Address issues identified by external review:

* RIPD-1617, RIPD-1619, RIPD-1621:
  Verify serialized public keys more strictly before
  using them.

* RIPD-1618:
    * Simplify the base58 decoder logic.
    * Reduce the complexity of the base58 encoder and
      eliminate a potential out-of-bounds memory access.
    * Improve type safety by using an `enum class` to
      enforce strict type checking for token types.

* RIPD-1616:
  Avoid calling `memcpy` with a null pointer even if the
  size is specified as zero, since it results in undefined
  behavior.

Acknowledgements:
Ripple thanks Guido Vranken for responsibly disclosing these
issues.

Bug Bounties and Responsible Disclosures:
We welcome reviews of the rippled code and urge researchers
to responsibly disclose any issues that they may find. For
more on Ripple's Bug Bounty program, please visit:
https://ripple.com/bug-bounty

src/test/rpc/AccountCurrencies_test.cpp

@@ -69,7 +69,7 @@ class AccountCurrencies_test : public beast::unit_test::suite
         { // strict mode, using properly formatted bitcoin token
             Json::Value params;
             params[jss::account] = base58EncodeTokenBitcoin (
-                TOKEN_ACCOUNT_ID, alice.id().data(), alice.id().size());
+                TokenType::AccountID, alice.id().data(), alice.id().size());
             params[jss::strict] = true;
             auto const result = env.rpc ("json", "account_currencies",
                 boost::lexical_cast<std::string>(params)) [jss::result];

src/test/rpc/KeyGeneration_test.cpp

@@ -308,7 +308,7 @@ public:
             (keyType ? *keyType : "no key_type"));
 
         auto const publicKey = parseBase58<PublicKey>(
-            TokenType::TOKEN_ACCOUNT_PUBLIC, strings.public_key);
+            TokenType::AccountPublic, strings.public_key);
         BEAST_EXPECT(publicKey);
 
         if (!keyType)

src/test/rpc/NoRippleCheck_test.cpp

@@ -112,7 +112,7 @@ class NoRippleCheck_test : public beast::unit_test::suite
           // parsing as a seed to fail
             Json::Value params;
             params[jss::account] =
-                toBase58 (TokenType::TOKEN_NODE_PRIVATE, alice.sk());
+                toBase58 (TokenType::NodePrivate, alice.sk());
             params[jss::role] = "user";
             params[jss::ledger] = "current";
             auto const result = env.rpc ("json", "noripple_check",

src/test/rpc/Peers_test.cpp

@@ -58,7 +58,7 @@ class Peers_test : public beast::unit_test::suite
                 200,
                 env.timeKeeper().now() - 10s);
             nodes.insert( std::make_pair(
-                toBase58(TokenType::TOKEN_NODE_PUBLIC, kp.first), name));
+                toBase58(TokenType::NodePublic, kp.first), name));
         }
 
         // make request, verify nodes we created match

src/test/rpc/Subscribe_test.cpp

@@ -327,7 +327,7 @@ public:
             return;
 
         std::string const valPublicKey =
-            toBase58 (TokenType::TOKEN_NODE_PUBLIC,
+            toBase58 (TokenType::NodePublic,
                 derivePublicKey (KeyType::secp256k1,
                     generateSecretKey (KeyType::secp256k1, *parsedseed)));
 

src/test/rpc/ValidatorRPC_test.cpp

@@ -183,7 +183,7 @@ public:
         using address_type = boost::asio::ip::address;
 
         auto toStr = [](PublicKey const& publicKey) {
-            return toBase58(TokenType::TOKEN_NODE_PUBLIC, publicKey);
+            return toBase58(TokenType::NodePublic, publicKey);
         };
 
         // Publisher manifest/signing keys