F
ILE
A
UTHENTICATION
Introduction to File Authentication
76
V
X
810 R
EFERENCE
G
UIDE
For non-executable files, it is the application that will confirm that all of the files
it uses is successfully authenticated on download completion, and when the
application executes the first time following a restart.
Each successfully authenticated file is also write-protected. That is, the file’s
read-only attribute is set. If the read-only file is removed or if the file is
modified in any way while stored in the device, the ATTR_NOT_AUTH bit is
automatically set to 1. If the modified file is an executable, it is no longer
allowed to run.
Digital Certificates
and the File
Authentication
Process
The file authentication module always processes certificates before it processes
signature files. Digital certificates (*.crt files) generated by the VeriFone CA have
two important functions in the file authentication process:
•
They define the rules for file location and usage (for example, the valid file
group, replaceable *.crt files, parent *.crt files, whether child *.crt files can
exist, and so on).
•
They convey the public cryptographic keys generated for device sponsors and
signers that are the required inputs to the VeriShield File Signing Tool to verify
file signatures.
Hierarchical Relationships Between Certificates
All digital certificates are hierarchically related to one another. Under the rules of
the certificate hierarchy managed by the VeriFone CA, a lower-level certificate
must always be authenticated under the authority of a higher-level certificate. This
rule ensures the overall security of VeriShield.
To manage hierarchical relationships between certificates, certificate data is
stored in device’s memory in a special structure called a certificate tree. New
certificates are authenticated based on data stored in the current certificate tree.
The data from up to 21 individual related certificates (including root, OS, and other
VeriFone-owned certificates) can be stored concurrently in a certificate tree.
This means that a new certificate can only be authenticated under a higher-level
certificate already resident in the device’s certificate tree. This requirement can be
met in two ways:
•
The higher-level certificate may have already been downloaded onto the
device in a previous or separate operation.
•
The higher-level certificate can be downloaded together with the new
certificate as part of the same data transfer operation.
NOTE
Because the application is responsible for verifying data files and prompt files, it
is recommended that each application check the ATTR_NOT_AUTH bit of all
relevant files on restart.
Содержание DUET Vx810
Страница 1: ...VeriFone Part Number 24964 Revision B Vx810 Reference Guide ...
Страница 14: ...VX810 OVERVIEW Features and Benefits 14 VX810 REFERENCE GUIDE ...
Страница 90: ...VeriShield File Signing Tool 90 VX810 REFERENCE GUIDE ...
Страница 130: ...PERFORMING DOWNLOADS Back to Back Application Downloads 130 VX810 REFERENCE GUIDE ...
Страница 148: ...Information Messages 148 VX810 REFERENCE GUIDE ...
Страница 150: ...PORT PINOUTS COM Port 150 VX810 REFERENCE GUIDE ...
Страница 158: ...GLOSSARY 158 VX810 REFERENCE GUIDE ...