diff --git a/testprof/der_tests.c b/testprof/der_tests.c
index 7ce6273..a0cbc02 100644
--- a/testprof/der_tests.c
+++ b/testprof/der_tests.c
@@ -13,7 +13,7 @@ int der_tests(void)
 
 #else
 
-static const unsigned char _der_tests_cacert_root_cert[] =
+const unsigned char _der_tests_cacert_root_cert[] =
    "MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\
     IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\
     IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\
@@ -53,6 +53,7 @@ static const unsigned char _der_tests_cacert_root_cert[] =
     GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk\
     zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW\
     omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD";
+const unsigned long _der_tests_cacert_root_cert_size = sizeof(_der_tests_cacert_root_cert);
 
 /*
 SEQUENCE(3 elem)
@@ -195,6 +196,8 @@ SEQUENCE(3 elem)
 #define CHECK_ASN1_HAS_NO_CHILD(l) __CHECK_ASN1_HAS_NO(l, child)
 #define CHECK_ASN1_HAS_NEXT(l) __CHECK_ASN1_HAS(l, next)
 #define CHECK_ASN1_HAS_NO_NEXT(l) __CHECK_ASN1_HAS_NO(l, next)
+#define CHECK_ASN1_HAS_DATA(l) __CHECK_ASN1_HAS(l, data)
+#define CHECK_ASN1_HAS_NO_DATA(l) __CHECK_ASN1_HAS_NO(l, data)
 
 #ifdef LTC_DER_TESTS_PRINT_FLEXI
 static void _der_tests_print_flexi(ltc_asn1_list* l, unsigned int level)
@@ -395,6 +398,13 @@ static void der_cacert_test(void)
   DO(base64_decode(_der_tests_cacert_root_cert, sizeof(_der_tests_cacert_root_cert), buf, &len1));
   len2 = len1;
   DO(der_decode_sequence_flexi(buf, &len2, &decoded_list));
+  CHECK_ASN1_TYPE(decoded_list, LTC_ASN1_SEQUENCE);
+  CHECK_ASN1_HAS_DATA(decoded_list);
+
+  der_sequence_shrink(decoded_list);
+
+  CHECK_ASN1_TYPE(decoded_list, LTC_ASN1_SEQUENCE);
+  CHECK_ASN1_HAS_NO_DATA(decoded_list);
 
 #ifdef LTC_DER_TESTS_PRINT_FLEXI
   printf("\n\n--- test print start ---\n\n");
diff --git a/testprof/rsa_test.c b/testprof/rsa_test.c
index c7f1dcb..5795ac4 100644
--- a/testprof/rsa_test.c
+++ b/testprof/rsa_test.c
@@ -93,6 +93,9 @@ static const unsigned char openssl_public_rsa_stripped[] = {
    0x60, 0x3f, 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01,
    0x00, 0x01,  };
 
+extern const unsigned char _der_tests_cacert_root_cert[];
+extern const unsigned long _der_tests_cacert_root_cert_size;
+
 static int rsa_compat_test(void)
 {
    rsa_key key;
@@ -195,7 +198,7 @@ static int rsa_compat_test(void)
 
 int rsa_test(void)
 {
-   unsigned char in[1024], out[1024], tmp[1024];
+   unsigned char in[1024], out[1024], tmp[3072];
    rsa_key       key, privKey, pubKey;
    int           hash_idx, prng_idx, stat, stat2, i, err;
    unsigned long rsa_msgsize, len, len2, len3, cnt, cnt2;
@@ -537,6 +540,11 @@ for (cnt = 0; cnt < len; ) {
      DOX(stat == 0?CRYPT_OK:CRYPT_FAIL_TESTVECTOR, "should fail");
    }
 
+   len3 = sizeof(tmp);
+   DO(base64_decode(_der_tests_cacert_root_cert, _der_tests_cacert_root_cert_size, tmp, &len3));
+
+   DO(rsa_import(tmp, len3, &key));
+
    /* free the key and return */
    rsa_free(&key);
    rsa_free(&pubKey);