From 6d8988b78a0b07030d833a10e46f373810a26944 Mon Sep 17 00:00:00 2001
From: seelabs <scott.determan@yahoo.com>
Date: Mon, 1 Jul 2019 10:09:33 -0400
Subject: [PATCH] Improve handling of revoked manifests:

Manifests which are revoked can include ephemeral keys although doing
so does not make sense: a revoked manifest isn't used for signing and
so don't need to define an ephemeral key.
---
 src/ripple/app/misc/Manifest.h        | 2 +-
 src/ripple/app/misc/NetworkOPs.cpp    | 8 +++++---
 src/ripple/app/misc/impl/Manifest.cpp | 4 +++-
 src/test/app/Manifest_test.cpp        | 2 +-
 4 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/src/ripple/app/misc/Manifest.h b/src/ripple/app/misc/Manifest.h
index ff743fcc3e..6635360d9d 100644
--- a/src/ripple/app/misc/Manifest.h
+++ b/src/ripple/app/misc/Manifest.h
@@ -108,7 +108,7 @@ struct Manifest
     bool revoked () const;
 
     /// Returns manifest signature
-    Blob getSignature () const;
+    boost::optional<Blob> getSignature () const;
 
     /// Returns manifest master key signature
     Blob getMasterSignature () const;
diff --git a/src/ripple/app/misc/NetworkOPs.cpp b/src/ripple/app/misc/NetworkOPs.cpp
index 7477d4cec5..fc97408973 100644
--- a/src/ripple/app/misc/NetworkOPs.cpp
+++ b/src/ripple/app/misc/NetworkOPs.cpp
@@ -1580,10 +1580,12 @@ void NetworkOPsImp::pubManifest (Manifest const& mo)
         jvObj [jss::type]             = "manifestReceived";
         jvObj [jss::master_key]       = toBase58(
             TokenType::NodePublic, mo.masterKey);
-        jvObj [jss::signing_key]      = toBase58(
-            TokenType::NodePublic, mo.signingKey);
+        if (!mo.signingKey.empty())
+            jvObj[jss::signing_key] =
+                toBase58(TokenType::NodePublic, mo.signingKey);
         jvObj [jss::seq]              = Json::UInt (mo.sequence);
-        jvObj [jss::signature]        = strHex (mo.getSignature ());
+        if (auto sig = mo.getSignature())
+            jvObj [jss::signature] = strHex (*sig);
         jvObj [jss::master_signature] = strHex (mo.getMasterSignature ());
 
         for (auto i = mStreamMaps[sManifests].begin ();
diff --git a/src/ripple/app/misc/impl/Manifest.cpp b/src/ripple/app/misc/impl/Manifest.cpp
index 8dcd0d0851..94adf516a4 100644
--- a/src/ripple/app/misc/impl/Manifest.cpp
+++ b/src/ripple/app/misc/impl/Manifest.cpp
@@ -215,11 +215,13 @@ bool Manifest::revoked () const
     return sequence == std::numeric_limits<std::uint32_t>::max ();
 }
 
-Blob Manifest::getSignature () const
+boost::optional<Blob> Manifest::getSignature () const
 {
     STObject st (sfGeneric);
     SerialIter sit (serialized.data (), serialized.size ());
     st.set (sit);
+    if (!get(st, sfSignature))
+        return boost::none;
     return st.getFieldVL (sfSignature);
 }
 
diff --git a/src/test/app/Manifest_test.cpp b/src/test/app/Manifest_test.cpp
index 61eb6dfaee..0abb45cf0f 100644
--- a/src/test/app/Manifest_test.cpp
+++ b/src/test/app/Manifest_test.cpp
@@ -383,7 +383,7 @@ public:
         ss.add32(HashPrefix::manifest);
         st.addWithoutSigningFields(ss);
         auto const sig = sign(KeyType::secp256k1, kp.second, ss.slice());
-        BEAST_EXPECT(strHex(sig) == strHex(m.getSignature()));
+        BEAST_EXPECT(strHex(sig) == strHex(*m.getSignature()));
 
         auto const masterSig = sign(KeyType::ed25519, sk, ss.slice());
         BEAST_EXPECT(strHex(masterSig) == strHex(m.getMasterSignature()));