Correct macOS packaging, paper wallets, mnemonic language deduction

Author: pjkundert

GNUmakefile

@@ -10,15 +10,24 @@ APPLEID		?= [email protected]
 TEAMID		?= ZD8TVTCXDS
 # The unique App ID assigned by App Store Connect, under App Information (NOT your Apple ID!!)
 APPID		?= 1608360813
-#DEVID		?= 3rd Party Mac Developer Application: Perry Kundert ($(TEAMID))
 #DEVID		?= Developer ID Application: Perry Kundert ($(TEAMID))
-DEVID		?= DDB5489E29389E9081E0A2FD83B6555D1B101829
+#DEVID		?= DDB5489E29389E9081E0A2FD83B6555D1B101829
+#DEVID		?= 3rd Party Mac Developer Application: Perry Kundert ($(TEAMID))
+#DEVID		?= A5DE932A0649AE3B6F06A8134F3E19D2E19A8196
+# Developer ID Application (not for Mac App Store)
+DEVID		?= EAA134BE299C43D27E33E2B8645FF4CF55DE8A92
+
 #PKGID		?= 3rd Party Mac Developer Installer: Perry Kundert ($(TEAMID))
+#PKGID		?= 1B482CEB543825C33C366A5665B935D3CEC9FD05
+
 PKGID		?= Developer ID Installer: Perry Kundert ($(TEAMID))
-DSTID		?= Apple Distribution: Perry Kundert ($(TEAMID))
+
+
 BUNDLEID	?= ca.kundert.perry.SLIP39
 APIISSUER	?= 5f3b4519-83ae-4e01-8d31-f7db26f68290
 APIKEY		?= 5H98J7LKPC
+#PROVISION	?= ~/Documents/Apple/Certificates/SLIP39_Mac_App_Store_Provisioning.provisionprofile
+PROVISION	?= ~/Documents/Apple/Certificates/SLIP39_Mac_General_Provisioning.provisionprofile
 
 # Various cx_Freeze targets are at paths with computed extensions, eg: build/exe.win-amd64-3.10/
 CXFREEZE_VER	?= 3.10
@@ -385,12 +394,15 @@ dist/SLIP-39-$(VERSION).dmg.upload-app: dist/SLIP-39-$(VERSION).dmg dist/SLIP-39
 # Must copy the app w/ ditto, into a target dir structure including the destination location, eg. /Applications/SLIP-39.app/...
 # 
 dist/SLIP-39-$(VERSION).pkg:	dist/SLIP-39.app
-	rm -rf /tmp/SLIP-39
-	ditto $< /tmp/SLIP-39/Applications/SLIP-39.app
-	productbuild --sign "$(PKGID)" --timestamp \
+	#rm -rf /tmp/SLIP-39-pkg
+	#ditto $< /tmp/SLIP-39-pkg/SLIP-39.app
+	productbuild \
+	    --sign "$(PKGID)" \
+	    --timestamp \
 	    --identifier "$(BUNDLEID).pkg" \
 	    --version $(VERSION) \
-	    --root /tmp/SLIP-39/Applications/ / $@
+	    --root "$<" "/Applications/SLIP-39.app/" \
+	    $@
 
 
 # Confirm that the .pkg is signed w/ the correct certificates.
@@ -609,30 +621,36 @@ dist/SLIP-39.app-checkids:	SLIP-39.spec
 # 
 dist/SLIP-39.app: 		SLIP-39-macOS.spec \
 				SLIP-39.metadata/entitlements.plist \
-				images/SLIP-39.icns
+				images/SLIP-39.icns \
+				$(PROVISION)
 	@echo -e "\n\n*** Rebuilding $@, version $(VERSION)..."
 	rm -rf build $@*
 	sed -I "" -E "s/version=.*/version='$(VERSION)',/" $<
 	sed -I "" -E "s/'CFBundleVersion':.*/'CFBundleVersion':'$(VERSION)',/" $<
 	sed -I "" -E "s/codesign_identity=.*/codesign_identity='$(DEVID)',/" $<
 	pyinstaller --noconfirm $<
+	#echo "Copying Provisioning Profile..."; rsync -va $(PROVISION) $@/Contents/embedded.provisionprofile
 	echo "Checking signature (pyinstaller signed)..."; ./SLIP-39.metadata/check-signature $@ || true
-	codesign --verify $@
+	codesign --verify --verbose $@
 	# codesign --deep --force \
 	#     --all-architectures --options=runtime --timestamp \
 	#     --sign "$(DEVID)" \
 	#     $@
 	# echo "Checking signature (app code signed)..."; ./SLIP-39.metadata/check-signature $@ || true
 	# codesign --verify $@
-	codesign --deep --force \
-	    --all-architectures --options=runtime --timestamp \
+	codesign --deep --force --timestamp --verbose --options runtime \
+	    --all-architectures \
 	    --entitlements ./SLIP-39.metadata/entitlements.plist \
 	    --sign "$(DEVID)" \
 	    $@
 	echo "Checking signature (app code + entitlements signed w/ $(DEVID))..."; ./SLIP-39.metadata/check-signature $@ || true
-	codesign --verify $@
+	codesign --verify --verbose $@
 	touch $@  # try to avoid unnecessary rebuilding
 
+app-assess: dist/SLIP-39.app
+	spctl --assess --type execute --context context:primary-signature -vvv $< 
+
+
 #
 # Only used for initial creation of SLIP-39.spec; it must be customized, so this target cannot be
 # used to achieve a complete, operational SLIP-39.spec file!

SLIP-39-macOS.spec

@@ -46,7 +46,7 @@ exe = EXE(
     disable_windowed_traceback=False,
     argv_emulation=False,
     target_arch=None,
-    codesign_identity='DDB5489E29389E9081E0A2FD83B6555D1B101829',
+    codesign_identity='EAA134BE299C43D27E33E2B8645FF4CF55DE8A92',
     entitlements_file=None,
     icon='images/SLIP-39.icns',
 )

SLIP-39.metadata/entitlements.plist

@@ -4,7 +4,9 @@
   <dict>
     <key>com.apple.security.files.user-selected.read-write</key>	<true/>
     <!-- These are required for binaries built by PyInstaller -->
+    <!--
     <key>com.apple.security.app-sandbox</key>				<true/>
+      -->
     <key>com.apple.security.cs.allow-jit</key>				<true/>
     <key>com.apple.security.cs.allow-unsigned-executable-memory</key>	<true/>
     <key>com.apple.security.cs.disable-library-validation</key>		<true/>

slip39/gui/main.py

@@ -239,6 +239,7 @@ def groups_layout(
                         [
                             sg.Text( f"Seed Name{LO_PRO and 's, ...' or ''}:",  size=prefix,    **T_kwds ),
                             sg.Input( f"{', '.join(names)}",key='-NAMES-',      size=inputs,    **I_kwds ),
+                            sg.Checkbox( '2-Sided',key='-PF-DOUBLE-',		default=True,	**I_kwds ),
                         ],
                         [
                             sg.Text( "Card size:",                                              **T_hue( T_kwds, 1/20 )),
@@ -1524,9 +1525,10 @@ def deficiency( *deficiencies ):
         # We have a complete SLIP-39 Mnemonic set.  If we get here, no failure status has been
         # detected, and SLIP39 mnemonic and account details { "name": <details> } have been created;
         # we can now save the PDFs; converted details is now { "<filename>": <details> })
-        if wallet_pwd is not False:
-            # And, if Paper Wallets haven't been disabled completely, remember our password/hint
-            wallet_pwd		= values['-WALLET-PASS-']  # Produces Paper Wallet(s) iff set
+        if wallet_pwd is not False and values['-WALLET-PASS-'] or values['-WALLET-HINT-']:
+            # And, if Paper Wallets haven't been disabled completely, remember our password/hint.
+            # If we're supplied a wallet password "hint", we allow even the empty wallet password.
+            wallet_pwd		= values['-WALLET-PASS-']
             wallet_pwd_hint	= values['-WALLET-HINT-']
 
         if event in ('-SAVE-', '-PRINT-'):
@@ -1549,6 +1551,8 @@ def deficiency( *deficiencies ):
             try:
                 card_format	= next( c for c in CARD_SIZES if values[f"-CS-{c}-"] )
                 paper_format	= next( pf for pn,pf in PAPER_FORMATS.items() if values[f"-PF-{pn}-"] )
+                wallet_format	= next( (f for f in WALLET_SIZES if values.get( f"-WALLET-SIZE-{f}-" )), None )
+                double_sided	= values['-PF-DOUBLE-']
                 details		= write_pdfs(
                     names		= details,
                     using_bip39		= using_bip39,
@@ -1558,10 +1562,11 @@ def deficiency( *deficiencies ):
                     edit		= edit,
                     wallet_pwd		= wallet_pwd,
                     wallet_pwd_hint	= wallet_pwd_hint,
-                    wallet_format	= next( (f for f in WALLET_SIZES if values.get( f"-WALLET-SIZE-{f}-" )), None ),
+                    wallet_format	= wallet_format,
                     filepath		= filepath,
                     printer		= printer,
                     watermark		= watermark,
+                    double_sided	= double_sided,
                 )
             except Exception as exc:
                 status		= f"Error saving PDF(s): {exc}"

slip39/recovery/__init__.py

@@ -47,15 +47,22 @@ def detect_language(cls, code: str) -> str:
         """Scan the Mnemonic until the language becomes unambiguous, including as abbreviation prefixes."""
         code = cls.normalize_string(code)
         possible = set(cls(lang) for lang in cls.list_languages())
-        for word in code.split():
+        words = set(code.split())
+        for word in words:
             # possible languages have candidate(s) starting with the word/prefix
             possible = set(p for p in possible if any(c.startswith( word ) for c in p.wordlist))
             if not possible:
                 raise ConfigurationError(f"Language unrecognized for {word!r}")
-            if len( possible ) < 2:
-                break
         if len(possible) == 1:
             return possible.pop().language
+        # Multiple languages match: A prefix in many, but an exact match in one determines language.
+        complete = set()
+        for word in words:
+            exact = set(p for p in possible if word in p.wordlist)
+            if len(exact) == 1:
+               complete.update(exact)
+        if len(complete) == 1:
+            return complete.pop().language
         raise ConfigurationError(
             f"Language ambiguous between {', '.join( p.language for p in possible)}"
         )