I didn't find a simple answer on how to fetch the password salt in Postgresql when it was generated with: crypt($password, gen_salt('bf'))
.
I was looking at some hashes like:
$2a$06$dcJkzmbYLbPHB2NL5QfVj.D.a7OnEq01l3ZIYJ0IVeNPZ3AIuEpWG
$2a$06$2Q3QwDby0xPJSL4CU.izXe1jDFdMDQ1SkSnFE3dWUt2sLeQHq6v76
and suspected the salt would be the string until the first .
and the rest would be the password hash? In the first hash there are two .
. Anyone an idea?
The '.' is just another character in the encoding scheme, no different in meaning than 'Q' or '7', just a different pattern of bits being turned on.
In blowfish case, the first 29 characters is the combination of algorithm identifier and hardness parameter and salt, of which the salt is the last 22. But there is probably no good reason you need to know this. It is an opaque object whose internal structure is no one's business but crypt and gen_salt.