|
|
General instructions for sending encrypted design files to MOSIS using
PGP.
MOSIS Technical Notes
PGP Encryption
Getting PGP software
There are several sources of PGP software. Some of the ones we know
about are:
-
GNU Privacy Guard (GNUPG)
-
http://www.gnupg.org/
-
Free for both commercial and non-commercial use.
Open source. Current version is 1.4.9.
-
PGP Corporation Desktop Professional
-
PGP Desktop Centrally Managed Evaluation
- Limited functionality version free for non-commercial use.
Obtaining MOSIS's public key
If you want to send MOSIS an encrypted design file, you'll need our
current public key. We have two public keys: one for OpenPGP users
and one for PGP 2.6.x users. Unless you have the old freeware version
PGP 2.6.2 from MIT (or a derivative of this version), you should use
the OpenPGP key. Most newer versions of PGP are more or less
OpenPGP-compliant, including PGP 5.x, 6.x, and 7.x from Network
Associates, freeware PGP 6.5.8 from MIT, and GNUPG 1.x (newest version
is GNUPG 1.4.9).
-
You can get our public key from:
-
OpenPGP key
NOTE: new OpenPGP key created on July 6, 2009 (expires
July 6, 2014).
PGP 2.6.x key
You should store it in a file so that you are ready for the next step.
Adding MOSIS's public key to your keyring
-
To add MOSIS's public key to your keyring, use:
-
GNUPG users:
gpg --import <file_containing_key>
PGP 2.6.x users:
pgp -ka <file_containing_key>
where <file_containing_key> is the name of the file in which you stored
the key in the previous step. For users of other PGP versions,
the PGP 2.6.x commands may work. If they do not, please consult
your PGP documentation.
Computing fingerprint
-
You now need to compute the fingerprint of MOSIS's public key, so
you can verify that this really is our key. To do this:
-
GNUPG users:
gpg --fingerprint MOSIS
PGP 2.6.x users:
pgp -kvc MOSIS
This will display information about the key, including a line that
contains the key fingerprint.
Verifying fingerprint
-
You now need to verify that the public key you have really belongs
to MOSIS. Compare the fingerprint displayed in the previous step
with one of these fingerprints, depending on which public key
you obtained previously:
-
OpenPGP fingerprint:
4ED7 F741 3C29 865C 0042 FF43 55C0 A329 4860 1AF6
PGP 2.6.x fingerprint:
D2 1B B7 32 F4 E3 C0 CF 09 C7 93 24 37 AE 06 08
If the fingerprint does not match, the key is not authentic. If you
believe that this web site is authentic (i.e., that it really is a
MOSIS web site), and the fingerprint matches the one given here for the
public key you previously obtained from this site, then you can
conclude that the key really belongs to MOSIS. If you need a stronger
guarantee, please contact MOSIS Customer Support by telephone and
confirm the key's fingerprint with them.
Signing verified key
-
Once you have verified the fingerprint, you should sign MOSIS's public
key to validate it. To do this:
-
GNUPG users:
gpg --sign-key MOSIS
1
PGP 2.6.x users:
pgp -ks MOSIS
1
If you have more than one MOSIS key, you will need to find
the short ID of the correct one and use that ID to sign the key:
gpg --list-keys MOSIS
gpg --sign-key <short_ID>
The <short_ID> is an 8-character alpha-numeric string obtained
from executing the above command, "gpg --list-keys MOSIS". The
<short_ID> is located on a line beginning with the word "pub"
and starts after the "/" character.
Encrypting design file
-
Now that you have added MOSIS's public key to your keyring, verified
its fingerprint, and signed it with your own key, you can PGP-encrypt
design files to be submitted for fabrication. Do not compress your
file first, since PGP will compress it for you.
To encrypt a file to be submitted via ftp:
-
GNUPG users:
gpg -r MOSIS --encrypt <your_file>
PGP 2.6.x users:
pgp -e <your_file> MOSIS
-
If the design file is named "my_file.gds," GNUPG produces an encrypted
file named "my_file.gds.gpg". PGP produces an encrypted file named
"my_file.gds.pgp".
-
To encrypt a file to be submitted via e-mail:
-
GNUPG users:
gpg -r MOSIS --armor --encrypt <your_file>
PGP 2.6.x users:
pgp -a -e <your_file> MOSIS
-
If the design file is named my_file.gds, GNUPG and PGP both produce an
encrypted ASCII-armored file named "my_file.gds.asc".
Submitting encrypted design file for fabrication
-
Submitting an encrypted design file for fabrication is very similar
to submitting a file that is not encrypted. The only difference is
that:
-
If you are using the web interface, select the "PGP-encrypted" option
of the Compression/Encryption field in the Fabricate web form.
If you are using the e-mail interface, include the following in your
e-mail message:
-
Layout-format: GDS PGP-encrypted (or "CIF PGP-encrypted")
Layout:
<insert ASCII-armored encrypted file here>
|
Related Links
Fabrication Schedule
Customer Support
MOSIS Products
|
|
|
