Visible to Intel only — GUID: GUID-670F7119-90C9-4AD4-9D7F-CBB57BC0B9C8
Intel® AMT
Cryptography
Events
Inter-Applet Communication (IAC)
Monotonic Counters
OEM Signing
Platform Seed
Applet Attestation Using Intel® Enhanced Privacy ID (Intel® EPID)
SSL\\TLS
Secure Display
Secure Storage
Secure Time
Sessions
Applet Encryption
Provisioning
Encryption Key Setup
Encrypted Trusted Application Generation
Timers
For API Level 1 - Intel® ME 7.x - Sandy Bridge
For API Level 1.1 - Intel® ME 8.x lite - Sandy Bridge
For API Level 2 - Intel® ME 8.0 - Ivy Bridge
For API Level 3 - Intel® ME 8.1 - Ivy Bridge
For API Level 3 - SEC1.0, SEC1.1, SEC1.2, SEC2.0
For API Level 4 - Intel® ME 9.5, Intel ME 9.5.55 - Haswell
For API Level 4 - Intel® ME 9.1, Intel ME 9.1.35 - Haswell
For API Level 5 - Intel® ME 10.0.0 - Haswell
For API Level 6 - Intel® ME 10.0.20 - Broadwell
For API Level 7 - ME 11.0 - Skylake_LP and Skylake_H
For API Level 8 - TXE3.0 - Broxton, ME 11.5/11.8 - Kabylake_LP, Kabylake_H
For API Level 9 - Intel® ME 12.0 - Cannon Lake
Trusted Application Validation Guidelines
Validating the Manifest
Memory and Performance
Error Handling and Recovery
Functional Validation and Multi-Instance Support
Pack and DALP Generation and Validation
Host-Side Software Validation Guidelines
Trusted Application Management Flows
Error Handling and Recovery Flows
Multi-Instance and Interoperability Testing of Trusted Application Management
General and Platform-Related Events
End-to-End and Setup Validation Guidelines
Cross Trusted Application Interoperability Functional Testing
Creating a New Project
Importing an Existing Project
Converting an Existing Project
Building and Packaging Your Project and Running in Emulated Environment
Running Your Project
Running and Testing on Emulation and on Silicon
Debugging Trusted Applications
Preparing and Submitting Your Project for Signing
Signing an Applet
Signing New Versions
Visible to Intel only — GUID: GUID-670F7119-90C9-4AD4-9D7F-CBB57BC0B9C8
Applet Encryption
Intel® Dynamic Application Loader (Intel® DAL) provides OEMs with the ability to encrypt the applet's bytecode in order to protect any intellectual property (IP) that the applet may contain, e.g., DRM algorithms and parameters.
Supported from API level 8, currently only on platforms running Intel® Trusted Execution Engine (Intel® TXE) 3.0 firmware.
Provisioning
The OEM generates an RSA key pair with modulus size 2048/3072/4096 bits, known as the OEM Master Key (OMK). The private key component is provisioned by the OEM during manufacturing using the TEE Management library; the OEM's manufacturing facility is assumed to be a trusted environment, and the TEE_ProvisionOemMasterKey command is enabled only if the platform is in pre-End Of Manufacturing (pre-EOM) state. The OMK is used to encrypt the symmetric applet encryption key. If the TEE_ProvisionOemMasterKey command is invoked more than once, the key is overwritten.
Encryption Key Setup
The OEM generates a symmetric 256-bit encryption key, the Intel DAL Encryption Key (DEK), that is used to encrypt the applet bytecode. In order to provide OEMs with the ability to encrypt different applets with different keys, multiple DEKs are supported. The maximum number of keys is five; each key has a key identifier (ID) between one and five.
The TEE Management library is used to set the DEK, which was encrypted by the OMK, in Intel DAL firmware. The encrypt-then-sign approach is utilized to ensure that the OMK is used only to decrypt authentic and valid payloads. The TEE_SetTAEncryptionKey command sends Intel DAL the DEK encrypted by the OMK public component using standard RSA encryption and then signed by the Security Domain. The signature creates a dependency on Security Domain (SD) installation on the platform; therefore a Security Domain must be installed before the encryption key is set up.
To mitigate possible replay attacks when a valid but older Encryption Key setup payload is used, an initial counter value is provisioned with the OMK. Each encryption key setup command contains a counter that is processed as follows:
if (command.counter < current counter)
reject command
else if (command.counter > current counter)
current counter = command.counter
process command
The maximum supported number of successful DEK setup invocations is five per boot.
Encrypted Trusted Application Generation
The applet's Admin Command Package (ACP) contains a byte property, ta_encrypted, that indicates that the package contains JEFF bytecode that is encrypted, and specifies the DEK that was used to encrypt it:
- 0: Default value. Means that the JEFF bytecode is not encrypted.
- 1-5: The ID of the DEK with which the JEFF bytecode is encrypted.
Following is the flow for generating an encrypted applet:
- The Pack Tool generates the applet ACP with the ta_encrypted property set to 0 (not encrypted).
- The Pack Tool signs on the ACP with the Intel debug key.
- The OEM does the following:
- Encrypts the bytecode in place using the DEK key and IV.
- Appends the MAC and IV to the ACP.
- Assigns the value of the ta_encrypted property to the key ID of the DEK.
- Calculates the hash of the new applet and replaces the hash in the ACP.
- Signs the ACP in the same way as a regular ACP (with the OEM DAL signing key).
For debugging purposes, the Pack Tool may be used to create an encrypted applet with a debug DEK. See the Pack Tool pack command arguments for more details.