DecryptionToolProtectionRequirements < P1735

P1735 Web>P1735GroupPrivateWorkspace>P1735VisibilityManagement>DecryptionToolProtectionRequirements (2010-07-23, JohnShields) (raw view)EditAttach
24.1.6 Protection requirements for decryption tools

Since the purpose of encrypting portions of a VHDL description is to prevent disclosure of those portions to
a user, a decryption tool, after processing a decryption envelope, shall conform to the following restriction,
unless otherwise permitted in an implementation-defined manner by the effect of acquiring a license (see
24.1.2.24):

   * A decryption tool shall not display or store in any form accessible to the user or other tools any parts of decrypted portions of a VHDL description, decrypted keys, or decrypted digests.
   * If a decryption tool transforms a decrypted portion of a VHDL description (for example, by synthesizing a circuit and describing it in VHDL or any other representation), then these requirements shall apply to the transformed portion also.
   * If a decryption tool provides a means for the tool user to gain access to a representation of a VHDL description or an elaboration of a VHDL description (for example, by means of a user interface or an applications programming interface such as VHPI), then the tool shall not provide access to any representation of a decrypted portion of a VHDL description other than a representation of an object specified by a protect viewport directive.
   * Any message (for example, an error message) generated by a decryption tool shall not include information that discloses content of a decrypted portion of a VHDL description, a decrypted key, or a decrypted digest. For example, a message shall not include a name or hierarchical path name identifying part of a decrypted portion of a VHDL description.
   * If a decryption tool executes an assertion statement (see 10.3) that causes an assertion violation, or executes a report statement (see 10.4), the message shall not include the name of the design unit containing the statement, the rules of 10.3 and 10.4 notwithstanding.
   * The value of any 'INSTANCE_NAME or 'PATH_NAME predefined attribute (see 16.2) formed by the decryption tool shall not include any element that is a name or label defined in a decrypted portion of a VHDL description, the rules of 16.2 notwithstanding.
   * If a decrypted portion of a VHDL description includes an instantiation of a declaration that is declared in a portion of the VHDL description that is not encrypted, a decryption tool may provide access to a representation of the design subhierarchy whose root is the instance, provided the means of providing access does not contradict other requirements of this subclause. For example, a VHPI tool may return a handle to a VHPI object representing such an instance and allow navigation of associations from that reference object, provided the target objects represent parts of the design subhierarchy.
Topic revision: r1 - 2010-07-23 - 15:59:26 - JohnShields
P1735