/**
* Create initialization vector.
*
* This vector is considered to be recreatable the very same way resulting
* in the same vector, though hardly depending on current user's session to
* be less predictable by attackers gathering access on ciphers.
*
* @return string initialization vector to use
*/
protected static function getIV()
{
return blowfish::get($_SERVER['REMOTE_ADDR'] . $_COOKIE['_txf'] . $_SERVER['HTTP_USER_AGENT'], $_SERVER['HTTP_HOST']) . blowfish::get($_SERVER['HTTP_HOST'] . $_COOKIE['_txf'] . $_SERVER['HTTP_USER_AGENT'], $_SERVER['REMOTE_ADDR']);
}
/**
* Retrieves hash on an object descriptor and its related secret information
* to be valid at date of timestamp.
*
* @param string $object some public object hash is to be used for (e.g. a user's name)
* @param string $secret some internal-only information related to that object (e.g. the user's internal ID or similar)
* @param int $timestamp timestamp of day generated hash is considered valid on
* @return string hash on object and its related secret valid for day of given timestamp
*/
protected static function _get($object, $secret, $timestamp)
{
$salt = blowfish::get($object, 'cePharUm-S3cr3t-54lT' . static::_date($timestamp), true);
$hash = substr(preg_replace('#[/+=]#', '', blowfish::get($secret, $salt)), 12, 16);
return $hash;
}
