wallet.mmgen: increase salt length to 32 bytes

2026-05-21 12:09:33 +00:00 · 2026-05-21 12:09:33 +00:00 · b13acfa3b1
commit b13acfa3b1
parent 7ca2449306
8 changed files with 15 additions and 20 deletions
--- a/mmgen/crypto.py
+++ b/mmgen/crypto.py
@ -31,7 +31,6 @@ class Crypto:
 	mmenc_ext = 'mmenc'
 	scramble_hash_rounds = 10

-	salt_len       = 16
 	aesctr_iv_len  = 16
 	aesctr_dfl_iv  = int.to_bytes(1, aesctr_iv_len, 'big')
 	hincog_chk_len = 8
--- a/mmgen/wallet/enc.py
+++ b/mmgen/wallet/enc.py
@ -94,7 +94,7 @@ class wallet(wallet):
 			d.passwd = self._get_new_passphrase()

 		from hashlib import sha256
-		d.salt     = sha256(self.crypto.get_random(128)).digest()[:self.crypto.salt_len]
+		d.salt     = sha256(self.crypto.get_random(128)).digest()[:self.salt_len]
 		key        = self.crypto.make_key(d.passwd, d.salt, d.hash_preset)
 		d.key_id   = make_chksum_8(key)
 		d.enc_seed = self.crypto.encrypt_seed(self.seed.data, key)
--- a/mmgen/wallet/incog_base.py
+++ b/mmgen/wallet/incog_base.py
@ -18,6 +18,8 @@ from .enc import wallet

 class wallet(wallet):

+	salt_len = 16
+
 	_msg = {
 		'check_incog_id': """
  Check the generated Incog ID above against your records.  If it doesn't
@ -36,7 +38,7 @@ class wallet(wallet):
 	def _get_incog_data_len(self, seed_len):
 		return (
 			self.crypto.aesctr_iv_len
-			+ self.crypto.salt_len
+			+ self.salt_len
 			+ (0 if self.cfg.old_incog_fmt else self.crypto.hincog_chk_len)
 			+ seed_len//8)

@ -71,7 +73,7 @@ class wallet(wallet):
 		self.cfg._util.qmsg('Make a record of this value')
 		self.cfg._util.vmsg('\n  ' + self.msg['record_incog_id'].strip()+'\n')

-		d.salt = crypto.get_random(crypto.salt_len)
+		d.salt = crypto.get_random(self.salt_len)
 		seed_key = crypto.make_key(
 			passwd      = d.passwd,
 			salt        = d.salt,
@ -167,8 +169,8 @@ class wallet(wallet):
 			iv       = d.iv,
 			desc     = 'incog data')

-		d.salt     = dd[0:crypto.salt_len]
-		d.enc_seed = dd[crypto.salt_len:]
+		d.salt     = dd[0:self.salt_len]
+		d.enc_seed = dd[self.salt_len:]

 		seed_key = crypto.make_key(
 			passwd      = d.passwd,
--- a/mmgen/wallet/mmgen.py
+++ b/mmgen/wallet/mmgen.py
@ -24,6 +24,7 @@ from .enc import wallet
 class wallet(wallet):

 	desc = 'MMGen wallet'
+	salt_len = 32

 	def __init__(self, *args, **kwargs):
 		if self.cfg.label:
--- a/test/cmdtest_d/wallet.py
+++ b/test/cmdtest_d/wallet.py
@ -53,13 +53,12 @@ class CmdTestWalletConv(CmdTestBase, CmdTestShared):
 			'hic_wallet_old': '1378FC64-B55E9958-D85FF20C[192,1].incog-old.offset123',
 		},
 		'256': {
-			'ref_wallet':     '98831F3A-27F2BF93[256,1].mmdat',
+			'ref_wallet':     '98831F3A-F825E2A0[256,1].mmdat',
 			'ic_wallet':      '98831F3A-5482381C-18460FB1[256,1].mmincog',
 			'ic_wallet_hex':  '98831F3A-1630A9F2-870376A9[256,1].mmincox',

 			'hic_wallet':      '98831F3A-F59B07A0-559CEF19[256,1].incog.offset123',
 			'hic_wallet_old':  '98831F3A-F59B07A0-848535F3[256,1].incog-old.offset123',
-
 		},
 	}
 	cmd_group = (
--- a/test/ref/98831F3A-27F2BF93[256,1].mmdat
+++ b/test/ref/98831F3A-27F2BF93[256,1].mmdat
@ -1,6 +0,0 @@
-cd828f
-"#$%&()*+,- ./0123456789:;<=>?@AIZ[\]^_`aiz{|}~'
-98831f3a 27f2bf93 256 NE 20150405_075000
-1: 12 8 1
-9440eb NBDH bKqG a23q FtYi nRo1 kk
-7a2f32 5nZf LqjP R9bj vgzc sMGr WPtu PR7S 6NpZ pgGd fc4e QCKt
--- a/test/ref/98831F3A-E2687906[256,1].mmdat
+++ b/test/ref/98831F3A-E2687906[256,1].mmdat
@ -1,6 +0,0 @@
-9cc19b
-test.py ref. wallet (pw 'abc', seed len 256)
-98831f3a e2687906 256 NE 20161110_135346
-1: 12 8 1
-70413d 74ev zjeq Zw2g DspF RKpE 7H
-7c26e6 1otd mVTn 5MCR cDTF sZqY uNKA rsAm mjTw EJmS yzwX ZPJd
--- a/test/ref/98831F3A-F825E2A0[256,1].mmdat
+++ b/test/ref/98831F3A-F825E2A0[256,1].mmdat
@ -0,0 +1,6 @@
+42f7d8
+"#$%&()*+,- ./0123456789:;<=>?@AIZ[\]^_`aiz{|}~'
+98831f3a f825e2a0 256 NE 20260520_074802
+1: 12 8 1
+384094 8MgZ HHVn QTmH RbiQ hufm obJw 9FkX 7Uv5 AbtK k4yU hqba
+2a4856 8kQ7 JVwg zDQq isws f4g1 7oWi pKS7 gcvq siCX VX3i BeP7