diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index 3d408d73db..954ca3da4c 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -1944,7 +1944,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
     else
         TEST_PASS("AES-SIV  test passed!\n");
 #endif
-#endif
+#endif /* !NO_AES */
 
 #if defined(WOLFSSL_AES_EAX) && \
     (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
@@ -9063,22 +9063,22 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
     enc = wc_AesNew(HEAP_HINT, devId);
     if (enc == NULL)
         ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
-#ifdef HAVE_AES_DECRYPT
+    #ifdef HAVE_AES_DECRYPT
     dec = wc_AesNew(HEAP_HINT, devId);
     if (dec == NULL)
         ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
-#endif
+    #endif
 #else
     XMEMSET(enc, 0, sizeof(Aes));
     XMEMSET(dec, 0, sizeof(Aes));
     ret = wc_AesInit(enc, HEAP_HINT, INVALID_DEVID);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-#ifdef HAVE_AES_DECRYPT
+    #ifdef HAVE_AES_DECRYPT
     ret = wc_AesInit(dec, HEAP_HINT, INVALID_DEVID);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-#endif
+    #endif
 #endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */
 
 #ifdef WOLFSSL_AES_128
@@ -9336,14 +9336,14 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
         Aes enc[1];
 #endif
         byte cipher[AES_BLOCK_SIZE * 4];
-    #ifdef HAVE_AES_DECRYPT
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+#ifdef HAVE_AES_DECRYPT
+    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         Aes *dec = NULL;
-#else
+    #else
         Aes dec[1];
-#endif
-        byte plain [AES_BLOCK_SIZE * 4];
     #endif
+        byte plain [AES_BLOCK_SIZE * 4];
+#endif
         wc_test_ret_t ret = 0;
 
         WOLFSSL_SMALL_STACK_STATIC const byte iv[] = {
@@ -9452,22 +9452,22 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
     enc = wc_AesNew(HEAP_HINT, devId);
     if (enc == NULL)
         ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
-#ifdef HAVE_AES_DECRYPT
+    #ifdef HAVE_AES_DECRYPT
     dec = wc_AesNew(HEAP_HINT, devId);
     if (dec == NULL)
         ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
-#endif
+    #endif
 #else
     XMEMSET(enc, 0, sizeof(Aes));
     XMEMSET(dec, 0, sizeof(Aes));
     ret = wc_AesInit(enc, HEAP_HINT, devId);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-#ifdef HAVE_AES_DECRYPT
+    #ifdef HAVE_AES_DECRYPT
     ret = wc_AesInit(dec, HEAP_HINT, devId);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-#endif
+    #endif
 #endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */
 
 #ifdef WOLFSSL_AES_128
@@ -9883,10 +9883,8 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
 
   out:
 
-    wc_AesFree(enc);
-    wc_AesFree(dec);
-
-#endif
+        wc_AesFree(enc);
+        wc_AesFree(dec);
 
         return ret;
     }
@@ -10093,7 +10091,6 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
 #endif /* !HAVE_SELFTEST && !HAVE_FIPS */
 #endif /* WOLFSSL_AES_CFB */
 
-
 static wc_test_ret_t aes_key_size_test(void)
 {
     wc_test_ret_t ret;
@@ -12593,22 +12590,22 @@ static wc_test_ret_t aesecb_test(void)
         enc = wc_AesNew(HEAP_HINT, devId);
         if (enc == NULL)
             ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
-#ifdef HAVE_AES_DECRYPT
+    #ifdef HAVE_AES_DECRYPT
         dec = wc_AesNew(HEAP_HINT, devId);
         if (dec == NULL)
             ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
-#endif
+    #endif
 #else
         XMEMSET(enc, 0, sizeof(Aes));
         XMEMSET(dec, 0, sizeof(Aes));
         ret = wc_AesInit(enc, HEAP_HINT, devId);
         if (ret != 0)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-#ifdef HAVE_AES_DECRYPT
+    #ifdef HAVE_AES_DECRYPT
         ret = wc_AesInit(dec, HEAP_HINT, devId);
         if (ret != 0)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-#endif
+    #endif
 #endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */
 
         XMEMSET(cipher, 0, AES_BLOCK_SIZE);
@@ -13536,11 +13533,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
 #endif
 #else
+#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || \
+    defined(WOLFSSL_AES_DIRECT)
     XMEMSET(enc, 0, sizeof(Aes));
+    #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
     XMEMSET(dec, 0, sizeof(Aes));
+    #endif
     ret = wc_AesInit(enc, HEAP_HINT, devId);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#endif
 #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
     ret = wc_AesInit(dec, HEAP_HINT, devId);
     if (ret != 0)
@@ -14115,6 +14117,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void)
 
     wc_AesFree(enc);
     wc_AesFree(dec);
+#endif /* HAVE_AES_CBC */
 
     return ret;
 }
@@ -16267,8 +16270,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aeskeywrap_test(void)
 }
 #endif /* HAVE_AES_KEYWRAP */
 
+#endif /* !NO_AES */
 
-#endif /* NO_AES */
 
 #ifdef HAVE_ARIA
 void printOutput(const char *strName, unsigned char *data, unsigned int dataSz)
@@ -24292,8 +24295,8 @@ static wc_test_ret_t openssl_aes_test(void)
     return 0;
 }
 
+#endif /* !NO_AES && !WOLFCRYPT_ONLY */
 
-#endif /* !defined(NO_AES) && !defined(WOLFCRYPT_ONLY) */
 
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void)
 {
@@ -25507,7 +25510,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void)
 #endif
     }
 #endif /* WOLFSSL_AES_128 && HAVE_AES_CBC */
-#endif /* ifndef NO_AES */
+#endif /* !NO_AES && !WOLFCRYPT_ONLY */
     return 0;
 }
 
@@ -48691,7 +48694,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cmac_test(void)
     return ret;
 }
 
-#endif /* NO_AES && WOLFSSL_CMAC */
+#endif /* !NO_AES && WOLFSSL_CMAC */
 
 #if defined(WOLFSSL_SIPHASH)
 
@@ -49949,7 +49952,7 @@ static wc_test_ret_t pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
     byte optionalUkm[] = {
         0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07
     };
-#endif /* NO_AES */
+#endif /* !NO_AES */
 
 #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128) && \
     !defined(NO_SHA)
@@ -50582,7 +50585,7 @@ static wc_test_ret_t pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCer
     WOLFSSL_SMALL_STACK_STATIC const byte optionalUkm[] = {
         0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07
     };
-#endif /* NO_AES */
+#endif /* !NO_AES */
 
 #if !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128)
     /* encryption key for kekri recipient types */
@@ -50681,12 +50684,12 @@ static wc_test_ret_t pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCer
          NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
          "pkcs7authEnvelopedDataAES256GCM_IANDS.der");
         #endif
-    #else /* NO_AES || !HAVE_AESGCM */
+    #else
         (void)rsaCert;
         (void)rsaCertSz;
         (void)rsaPrivKey;
         (void)rsaPrivKeySz;
-    #endif /* NO_AES || !HAVE_AESGCM */
+    #endif /* !NO_AES && !HAVE_AESGCM */
 #endif
 
         /* key agreement key encryption technique*/
@@ -50768,7 +50771,7 @@ static wc_test_ret_t pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCer
          0, 0, 0, 0, 0, 0,
          "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der");
         #endif /* WOLFSSL_SHA512 && WOLFSSL_AES_256 */
-    #endif /* NO_AES */
+    #endif /* !NO_AES && HAVE_AESGCM */
 #endif
 
         /* kekri (KEKRecipientInfo) recipient types */