function __construct($callback = null, $ttl = -1)
{
//Maximum entropy, minimum data
$this->id = \Radical\Basic\String\Random::GenerateBase64(6) . dechex(crc32(session_id() . time()));
$len = strlen($this->id) - rand(0, 4);
$this->id = substr($this->id, 0, $len);
$this->key = \Radical\Basic\String\Random::GenerateBytes(32);
$this->callback = $callback;
if ($ttl > 0) {
$this->expires = $ttl + time();
}
KeyStorage::AddKey($this);
}
/**
* Generates a Blowfish salt for use in `lithium\security\Password::hash()`. _Note_: Does not
* use the `'encode'` option of `String::random()` because it could result in 2 bits less of
* entropy depending on the last character.
*
* @param integer $count The base-2 logarithm of the iteration count.
* Defaults to `10`. Can be `4` to `31`.
* @return string The Blowfish salt.
*/
protected static function _genSaltBf($count = 10)
{
$count = (int) $count;
$count = $count < 4 || $count > 31 ? 10 : $count;
$base64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$i = 0;
$input = String\Random::GenerateBytes(16);
$output = '';
do {
$c1 = ord($input[$i++]);
$output .= $base64[$c1 >> 2];
$c1 = ($c1 & 0x3) << 4;
if ($i >= 16) {
$output .= $base64[$c1];
break;
}
$c2 = ord($input[$i++]);
$c1 |= $c2 >> 4;
$output .= $base64[$c1];
$c1 = ($c2 & 0xf) << 2;
$c2 = ord($input[$i++]);
$c1 |= $c2 >> 6;
$output .= $base64[$c1];
$output .= $base64[$c2 & 0x3f];
} while (1);
return '$2a$' . chr(ord('0') + $count / 10) . chr(ord('0') + $count % 10) . '$' . $output;
}
