The Implementation of the PBKDF2 key derivation function as described in RFC 2898 can be used to not only get the hashed KEY but also a specific IV.
To use, one would use it as follows:-
<?php
$p = str_hash_pbkdf2($pw, $salt, 10, 32, 'sha1');
$p = base64_encode($p);
$iv = str_hash_pbkdf2($pw, $salt, 10, 16, 'sha1', 32);
$iv = base64_encode($iv);
?>
The function should be:-
<?php
function str_hash_pbkdf2($p, $s, $c, $kl, $a = 'sha256', $st=0)
{
$kb = $start+$kl; $dk = ''; for ($block=1; $block<=$kb; $block++)
{
$ib = $h = hash_hmac($a, $s . pack('N', $block), $p, true);
for ($i=1; $i<$c; $i++)
{
$ib ^= ($h = hash_hmac($a, $h, $p, true));
}
$dk .= $ib; }
return substr($dk, $start, $kl);
}
?>