When using HMAC for message signing, is it wise to salt the key, message, or both?

Say I'm designing a library to sign/verify messages with SHA-256 HMAC. If the end user uses a weak开发者_C百科 shared key and sends a lot of short messages, I assume there would be risk of an attacker discovering the key.

My intuition says I should append a unique (per message) salt to the key to make reverse-engineering the key harder.

How much would key salting help, and would I gain anything by also salting the messages?

Normally people salt the key. It does increase security, both because it makes reverse-engineering the key harder, and because the same message does not always have the same MAC, so an attacker can't simply re-send a message that was sent earlier with the same MAC. I don't see what salting the message as well would get you.