From 7be304acdb36feddccb2b1d324c67fd1cefdfe2a Mon Sep 17 00:00:00 2001
From: "Ralf S. Engelschall" <rse@openssl.org>
Date: Wed, 24 Feb 1999 17:17:31 +0000
Subject: Make `openssl x509 -noout -modulus' functional also for DSA
 certificates (in addition to RSA certificates) to match the behaviour of
 `openssl dsa -noout -modulus' as it's already the case for `openssl rsa
 -noout -modulus'.  For RSA the -modulus is the real "modulus" while for DSA
 currently the public key is printed (a decision which was already done by
 `openssl dsa -modulus' in the past) which serves a similar purpose. 
 Additionally the NO_RSA no longer completely removes the whole -modulus
 option; it now only avoids using the RSA stuff. Same applies to NO_DSA now,
 too.

---
 apps/x509.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'apps')

diff --git a/apps/x509.c b/apps/x509.c
index c4e4890..c20d213 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -468,7 +468,6 @@ bad:
 				BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
 				}
 			else
-#ifndef NO_RSA
 				if (modulus == i)
 				{
 				EVP_PKEY *pkey;
@@ -481,15 +480,21 @@ bad:
 					goto end;
 					}
 				BIO_printf(STDout,"Modulus=");
+#ifndef NO_RSA
 				if (pkey->type == EVP_PKEY_RSA)
 					BN_print(STDout,pkey->pkey.rsa->n);
 				else
+#endif
+#ifndef NO_DSA
+				if (pkey->type == EVP_PKEY_DSA)
+					BN_print(STDout,pkey->pkey.dsa->pub_key);
+				else
+#endif
 					BIO_printf(STDout,"Wrong Algorithm type");
 				BIO_printf(STDout,"\n");
 				EVP_PKEY_free(pkey);
 				}
 			else
-#endif
 				if (C == i)
 				{
 				unsigned char *d;
-- 
cgit v1.1