diff --git a/src/providers/mbed_provider/mod.rs b/src/providers/mbed_provider/mod.rs
index bd84b216..bf81a6f9 100644
--- a/src/providers/mbed_provider/mod.rs
+++ b/src/providers/mbed_provider/mod.rs
@@ -27,14 +27,13 @@ use parsec_interface::operations::{OpExportPublicKey, ResultExportPublicKey};
 use parsec_interface::operations::{OpImportKey, ResultImportKey};
 use parsec_interface::operations::{OpListOpcodes, ResultListOpcodes};
 use parsec_interface::requests::{Opcode, ProviderID, ResponseStatus, Result};
-use psa_crypto_binding::psa_key_handle_t as KeyHandle;
-use psa_crypto_binding::psa_key_id_t as KeyId;
+use psa_crypto_binding::psa_key_id_t;
 use std::collections::HashSet;
 use std::convert::TryInto;
 use std::io::{Error, ErrorKind};
 use std::sync::{Arc, Mutex, RwLock};
 use std_semaphore::Semaphore;
-use utils::Key;
+use utils::KeyHandle;
 use uuid::Uuid;
 
 #[allow(
@@ -53,7 +52,7 @@ mod psa_crypto_binding {
 mod constants;
 mod utils;
 
-type LocalIdStore = HashSet<KeyId>;
+type LocalIdStore = HashSet<psa_key_id_t>;
 
 const SUPPORTED_OPCODES: [Opcode; 7] = [
     Opcode::CreateKey,
@@ -91,7 +90,7 @@ pub struct MbedProvider {
 /// Gets a PSA Key ID from the Key ID Manager.
 /// Wrapper around the get method of the Key ID Manager to convert the key ID to the psa_key_id_t
 /// type.
-fn get_key_id(key_triple: &KeyTriple, store_handle: &dyn ManageKeyIDs) -> Result<KeyId> {
+fn get_key_id(key_triple: &KeyTriple, store_handle: &dyn ManageKeyIDs) -> Result<psa_key_id_t> {
     match store_handle.get(key_triple) {
         Ok(Some(key_id)) => {
             if let Ok(key_id_bytes) = key_id.try_into() {
@@ -114,13 +113,13 @@ fn create_key_id(
     key_triple: KeyTriple,
     store_handle: &mut dyn ManageKeyIDs,
     local_ids_handle: &mut LocalIdStore,
-) -> Result<KeyId> {
-    let mut key_id = rand::random::<KeyId>();
+) -> Result<psa_key_id_t> {
+    let mut key_id = rand::random::<psa_key_id_t>();
     while local_ids_handle.contains(&key_id)
         || key_id == 0
         || key_id > constants::PSA_MAX_PERSISTENT_KEY_IDENTIFIER
     {
-        key_id = rand::random::<KeyId>();
+        key_id = rand::random::<psa_key_id_t>();
     }
     match store_handle.insert(key_triple.clone(), key_id.to_ne_bytes().to_vec()) {
         Ok(insert_option) => {
@@ -140,7 +139,7 @@ fn create_key_id(
 
 fn remove_key_id(
     key_triple: &KeyTriple,
-    key_id: KeyId,
+    key_id: psa_key_id_t,
     store_handle: &mut dyn ManageKeyIDs,
     local_ids_handle: &mut LocalIdStore,
 ) -> Result<()> {
@@ -172,6 +171,8 @@ impl MbedProvider {
     /// if there, delete them. Adds Key IDs currently in use in the local IDs store.
     /// Returns `None` if the initialisation failed.
     fn new(key_id_store: Arc<RwLock<dyn ManageKeyIDs + Send + Sync>>) -> Option<MbedProvider> {
+        // Safety: this function should be called before any of the other Mbed Crypto functions
+        // are.
         if unsafe { psa_crypto_binding::psa_crypto_init() } != PSA_SUCCESS {
             error!("Error when initialising Mbed Crypto");
             return None;
@@ -208,23 +209,22 @@ impl MbedProvider {
                                 continue;
                             }
                         };
-                        let mut key_handle: KeyHandle = Default::default();
-                        let open_key_status =
-                            unsafe { psa_crypto_binding::psa_open_key(key_id, &mut key_handle) };
-                        if open_key_status == constants::PSA_ERROR_DOES_NOT_EXIST {
-                            to_remove.push(key_triple.clone());
-                        } else if open_key_status != PSA_SUCCESS {
-                            error!(
-                                "Error {} when opening a persistent Mbed Crypto key.",
-                                open_key_status
-                            );
-                            return None;
-                        } else {
-                            let _ = local_ids_handle.insert(key_id);
-                            unsafe {
-                                let _ = psa_crypto_binding::psa_close_key(key_handle);
+
+                        // Safety: safe because:
+                        // * the Mbed Crypto library has been initialized
+                        // * this code is executed only by the main thread
+                        match unsafe { KeyHandle::open(key_id) } {
+                            Ok(_) => {
+                                let _ = local_ids_handle.insert(key_id);
+                            }
+                            Err(ResponseStatus::PsaErrorDoesNotExist) => {
+                                to_remove.push(key_triple.clone())
+                            }
+                            Err(e) => {
+                                error!("Error {} when opening a persistent Mbed Crypto key.", e);
+                                return None;
                             }
-                        }
+                        };
                     }
                 }
                 Err(string) => {
@@ -282,28 +282,30 @@ impl Provide for MbedProvider {
         )?;
 
         let key_attrs = utils::convert_key_attributes(&key_attributes, key_id)?;
-        let mut key = Key::new(&self.key_handle_mutex);
-
-        let generate_key_status = unsafe {
-            let _guard = self
-                .key_handle_mutex
-                .lock()
-                .expect("Grabbing key handle mutex failed");
-            psa_crypto_binding::psa_generate_key(&key_attrs, key.as_mut())
-        };
 
-        if generate_key_status != PSA_SUCCESS {
+        let _guard = self
+            .key_handle_mutex
+            .lock()
+            .expect("Grabbing key handle mutex failed");
+
+        // Safety:
+        //   * at this point the provider has been instantiated so Mbed Crypto has been initialized
+        //   * self.key_handle_mutex prevents concurrent accesses
+        //   * self.key_slot_semaphore prevents overflowing key slots
+        let mut key_handle = unsafe { KeyHandle::generate(&key_attrs) }.or_else(|e| {
             remove_key_id(
                 &key_triple,
                 key_id,
                 &mut *store_handle,
                 &mut local_ids_handle,
             )?;
-            error!("Generate key status: {}", generate_key_status);
-            return Err(utils::convert_status(generate_key_status).ok_or_else(|| {
-                error!("Failed to convert error status.");
-                ResponseStatus::PsaErrorGenericError
-            })?);
+            error!("Generate key status: {}", e);
+            Err(e)
+        })?;
+
+        // Safety: same conditions than above.
+        unsafe {
+            key_handle.close()?;
         }
 
         Ok(ResultCreateKey {})
@@ -328,33 +330,30 @@ impl Provide for MbedProvider {
         )?;
 
         let key_attrs = utils::convert_key_attributes(&key_attributes, key_id)?;
-        let mut key = Key::new(&self.key_handle_mutex);
-
-        let import_key_status = unsafe {
-            let _guard = self
-                .key_handle_mutex
-                .lock()
-                .expect("Grabbing key handle mutex failed");
-            psa_crypto_binding::psa_import_key(
-                &key_attrs,
-                key_data.as_ptr(),
-                key_data.len(),
-                key.as_mut(),
-            )
-        };
 
-        if import_key_status != PSA_SUCCESS {
+        let _guard = self
+            .key_handle_mutex
+            .lock()
+            .expect("Grabbing key handle mutex failed");
+
+        // Safety:
+        //   * at this point the provider has been instantiated so Mbed Crypto has been initialized
+        //   * self.key_handle_mutex prevents concurrent accesses
+        //   * self.key_slot_semaphore prevents overflowing key slots
+        let mut key_handle = unsafe { KeyHandle::import(&key_attrs, key_data) }.or_else(|e| {
             remove_key_id(
                 &key_triple,
                 key_id,
                 &mut *store_handle,
                 &mut local_ids_handle,
             )?;
-            error!("Import key status: {}", import_key_status);
-            return Err(utils::convert_status(import_key_status).ok_or_else(|| {
-                error!("Failed to convert error status.");
-                ResponseStatus::PsaErrorGenericError
-            })?);
+            error!("Import key status: {}", e);
+            Err(e)
+        })?;
+
+        // Safety: same conditions than above.
+        unsafe {
+            key_handle.close()?;
         }
 
         Ok(ResultImportKey {})
@@ -371,24 +370,43 @@ impl Provide for MbedProvider {
         let key_triple = KeyTriple::new(app_name, ProviderID::MbedProvider, key_name);
         let store_handle = self.key_id_store.read().expect("Key store lock poisoned");
         let key_id = get_key_id(&key_triple, &*store_handle)?;
-        let key = Key::open_key(key_id, &self.key_handle_mutex)?;
 
-        let key_attrs = key.get_attributes()?;
-        let buffer_size = utils::psa_export_public_key_size(&key_attrs)?;
+        let _guard = self
+            .key_handle_mutex
+            .lock()
+            .expect("Grabbing key handle mutex failed");
+
+        let mut key_handle;
+        let mut key_attrs;
+        // Safety:
+        //   * at this point the provider has been instantiated so Mbed Crypto has been initialized
+        //   * self.key_handle_mutex prevents concurrent accesses
+        //   * self.key_slot_semaphore prevents overflowing key slots
+        unsafe {
+            key_handle = KeyHandle::open(key_id)?;
+            key_attrs = key_handle.attributes()?;
+        }
+
+        let buffer_size = utils::psa_export_public_key_size(key_attrs.as_ref())?;
         let mut buffer = vec![0u8; buffer_size];
         let mut actual_size = 0;
 
-        let export_status = unsafe {
-            psa_crypto_binding::psa_export_public_key(
-                key.raw_handle(),
+        let export_status;
+        // Safety: same conditions than above.
+        unsafe {
+            export_status = psa_crypto_binding::psa_export_public_key(
+                key_handle.raw(),
                 buffer.as_mut_ptr(),
                 buffer_size,
                 &mut actual_size,
-            )
+            );
+            key_attrs.reset();
+            key_handle.close()?;
         };
 
         if export_status != PSA_SUCCESS {
             error!("Export status: {}", export_status);
+            // Safety: same conditions than above.
             return Err(utils::convert_status(export_status).ok_or_else(|| {
                 error!("Failed to convert error status.");
                 ResponseStatus::PsaErrorGenericError
@@ -407,9 +425,23 @@ impl Provide for MbedProvider {
         let mut store_handle = self.key_id_store.write().expect("Key store lock poisoned");
         let mut local_ids_handle = self.local_ids.write().expect("Local ID lock poisoned");
         let key_id = get_key_id(&key_triple, &*store_handle)?;
-        let key = Key::open_key(key_id, &self.key_handle_mutex)?;
 
-        let destroy_key_status = unsafe { psa_crypto_binding::psa_destroy_key(key.raw_handle()) };
+        let _guard = self
+            .key_handle_mutex
+            .lock()
+            .expect("Grabbing key handle mutex failed");
+
+        let key_handle;
+        let destroy_key_status;
+
+        // Safety:
+        //   * at this point the provider has been instantiated so Mbed Crypto has been initialized
+        //   * self.key_handle_mutex prevents concurrent accesses
+        //   * self.key_slot_semaphore prevents overflowing key slots
+        unsafe {
+            key_handle = KeyHandle::open(key_id)?;
+            destroy_key_status = psa_crypto_binding::psa_destroy_key(key_handle.raw());
+        }
 
         if destroy_key_status == PSA_SUCCESS {
             remove_key_id(
@@ -436,23 +468,41 @@ impl Provide for MbedProvider {
         let key_triple = KeyTriple::new(app_name, ProviderID::MbedProvider, key_name);
         let store_handle = self.key_id_store.read().expect("Key store lock poisoned");
         let key_id = get_key_id(&key_triple, &*store_handle)?;
-        let key = Key::open_key(key_id, &self.key_handle_mutex)?;
-        let key_attrs = key.get_attributes()?;
 
-        let buffer_size = utils::psa_asymmetric_sign_output_size(&key_attrs)?;
+        let _guard = self
+            .key_handle_mutex
+            .lock()
+            .expect("Grabbing key handle mutex failed");
+
+        let mut key_handle;
+        let mut key_attrs;
+        // Safety:
+        //   * at this point the provider has been instantiated so Mbed Crypto has been initialized
+        //   * self.key_handle_mutex prevents concurrent accesses
+        //   * self.key_slot_semaphore prevents overflowing key slots
+        unsafe {
+            key_handle = KeyHandle::open(key_id)?;
+            key_attrs = key_handle.attributes()?;
+        }
+
+        let buffer_size = utils::psa_asymmetric_sign_output_size(key_attrs.as_ref())?;
         let mut signature = vec![0u8; buffer_size];
         let mut signature_size: usize = 0;
 
-        let sign_status = unsafe {
-            psa_crypto_binding::psa_asymmetric_sign(
-                key.raw_handle(),
-                key_attrs.core.policy.alg,
+        let sign_status;
+        // Safety: same conditions than above.
+        unsafe {
+            sign_status = psa_crypto_binding::psa_asymmetric_sign(
+                key_handle.raw(),
+                key_attrs.raw().core.policy.alg,
                 hash.as_ptr(),
                 hash.len(),
                 signature.as_mut_ptr(),
                 buffer_size,
                 &mut signature_size,
-            )
+            );
+            key_attrs.reset();
+            key_handle.close()?;
         };
 
         if sign_status == PSA_SUCCESS {
@@ -481,19 +531,33 @@ impl Provide for MbedProvider {
         let key_triple = KeyTriple::new(app_name, ProviderID::MbedProvider, key_name);
         let store_handle = self.key_id_store.read().expect("Key store lock poisoned");
         let key_id = get_key_id(&key_triple, &*store_handle)?;
-        let key = Key::open_key(key_id, &self.key_handle_mutex)?;
-        let key_attrs = key.get_attributes()?;
 
-        let verify_status = unsafe {
-            psa_crypto_binding::psa_asymmetric_verify(
-                key.raw_handle(),
-                key_attrs.core.policy.alg,
+        let _guard = self
+            .key_handle_mutex
+            .lock()
+            .expect("Grabbing key handle mutex failed");
+
+        let mut key_handle;
+        let mut key_attrs;
+        let verify_status;
+        // Safety:
+        //   * at this point the provider has been instantiated so Mbed Crypto has been initialized
+        //   * self.key_handle_mutex prevents concurrent accesses
+        //   * self.key_slot_semaphore prevents overflowing key slots
+        unsafe {
+            key_handle = KeyHandle::open(key_id)?;
+            key_attrs = key_handle.attributes()?;
+            verify_status = psa_crypto_binding::psa_asymmetric_verify(
+                key_handle.raw(),
+                key_attrs.raw().core.policy.alg,
                 hash.as_ptr(),
                 hash.len(),
                 signature.as_ptr(),
                 signature.len(),
-            )
-        };
+            );
+            key_attrs.reset();
+            key_handle.close()?;
+        }
 
         if verify_status == PSA_SUCCESS {
             Ok(ResultAsymVerify {})
@@ -508,6 +572,7 @@ impl Provide for MbedProvider {
 
 impl Drop for MbedProvider {
     fn drop(&mut self) {
+        // Safety: the Provider was initialized with psa_crypto_init
         unsafe {
             psa_crypto_binding::mbedtls_psa_crypto_free();
         }
diff --git a/src/providers/mbed_provider/utils.rs b/src/providers/mbed_provider/utils.rs
index 17f5acab..f9969a22 100644
--- a/src/providers/mbed_provider/utils.rs
+++ b/src/providers/mbed_provider/utils.rs
@@ -19,21 +19,23 @@ use super::psa_crypto_binding::{
     psa_status_t,
 };
 use log::error;
-use parsec_interface::operations::key_attributes::*;
+use parsec_interface::operations::key_attributes;
+use parsec_interface::operations::key_attributes::{
+    Algorithm, AlgorithmInner, HashAlgorithm, KeyType, SignAlgorithm,
+};
 use parsec_interface::requests::{ResponseStatus, Result};
 use std::convert::TryFrom;
 use std::convert::TryInto;
-use std::sync::Mutex;
 
-/// Converts between native PARSEC key attributes and ID and the
+/// Converts between native Parsec key attributes and ID and the
 /// `psa_key_attributes_t` structure required by Mbed Crypto.
 ///
-/// # Panics
+/// # Errors
 ///
 /// If either algorithm or key type conversion fails. See docs for
 /// `convert_key_type` and `convert_algorithm` for more details.
 pub fn convert_key_attributes(
-    attrs: &KeyAttributes,
+    attrs: &key_attributes::KeyAttributes,
     key_id: psa_key_id_t,
 ) -> Result<psa_key_attributes_t> {
     Ok(psa_key_attributes_t {
@@ -95,7 +97,7 @@ pub fn convert_key_type(key_type: KeyType) -> Result<psa_key_type_t> {
 }
 
 /// Converts between native and Mbed Crypto key usage values.
-pub fn convert_key_usage(operation: &KeyAttributes) -> psa_key_usage_t {
+pub fn convert_key_usage(operation: &key_attributes::KeyAttributes) -> psa_key_usage_t {
     let mut usage: psa_key_usage_t = 0;
 
     // Build up the individual usage flags in the OpKeyCreateBase, and use them to bitwise-combine the equivalent flags
@@ -220,26 +222,59 @@ pub fn psa_export_public_key_size(key_attrs: &psa_key_attributes_t) -> Result<us
     }
 }
 
-/// Wrapper around raw `psa_key_handle_t` which allows for easier manipulation of
-/// handles and the attributes associated with them.
-pub struct Key<'a>(psa_key_handle_t, &'a Mutex<()>);
+/// Wrapper around raw `psa_key_attributes_t`
+pub struct KeyAttributes(psa_key_attributes_t);
+
+impl KeyAttributes {
+    /// Reset the key attribute structure to a freshly initialized state.
+    /// Also frees any auxiliary resources that the structure may contain.
+    /// This method needs to be called on the KeyAttributes structure returned by the attributes
+    /// method when not needed anymore.
+    ///
+    /// # Safety
+    ///
+    /// Calling this function is only safe if:
+    /// * the Mbed Crypto library has already been initialized
+    ///
+    /// It is not safe to put this method in a Drop trait as it might be called after the Mbed
+    /// Crypto library is freed.
+    pub unsafe fn reset(&mut self) {
+        psa_crypto_binding::psa_reset_key_attributes(&mut self.0);
+    }
+
+    pub fn raw(&self) -> psa_key_attributes_t {
+        self.0
+    }
+}
+
+impl AsRef<psa_key_attributes_t> for KeyAttributes {
+    fn as_ref(&self) -> &psa_key_attributes_t {
+        &self.0
+    }
+}
 
-impl Key<'_> {
-    /// Create a new key with an empty handle.
-    pub fn new<'a>(key_handle_mutex: &'a Mutex<()>) -> Key<'a> {
-        Key(Default::default(), key_handle_mutex)
+impl AsMut<psa_key_attributes_t> for KeyAttributes {
+    fn as_mut(&mut self) -> &mut psa_key_attributes_t {
+        &mut self.0
     }
+}
 
+/// Wrapper around raw `psa_key_handle_t` which allows for easier manipulation of
+/// handles and the attributes associated with them.
+pub struct KeyHandle(psa_key_handle_t);
+
+impl KeyHandle {
     /// Open a key and store the allocated handle for it.
-    pub fn open_key<'a>(key_id: psa_key_id_t, key_handle_mutex: &'a Mutex<()>) -> Result<Key<'a>> {
+    ///
+    /// # Safety
+    ///
+    /// Calling this function is only safe if:
+    /// * the Mbed Crypto library has already been initialized
+    /// * calls to open, generate, import and close are protected by the same mutex
+    /// * only PSA_KEY_SLOT_COUNT slots are used at any given time
+    pub unsafe fn open(key_id: psa_key_id_t) -> Result<KeyHandle> {
         let mut key_handle: psa_key_handle_t = Default::default();
-        let open_key_status = unsafe {
-            let _guard = key_handle_mutex
-                .lock()
-                .expect("Grabbing key handle mutex failed");
-            psa_crypto_binding::psa_open_key(key_id, &mut key_handle)
-        };
-
+        let open_key_status = psa_crypto_binding::psa_open_key(key_id, &mut key_handle);
         if open_key_status != PSA_SUCCESS {
             error!("Open key status: {}", open_key_status);
             Err(convert_status(open_key_status).ok_or_else(|| {
@@ -247,15 +282,68 @@ impl Key<'_> {
                 ResponseStatus::InvalidEncoding
             })?)
         } else {
-            Ok(Key(key_handle, key_handle_mutex))
+            Ok(KeyHandle(key_handle))
+        }
+    }
+
+    /// Generate a key or a key pair.
+    ///
+    /// # Safety
+    ///
+    /// Calling this function is only safe if:
+    /// * the Mbed Crypto library has already been initialized
+    /// * calls to open, generate, import and close are protected by the same mutex
+    /// * only PSA_KEY_SLOT_COUNT slots are used at any given time
+    pub unsafe fn generate(attributes: &psa_key_attributes_t) -> Result<Self> {
+        let mut key_handle: psa_key_handle_t = Default::default();
+        let status = psa_crypto_binding::psa_generate_key(attributes, &mut key_handle);
+        if status != PSA_SUCCESS {
+            error!("Generate key status: {}", status);
+            Err(convert_status(status).ok_or_else(|| {
+                error!("Failed to convert error status.");
+                ResponseStatus::InvalidEncoding
+            })?)
+        } else {
+            Ok(KeyHandle(key_handle))
+        }
+    }
+
+    /// Import a key in binary format.
+    ///
+    /// # Safety
+    ///
+    /// Calling this function is only safe if:
+    /// * the Mbed Crypto library has already been initialized
+    /// * calls to open, generate, import and close are protected by the same mutex
+    /// * only PSA_KEY_SLOT_COUNT slots are used at any given time
+    pub unsafe fn import(attributes: &psa_key_attributes_t, key_data: Vec<u8>) -> Result<Self> {
+        let mut key_handle: psa_key_handle_t = Default::default();
+        let status = psa_crypto_binding::psa_import_key(
+            attributes,
+            key_data.as_ptr(),
+            key_data.len(),
+            &mut key_handle,
+        );
+        if status != PSA_SUCCESS {
+            error!("Import key status: {}", status);
+            Err(convert_status(status).ok_or_else(|| {
+                error!("Failed to convert error status.");
+                ResponseStatus::InvalidEncoding
+            })?)
+        } else {
+            Ok(KeyHandle(key_handle))
         }
     }
 
     /// Get the attributes associated with the key stored in this handle.
-    pub fn get_attributes(&self) -> Result<psa_key_attributes_t> {
+    ///
+    /// # Safety
+    ///
+    /// Calling this function is only safe if:
+    /// * the Mbed Crypto library has already been initialized
+    pub unsafe fn attributes(&self) -> Result<KeyAttributes> {
         let mut key_attrs = get_empty_key_attributes();
-        let get_attrs_status =
-            unsafe { psa_crypto_binding::psa_get_key_attributes(self.0, &mut key_attrs) };
+        let get_attrs_status = psa_crypto_binding::psa_get_key_attributes(self.0, &mut key_attrs);
 
         if get_attrs_status != PSA_SUCCESS {
             error!("Get key attributes status: {}", get_attrs_status);
@@ -264,40 +352,47 @@ impl Key<'_> {
                 ResponseStatus::InvalidEncoding
             })?)
         } else {
-            Ok(key_attrs)
+            Ok(KeyAttributes(key_attrs))
         }
     }
 
     /// Release the key stored under this handle.
-    pub fn release_key(&mut self) {
-        if self.0 == EMPTY_KEY_HANDLE {
-            return;
-        }
-        unsafe {
-            let _guard = self.1.lock().expect("Grabbing key handle mutex failed");
-            let _ = psa_crypto_binding::psa_close_key(self.0);
+    ///
+    /// # Safety
+    ///
+    /// Calling this function is only safe if:
+    /// * the Mbed Crypto library has already been initialized
+    /// * calls to open, generate, import and close are protected by the same mutex
+    /// * only PSA_KEY_SLOT_COUNT slots are used at any given time
+    ///
+    /// Because of the conditions above, it is not safe to put this function inside a Drop trait as
+    /// it would make possible for this function to be executed in an unsafe context.
+    pub unsafe fn close(&mut self) -> Result<()> {
+        let status = psa_crypto_binding::psa_close_key(self.0);
+
+        if status != PSA_SUCCESS {
+            error!("Close key status: {}", status);
+            Err(convert_status(status).ok_or_else(|| {
+                error!("Failed to convert error status.");
+                ResponseStatus::InvalidEncoding
+            })?)
+        } else {
+            Ok(())
         }
     }
 
-    /// Extract the raw handle value.
-    pub fn raw_handle(&self) -> psa_key_handle_t {
+    pub fn raw(&self) -> psa_key_handle_t {
         self.0
     }
 }
 
-impl Drop for Key<'_> {
-    fn drop(&mut self) {
-        self.release_key();
-    }
-}
-
-impl AsRef<psa_key_handle_t> for Key<'_> {
+impl AsRef<psa_key_handle_t> for KeyHandle {
     fn as_ref(&self) -> &psa_key_handle_t {
         &self.0
     }
 }
 
-impl AsMut<psa_key_handle_t> for Key<'_> {
+impl AsMut<psa_key_handle_t> for KeyHandle {
     fn as_mut(&mut self) -> &mut psa_key_handle_t {
         &mut self.0
     }
diff --git a/tests/all_providers/config.toml b/tests/all_providers/config.toml
index 8544a2fb..6ff97eeb 100644
--- a/tests/all_providers/config.toml
+++ b/tests/all_providers/config.toml
@@ -1,5 +1,4 @@
 [core_settings]
-log_level = "error"
 # The CI already timestamps the logs
 log_timestamp = false
 
diff --git a/tests/ci.sh b/tests/ci.sh
index 179efdeb..a48e9749 100755
--- a/tests/ci.sh
+++ b/tests/ci.sh
@@ -89,7 +89,7 @@ fi
 ##############
 # Build test #
 ##############
-RUST_BACKTRACE=1 cargo build -vv $FEATURES
+RUST_BACKTRACE=1 cargo build $FEATURES
 
 #################
 # Static checks #
@@ -101,7 +101,7 @@ then
 fi
 if rustup component list | grep -q clippy
 then
-	cargo clippy --all-targets $FEATURES -- -D warnings
+	cargo clippy --all-targets $FEATURES -- -D clippy::all
 fi
 
 ############################
@@ -113,7 +113,7 @@ RUST_BACKTRACE=1 cargo test --doc $FEATURES
 ######################################
 # Start Parsec for integration tests #
 ######################################
-RUST_BACKTRACE=1 cargo run -vv $FEATURES -- --config $CONFIG_PATH &
+RUST_LOG=info RUST_BACKTRACE=1 cargo run $FEATURES -- --config $CONFIG_PATH &
 SERVER_PID=$!
 # Sleep time needed to make sure Parsec is ready before launching the tests.
 sleep 5
@@ -121,18 +121,18 @@ sleep 5
 if [[ $1 = "all" ]]
 then
 	# All providers tests
-	RUST_BACKTRACE=1 cargo test -vv $FEATURES all_providers
+	RUST_BACKTRACE=1 cargo test $FEATURES all_providers
 else
 	# Per provider tests
 	################
 	# Normal tests #
 	################
-	RUST_BACKTRACE=1 cargo test -vv $FEATURES normal_tests
+	RUST_BACKTRACE=1 cargo test $FEATURES normal_tests
 
 	#####################
 	# Persistence tests #
 	#####################
-	RUST_BACKTRACE=1 cargo test -vv $FEATURES persistent-before
+	RUST_BACKTRACE=1 cargo test $FEATURES persistent-before
 
 	# Create a fake mapping file for the root application, the provider and a
 	# key name of "Test Key". It contains a valid PSA Key ID.
@@ -152,13 +152,25 @@ else
 
 	# Trigger a configuration reload to load the new mappings.
 	kill -s SIGHUP $SERVER_PID
+	# Sleep time needed to make sure Parsec is ready before launching the tests.
+	sleep 5
+
+	RUST_BACKTRACE=1 cargo test $FEATURES persistent-after
 
-	RUST_BACKTRACE=1 cargo test -vv $FEATURES persistent-after
+	kill $SERVER_PID
+	# Sleep time needed to make sure Parsec is killed.
+	sleep 2
 
 	################
 	# Stress tests #
 	################
-	RUST_BACKTRACE=1 cargo test -vv $FEATURES stress_test
+	# Change the log level for the stress tests because logging is limited on the
+	# CI servers.
+	RUST_LOG=error RUST_BACKTRACE=1 cargo run $FEATURES -- --config $CONFIG_PATH &
+	SERVER_PID=$!
+	sleep 5
+
+	RUST_BACKTRACE=1 cargo test $FEATURES stress_test
 fi
 
 kill $SERVER_PID
diff --git a/tests/per_provider/provider_cfg/mbed-crypto/config.toml b/tests/per_provider/provider_cfg/mbed-crypto/config.toml
index aee6ef05..e455d93a 100644
--- a/tests/per_provider/provider_cfg/mbed-crypto/config.toml
+++ b/tests/per_provider/provider_cfg/mbed-crypto/config.toml
@@ -1,5 +1,4 @@
 [core_settings]
-log_level = "error"
 # The CI already timestamps the logs
 log_timestamp = false
 
diff --git a/tests/per_provider/provider_cfg/pkcs11/config.toml b/tests/per_provider/provider_cfg/pkcs11/config.toml
index 8e83ea5b..b9756490 100644
--- a/tests/per_provider/provider_cfg/pkcs11/config.toml
+++ b/tests/per_provider/provider_cfg/pkcs11/config.toml
@@ -1,5 +1,4 @@
 [core_settings]
-log_level = "error"
 # The CI already timestamps the logs
 log_timestamp = false
 
diff --git a/tests/per_provider/provider_cfg/tpm/config.toml b/tests/per_provider/provider_cfg/tpm/config.toml
index 11bbbb50..63a050af 100644
--- a/tests/per_provider/provider_cfg/tpm/config.toml
+++ b/tests/per_provider/provider_cfg/tpm/config.toml
@@ -1,5 +1,4 @@
 [core_settings]
-log_level = "error"
 # The CI already timestamps the logs
 log_timestamp = false