The File Authentication Process During An Application Download - VeriFone Vx810 Reference Manual

Hide thumbs Also See for Vx810:

Reference manual (158 pages)

Installation manual (36 pages)

User manual (28 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

ERFORMING

OWNLOADS

File Authentication Requirements

The File

Authentication

Process During an

Application

Download

104

810 R

EFERENCE

In the following example of a typical file authentication process, it is assumed that:

•

An application is being downloaded to prepare a V

deployment. That is, a sponsor certificate and a signer certificate are

downloaded in batch mode to GID1 SRAM of the receiving device, together

with the application to authenticate.

•

A signature file is generated for each executable that comprises the

application on the download computer using the VeriShield File Signing Tool,

with the signer certificate, signer private key, and signer password as required

inputs. These signature files are also downloaded onto the receiving device.

In a typical batch application download, file authentication proceeds as follows:

All certificate files (*.crt), signature files (*.p7s), and application files (*.out,

*.lib, *.fon, *.vft, *.dat, and so on) download to the V

batch mode.

When the device restarts after the download, the file authentication module

searches the SRAM-based file system for the following two file types:

•

Authenticated certificate files (*.crt) to add to the permanent certificate

tree.

•

Signature files (*.p7s) that authenticate corresponding target application

files.

Certificate files and signature files can download into the SRAM of any file

group. For this reason, the file authentication module searches through the

entire file system (all file groups) for new files with these filename extensions

each time the device restarts.

The file authentication module builds a list of all newly detected certificates

and signature files. If no new certificates or signature files are located, the

module just returns. If one or more new files of this kind are detected, the file

authentication module starts processing them based on the list.

Certificates are always processed first (before signature files). The processing

routine is called one time for each certificate in the list. If a certificate is

authentic, it is noted, and the next certificate is processed. This process

continues in random order until all certificates are authenticated.

When a certificate file in the processing list is authenticated, the "Authentic"

message is displayed below the corresponding filename. If it fails to be

authenticated, the "Failed" message is displayed for five seconds and the

device beeps three times. The routine resumes processing and continues until

all certificates are successfully processed.

The processing routine gives both visible and audible indications if a specific

certificate authenticates successfully. The file authentication module does not

halt the process if a certificate fails to authenticate, but continues to the next

step, which is authenticating signature files.

UIDE

810 deployment device for

810 deployment device in

Table of Contents

The File Authentication Process During An Application Download - VeriFone Vx810 Reference Manual

Related Manuals for VeriFone Vx810

Related Content for VeriFone Vx810

Table of Contents