PGP Encryption
MOSIS Technical Notes
General instructions for sending encrypted design files to MOSIS using
PGP.
D2 1B B7 32 F4 E3 C0 CF 09 C7 93 24 37 AE 06 08 If the fingerprint does not match, the key is not authentic. If you believe that this web site is authentic (i.e., that it really is a MOSIS web site), and the fingerprint matches the one given here for the public key you previously obtained from this site, then you can conclude that the key really belongs to MOSIS. If you need a stronger guarantee, please contact MOSIS Customer Support by telephone and confirm the key's fingerprint with them.
GNUPG users:
gpg --sign-key MOSIS 1
PGP 2.6.x users:
pgp -ks MOSIS
1 If you have more than one MOSIS key, you will need to find the short ID of the correct one and use that ID to sign the key:
gpg --list-keys MOSIS
gpg --sign-key <short_ID>
The <short_ID> is an 8-character alpha-numeric string obtained
from executing the above command, "gpg --list-keys MOSIS". The
<short_ID> is located on a line beginning with the word "pub"
and starts after the "/" character.
To encrypt a file to be submitted via ftp:
If the design file is named "my_file.gds," GNUPG produces an encrypted
file named "my_file.gds.gpg". PGP produces an encrypted file named
"my_file.gds.pgp".
If you are using the web interface, select the "PGP-encrypted" option
of the Compression/Encryption field in the Fabricate web form.
If you are using the e-mail interface, include the following in your e-mail message:
Getting PGP software
There are several sources of PGP software. Some of the ones we know about are:-
GNU Privacy Guard (GNUPG)
http://www.gnupg.org/
Free for both commercial and non-commercial use. Open source. Current version is 1.4.9.
PGP Corporation Desktop Professional
PGP Desktop Centrally Managed Evaluation
Limited functionality version free for non-commercial use.Obtaining MOSIS's public key
If you want to send MOSIS an encrypted design file, you'll need our current public key. We have two public keys: one for OpenPGP users and one for PGP 2.6.x users. Unless you have the old freeware version PGP 2.6.2 from MIT (or a derivative of this version), you should use the OpenPGP key. Most newer versions of PGP are more or less OpenPGP-compliant, including PGP 5.x, 6.x, and 7.x from Network Associates, freeware PGP 6.5.8 from MIT, and GNUPG 1.x (newest version is GNUPG 1.4.9).
You can get our public key from:
OpenPGP key
NOTE: new OpenPGP key created on July 6, 2009 (expires July 6, 2014).
PGP 2.6.x key
You should store it in a file so that you are ready for the next step.Adding MOSIS's public key to your keyring
To add MOSIS's public key to your keyring, use:
-
GNUPG users:
gpg --import <file_containing_key>
PGP 2.6.x users:
pgp -ka <file_containing_key>
Computing fingerprint
-
You now need to compute the fingerprint of MOSIS's public key, so
you can verify that this really is our key. To do this:
-
GNUPG users:
gpg --fingerprint MOSIS
PGP 2.6.x users:
pgp -kvc MOSIS
Verifying fingerprint
You now need to verify that the public key you have really belongs to MOSIS. Compare the fingerprint displayed in the previous step with one of these fingerprints, depending on which public key you obtained previously:OpenPGP fingerprint:
4ED7 F741 3C29 865C 0042 FF43 55C0 A329 4860 1AF6 PGP 2.6.x fingerprint:D2 1B B7 32 F4 E3 C0 CF 09 C7 93 24 37 AE 06 08 If the fingerprint does not match, the key is not authentic. If you believe that this web site is authentic (i.e., that it really is a MOSIS web site), and the fingerprint matches the one given here for the public key you previously obtained from this site, then you can conclude that the key really belongs to MOSIS. If you need a stronger guarantee, please contact MOSIS Customer Support by telephone and confirm the key's fingerprint with them.
Signing verified key
Once you have verified the fingerprint, you should sign MOSIS's public key to validate it. To do this:gpg --sign-key MOSIS 1
PGP 2.6.x users:
pgp -ks MOSIS
1 If you have more than one MOSIS key, you will need to find the short ID of the correct one and use that ID to sign the key:
gpg --sign-key <short_ID>
Encrypting design file
Now that you have added MOSIS's public key to your keyring, verified its fingerprint, and signed it with your own key, you can PGP-encrypt design files to be submitted for fabrication. Do not compress your file first, since PGP will compress it for you.To encrypt a file to be submitted via ftp:
-
GNUPG users:
gpg -r MOSIS --encrypt <your_file>
PGP 2.6.x users:
pgp -e <your_file> MOSIS
-
To encrypt a file to be submitted via e-mail:
-
GNUPG users:
gpg -r MOSIS --armor --encrypt <your_file>
PGP 2.6.x users:
pgp -a -e <your_file> MOSIS - If the design file is named my_file.gds, GNUPG and PGP both produce an encrypted ASCII-armored file named "my_file.gds.asc".
Submitting encrypted design file for fabrication
Submitting an encrypted design file for fabrication is very similar to submitting a file that is not encrypted. The only difference is that:If you are using the e-mail interface, include the following in your e-mail message:
-
Layout-format: GDS PGP-encrypted (or "CIF PGP-encrypted")
Layout:
<insert ASCII-armored encrypted file here>