OEM Platform Ownership

Intel® Dynamic Application Loader (Intel® DAL) Developer Guide

Download PDF

ID 773482

Date 3/24/2023

Version 1.0

Public

Visible to Intel only — GUID: GUID-3D0DC618-AA48-400C-8EB5-33EAEAAC3F27

View Details

Document Table of Contents

Document Table of Contents x

Intel® Dynamic Application Loader (Intel® DAL) Developer Guide

Intel® Dynamic Application Loader (Intel® DAL) Developer Guide x

Architecture Features SDK Contents Intel® DAL Environment Writing Your Code Project Development Flow Troubleshooting Additional Documentation

Architecture x

Applets Host Applications Host-Applet Interface

Applets x

Applet Manifest Installation

Host-Applet Interface x

Host Interface Service TEE Management Linux Support

TEE Management x

TEE Admin Commands TEE Management Client Interface TEE Management Error Codes Trusted Application Life Cycle

Features x

Intel® AMT Cryptography Events Inter-Applet Communication (IAC) Monotonic Counters OEM Signing Platform Seed Applet Attestation Using Intel® Enhanced Privacy ID (Intel® EPID) SSL\TLS Secure Display Secure Storage Secure Time Sessions Applet Encryption Timers

Cryptography x

Symmetric Key Cryptography Public (Asymmetric) Key Cryptography Hash and MAC Algorithms Platform Binding Key (Pbind) Data Migration Performance Considerations

OEM Signing x

Sub-Security Domain Life Cycle OEM Platform Ownership S-SD Signature Parameters Signing Process

Secure Storage x

Secure Storage Guidelines

Sessions x

Non-Shared Session Shared Session Shared Session Removal Abandoned Sessions

SDK Contents x

Tools Samples Plugins

Tools x

Pack Tool DALPackageCreator Tool Admin Command Tool Emulauncher Generic Host Application (Windows*, Linux*, Android*) Linux Tools Troubleshooter

Generic Host Application (Windows*, Linux*, Android*) x

Generic Windows* and Linux* Host Application Generic Android* Host Application

Samples x

Applets with Host Applications Samples Server Host Applications Only

Applets with Host Applications x

Intel® EPID 1.1 Provisioning Sample Intel® EPID 1.1 Signing Sample DRM Solution Sample Events Sample IAC Sample Protected Storage Sample SIGMA 1.1 Sample SSL Sample Secure Data Migration Sample

Intel® EPID 1.1 Provisioning Sample x

TCB Recovery Flow Sample Components Sample Flow

Host Applications Only x

TEE Management API Sample KDI Sample Linux* Host Application Sample Android* Host Application Sample Android* Native Host Sample

Plugins x

Eclipse* Plugin Microsoft* Visual Studio Plugin for Intel® DAL

Intel® DAL Environment x

Available Platforms and SKUing Processing Power and Speed Memory Power States Applet Manifest API Levels

Memory x

Trusted Application Code Memory Heap Memory Memory Policy Enforcement Preserving VM Space in a Multiple Secure Application Environment Setting Memory Requirements Performance

Writing Your Code x

Using the Applet Manifest Java* Limitations Memory Management Security Guidelines Validation Guidelines OEM Signing Manifest Secure Display Security Guideline Secure Time Guidelines Timer Guidelines

Using the Applet Manifest x

Applet Manifest Fields

Applet Manifest Fields x

Trusted Application Fields Required Properties Trusted Application Manifest Fields Optional Properties Manifest Fields Format Rules Specific Fields SKU Matrix

SKU Matrix x

For API Level 1 - Intel® ME 7.x - Sandy Bridge For API Level 1.1 - Intel® ME 8.x lite - Sandy Bridge For API Level 2 - Intel® ME 8.0 - Ivy Bridge For API Level 3 - Intel® ME 8.1 - Ivy Bridge For API Level 3 - SEC1.0, SEC1.1, SEC1.2, SEC2.0 For API Level 4 - Intel® ME 9.5, Intel ME 9.5.55 - Haswell For API Level 4 - Intel® ME 9.1, Intel ME 9.1.35 - Haswell For API Level 5 - Intel® ME 10.0.0 - Haswell For API Level 6 - Intel® ME 10.0.20 - Broadwell For API Level 7 - ME 11.0 - Skylake_LP and Skylake_H For API Level 8 - TXE3.0 - Broxton, ME 11.5/11.8 - Kabylake_LP, Kabylake_H For API Level 9 - Intel® ME 12.0 - Cannon Lake

Validation Guidelines x

Trusted Application Validation Guidelines Validating the Manifest Memory and Performance Error Handling and Recovery Functional Validation and Multi-Instance Support Pack and DALP Generation and Validation Host-Side Software Validation Guidelines Trusted Application Management Flows Error Handling and Recovery Flows Multi-Instance and Interoperability Testing of Trusted Application Management General and Platform-Related Events End-to-End and Setup Validation Guidelines Cross Trusted Application Interoperability Functional Testing

Project Development Flow x

Creating a New Project Importing an Existing Project Converting an Existing Project Building and Packaging Your Project and Running in Emulated Environment Running Your Project Running and Testing on Emulation and on Silicon Debugging Trusted Applications Preparing and Submitting Your Project for Signing Signing an Applet Signing New Versions

Intel® Dynamic Application Loader (Intel® DAL) Developer Guide

Architecture

Applets

Applet Manifest

Installation

Host Applications

Host-Applet Interface

Host Interface Service

TEE Management

TEE Admin Commands

TEE Management Client Interface

TEE Management Error Codes

Trusted Application Life Cycle

Linux Support

Features

Intel® AMT

Cryptography

Symmetric Key Cryptography

Public (Asymmetric) Key Cryptography

Hash and MAC Algorithms

Platform Binding Key (Pbind)

Data Migration

Performance Considerations

Events

Inter-Applet Communication (IAC)

Monotonic Counters

OEM Signing

Sub-Security Domain Life Cycle

OEM Platform Ownership

S-SD Signature Parameters

Signing Process

Platform Seed

Applet Attestation Using Intel® Enhanced Privacy ID (Intel® EPID)

SSL\TLS

Secure Display

Secure Storage

Secure Storage Guidelines

Secure Time

Sessions

Non-Shared Session

Shared Session

Shared Session Removal

Abandoned Sessions

Applet Encryption

Timers

SDK Contents

Tools

Pack Tool

DALPackageCreator Tool

Admin Command Tool

Emulauncher

Generic Host Application (Windows*, Linux*, Android*)

Generic Windows* and Linux* Host Application

Generic Android* Host Application

Linux Tools

Troubleshooter

Samples

Applets with Host Applications

Intel® EPID 1.1 Provisioning Sample

TCB Recovery Flow

Sample Components

Sample Flow

Intel® EPID 1.1 Signing Sample

DRM Solution Sample

Events Sample

IAC Sample

Protected Storage Sample

SIGMA 1.1 Sample

SSL Sample

Secure Data Migration Sample

Samples Server

Host Applications Only

TEE Management API Sample

KDI Sample

Linux* Host Application Sample

Android* Host Application Sample

Android* Native Host Sample

Plugins

Eclipse* Plugin

Microsoft* Visual Studio Plugin for Intel® DAL

Intel® DAL Environment

Available Platforms and SKUing

Processing Power and Speed

Memory

Trusted Application Code Memory

Heap Memory

Memory Policy Enforcement

Preserving VM Space in a Multiple Secure Application Environment

Setting Memory Requirements

Performance

Power States

Applet Manifest

API Levels

Writing Your Code

Using the Applet Manifest

Applet Manifest Fields

Trusted Application Fields Required Properties

Trusted Application Manifest Fields Optional Properties

Manifest Fields Format Rules

Specific Fields

SKU Matrix

For API Level 1 - Intel® ME 7.x - Sandy Bridge

For API Level 1.1 - Intel® ME 8.x lite - Sandy Bridge

For API Level 2 - Intel® ME 8.0 - Ivy Bridge

For API Level 3 - Intel® ME 8.1 - Ivy Bridge

For API Level 3 - SEC1.0, SEC1.1, SEC1.2, SEC2.0

For API Level 4 - Intel® ME 9.5, Intel ME 9.5.55 - Haswell

For API Level 4 - Intel® ME 9.1, Intel ME 9.1.35 - Haswell

For API Level 5 - Intel® ME 10.0.0 - Haswell

For API Level 6 - Intel® ME 10.0.20 - Broadwell

For API Level 7 - ME 11.0 - Skylake_LP and Skylake_H

For API Level 8 - TXE3.0 - Broxton, ME 11.5/11.8 - Kabylake_LP, Kabylake_H

For API Level 9 - Intel® ME 12.0 - Cannon Lake

Java* Limitations

Memory Management

Security Guidelines

Validation Guidelines

Trusted Application Validation Guidelines

Validating the Manifest

Memory and Performance

Error Handling and Recovery

Functional Validation and Multi-Instance Support

Pack and DALP Generation and Validation

Host-Side Software Validation Guidelines

Trusted Application Management Flows

Error Handling and Recovery Flows

Multi-Instance and Interoperability Testing of Trusted Application Management

General and Platform-Related Events

End-to-End and Setup Validation Guidelines

Cross Trusted Application Interoperability Functional Testing

OEM Signing Manifest

Secure Display Security Guideline

Secure Time Guidelines

Timer Guidelines

Project Development Flow

Creating a New Project

Importing an Existing Project

Converting an Existing Project

Building and Packaging Your Project and Running in Emulated Environment

Running Your Project

Running and Testing on Emulation and on Silicon

Debugging Trusted Applications

Preparing and Submitting Your Project for Signing

Signing an Applet

Signing New Versions

Troubleshooting

Additional Documentation

Visible to Intel only — GUID: GUID-3D0DC618-AA48-400C-8EB5-33EAEAAC3F27

View Details

OEM Platform Ownership

An OEM using Intel® DAL will configure their platforms during manufacturing using the Converged Security Engine (CSE) firmware provided tools so that only Intel DAL trusted applications signed by the OEM will be able to run on them.

The OEM Key Manifest (KM) stores the hash of the OEM Intel DAL public key. The complete public key is stored in the OEM S-SD ACP. During the Security Domain installation, the hash of the complete public key is calculated and compared against the value in the OEM Key Manifest. The OEM Key Manifest is signed by the OEM root key and verified by CSE firmware during platform initialization; therefore only the OEM that owns the platform owner can set the OEM Intel DAL Key hash during platform manufacturing.

In order to ease development and validation on pre-production platforms and emulators, this check is performed only on production SoCs. In addition, the platform ownership verification is disabled for Security Domains that are restricted to a single platform.

Note: The "OEM Signing Enabled" flag should be checked in the Emulauncher settings in order to allow loading of S-SDs on the emulation.

Level Two Title

Sub-Security Domain Life Cycle S-SD Signature Parameters

Select Your Language

Using Intel.com Search

Quick Links

Recent Searches

Advanced Search

Only search in

Intel® Dynamic Application Loader (Intel® DAL) Developer Guide

OEM Platform Ownership