On Thu, 1 Apr 2021 16:25:49 GMT, Hai-May Chao <hc...@openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 1941:
>>
>>> 1939: signerFlag = true;
>>> 1940:
>>> 1941: if (keyStore.containsAlias(signerAlias) == false) {
>>
>> It's probably more precise to make sure the entry is a `PrivateKeyEntry`
>> because we have other entries like `TrustedCertificateEntry` and
>> `SecretKeyEntry`. Or you can double check this below to ensure both
>> `signerPrivateKey` and `signerCert` are non null.
>
> As `RecoveryKey()` will make sure if the entry exists in the keystore and is
> a `PrivateKeyEntry`, removed this checking and updated to check for if
> `signerCert` is null.
Yes, it must be a private key entry. On the other hand, I think it's
unnecessary to check about the `signerCert`. I don't think it'll be ever null.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3281
