The write_checkpoint
Tcl command in the Vivado IDE lets you optionally encrypt the exported design checkpoint
using -encrypt
option. This feature is useful to make
sure that the exported checkpoint is fully protected with IEEE 1735-2014 standard
recommendations even when some or all of the input design sources are not encrypted.
Design modules that you have already encrypted are not affected by this command, and carry the same access rights defined for them. Modules which are not encrypted by user would be encrypted using IEEE-1735-2014 V2 standard. By default, only the AMD encryption key is used for encryption and following default access rights are added for the unencrypted modules:
- Common
rights
error_handling = "delegated"
-
AMD tool
rights
xilinx_configuration_visible = "false" xilinx_enable_modification = "false" xilinx_enable_probing = "false" xilinx_enable_netlist_export = "false"
If custom access rights are required, the -key
option can be used to supply a valid key file similar to the encrypt
Tcl command.
Syntax
write_checkpoint [-key <arg>] -encrypt <file>
-encrypt
option works only
when writing out a full design checkpoint. Using the -cell
option
with -encrypt
option does not work.Examples
In the following example, the checkpoint my_ip.dcp
is written out with all unencrypted modules encrypted and
default access rights specified.
write_checkpoint -encrypt my_ip.dcp
This example writes out the same checkpoint my_ip.dcp
, but with the encryption keys and access rights defined in
the key file keyfile.txt
.
write_checkpoint -key keyfile.txt -encrypt my_ip.dcp