diff --git a/MANIFEST b/MANIFEST
index bae4102..5cdbdc8 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -18,6 +18,7 @@ t/error.t
 t/error_queue.t
 t/fakelib/Crypt/OpenSSL/Bignum.pm
 t/format.t
+t/get_key_parameters.t
 t/key_lifecycle.t
 t/keygen.t
 t/padding.t
diff --git a/RSA.xs b/RSA.xs
index 4c5e27f..e2ed373 100644
--- a/RSA.xs
+++ b/RSA.xs
@@ -1096,7 +1096,9 @@ PPCODE:
     EVP_PKEY_get_bn_param(rsa, OSSL_PKEY_PARAM_RSA_EXPONENT1, &dmp1);
     EVP_PKEY_get_bn_param(rsa, OSSL_PKEY_PARAM_RSA_EXPONENT2, &dmq1);
     EVP_PKEY_get_bn_param(rsa, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &iqmp);
-    /* Drain any errors pushed by expected failures on public keys. */
+    /* Failed calls (e.g. private params on a public key) push errors
+       onto the OpenSSL error queue.  Drain them so they don't leak
+       into the next croakSsl() call from an unrelated operation. */
     ERR_clear_error();
 #else
     RSA_get0_key(rsa, &n, &e, &d);