Manualshelf

Datasheet

ManualsBrandsMAXIM INTEGRATED ManualsIntegrated Circuits (ICs)4 kBit 256 x 16
11121314151617181920
AN156
17 of 23
Then, the page number from the directory entry specifies the page where the master authentication secret
should be installed and bound to the user token. When the certificate is actually written to the device, it is
done with a direct page write, rather than using the file API. This will allow for much faster updates (very
important in a responsive debit application) when actually debiting the token.
Using the SHADEBIT.C module, the installation of the secret as well as the creation of an account file
can be done automatically with a single function call. The actual contents of a new certificate file are
written to the device after this step.
Initializing User Tokens with SHADEBIT.C Figure 30
Figure 31 illustrates how the master authentication secret is installed on the user token, as well as the
actual binding of the master authentication secret to produce an authentication secret that is unique to the
user token.
Installing Authentication Secret on DS1963S User Token Figure 31
The final step when initializing a user token is to actually write the account certificate to the data page
where the file was stored. The certificate has an option about whether or not it is signed. If left unsigned,
the 20 bytes of data where the signature would be stored can be used to store any other useful data that
needs to store about the user token. The main situation where there is no need for concern about an
/* Create the empty file on the user token */
FileEntry fe;
memcpy(fe.Name, copr.serviceFilename, 4);
fe.Ext = copr.serviceFilename[4];
owFormat(user.portnum, user.devAN));
owCreateFile(user.portnum, user.devAN, &maxwrite, &handle, &fe));
owCloseFile(user.portnum, user.devAN, handle);
/* File must be created first, so we can get the page number */
user.accountPageNumber = fe.Spage;
/* Install the master authentication secret, same as on the coprocessor */
installSystemSecret18(user.accountPageNumber, inputAuthSecret,
user.accountPageNumber&7);
/* format the bind code properly, for format see AN157 */
uchar fullBindCode[15];
memcpy(fullBindCode, copr.bindCode, 4);
fullBindCode[4] = (uchar)user.accountPageNumber;
memcpy(&fullBindCode[5], user.devAN, 7);
memcpy(&fullBindCode[12], &(copr.bindCode[4]), 3);
/* create the unique secret for iButton */
BindSecretToiButton18(user.portnum, user.accountPageNumber,
user.accountPageNumber&7,
copr.bindData, fullBindCode, TRUE);
/* For DS1963S user tokens */
SHAUser user;
user.portnum = 0;
FindNewSHA(user.portnum, user.devAN, FALSE);
/* Install the authentication secret and write a signed certificate to the device */
InstallServiceData(copr, user, inputAuthSecret, 47);