Authen::PIN - Create and verify strong PIN numbers
use Authen::PIN; my $pinset = new Authen::PIN ('PPPCCP123HHHHHHHV', $start # Optional ); $pinset->set($start); # Preferred $pinset->inc($inc); $pinset->pin($pass_through, $serial);
$pinset->pin($serial); # undef $pass_through
This module provides an interface to create crypto-strong PIN numbers for applications such as calling cards that require a number that is difficult to guess and that might convey hidden information.
It is based on templates, that define how the resulting PIN number will be constructed by combining the following components:
- Pass through values
This is represented in the template with the letter 'P'. It is copied as is to the resulting PIN. Digits are passed to the template from left to right. If the supplied value in the call to
->pinis too short, it will be left-padded with zeros.
Represented in the template with the letter 'C'. This is a regular counter that starts at the value passed to
$start(if specified) and is incremented for each call to
->pinby whatever value was passed to
->inc(or 1 by default).
These are represented by the letter 'H'. When calling
->pin($pass, $serial), the concatenation of
$serialare passed through the MD5 function and the result converted to a string of digits. This string is replaced, from left to right, into the supplied template. There is a limit in the number of digits that a hash can generate. Using more than 20 or so digits is discouraged as this might result in PIN numbers that are not strong enough. In practice, a PIN number with such a large number of digits is probably of little use.
- Verification digit
It is represented with the 'V' character in the template. When found, a checksum of the PIN constructed so far will be calculated and placed at the current position. This is usually used as the last digit in the PIN template, to allow for a digit that allows for the simple discard of bogus PIN number, avoiding more expensive database operations in a complete application. The algorythm used for this checksum, is the same used by credit cards, as implemented by Business::Creditcard.
- Literal digits
Digits in the range 0-9 are copied to the resulting PIN.
Luis E. Munoz <email@example.com>
- 1.00 Fri Jan 12 15:51:03 2001 original version; created by h2xs 1.19
- 1.10 Thu Mar 01 18:15:00 2001 modified to use Number::Encode to achieve a more robust PIN digit distribution
This code has the same warranty that Perl itself.