Manualshelf

User's Manual Part 3

ManualsBrandsVeriFone ManualsElectronicsPoint of Sale Terminal
31323334353637383940
PERFORMING DOWNLOADS
Omni 3600 Download Differences
O
MNI 3600 REFERENCE MANUAL 69
If a signature file is missing on the sending terminal, the target application file that
it authenticates is not authenticated on the receiving terminal and, if the target file
is an executable, it is not allowed to run on the receiving terminal.
File Authentication
Requirements
Chapter 5 provided a general introduction to the file authentication process. Now
we become more task-oriented and see how the file authentication process
affects how to perform the various download procedures.
Required Certificates and Signature Files
Here are some important points to remember about how certificates and signature
files relate to application download procedures:
Before an executable file can be downloaded to and be allowed to run on an
Omni 3600 terminal, the file must be digitally signed on the download
computer using the file signing tool, FILESIGN.EXE. The result of this
procedure is a signature file recognized by its *.p7s file name extension.
A signature file must be downloaded together with each executable that
makes up an application. An executable can be a compiled and linked object
file (*.out) or a shared function library (*.lib).
In most cases, an application consists of multiple executables and requires a
number of corresponding signature files.
In a typical batch application download, all files, including executables,
signature files, and any required certificates, download together in the same
operation.
After the download is complete and the terminal restarts, the file
authentication module is invoked if a new signature file (or certificate) is
detected. If the application (executable) is authenticated, it is allowed to run on
the terminal. Otherwise, it does not execute.
If one executable file is required by an application that consists of multiple
executables fails to authenticate, the main application may crash when it
attempts to access the non-authenticated executable.
Application files other than executables (for example, font and data files) may
also require logical security under file authentication. In these cases, each
protected non-executable file also requires a corresponding signature file.
Digital certificates (*.crt) and signature files (*.p7s) required to authenticate
both application files and operating system files must always be downloaded
into RAM of the target file group.
Certificate files are deleted from application memory after they are
authenticated. If a certificate is not authenticated, it is retained in the terminal
memory.
If the *FA variable in the CONFIG.SYS file of the target group is set to 1,
signature files are redirected to the same location where the application file it