Increased Passwordv2 length from 12 to 14.

This change increases the entropy from a marginal ~50 bits to
a solid ~60 bits.

Version bump to 0.1.1.

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "msecret"
-version = "0.1.0"
+version = "0.1.1"
 description = """
 A reference implementation of MSecret key derivation, written in pure Rust.
 Includes a helpful command-line utility.

doc/TEST_VECTORS.md

@@ -358,22 +358,22 @@ MSecret Passwords
 Secret: `0000000000000000000000000000000000000000000000000000000000000000`
 
  * v1: `XMMQ-KJK9-PEWC-578C-KLL3`
- * v2: `4.92692Ghmww`
+ * v2: `4.92692/Gmwwfw`
 
 Secret: `3bc1bf8f24ebcd813c4136b9ab3e9f26d50b4da59cfac6c169db905259832e84`
 
  * v1: `YCCQ-WLCX-QUNX-CULR-WQAW`
- * v2: `48.8&Eugygku`
+ * v2: `48.8&65!Hgkuus`
 
 Secret: `af2cbf24a232eb06eb48072e42cbaa7fc65342e0aabb6801d35ecc08bbbef734`
 
  * v1: `46X3-HRYJ-ENYH-JRHQ-GNHL`
- * v2: `otafpR$..3.!`
+ * v2: `otafG7$..3.!!@`
 
 Secret: `1a31d3ccabd87968d2f76f2a8d382c5aa8d88f897d57687cd945b1f83e906fc5`
 
  * v1: `LLRN-EU6J-Y53E-67WK-JGNJ`
- * v2: `/$4Ubwatqfqc`
+ * v2: `/$464::Cqfqcdm`
 
 MSecret Derivation from Passphrase
 ----------------------------------

src/password.rs

@@ -17,7 +17,7 @@
 use crate::prelude_internal::*;
 
 pub trait ExtractPassword {
-    /// Generates a very strong, easy-to-read password.
+    /// Generates a strong (~91 bits of entropy) password optimized for readability.
     ///
     /// Despite being easy to read, it is not necessarily easy to type on a cell phone,
     /// making it not ideal for things like WiFi passwords.
@@ -26,9 +26,10 @@ pub trait ExtractPassword {
     /// to numbers, upper-case letters, and dashes.
     fn extract_password_v1(&self) -> Result<String>;
 
-    /// Generates a medium-strength password that is optimized for being typed on phone keyboards.
+    /// Generates a medium-strength (~60 bits of entropy) password that is optimized for being
+    /// typed on phone keyboards.
     ///
-    /// The generated password is always 12 characters long. Commonly-confused characters are
+    /// The generated password is always 14 characters long. Commonly-confused characters are
     /// avoided.
     ///
     /// The algorithm tries to avoid swapping between letters and numbers/symbols too frequently.
@@ -93,7 +94,7 @@ impl ExtractPassword for Secret {
             '@',
         ];
 
-        let len = 12usize;
+        let len = 14usize;
         let minbeforeswap = 3;
 
         loop {
@@ -188,24 +189,25 @@ mod tests {
 
     #[test]
     fn test_password_v2() {
-        assert_eq!(&Secret::ZERO.extract_password_v2().unwrap(), "4.92692Ghmww");
+        assert_eq!(
+            &Secret::ZERO.extract_password_v2().unwrap(),
+            "4.92692/Gmwwfw"
+        );
         assert_eq!(
             &Secret::ZERO
                 .subsecret_from_label("0")
                 .unwrap()
                 .extract_password_v2()
                 .unwrap(),
-            "qbgC'92@&'::"
+            "?:&.$:4/Hifteo"
         );
-
-        // This next one should trigger a "retry".
         assert_eq!(
             &Secret::ZERO
                 .subsecret_from_label("5")
                 .unwrap()
                 .extract_password_v2()
                 .unwrap(),
-            "&626Xpxskzze"
+            "uzfpxskA&8?9'@"
         );
     }
 }

src/tool/tests.rs

@@ -383,7 +383,7 @@ fn test_password() {
     output.clear();
 
     ToolArgs::process_line(&mut tool_state, "password v2", &mut output).unwrap();
-    assert_eq!(std::str::from_utf8(&output).unwrap(), "4.92692Ghmww");
+    assert_eq!(std::str::from_utf8(&output).unwrap(), "4.92692/Gmwwfw");
     output.clear();
 }
 
@@ -404,7 +404,7 @@ fn test_test_vectors() {
     let hashstr = hex::encode(sha2::Sha256::digest(output.as_slice()).as_slice());
     assert_eq!(
         hashstr.as_str(),
-        "9493cfc03e036fbe373e09901dbb03c576b51c7049368f2c60e2898e7bc61ef4"
+        "a69fe609e8fa41de1272bc6d37ab1d9a7ceb93e7a6c600205fae72de1eddbc48"
     );
     output.clear();
 }