Authen::PIN - Create and verify strong PIN numbers
use Authen::PIN; my $pinset = new Authen::PIN ('PPPCCP123HHHHHHHV', $start # Optional ); $pinset->set($start); # Preferred $pinset->inc($inc); $pinset->pin($pass_through, $serial);
$pinset->pin($serial); # undef $pass_through
This module provides an interface to create crypto-strong PIN numbers for applications such as calling cards that require a number that is difficult to guess and that might convey hidden information.
It is based on templates, that define how the resulting PIN number will be constructed by combining the following components:
This is represented in the template with the letter 'P'. It is copied as is to the resulting PIN. Digits are passed to the template from left to right. If the supplied value in the call to
->pin is too short, it will be left-padded with zeros.
Represented in the template with the letter 'C'. This is a regular counter that starts at the value passed to
$start (if specified) and is incremented for each call to
->pin by whatever value was passed to
->inc (or 1 by default).
These are represented by the letter 'H'. When calling
->pin($pass, $serial), the concatenation of
$serial are passed through the MD5 function and the result converted to a string of digits. This string is replaced, from left to right, into the supplied template. There is a limit in the number of digits that a hash can generate. Using more than 20 or so digits is discouraged as this might result in PIN numbers that are not strong enough. In practice, a PIN number with such a large number of digits is probably of little use.
It is represented with the 'V' character in the template. When found, a checksum of the PIN constructed so far will be calculated and placed at the current position. This is usually used as the last digit in the PIN template, to allow for a digit that allows for the simple discard of bogus PIN number, avoiding more expensive database operations in a complete application. The algorythm used for this checksum, is the same used by credit cards, as implemented by Business::Creditcard.
Digits in the range 0-9 are copied to the resulting PIN.
Luis E. Munoz <email@example.com>
This code has the same warranty that Perl itself.