Each PIN is concatenated with the corresponding LDAP attribute named in the saltattribute argument. If this argument is not specified, the DN is used. That string is hashed with the routine specified in the hash argument; the default algorithm is SHA-1. One byte is prepended to indicate the hash type used. The PIN is stored as follows:

byte[0] = X

The value of X depends on the hash algorithm chosen during the PIN generation process.

The PIN is stored in the directory as a binary value, not as a base-64 encoded value.