Make sure we detect corruption.
diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c
index 51135ea..4080de8 100644
--- a/crypto/rsa/rsa_test.c
+++ b/crypto/rsa/rsa_test.c
@@ -219,6 +219,7 @@
     int plen;
     int clen = 0;
     int num;
+    int n;
 
     CRYPTO_malloc_debug_init();
     CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
@@ -278,7 +279,7 @@
 	    err=1;
 	    goto next;
 	    }
-  
+
 	num = RSA_private_decrypt(num, ctext, ptext, key,
 				  RSA_PKCS1_OAEP_PADDING);
 	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
@@ -287,10 +288,7 @@
 	    err=1;
 	    }
 	else if (memcmp(ctext, ctext_ex, num) == 0)
-	    {
 	    printf("OAEP test vector %d passed!\n", v);
-	    goto next;
-	    }
     
 	/* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
 	   Try decrypting ctext_ex */
@@ -305,6 +303,26 @@
 	    }
 	else
 	    printf("OAEP encryption/decryption ok\n");
+
+	/* Try decrypting corrupted ciphertexts */
+	for(n = 0 ; n < clen ; ++n)
+	    {
+	    int b;
+	    unsigned char saved = ctext[n];
+	    for(b = 0 ; b < 256 ; ++b)
+		{
+		if(b == saved)
+		    continue;
+		ctext[n] = b;
+		num = RSA_private_decrypt(num, ctext, ptext, key,
+					  RSA_PKCS1_OAEP_PADDING);
+		if(num > 0)
+		    {
+		    printf("Corrupt data decrypted!\n");
+		    err = 1;
+		    }
+		}
+	    }
     next:
 	RSA_free(key);
 	}