Improve handling of revoked manifests:

Manifests which are revoked can include ephemeral keys although doing so does not make sense: a revoked manifest isn't used for signing and so don't need to define an ephemeral key.
2025-12-02 00:15:50 +00:00 · 2019-07-01 10:09:33 -04:00
parent 3acbd84f1d
commit 6d8988b78a
4 changed files with 10 additions and 6 deletions
--- a/src/ripple/app/misc/Manifest.h
+++ b/src/ripple/app/misc/Manifest.h
@@ -108,7 +108,7 @@ struct Manifest
    bool revoked () const;

    /// Returns manifest signature
-    Blob getSignature () const;
+    boost::optional<Blob> getSignature () const;

    /// Returns manifest master key signature
    Blob getMasterSignature () const;
--- a/src/ripple/app/misc/NetworkOPs.cpp
+++ b/src/ripple/app/misc/NetworkOPs.cpp
@@ -1580,10 +1580,12 @@ void NetworkOPsImp::pubManifest (Manifest const& mo)
        jvObj [jss::type]             = "manifestReceived";
        jvObj [jss::master_key]       = toBase58(
            TokenType::NodePublic, mo.masterKey);
-        jvObj [jss::signing_key]      = toBase58(
-            TokenType::NodePublic, mo.signingKey);
+        if (!mo.signingKey.empty())
+            jvObj[jss::signing_key] =
+                toBase58(TokenType::NodePublic, mo.signingKey);
        jvObj [jss::seq]              = Json::UInt (mo.sequence);
-        jvObj [jss::signature]        = strHex (mo.getSignature ());
+        if (auto sig = mo.getSignature())
+            jvObj [jss::signature] = strHex (*sig);
        jvObj [jss::master_signature] = strHex (mo.getMasterSignature ());

        for (auto i = mStreamMaps[sManifests].begin ();
--- a/src/ripple/app/misc/impl/Manifest.cpp
+++ b/src/ripple/app/misc/impl/Manifest.cpp
@@ -215,11 +215,13 @@ bool Manifest::revoked () const
    return sequence == std::numeric_limits<std::uint32_t>::max ();
 }

-Blob Manifest::getSignature () const
+boost::optional<Blob> Manifest::getSignature () const
 {
    STObject st (sfGeneric);
    SerialIter sit (serialized.data (), serialized.size ());
    st.set (sit);
+    if (!get(st, sfSignature))
+        return boost::none;
    return st.getFieldVL (sfSignature);
 }

--- a/src/test/app/Manifest_test.cpp
+++ b/src/test/app/Manifest_test.cpp
@@ -383,7 +383,7 @@ public:
        ss.add32(HashPrefix::manifest);
        st.addWithoutSigningFields(ss);
        auto const sig = sign(KeyType::secp256k1, kp.second, ss.slice());
-        BEAST_EXPECT(strHex(sig) == strHex(m.getSignature()));
+        BEAST_EXPECT(strHex(sig) == strHex(*m.getSignature()));

        auto const masterSig = sign(KeyType::ed25519, sk, ss.slice());
        BEAST_EXPECT(strHex(masterSig) == strHex(m.getMasterSignature()));