diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 8c7520fe30..b92944ac29 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1147,6 +1147,15 @@ pkcs7-rsa-sha256-2.crt:
 	cat pkcs7-rsa-sha256-2.crt pkcs7-rsa-sha256-2.key > pkcs7-rsa-sha256-2.pem
 all_final += pkcs7-rsa-sha256-2.crt
 
+# Convert signing certs to DER for testing PEM-free builds
+pkcs7-rsa-sha256-1.der: $(pkcs7_test_cert_1)
+	$(OPENSSL) x509 -in pkcs7-rsa-sha256-1.crt -out $@ -outform DER
+all_final += pkcs7-rsa-sha256-1.der
+
+pkcs7-rsa-sha256-2.der: $(pkcs7_test_cert_2)
+	$(OPENSSL) x509 -in pkcs7-rsa-sha256-2.crt -out $@ -outform DER
+all_final += pkcs7-rsa-sha256-2.der
+
 # pkcs7 signature file with CERT
 pkcs7_data_cert_signed_sha256.der: $(pkcs7_test_file) $(pkcs7_test_cert_1)
 	$(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@
diff --git a/tests/data_files/pkcs7-rsa-sha256-1.der b/tests/data_files/pkcs7-rsa-sha256-1.der
new file mode 100644
index 0000000000..622df1e7a3
Binary files /dev/null and b/tests/data_files/pkcs7-rsa-sha256-1.der differ
diff --git a/tests/data_files/pkcs7-rsa-sha256-2.der b/tests/data_files/pkcs7-rsa-sha256-2.der
new file mode 100644
index 0000000000..a88ecb4512
Binary files /dev/null and b/tests/data_files/pkcs7-rsa-sha256-2.der differ
diff --git a/tests/suites/test_suite_pkcs7.data b/tests/suites/test_suite_pkcs7.data
index 4af0edad37..d5ecd21ccb 100644
--- a/tests/suites/test_suite_pkcs7.data
+++ b/tests/suites/test_suite_pkcs7.data
@@ -1,56 +1,71 @@
 PKCS7 Signed Data Parse Pass SHA256 #1
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha256.der"
 
 PKCS7 Signed Data Parse Pass SHA1 #2
-depends_on:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C
 pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha1.der"
 
 PKCS7 Signed Data Parse Pass Without CERT #3
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_without_cert:"data_files/pkcs7_data_without_cert_signed.der"
 
 PKCS7 Signed Data Parse Fail with multiple signers #4
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_multiple_signers:"data_files/pkcs7_data_multiple_signed.der"
 
 PKCS7 Signed Data Parse Fail with multiple certs #4
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_multiple_signers:"data_files/pkcs7_data_multiple_certs_signed.der"
 
 PKCS7 Signed Data Parse Fail with corrupted cert #5
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_corrupted_cert:"data_files/pkcs7_data_signed_badcert.der"
 
 PKCS7 Signed Data Parse Fail with corrupted signer info #6
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_corrupted_signer_info:"data_files/pkcs7_data_signed_badsigner.der"
 
 PKCS7 Signed Data Parse Fail Version other than 1 #7
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_version:"data_files/pkcs7_data_cert_signed_v2.der"
 
 PKCS7 Signed Data Parse Fail Encrypted Content #8
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_content_oid:"data_files/pkcs7_data_cert_encrypted.der"
 
 PKCS7 Signed Data Verification Pass SHA256 #9
-pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"
 
 PKCS7 Signed Data Verification Pass SHA256 #9.1
-pkcs7_verify_hash:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_hash:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"
 
 PKCS7 Signed Data Verification Pass SHA1 #10
-depends_on:MBEDTLS_SHA1_C
-pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha1.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha1.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"
 
 PKCS7 Signed Data Verification Pass SHA512 #11
-depends_on:MBEDTLS_SHA512_C
-pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha512.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA256_C
+pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha512.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin"
 
 PKCS7 Signed Data Verification Fail because of different certificate #12
-pkcs7_verify_badcert:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_badcert:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-2.der":"data_files/pkcs7_data.bin"
 
 PKCS7 Signed Data Verification Fail because of different data hash #13
-pkcs7_verify_tampered_data:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7_data_1.bin"
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_tampered_data:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data_1.bin"
 
 PKCS7 Signed Data Parse Failure Corrupt signerInfo.issuer #15.1
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_failure:"data_files/pkcs7_signerInfo_issuer_invalid_size.der"
 
 PKCS7 Signed Data Parse Failure Corrupt signerInfo.serial #15.2
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse_failure:"data_files/pkcs7_signerInfo_serial_invalid_size.der"
 
 PKCS7 Only Signed Data Parse Pass #15
+depends_on:MBEDTLS_SHA256_C
 pkcs7_parse:"data_files/pkcs7_data_cert_signeddata_sha256.der"
diff --git a/tests/suites/test_suite_pkcs7.function b/tests/suites/test_suite_pkcs7.function
index e2d76f36a9..8b35c57559 100644
--- a/tests/suites/test_suite_pkcs7.function
+++ b/tests/suites/test_suite_pkcs7.function
@@ -10,11 +10,11 @@
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PKCS7_C:MBEDTLS_FS_IO
+ * depends_on:MBEDTLS_PKCS7_C
  * END_DEPENDENCIES
  */
 
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
 void pkcs7_parse( char *pkcs7_file )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -37,7 +37,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C*/
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
 void pkcs7_parse_without_cert( char *pkcs7_file )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -60,7 +60,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
 void pkcs7_parse_multiple_signers( char *pkcs7_file )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -95,7 +95,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
 void pkcs7_parse_corrupted_cert( char *pkcs7_file )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -118,7 +118,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
 void pkcs7_parse_corrupted_signer_info( char *pkcs7_file )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -141,7 +141,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
 void pkcs7_parse_version( char *pkcs7_file )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -164,7 +164,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
 void pkcs7_parse_content_oid( char *pkcs7_file )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -186,7 +186,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
 void pkcs7_verify( char *pkcs7_file, char *crt, char *filetobesigned )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -236,7 +236,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
 void pkcs7_verify_hash( char *pkcs7_file, char *crt, char *filetobesigned )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -299,7 +299,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
 void pkcs7_verify_badcert( char *pkcs7_file, char *crt, char *filetobesigned )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -349,7 +349,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
 void pkcs7_verify_tampered_data( char *pkcs7_file, char *crt, char *filetobesigned )
 {
     unsigned char *pkcs7_buf = NULL;
@@ -399,7 +399,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
 void pkcs7_parse_failure( char *pkcs7_file )
 {
     unsigned char *pkcs7_buf = NULL;