The OEM Intel® DAL Key is a dedicated RSA key pair; the private key component is used in the OEM tools for signing on the Intel DAL trusted applications. The public key component is stored in the OEM Security Domain and the hash of this public key is stored in the OEM Key Manifest which is part of the complete Converged Security Engine (CSE) firmware flash image (IFWI).
The Intel DAL trusted applications signing scheme has the following attributes:
RSA PKCS#1 v1.5
The signature parameters are supplied to the Pack Tool during InstallSD ACP creation, and are signed in the S-SD ACP itself. See the Pack Tool "Signature Parameters File" section for the format of the signature parameters XML file to be supplied to the Pack Tool.