Visible to Intel only — GUID: GUID-64958378-DCD6-4994-8C43-61A89B3D7762
Visible to Intel only — GUID: GUID-64958378-DCD6-4994-8C43-61A89B3D7762
Using the Applet Manifest
This page provides an overview of the applet manifest's importance in an applet, and how it governs the applet's access to Intel® DAL features. For a list of fields in the manifest, see the Applet Manifest fields page.
Every trusted application includes what is known as an applet manifest. This file contains the applet's metadata: the supported firmware versions, the list of Java* classes the applet has permission to access, the applet's heap size, and so on. Some of the manifest fields are merely descriptive; others modify the applet's behavior. The contents of the applet manifest determine whether the applet has permission to access any or all of the other features in this section.
The contents of the manifest are verified with each signing request and this information is signed in the trusted application itself.
Some of the manifest fields are available to the host software to identify the trusted application that it is currently communicating with while some of the fields are internal to help the user further notate a project.
Use the Intel DAL Manifest Editor, which comes as part of the Eclipse* plugin, to edit the editable fields in a manifest if needed. The Manifest Editor checks the validity of each value as well as also checks compatibility between the firmware version and the API version used in a trusted application.
Trusted Application SKUing
Intel DAL supports trusted application SKU limitations in the trusted application manifest.
A trusted application can be limited to:
- PCH SKU list
- CPU type list (e.g. vPro, Core)
- Platform specific feature set (e.g. Intel® ME 8-full)
Because each trusted application manifest is signed, unlike software or installer solutions, this mechanism is more secure and cannot be circumvented. See the SKU Matrix section of the Applet Manifest guidelines.
Supported from API level 2