encrypt [-key <arg>]-lang <arg> [-quiet] [-verbose] [-ext <arg>] <files>...
The encrypt
Tcl command is available from the Tcl Console in the
Vivado IDE, or in the standalone Vivado Tcl
shell. By default, this command encrypts the existing files in-place, which means that
the original files are overwritten and replaced with the encrypted versions unless you
use the -ext
option.
-ext
option to
prevent encrypt from overwriting, or make copies of your source file prior to running
the encrypt command.The IEEE-1735-2014 V2 definition area can be placed either in-line in the HDL source
file, or in a separate key file. The encrypt -key
option directs the
Vivado tool where to look for this information.
The -key
option specifies an RSA key file that includes the
IEEE-1735-2014 V2 supported pragmas that provide the encryption key, define access
rights, and other optional information. The key file must use the same language and
extension as the source files being encrypted (VHDL, Verilog, SystemVerilog).
-key
is
specified and the source file already has the encryption key and required pragmas in the
definition area, the -key
argument is ignored.If -key
is not specified, the Vivado tool looks for
encryption keys and pragmas embedded within the source files that is being
encrypted.
The following example uses the -key
option to do the following:
- Point to an encryption key file.
- Specify the target language as Verilog.
- Specify the design file to encrypt.
- Specify a new file extension to use when generating the encrypted files to prevent overwriting the original source files.
encrypt -lang verilog -ext .vp -key keyfile.txt myip.v
The final example searches for the encryption key inside the design source file, specifies the target language as Verilog, specifies the design file to encrypt, and specifies a new file extension to use when generating the encrypted files to prevent overwriting the original source files:
encrypt -lang verilog -ext .vp my_ip.v