handle having no trust anchors more gracefully.

diff --git a/src/com/verisign/cl/DNSSECValTool.java b/src/com/verisign/cl/DNSSECValTool.java
index e29bf4a..be4cdb8 100644 (file)
--- a/src/com/verisign/cl/DNSSECValTool.java
+++ b/src/com/verisign/cl/DNSSECValTool.java
@@ -203,6 +203,12 @@ public class DNSSECValTool {
         }
 
         // Log our set of trusted keys
+        List<String> trustedKeys = validator.listTrustedKeys();
+        if (trustedKeys.size() == 0) {
+            System.err.println("ERROR: no trusted keys found/provided.");
+            return;
+        }
+
         for (String key : validator.listTrustedKeys()) {
             System.out.println("Trusted Key: " + key);
         }

diff --git a/src/com/verisign/tat/dnssec/TrustAnchorStore.java b/src/com/verisign/tat/dnssec/TrustAnchorStore.java
index 9e30fb9..bd35e78 100644 (file)
--- a/src/com/verisign/tat/dnssec/TrustAnchorStore.java
+++ b/src/com/verisign/tat/dnssec/TrustAnchorStore.java
@@ -86,6 +86,10 @@ public class TrustAnchorStore {
     public List<String> listTrustAnchors() {
         List<String> res = new ArrayList<String>();
 
+        if (mMap == null) {
+            return res;
+        }
+
         for (Map.Entry<String, SRRset> entry : mMap.entrySet()) {
             for (Iterator<Record> i = entry.getValue().rrs(); i.hasNext();) {
                 DNSKEYRecord r = (DNSKEYRecord) i.next();