abi: force users to explicitly opt-out of exporting Elements functions (1)

Part 1, header changes.

As with the previous c-struct change, by default Elements is enabled and
elements functions are exported from the library. Using
--disable-elements now leaves the Elements functions available, but
calling them will always return WALLY_ERROR.

This behaviour allows installing a system-wide wally built without
Elements support which applications can gracefully detect at runtime via
wally_is_elements_build() and handle by degrading functionality or
failing to start.

To compile the Elements functions out completely, the user must configure
with --disable-elements-abi and define WALLY_ABI_NO_ELEMENTS when including
library headers. This allows e.g. embeddeded/static builds to eliminate
all Elements code entirely.

As before, WALLY_ABI_NO_ELEMENTS builds must not be installed as
system-wide shared libraries. Doing so may result in either memory
corruption at runtime (if no Elements code is used) or linker errors on
startup due to missing Elements calls.

Author: jgriffiths

include/wally_address.h

@@ -274,7 +274,7 @@ WALLY_CORE_API int wally_wif_to_address(
     uint32_t version,
     char **output);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 /**
  * Extract the address from a confidential address.
  *
@@ -366,7 +366,7 @@ WALLY_CORE_API int wally_confidential_addr_from_addr_segwit(
     const unsigned char *pub_key,
     size_t pub_key_len,
     char **output);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 #ifdef __cplusplus
 }

include/wally_bip32.h

@@ -360,7 +360,7 @@ WALLY_CORE_API int bip32_key_from_parent_path_str_n_alloc(
     uint32_t flags,
     struct ext_key **output);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 /**
  * Derive the pub tweak from a parent extended key and a path.
  *
@@ -387,7 +387,7 @@ WALLY_CORE_API int bip32_key_with_tweak_from_parent_path_alloc(
     size_t child_path_len,
     uint32_t flags,
     struct ext_key **output);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 /**
  * Convert an extended key to base58.

include/wally_coinselection.h

@@ -10,7 +10,7 @@ extern "C" {
 /** The maximum number of asset values that can be returned in a coin selection */
 #define WALLY_CS_MAX_ASSETS 256
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 
 /**
  * Select input asset values to meet a given payment target.
@@ -47,7 +47,7 @@ WALLY_CORE_API int wally_coinselect_assets(
     size_t indices_out_len,
     size_t *written);
 
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 #ifdef __cplusplus
 }

include/wally_elements.h

@@ -7,8 +7,6 @@
 extern "C" {
 #endif
 
-#ifdef BUILD_ELEMENTS
-
 #define ASSET_TAG_LEN 32 /** Length of an Asset Tag */
 
 #define BLINDING_FACTOR_LEN 32 /** Length of a Blinding Factor (or blinder) */
@@ -24,6 +22,7 @@ extern "C" {
 #define ASSET_SURJECTIONPROOF_MAX_LEN 162 /** Maximum length of a wally-produced Asset Surjection Proof */
 #define ASSET_EXPLICIT_SURJECTIONPROOF_LEN 67 /** Length of an Explicit Asset Surjection Proof */
 
+#ifndef WALLY_ABI_NO_ELEMENTS
 /**
  * Create an Asset Generator from an either an asset commitment or asset tag plus blinding factor.
  *
@@ -657,7 +656,7 @@ WALLY_CORE_API int wally_asset_pak_whitelistproof_len(
     size_t summed_key_len,
     size_t *written);
 
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 #ifdef __cplusplus
 }

include/wally_psbt.h

@@ -453,7 +453,7 @@ WALLY_CORE_API int wally_psbt_input_set_required_lockheight(
 WALLY_CORE_API int wally_psbt_input_clear_required_lockheight(
     struct wally_psbt_input *input);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 /**
  * Set the unblinded amount in an input.
  *
@@ -1254,7 +1254,7 @@ WALLY_CORE_API int wally_psbt_input_generate_explicit_proofs(
     size_t vbf_len,
     const unsigned char *entropy,
     size_t entropy_len);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 /**
  * Determine if a PSBT input is finalized.
@@ -1416,7 +1416,7 @@ WALLY_CORE_API int wally_psbt_output_set_script(
     const unsigned char *script,
     size_t script_len);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 /**
  * Set the input blinder index in an output.
  *
@@ -1875,7 +1875,7 @@ WALLY_CORE_API int wally_psbt_output_get_blinding_status(
     const struct wally_psbt_output *output,
     uint32_t flags,
     size_t *written);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 /**
  * Allocate and initialize a new PSBT.
@@ -2037,7 +2037,7 @@ WALLY_CORE_API int wally_psbt_set_tx_modifiable_flags(
     struct wally_psbt *psbt,
     uint32_t flags);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 /**
  * Set the scalar offsets in a PSBT.
  *
@@ -2084,7 +2084,7 @@ WALLY_CORE_API int wally_psbt_find_global_scalar(
 WALLY_CORE_API int wally_psbt_set_pset_modifiable_flags(
     struct wally_psbt *psbt,
     uint32_t flags);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 /**
  * Find the index of the PSBT input that spends a given UTXO.

include/wally_psbt_members.h

@@ -16,7 +16,7 @@ WALLY_CORE_API int wally_psbt_get_num_outputs(const struct wally_psbt *psbt, siz
 WALLY_CORE_API int wally_psbt_get_fallback_locktime(const struct wally_psbt *psbt, size_t *written);
 WALLY_CORE_API int wally_psbt_has_fallback_locktime(const struct wally_psbt *psbt, size_t *written);
 WALLY_CORE_API int wally_psbt_get_tx_modifiable_flags(const struct wally_psbt *psbt, size_t *written);
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 WALLY_CORE_API int wally_psbt_get_global_scalars_size(const struct wally_psbt *psbt, size_t *written);
 
 /**
@@ -25,7 +25,7 @@ WALLY_CORE_API int wally_psbt_get_global_scalars_size(const struct wally_psbt *p
 WALLY_CORE_API int wally_psbt_get_global_scalar(const struct wally_psbt *psbt, size_t index, unsigned char *bytes_out, size_t len);
 
 WALLY_CORE_API int wally_psbt_get_pset_modifiable_flags(const struct wally_psbt *psbt, size_t *written);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 /* Inputs */
 WALLY_CORE_API int wally_psbt_get_input_utxo_alloc(const struct wally_psbt *psbt, size_t index, struct wally_tx **output);
@@ -92,7 +92,7 @@ WALLY_CORE_API int wally_psbt_has_input_required_locktime(const struct wally_psb
 WALLY_CORE_API int wally_psbt_set_input_required_lockheight(struct wally_psbt *psbt, size_t index, uint32_t lockheight);
 WALLY_CORE_API int wally_psbt_clear_input_required_lockheight(struct wally_psbt *psbt, size_t index);
 WALLY_CORE_API int wally_psbt_has_input_required_lockheight(const struct wally_psbt *psbt, size_t index, size_t *written);
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 WALLY_CORE_API int wally_psbt_get_input_amount(const struct wally_psbt *psbt, size_t index, uint64_t *value_out);
 WALLY_CORE_API int wally_psbt_get_input_amount_rangeproof(const struct wally_psbt *psbt, size_t index, unsigned char *bytes_out, size_t len, size_t *written);
 WALLY_CORE_API int wally_psbt_get_input_amount_rangeproof_len(const struct wally_psbt *psbt, size_t index, size_t *written);
@@ -164,7 +164,7 @@ WALLY_CORE_API int wally_psbt_clear_input_inflation_keys_blinding_rangeproof(str
 WALLY_CORE_API int wally_psbt_set_input_utxo_rangeproof(struct wally_psbt *psbt, size_t index, const unsigned char *rangeproof, size_t rangeproof_len);
 WALLY_CORE_API int wally_psbt_clear_input_utxo_rangeproof(struct wally_psbt *psbt, size_t index);
 WALLY_CORE_API int wally_psbt_generate_input_explicit_proofs(struct wally_psbt *psbt, size_t index, uint64_t satoshi, const unsigned char *asset, size_t asset_len, const unsigned char *abf, size_t abf_len, const unsigned char *vbf, size_t vbf_len, const unsigned char *entropy, size_t entropy_len);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 /* Outputs */
 WALLY_CORE_API int wally_psbt_get_output_redeem_script(const struct wally_psbt *psbt, size_t index, unsigned char *bytes_out, size_t len, size_t *written);
@@ -192,7 +192,7 @@ WALLY_CORE_API int wally_psbt_set_output_script(struct wally_psbt *psbt, size_t
 WALLY_CORE_API int wally_psbt_set_output_amount(struct wally_psbt *psbt, size_t index, uint64_t amount);
 WALLY_CORE_API int wally_psbt_clear_output_amount(struct wally_psbt *psbt, size_t index);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 WALLY_CORE_API int wally_psbt_get_output_blinder_index(const struct wally_psbt *psbt, size_t index, uint32_t *value_out);
 WALLY_CORE_API int wally_psbt_has_output_blinder_index(const struct wally_psbt *psbt, size_t index, size_t *written);
 WALLY_CORE_API int wally_psbt_get_output_value_commitment(const struct wally_psbt *psbt, size_t index, unsigned char *bytes_out, size_t len, size_t *written);
@@ -236,7 +236,7 @@ WALLY_CORE_API int wally_psbt_clear_output_value_blinding_rangeproof(struct wall
 WALLY_CORE_API int wally_psbt_set_output_asset_blinding_surjectionproof(struct wally_psbt *psbt, size_t index, const unsigned char *surjectionproof, size_t surjectionproof_len);
 WALLY_CORE_API int wally_psbt_clear_output_asset_blinding_surjectionproof(struct wally_psbt *psbt, size_t index);
 WALLY_CORE_API int wally_psbt_get_output_blinding_status(const struct wally_psbt *output, size_t index, uint32_t flags, size_t *written);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 #ifdef __cplusplus
 }
 #endif

include/wally_script.h

@@ -581,7 +581,7 @@ WALLY_CORE_API int wally_witness_program_from_bytes_and_version(
     size_t len,
     size_t *written);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 /**
  * Get the pegout script size.
  *
@@ -649,7 +649,7 @@ WALLY_CORE_API int wally_elements_pegin_contract_script_from_bytes(
     unsigned char *bytes_out,
     size_t len,
     size_t *written);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 #ifdef __cplusplus
 }

include/wally_transaction.h

@@ -850,7 +850,7 @@ WALLY_CORE_API int wally_tx_is_coinbase(
     const struct wally_tx *tx,
     size_t *written);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 /**
  * Set issuance data on an input.
  *
@@ -1340,7 +1340,7 @@ WALLY_CORE_API int wally_tx_elements_issuance_calculate_reissuance_token(
     unsigned char *bytes_out,
     size_t len);
 
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 #ifdef __cplusplus
 }

include/wally_transaction_members.h

@@ -27,7 +27,7 @@ WALLY_CORE_API int wally_tx_input_set_witness(struct wally_tx_input *tx_input, c
 WALLY_CORE_API int wally_tx_input_set_index(struct wally_tx_input *tx_input, uint32_t index);
 WALLY_CORE_API int wally_tx_input_set_sequence(struct wally_tx_input *tx_input, uint32_t sequence);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 
 /**
  * FIXED_SIZED_OUTPUT(len, bytes_out, SHA256_LEN)
@@ -54,7 +54,7 @@ WALLY_CORE_API int wally_tx_input_set_inflation_keys(struct wally_tx_input *tx_i
 WALLY_CORE_API int wally_tx_input_set_inflation_keys_rangeproof(struct wally_tx_input *tx_input_in, const unsigned char *inflation_keys_rangeproof, size_t inflation_keys_rangeproof_len);
 WALLY_CORE_API int wally_tx_input_set_issuance_amount(struct wally_tx_input *tx_input_in, const unsigned char *issuance_amount, size_t issuance_amount_len);
 WALLY_CORE_API int wally_tx_input_set_issuance_amount_rangeproof(struct wally_tx_input *tx_input_in, const unsigned char *issuance_amount_rangeproof, size_t issuance_amount_rangeproof_len);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 /* Output */
 WALLY_CORE_API int wally_tx_output_get_script(const struct wally_tx_output *tx_output_in, unsigned char *bytes_out, size_t len, size_t *written);
@@ -64,7 +64,7 @@ WALLY_CORE_API int wally_tx_output_get_satoshi(const struct wally_tx_output *tx_
 WALLY_CORE_API int wally_tx_output_set_script(struct wally_tx_output *tx_output_in, const unsigned char *script, size_t script_len);
 WALLY_CORE_API int wally_tx_output_set_satoshi(struct wally_tx_output *tx_output_in, uint64_t satoshi);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 WALLY_CORE_API int wally_tx_output_get_asset(const struct wally_tx_output *tx_output_in, unsigned char *bytes_out, size_t len);
 WALLY_CORE_API int wally_tx_output_get_asset_len(const struct wally_tx_output *tx_output_in, size_t *written);
 WALLY_CORE_API int wally_tx_output_get_value(const struct wally_tx_output *tx_output_in, unsigned char *bytes_out, size_t len, size_t *written);
@@ -81,7 +81,7 @@ WALLY_CORE_API int wally_tx_output_set_value(struct wally_tx_output *tx_output_i
 WALLY_CORE_API int wally_tx_output_set_nonce(struct wally_tx_output *tx_output_in, const unsigned char *nonce, size_t nonce_len);
 WALLY_CORE_API int wally_tx_output_set_surjectionproof(struct wally_tx_output *tx_output_in, const unsigned char *surjectionproof, size_t surjectionproof_len);
 WALLY_CORE_API int wally_tx_output_set_rangeproof(struct wally_tx_output *tx_output_in, const unsigned char *rangeproof, size_t rangeproof_len);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 /* Transaction */
 WALLY_CORE_API int wally_tx_get_version(const struct wally_tx *tx_in, size_t *written);
@@ -107,7 +107,7 @@ WALLY_CORE_API int wally_tx_set_input_index(const struct wally_tx *tx_in, size_t
 WALLY_CORE_API int wally_tx_set_input_sequence(const struct wally_tx *tx_in, size_t index, uint32_t sequence);
 WALLY_CORE_API int wally_tx_set_input_txhash(const struct wally_tx *tx_in, size_t index, const unsigned char *txhash, size_t txhash_len);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 
 /**
  * FIXED_SIZED_OUTPUT(len, bytes_out, SHA256_LEN)
@@ -134,7 +134,7 @@ WALLY_CORE_API int wally_tx_set_input_inflation_keys(const struct wally_tx *tx_i
 WALLY_CORE_API int wally_tx_set_input_inflation_keys_rangeproof(const struct wally_tx *tx_in, size_t index, const unsigned char *inflation_keys_rangeproof, size_t inflation_keys_rangeproof_len);
 WALLY_CORE_API int wally_tx_set_input_issuance_amount(const struct wally_tx *tx_in, size_t index, const unsigned char *issuance_amount, size_t issuance_amount_len);
 WALLY_CORE_API int wally_tx_set_input_issuance_amount_rangeproof(const struct wally_tx *tx_in, size_t index, const unsigned char *issuance_amount_rangeproof, size_t issuance_amount_rangeproof_len);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 /* Transaction Outputs */
 WALLY_CORE_API int wally_tx_get_output_script(const struct wally_tx *tx_in, size_t index, unsigned char *bytes_out, size_t len, size_t *written);
@@ -144,7 +144,7 @@ WALLY_CORE_API int wally_tx_get_output_satoshi(const struct wally_tx *tx_in, siz
 WALLY_CORE_API int wally_tx_set_output_script(const struct wally_tx *tx_in, size_t index, const unsigned char *script, size_t script_len);
 WALLY_CORE_API int wally_tx_set_output_satoshi(const struct wally_tx *tx_in, size_t index, uint64_t satoshi);
 
-#ifdef BUILD_ELEMENTS
+#ifndef WALLY_ABI_NO_ELEMENTS
 
 /**
  * FIXED_SIZED_OUTPUT(len, bytes_out, WALLY_TX_ASSET_CT_ASSET_LEN)
@@ -173,7 +173,7 @@ WALLY_CORE_API int wally_tx_set_output_value(const struct wally_tx *tx_in, size_
 WALLY_CORE_API int wally_tx_set_output_nonce(const struct wally_tx *tx_in, size_t index, const unsigned char *nonce, size_t nonce_len);
 WALLY_CORE_API int wally_tx_set_output_surjectionproof(const struct wally_tx *tx_in, size_t index, const unsigned char *surjectionproof, size_t surjectionproof_len);
 WALLY_CORE_API int wally_tx_set_output_rangeproof(const struct wally_tx *tx_in, size_t index, const unsigned char *rangeproof, size_t rangeproof_len);
-#endif /* BUILD_ELEMENTS */
+#endif /* WALLY_ABI_NO_ELEMENTS */
 
 
 #ifdef __cplusplus

src/internal.h

@@ -2,6 +2,12 @@
 #define LIBWALLY_INTERNAL_H
 
 #include <include/wally_core.h>
+
+#ifdef BUILD_ELEMENTS
+#ifdef WALLY_ABI_NO_ELEMENTS
+#error "WALLY_ABI_NO_ELEMENTS cannot be defined if BUILD_ELEMENTS is defined"
+#endif
+#endif
 #include "secp256k1/include/secp256k1.h"
 #include "secp256k1/include/secp256k1_recovery.h"
 #include "secp256k1/include/secp256k1_extrakeys.h"