On Mar 17, 2009, at 8:24 AM, Bo Berglund wrote:
Is it possible to use GPG encryption in embedded applications?
I would like to protect data passing from a PC over to an embedded
computer unit via an unsecure channel (TCP/IP or USB) such that when
it passes in the transfer line it will be GPG encrypted.
The idea is to have the PC program encrypt a fairly large chunk of
data using the embedded unit's public key and then send the result
over the channel into the embedded application.
Inside this (protected) hardware the secret key would be used to
decode the data, then some processing would be done whereupon the
resulting data is again GPG encrypted now with the public key of the
PC program and sent back over the channel.
Finally the PC program would decode the data and further process it.
To do this I figured I would have to use the encryption/decryption
kernel in the GPG package both in the PC and on the embedded
application hardware.
So I would need to be able to:
1) Include the sourcecode of the relevant part of GPG into my PC
application.
2) Include the same in the embedded hardware program.
Is this at all possible and how do I retrieve and identify the
needed sourcefiles in GPG?
In terms of legality - this is legal, but you must follow the
license. GPG is licensed under the GPL. See http://www.gnu.org/licenses/gpl.html
for all the fine details (especially the FAQ there), but in general,
if you want to include bits and pieces of GPG in your application, you
must be prepared to release your application (both the PC side and
embedded side) under the same terms as GPG.
In terms of engineering - is this really what you want? If your goal
is to encrypt over an insecure channel, see OpenSSL or GnuTLS. If
your goal is to encrypt using a library of encryption code, see
libgcrypt or OpenSSL. Libgcrypt, in particular, contains the same
crypto code as GPG (and more), packaged as a library, thus saving you
the bother of extracting it. Note also that the licensing of these
packages are different than GPG, which may be of help as well.
David
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users