File Authentication Requirements; Required Certificates And Signature Files; Chapter - VeriFone Vx810 Reference Manual

Hide thumbs Also See for Vx810:

Reference manual (158 pages)

Installation manual (36 pages)

User manual (28 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

File

Chapter 5

Authentication

we become more task-oriented and see how the file authentication process

Requirements

affects how to perform the various download procedures.

Required

The following are some important points to remember about how certificates and

Certificates and

signature files relate to application download procedures:

Signature Files

•

provided a general introduction to the file authentication process. Now

Before an executable file can be downloaded onto and allowed to run on a

810, the file must be digitally signed on the download computer using the

VeriShield File Signing Tool. The result of this procedure is a signature file

recognized by its *.p7s filename extension.

A signature file must be downloaded with each executable that makes up an

application. An executable can be a compiled and linked object file (*.out) or a

shared function library (*.lib).

In most cases, an application consists of multiple executables and requires a

number of corresponding signature files.

In a typical batch application download, all files, including executables,

signature files, and any required certificates, download in the same operation.

After the download is complete and the device restarts, the file authentication

module is invoked if a new signature file (or certificate) is detected. If the

application (executable) is authenticated, it is allowed to run on the device.

Otherwise, it does not execute.

If one executable file required by an application with multiple executables fails

to authenticate, the main application may crash when it attempts to access the

non-authenticated executable.

Application files other than executables (for example, font and data files) may

also require logical security under file authentication. In these cases, each

protected non-executable file also requires a corresponding signature file.

Digital certificates (*.crt) and signature files (*.p7s) are required to authenticate

both application files and operating system files, which must be downloaded

onto the SRAM of the target file group.

Certificate files are deleted from application memory after they are

authenticated. If a certificate is not authenticated, it is retained in device's

memory.

If the *FA variable in the CONFIG.SYS file of the target group is set to 1,

signature files are redirected to the same location where the application file it

authenticates is stored. If *FA is 0, signature files are deleted from SRAM

when the file authentication process is complete.

ERFORMING

OWNLOADS