write_checkpoint Tcl command in the Vivado IDE lets you optionally encrypt the exported design checkpoint
-encrypt option. This feature is useful to make
sure that the exported checkpoint is fully protected with IEEE 1735-2014 standard
recommendations even when some or all of the input design sources are not encrypted.
Design modules that you have already encrypted are not affected by this command, and carry the same access rights defined for them. Modules which are not encrypted by user would be encrypted using IEEE-1735-2014 V2 standard. By default, only the AMD encryption key is used for encryption and following default access rights are added for the unencrypted modules:
error_handling = "delegated"
xilinx_configuration_visible = "false" xilinx_enable_modification = "false" xilinx_enable_probing = "false" xilinx_enable_netlist_export = "false"
If custom access rights are required, the
option can be used to supply a valid key file similar to the
encrypt Tcl command.
write_checkpoint [-key <arg>] -encrypt <file>
-encryptoption works only when writing out a full design checkpoint. Using the
-encryptoption does not work.
In the following example, the checkpoint
my_ip.dcp is written out with all unencrypted modules encrypted and
default access rights specified.
write_checkpoint -encrypt my_ip.dcp
This example writes out the same checkpoint
my_ip.dcp, but with the encryption keys and access rights defined in
the key file
write_checkpoint -key keyfile.txt -encrypt my_ip.dcp