Developer Guide

  • 10/27/2020
  • Public Content
Contents

SSL\TLS

Beginning with Intel® Management Engine (Intel® ME) 9.0, trusted applications can use PKI to establish an SSL connection with a remote server.
The Intel® DAL infrastructure exposes to a Trusted Application a set of classes that will allow the Trusted Application to establish a TLS session as a client end-point.
  • Protocol versions:
    • TLS1.0, supported on old platforms only (Intel® ME 11 and older, and Intel® Trusted Execution Engine (Intel® TXE) 4.x and older).
    • TLS 1.1
    • TLS 1.2 supported since Intel ME 12 (API level 9)
  • Supports server authentication.
  • Supports client authentication starting from Intel TXE 3.x and Intel® Converged Security and Management Engine (Intel® CSME) 12.
  • Revocation mechanism supported using CRLs.
  • TLS client supports data chunks as well as whole package data.
  • TLS client supports configuration of security options.
Warning:
On Intel ME 9 through Intel CSME 12, the TLS infrastructure is supported only on Corporate (5MB) firmware SKUs. As a result, using APIs that use this capability, such as those included in
SslSession
,
CertificateChain
,
CertificateStore
and
AMT
, will result in
NotSupportedException
on Consumer (1.5M) firmware SKUs.
Starting from Intel TXE 3 and Intel CSME 13, the TLS infrastructure is supported on all SKUs.
See the SSL Sample for more details.

Product and Performance Information

1

Intel's compilers may or may not optimize to the same degree for non-Intel microprocessors for optimizations that are not unique to Intel microprocessors. These optimizations include SSE2, SSE3, and SSSE3 instruction sets and other optimizations. Intel does not guarantee the availability, functionality, or effectiveness of any optimization on microprocessors not manufactured by Intel. Microprocessor-dependent optimizations in this product are intended for use with Intel microprocessors. Certain optimizations not specific to Intel microarchitecture are reserved for Intel microprocessors. Please refer to the applicable product User and Reference Guides for more information regarding the specific instruction sets covered by this notice.

Notice revision #20110804