The reason why the salt passed to crypt()
can differ from the salt returned in the resulting hash-value is, that BCrypt internally only uses 126 bits of the salt, but the salt passed to the function always contains 128 bits. Since the crypt function expects the salt kind of base64 encoded, you cannot pass 126 bits directly.
A more detailed answer you can find here: Why does crypt/blowfish generate the same hash with two different salts?
I understand that you want to use the real hash as a key to encrypt another key, you could extract it from the resulting hash-value. This string is always of a certain format with $
to separate the parts, with BCrypt the real hash are the last 31 characters
$2y$10$nOUIs5kJ7naTuTFkBy1veuK0kSxUFXfuaOKdOKf9xYT0KKIGSJwFa
| | | |
| | | hash-value = K0kSxUFXfuaOKdOKf9xYT0KKIGSJwFa
| | |
| | salt = nOUIs5kJ7naTuTFkBy1veu (22 characters)
| |
| cost-factor = 10 = 2^10 iterations
|
hash-algorithm = 2y = BCrypt
Another possibility is to calculate a hash of the whole string (all 60 characters). You could choose an algorithm that returns the required length, e.g. sha256 to get a 256 bit key for MCRYPT_TWOFISH.