Manualshelf

User's Manual Part 4

ManualsBrandsVeriFone ManualsElectronicsPoint of Sale Terminal
11121314151617181920
FILE AUTHENTICATION
The FILESIGN.EXE File Signing Tool
O
MNI 3600 REFERENCE MANUAL 117
Command-Line
Mode Syntax
Example
In the FILESIGN.EXE command-line entry example below, please note that the
syntax used applies to an Omni 3600 development terminal with the factory set of
certificates, and not to a deployment terminal. The differences are as follows:
The default signer certificate and default signer key file names that are
provided by VeriFone as part of the Omni 3600 SDK are entered on the
command line instead of customer-specific customer signer certificate and
customer signer private key file names, and
The switch for signer password (-P password) is not used, because a
customer signer password is only required to sign and authenticate files for
Omni 3600 deployment terminals being prepared for deployment.
Please note also how the command-line mode switches described in Table 20 are
used in this example:
filesign -L -f file.out -s file.p7s -c k2sign.crt -k k2sign.key
The -L switch indicates to store the application file in the flash file system
instead of the target group’s (default) RAM file system. (The target group for
the download must be selected from system mode when the download is
performed.)
The -f switch indicates that the application file “file.out” must be signed
by the FILESIGN.EXE tool.
Executable files, such as *.out and *.lib files, must always be signed if they are
to run on the terminal following a download. Depending on the application’s
logical security requirements, other types of files, such as data files and font
files, may also need to be signed and are authenticated on download.
The -s switch is followed by the name of the signature file to generate,
file.p7s.
The -c switch is followed by the name of the default signer certificate to use
for file authentication with the development terminal, “k2sign.crt”.
The -k switch is followed by the name of the default signer private key file,
k2sign.key. A signer private key is a required input to the file signing
process for development terminals and for deployment terminals.
FILESIGN.EXE
Graphical
Interface Mode
When you execute FILESIGN.EXE in the Windows environment, the FileSign
dialog box displays (see Figure 41).
The FileSign dialog box has four entry fields, each of which is followed by a “Next”
[...] selection button, as well as one check box, and the OK and Cancel buttons:
Press ALT-C or click on the [...] button to the right of the “Certificate” field to
locate and select the certificate file (*.crt) you want to use to sign the file.
Press ALT-K or click on the [...] button to the right of the “Key” field to locate
and select the signer private key file (*.key).