P
ERFORMING
D
OWNLOADS
File Authentication Requirements
V
X
810 R
EFERENCE
G
UIDE
103
File
Authentication
Requirements
Chapter 5
provided a general introduction to the file authentication process. Now
we become more task-oriented and see how the file authentication process
affects how to perform the various download procedures.
Required
Certificates and
Signature Files
The following are some important points to remember about how certificates and
signature files relate to application download procedures:
•
Before an executable file can be downloaded onto and allowed to run on a
V
x
810, the file must be digitally signed on the download computer using the
VeriShield File Signing Tool. The result of this procedure is a signature file
recognized by its *.p7s filename extension.
•
A signature file must be downloaded with each executable that makes up an
application. An executable can be a compiled and linked object file (*.out) or a
shared function library (*.lib).
In most cases, an application consists of multiple executables and requires a
number of corresponding signature files.
•
In a typical batch application download, all files, including executables,
signature files, and any required certificates, download in the same operation.
•
After the download is complete and the device restarts, the file authentication
module is invoked if a new signature file (or certificate) is detected. If the
application (executable) is authenticated, it is allowed to run on the device.
Otherwise, it does not execute.
•
If one executable file required by an application with multiple executables fails
to authenticate, the main application may crash when it attempts to access the
non-authenticated executable.
•
Application files other than executables (for example, font and data files) may
also require logical security under file authentication. In these cases, each
protected non-executable file also requires a corresponding signature file.
•
Digital certificates (*.crt) and signature files (*.p7s) are required to authenticate
both application files and operating system files, which must be downloaded
onto the SRAM of the target file group.
•
Certificate files are deleted from application memory after they are
authenticated. If a certificate is not authenticated, it is retained in device’s
memory.
•
If the *FA variable in the CONFIG.SYS file of the target group is set to 1,
signature files are redirected to the same location where the application file it
authenticates is stored. If *FA is 0, signature files are deleted from SRAM
when the file authentication process is complete.
Summary of Contents for DUET Vx810
Page 1: ...VeriFone Part Number 24964 Revision B Vx810 Reference Guide ...
Page 14: ...VX810 OVERVIEW Features and Benefits 14 VX810 REFERENCE GUIDE ...
Page 90: ...VeriShield File Signing Tool 90 VX810 REFERENCE GUIDE ...
Page 130: ...PERFORMING DOWNLOADS Back to Back Application Downloads 130 VX810 REFERENCE GUIDE ...
Page 148: ...Information Messages 148 VX810 REFERENCE GUIDE ...
Page 150: ...PORT PINOUTS COM Port 150 VX810 REFERENCE GUIDE ...