diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 2ad8137031..697f0fc5bd 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -26009,6 +26009,21 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) #if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \ !defined(WC_NO_RNG) && !defined(WOLF_CRYPTO_CB_ONLY_RSA) + /* Reload the key so the public-encrypt below is the first operation + * against it. Exercises backends that distinguish public-only material + * from full-keypair bindings: a public-encrypt on a freshly-loaded key + * must not prevent the subsequent private-decrypt from using the private + * key material the caller originally provided. */ +#ifndef NO_ASN + wc_FreeRsaKey(key); + ret = wc_InitRsaKey_ex(key, HEAP_HINT, devId); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); + idx = 0; + ret = wc_RsaPrivateKeyDecode(tmp, &idx, key, (word32)bytes); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); +#endif do { #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);