PAK list: add asset_pak_whitelistproof_len for wrapper code

This also fixes the error checks for length computation rather than
returning an incorrect length.

Author: jgriffiths

include/wally.hpp

@@ -1814,6 +1814,13 @@ inline int asset_pak_whitelistproof(const ONLINE_KEYS& online_keys, const OFFLIN
     return written || ret != WALLY_OK ? ret : n == static_cast<size_t>(bytes_out.size()) ? WALLY_OK : WALLY_EINVAL;
 }
 
+template <class ONLINE_KEYS, class OFFLINE_KEYS, class SUB_PUBKEY, class ONLINE_PRIV_KEY, class SUMMED_KEY>
+inline int asset_pak_whitelistproof_len(const ONLINE_KEYS& online_keys, const OFFLINE_KEYS& offline_keys, size_t key_index, const SUB_PUBKEY& sub_pubkey, const ONLINE_PRIV_KEY& online_priv_key, const SUMMED_KEY& summed_key, size_t* written = 0) {
+    size_t n;
+    int ret = ::wally_asset_pak_whitelistproof_len(online_keys.data(), online_keys.size(), offline_keys.data(), offline_keys.size(), key_index, sub_pubkey.data(), sub_pubkey.size(), online_priv_key.data(), online_priv_key.size(), summed_key.data(), summed_key.size(), written ? written : &n);
+    return written || ret != WALLY_OK ? ret : n == static_cast<size_t>(summed_key.size()) ? WALLY_OK : WALLY_EINVAL;
+}
+
 inline int asset_pak_whitelistproof_size(size_t num_keys, size_t* written) {
     int ret = ::wally_asset_pak_whitelistproof_size(num_keys, written);
     return ret;

include/wally_elements.h

@@ -466,32 +466,34 @@ WALLY_CORE_API int wally_asset_blinding_key_to_ec_private_key(
     size_t len);
 
 /**
- * Calculate the size in bytes of the whitelist proof.
+ * Calculate the size in bytes of a whitelist proof.
  *
  * :param num_keys: The number of offline/online keys.
  * :param written: Destination for the number of bytes needed for the proof.
+ *
+ * .. note:: This function is a simpler variant of `wally_asset_pak_whitelistproof_len`.
  */
 WALLY_CORE_API int wally_asset_pak_whitelistproof_size(
     size_t num_keys,
     size_t *written);
 
 /**
- * Generate the whitelist proof for the pegout script.
+ * Generate a whitelist proof for a pegout script.
  *
- * :param online_keys: The list of online keys.
- * :param online_keys_len: Length of ``online_keys_len`` in bytes. Must be a multiple of ``EC_PUBLIC_KEY_LEN``.
- * :param offline_keys: The list of offline keys.
- * :param offline_keys_len: Length of ``offline_keys_len`` in bytes. Must be a multiple of ``EC_PUBLIC_KEY_LEN``.
- * :param key_index: The index in the PAK list of the key signing this whitelist proof
- * :param sub_pubkey: The key to be whitelisted.
+ * :param online_keys: The list of concatenated online keys.
+ * :param online_keys_len: Length of ``online_keys`` in bytes. Must be a multiple of ``EC_PUBLIC_KEY_LEN``.
+ * :param offline_keys: The list of concatenated offline keys.
+ * :param offline_keys_len: Length of ``offline_keys`` in bytes. Must match ``online_keys_len``.
+ * :param key_index: The index in the PAK list of the key signing this whitelist proof.
+ * :param sub_pubkey: The public key to be whitelisted.
  * :param sub_pubkey_len: Length of ``sub_pubkey`` in bytes. Must be ``EC_PUBLIC_KEY_LEN``.
  * :param online_priv_key: The secret key to the signer's online pubkey.
  * :param online_priv_key_len: Length of ``online_priv_key`` in bytes. Must be ``EC_PRIVATE_KEY_LEN``.
  * :param summed_key: The secret key to the sum of (whitelisted key, signer's offline pubkey).
  * :param summed_key_len: Length of ``summed_key`` in bytes. Must be ``EC_PRIVATE_KEY_LEN``.
  * :param bytes_out: Destination for the resulting whitelist proof.
  * :param len: Length of ``bytes_out`` in bytes.
- * :param written: Number of bytes actually written to ``bytes_out``.
+ * :param written: Destination for the number of bytes written to ``bytes_out``.
  */
 WALLY_CORE_API int wally_asset_pak_whitelistproof(
     const unsigned char *online_keys,
@@ -509,6 +511,38 @@ WALLY_CORE_API int wally_asset_pak_whitelistproof(
     size_t len,
     size_t *written);
 
+/**
+ * Calculate the size in bytes of a whitelist proof.
+ *
+ * :param online_keys: The list of concatenated online keys.
+ * :param online_keys_len: Length of ``online_keys`` in bytes. Must be a multiple of ``EC_PUBLIC_KEY_LEN``.
+ * :param offline_keys: The list of concatenated offline keys.
+ * :param offline_keys_len: Length of ``offline_keys`` in bytes. Must match ``online_keys_len``.
+ * :param key_index: The index in the PAK list of the key signing this whitelist proof.
+ * :param sub_pubkey: The public key to be whitelisted.
+ * :param sub_pubkey_len: Length of ``sub_pubkey`` in bytes. Must be ``EC_PUBLIC_KEY_LEN``.
+ * :param online_priv_key: The secret key to the signer's online pubkey.
+ * :param online_priv_key_len: Length of ``online_priv_key`` in bytes. Must be ``EC_PRIVATE_KEY_LEN``.
+ * :param summed_key: The secret key to the sum of (whitelisted key, signer's offline pubkey).
+ * :param summed_key_len: Length of ``summed_key`` in bytes. Must be ``EC_PRIVATE_KEY_LEN``.
+ * :param written: Destination for resulting proof size in bytes.
+ *
+ * .. note:: Use `wally_asset_pak_whitelistproof_size` for a simpler call interface.
+ */
+WALLY_CORE_API int wally_asset_pak_whitelistproof_len(
+    const unsigned char *online_keys,
+    size_t online_keys_len,
+    const unsigned char *offline_keys,
+    size_t offline_keys_len,
+    size_t key_index,
+    const unsigned char *sub_pubkey,
+    size_t sub_pubkey_len,
+    const unsigned char *online_priv_key,
+    size_t online_priv_key_len,
+    const unsigned char *summed_key,
+    size_t summed_key_len,
+    size_t *written);
+
 #endif /* BUILD_ELEMENTS */
 
 #ifdef __cplusplus

src/elements.c

@@ -715,33 +715,24 @@ int wally_asset_blinding_key_to_ec_private_key(
     return ret;
 }
 
-int wally_asset_pak_whitelistproof_size(
-    size_t num_keys,
-    size_t *written)
+int wally_asset_pak_whitelistproof_size(size_t num_keys, size_t *written)
 {
-    if (!written)
+    if (written)
+        *written = 0;
+    if (!written || num_keys > SECP256K1_WHITELIST_MAX_N_KEYS)
         return WALLY_EINVAL;
-
     *written = 1 + 32 * (1 + num_keys);
-
     return WALLY_OK;
 }
 
 int wally_asset_pak_whitelistproof(
-    const unsigned char *online_keys,
-    size_t online_keys_len,
-    const unsigned char *offline_keys,
-    size_t offline_keys_len,
+    const unsigned char *online_keys, size_t online_keys_len,
+    const unsigned char *offline_keys, size_t offline_keys_len,
     size_t key_index,
-    const unsigned char *sub_pubkey,
-    size_t sub_pubkey_len,
-    const unsigned char *online_priv_key,
-    size_t online_priv_key_len,
-    const unsigned char *summed_key,
-    size_t summed_key_len,
-    unsigned char *bytes_out,
-    size_t len,
-    size_t *written)
+    const unsigned char *sub_pubkey, size_t sub_pubkey_len,
+    const unsigned char *online_priv_key, size_t online_priv_key_len,
+    const unsigned char *summed_key, size_t summed_key_len,
+    unsigned char *bytes_out, size_t len, size_t *written)
 {
     const secp256k1_context *ctx = secp_ctx();
     secp256k1_pubkey online_secp_keys[SECP256K1_WHITELIST_MAX_N_KEYS];
@@ -799,4 +790,22 @@ int wally_asset_pak_whitelistproof(
     return ret;
 }
 
+int wally_asset_pak_whitelistproof_len(
+    const unsigned char *online_keys, size_t online_keys_len,
+    const unsigned char *offline_keys, size_t offline_keys_len,
+    size_t key_index,
+    const unsigned char *sub_pubkey, size_t sub_pubkey_len,
+    const unsigned char *online_priv_key, size_t online_priv_key_len,
+    const unsigned char *summed_key, size_t summed_key_len,
+    size_t *written)
+{
+    unsigned char buff[1]; /* Undersized: we only want the length */
+    return wally_asset_pak_whitelistproof(online_keys, online_keys_len,
+                                          offline_keys, offline_keys_len,
+                                          key_index,
+                                          sub_pubkey, sub_pubkey_len,
+                                          online_priv_key, online_priv_key_len,
+                                          summed_key, summed_key_len,
+                                          buff, sizeof(buff), written);
+}
 #endif /* BUILD_ELEMENTS */

src/swig_java/swig.i

@@ -1038,6 +1038,7 @@ static jbyteArray create_jintArray(JNIEnv *jenv, const uint32_t* p, size_t len)
 %returns_size_t(wally_witness_program_from_bytes_and_version);
 %returns_array_(wally_symmetric_key_from_seed, 3, 4, HMAC_SHA512_LEN);
 %returns_array_(wally_symmetric_key_from_parent, 6, 7, HMAC_SHA512_LEN);
+%returns_size_t(wally_asset_pak_whitelistproof_len);
 %returns_size_t(wally_asset_pak_whitelistproof_size);
 %returns_size_t(wally_asset_pak_whitelistproof);
 %returns_array_(wally_s2c_sig_from_bytes, 10, 11, EC_SIGNATURE_LEN);

src/swig_python/python_extra.py_in

@@ -271,9 +271,7 @@ if is_elements_build():
     asset_surjectionproof = _wrap_bin(asset_surjectionproof, _asset_surjectionproof_len_fn, resize=True)
     asset_blinding_key_from_seed = _wrap_bin(asset_blinding_key_from_seed, HMAC_SHA512_LEN)
     asset_blinding_key_to_ec_private_key = _wrap_bin(asset_blinding_key_to_ec_private_key, EC_PRIVATE_KEY_LEN)
-    def _asset_pak_whitelistproof_len_fn(on_keys, off_keys, idx, sub_pubkey, priv_key, summed_key):
-        return asset_pak_whitelistproof_size(len(off_keys) // EC_PUBLIC_KEY_LEN)
-    asset_pak_whitelistproof = _wrap_bin(asset_pak_whitelistproof, _asset_pak_whitelistproof_len_fn)
+    asset_pak_whitelistproof = _wrap_bin(asset_pak_whitelistproof, asset_pak_whitelistproof_len, resize=True)
 
     def _asset_unblind_fn(fn):
         def wrapped(*args):

src/test/util.py

@@ -265,6 +265,7 @@ class wally_psbt(Structure):
     ('wally_asset_final_vbf', c_int, [POINTER(c_uint64), c_size_t, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t]),
     ('wally_asset_generator_from_bytes', c_int, [c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t]),
     ('wally_asset_pak_whitelistproof', c_int, [c_void_p, c_size_t, c_void_p, c_size_t, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_size_t_p]),
+    ('wally_asset_pak_whitelistproof_len', c_int, [c_void_p, c_size_t, c_void_p, c_size_t, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_size_t_p]),
     ('wally_asset_pak_whitelistproof_size', c_int, [c_size_t, c_size_t_p]),
     ('wally_asset_rangeproof', c_int, [c_uint64, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_uint64, c_int, c_int, c_void_p, c_size_t, c_size_t_p]),
     ('wally_asset_rangeproof_with_nonce', c_int, [c_uint64, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_void_p, c_size_t, c_uint64, c_int, c_int, c_void_p, c_size_t, c_size_t_p]),

src/wasm_package/functions.js

@@ -305,7 +305,6 @@ def gen_wasm_package(funcs):
         'wally_scriptpubkey_csv_2of3_then_2_from_bytes': 'scriptpubkey_csv_2of3_then_2_from_bytes_len, true',
 
         'wally_asset_surjectionproof': 'asset_surjectionproof_len, true',
-        'wally_asset_pak_whitelistproof': 'asset_pak_whitelistproof_len, false',
         'wally_elements_pegout_script_from_bytes': 'elements_pegout_script_from_bytes_len, true',
         'wally_elements_pegin_contract_script_from_bytes': 'elements_pegin_contract_script_from_bytes_len, true',
     }
@@ -485,4 +484,4 @@ def get_function_defs(non_elements, internal_only):
     gen_wally_hpp(external_funcs)
 
     gen_wasm_exports(all_funcs)
-    gen_wasm_package(all_funcs)
+    gen_wasm_package(all_funcs)

tools/build_wrappers.py

@@ -423,6 +423,7 @@ if [ -n "$ENABLE_ELEMENTS" ]; then
 ,'_wally_asset_final_vbf' \
 ,'_wally_asset_generator_from_bytes' \
 ,'_wally_asset_pak_whitelistproof' \
+,'_wally_asset_pak_whitelistproof_len' \
 ,'_wally_asset_pak_whitelistproof_size' \
 ,'_wally_asset_rangeproof' \
 ,'_wally_asset_rangeproof_with_nonce' \