What is the format of password_hash output?

Question

I know the PHP function, password_hash outputs the algorithm, cost, salt, and hash all in one string so password_verify can check a password.

Sample output from PHP page:

$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a

so the $2y$ represents the algorithm, the 10 represents cost. But how does password_verify separate the salt from the hash? I don't see any identifier separating the two afterwards.

Answer 1

For the bCrypt version of Password Hash. Bcrypt has a fixed-length salt value. The crypt function which is what PHP calls internally when you're utilizing password_hash()/password_verify() with the default algorithm has a a 16 byte salt. This is given as a 22 characters of the custom base64 alphabet A-Za-z/. then it decodes the string into bytes as 22 B64 characters encode 16.5Bytes there is an extra nibble of data that is not taken into account.

For all other hashes the salt value is a defined set of bytes which are of course encoded into ASCII safe b64 and put after the $ sign and then the verifying function would only have to split the string into parts via the delimiter $ and then go for the third set of characters get the substr(0,B64_ENCODED_HASH_ALGORITHM_SALT_LEN). After that it would then pass the parameters it also got from the split string and pass those back into the password_hash function along with the password to check.

The string it gives you is defined by the hashing algorithm's standard in most cases but is almost always something to the pattern of

$<ALGORITHM_ID>$<COST_IN_FORMAT>$<BASE64_ENCODED_SALT><BASE64_ENCODED_HASH>$