diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 5b8a4eade..dd19e7cfc 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -4029,3 +4029,12 @@ psa_crypto_copy_input:10:20:PSA_SUCCESS
 
 PSA input buffer copy: copy buffer too small
 psa_crypto_copy_input:20:10:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA output buffer copy: straightforward copy
+psa_crypto_copy_output:20:20:PSA_SUCCESS
+
+PSA output buffer copy: output buffer larger than required
+psa_crypto_copy_output:10:20:PSA_SUCCESS
+
+PSA output buffer copy: output buffer too small
+psa_crypto_copy_output:20:10:PSA_ERROR_BUFFER_TOO_SMALL
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b9ebe6766..5ef168eb7 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -5671,3 +5671,32 @@ exit:
     mbedtls_free(dst_buffer);
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void psa_crypto_copy_output(int src_len, int dst_len, int exp_ret)
+{
+    uint8_t data[] = {0x12, 0x34, 0x56, 0x78};
+    uint8_t *src_buffer = NULL;
+    uint8_t *dst_buffer = NULL;
+    psa_status_t ret;
+
+    TEST_CALLOC(src_buffer, src_len);
+    TEST_CALLOC(dst_buffer, dst_len);
+
+    for (int i = 0; i < src_len; i++) {
+        src_buffer[i] = data[i % sizeof(data)];
+    }
+
+    ret = psa_crypto_copy_output(src_buffer, src_len, dst_buffer, dst_len);
+    TEST_EQUAL((int) ret, exp_ret);
+
+    if (exp_ret == (int) PSA_SUCCESS) {
+        /* Note: We compare the first src_len bytes of each buffer, as this is what was copied. */
+        TEST_MEMORY_COMPARE(src_buffer, src_len, dst_buffer, src_len);
+    }
+
+exit:
+    mbedtls_free(src_buffer);
+    mbedtls_free(dst_buffer);
+}
+/* END_CASE */