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
                 PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
 
-    /* psa_hash_verify without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
-    TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ),
+    /* Call update after finish. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ) );
+    TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
                 PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
 
-    /* psa_hash_finish without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
+    /* Call verify without calling setup beforehand. */
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call verify after finish. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ) );
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call verify twice in a row. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ) );
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call finish without calling setup beforehand. */
     TEST_EQUAL( psa_hash_finish( &operation,
                                  hash, sizeof( hash ), &hash_len ),
                 PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call finish twice in a row. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ) );
+    TEST_EQUAL( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
+
+    /* Call finish after calling verify. */
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_verify( &operation,
+                                 valid_hash, sizeof( valid_hash ) ) );
+    TEST_EQUAL( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ),
+                PSA_ERROR_BAD_STATE );
+    PSA_ASSERT( psa_hash_abort( &operation ) );
 
 exit:
     mbedtls_psa_crypto_free( );