The passphrase is no problem as I already know it. I wonder if the salt and iteration are viewable within the wallet file? How do these various scripts find them?
The "mkey" data stored in the wallet.dat is unpacked as follows:
encrypted_master_key, salt, method, iter_count = struct.unpack_from("< 49p 9p I I", mkey)
So, it's actually a 48 byte record called the "encrypted_master_key", the 8 byte salt, the 'method' (should be a 4 byte unsigned Int value 0) and the iteration count (4 byte unsigned Int).
Then, the 48 byte "encrypted_master_key", is actually parsed as:
iv = binascii.hexlify(encrypted_master_key[16:32])
ct = binascii.hexlify(encrypted_master_key[-16:])
first 16 bytes are ignored?
2nd 16 bytes are the "iv" (initialisation vector)
last 16 bytes are the "ct" (cipher text)
The hex that the walletinfo.py script outputs is:
s = iv + ct + binascii.hexlify(salt) + iterations
return s
So it is actually iv (16 bytes) + cipher text (16 bytes) + salt (8 bytes) + iteration (8 bytes, it gets padded out from 4 bytes)
I assume this is because the OpenCL portion of that project is expecting the data in this format (to test passphrases) with.