File Authentication Requirements; Required Certificates And Signature Files; Chapter - VeriFone VX 675 Reference Manual

P D
ERFORMING OWNLOADS

File Authentication Requirements

File
Authentication
Requirements
Required
Certificates and
Signature Files
110
VX 675 R
EFERENCE
In this type of data transfer operation, some file redirection does occur
automatically as a result of the file authentication procedure that occurs on the
receiving terminal. This redirection process is transparent during the download.
Briefly, all files initially download into I: drive, and are then redirected based on the
directory and subdirectory names of the sending terminal's file system. Signature
files must always be authenticated in I: drive. If the target file that the signature file
authenticates is stored in F: drive, the signature file is moved to F: drive only after
the target file successfully authenticates.
To successfully perform a back-to-back download, all signature files that are
required to authenticate application executables must reside in the memory of the
sending terminal. If the *FA variable is present in the Group 1 CONFIG.SYS file of
the sending terminal, it must be set to 1 to retain all previously downloaded
signature files.
If a signature file is missing on the sending terminal, the target application file that
it authenticates is not authenticated on the receiving terminal and, if the target file
is an executable, it is not allowed to run on the receiving terminal.

Chapter 5

provided a general introduction to the file authentication process. Now
we become more task-oriented and see how the file authentication process
affects how to perform the various download procedures.
The following are some important points to remember about how certificates and
signature files relate to application download procedures:
•
Before an executable file can be downloaded to and allowed to run on a
VX 675 terminal, the file must be digitally signed on the download computer
using the FILESIGN.EXE file signing tool. The result of this procedure is a
signature file recognized by its *.p7s filename extension.
•
A signature file must be downloaded with each executable that makes up an
application. An executable can be a compiled and linked object file (*.out) or
a shared function library (*.lib).
In most cases, an application consists of multiple executables and requires a
number of corresponding signature files.
•
In a typical batch application download, all files, including executables,
signature files, and any required certificates, download in the same operation.
•
After the download is complete and the terminal restarts, the file
authentication module is invoked if a new signature file (or certificate) is
detected. If the application (executable) is authenticated, it is allowed to run on
the terminal. Otherwise, it does not execute.
•
If one executable file required by an application with multiple executables fails
to authenticate, the main application may crash when it attempts to access the
non-authenticated executable.
G
UIDE