File Authentication And Certificates; Package Management - VeriFone MX800 series Programmer's Manual
Hide thumbs
Also See for MX800 series:
- Installation manual (40 pages) ,
- Troubleshooting manual (18 pages) ,
- Ethernet installation (12 pages)
Table of Contents
Advertisement
F
S
ILE
YSTEMS
File Authentication and Certificates
NOTE
File
Authentication
and Certificates
Package
Management
28
M
X
800 S
P
ERIES
ROGRAMMERS
•
If a .TAR file contains a special file named config.usrx (where x is 1 to 8)
the system will read the downloaded config.usrx file and update the users
configuration. This feature allows configuration variables to be added/deleted
or changed without using Zontalk, or ECR protocol that has built in support for
configuration variables. The content of the special config.usrx file is simple
ASCII with a <CR> character at the end of each line. An equal = character is
used to separate a variable from its value. To delete an entry, enter the
variable with an equal = character.
An example config.usr1 file:
*DHCP=
*GO=screen-demo.exe
In the example, the *DHCP variable will be deleted and *GO will be set/
changed.
Including the variable *usr1pwd, config.usr1 will set the System Mode /
login password for usr1 to its value. For example: *usr1pwd=123456 will set
usr1 password to 123456.
x
The M
800 series implements VeriFone's VeriShield File Authentication module.
All executable code must be authenticated prior to running. File authentication
authority is split in to two branches. One branch is owned by VeriFone and
encompasses Kernel / OS code. This includes driver modules. The second
branch is owned by the customer/VAR and encompasses applications.
All directories and files with root ownership are considered Kernel/OS owned and
must be authenticated by OS signing authority. Applications will reside in user
space directories and will require application signing authority.
Application authentication is performed each time an application is executed. The
system scans the directory where the application resides for a .p7s file that
contains the name of the application. This means that the .p7s and the
application do not need to have the same name. Remember that Linux is case
sensitive and it is important that the file named in the .p7s have the same case as
the application.
The system expects certificate files to be placed in a directory named: crt under
the base path for the user. For usr1, the path would be /home/usr1/crt. If a file
fails authentication, the system automatically scans the crt directory for a
certificate that may need to be installed.
The terminal supports the ability to group or package a collection of files as a
single package/file that can be downloaded and installed into the terminal. This
package management is called iPKG (The Itsy Package Management System).
iPKG is a very lightweight package management system that allows for dynamic
installation/removal of packages on a running system.
G
UIDE
Advertisement
Table of Contents
