Intel

Developer Zone

Applet APIs

The Intel DAL SDK includes the following API packages:  

  • Crypto - provides an interface for cryptographic services.  
    This package includes interfaces to Cipher, Hash, SecureSession, SequentialCipher, SequentialSignature, Signature and StreamCipher.
  • Langutil - provides language related Intel extensions.  
    This package includes an interface to Enumerator.
  • NFC - provides an interface to Intel proprietary services available for applets usage, allowing detection and communication with NFC cards.  
    This package includes an interface to CardClient.
  • Sensors - provides an interface to the sensors attached to the platform.  
    This package includes an interface to SensorManager.
  • UI - interface for building custom user dialogs and displaying them in a protected way.  
    This package includes an interface to Clickable.
  • Util - interface to Intel proprietary services available for trusted application usage.  
    This package includes an interface to TimerClient.

For information on the Intel DAL Host Interface Service APIs, see Intel DAL Host Interface Service.

Developer Notes

When developing your code, keep the following points in mind:

  • Ensure that array sizes are large enough.  Mismatches between the allocated array size and a called array index value or provided length will result in a java.lang.ArrayIndexOutOfBoundsException.
  • Ensure that buffers sizes are positive and large enough for the data to be stored.  Mismatches between defined and called buffer sizes will result in a java.lang.ArrayIndexOutOfBoundsException.
  • Ensure that required parameters are allocated and initialized. Providing a required parameter as null will result in a java.lang.NullPointerException.
  • Floating point or double variable type parameters are not supported by Intel DAL due to the embedded nature of the JVM.
  • Ensure that RSA key modulus is not set to zero [0].  A zero value modulus results in a division by zero and that can cause unexpected behaviors in the system.

Intel DAL API Levels & Features

Level Security Engine CPU/Platform Features Functions JDK
1  ME 7.x  Sandy Bridge 
  • Crypto
  • Basic APIs - JAVA functions
1.3
1.1  ME 8.x lite  Sandy Bridge  
  • IntelApplet.setResponseCode function
  • IntelApplet.getResponseBufferSize function
  • IntelApplet.getSessionIdLength function
  • IntelApplet.getSessionId function
1.3
2.0  ME 8.0  Ivy Bridge
  • Secured_UI
  • Events
  • Timers
  • Java.util namespace
  • List class
  • Enumerator class
  • PlatformCapability class
  • SigmaAlgEx class
1.3
3

ME 8.1

SEC 1.0

SEC 2.0

Ivy Bridge

Bay Trail

Cherry Trail

  • NFC
  1.3
4  ME 9.x  Haswell
  • SSL
  • EPID_1.1
  • com.intel.util.Calendar.DateTime.isAfter 
  • com.intel.util.Calendar.DateTime.isBefore 
  • com.intel.util.Calendar.DateTime.equals 
  • com.intel.util.Calendar.TimeRange.contains
1.3
5  ME 10.0  Haswell

 

  • com.intel.crypto.RsaAlg.getPrivateKeyComponents
  • com.intel.crypto.RsaAlg.getPrivateKeyComponentsSize
  • com.intel.crypto.PasswordKeyDerivationAlg class 
  • com.intel.util.PlatformInfo class  
1.6
6  ME 10.0.20

 Haswell

Broadwell

 
  • com.intel.crypto.CertificateChain class

1.6

7

 ME 11.0

Sky Lake

 

  • Sensors
  • Inter-Applet Communication (IAC)
  •  com.intel.crypto.SigmaAlgEx.setProperty 
  •  com.intel.crypto.SigmaAlgEx.getProperty
  •  com.intel.crypto.EccAlg class
  •  com.intel.crypto.EccAlg.CurvePoint class
  •  com.intel.crypto.EccAlg.CurveProperties class
  •  com.intel.util.FlashStorage.setProperty
  •  com.intel.util.FlashStorage.getProperty
  •  com.intel.langutil.Iterator<E> interface
  •  com.intel.langutil.LinkedList<E> class
  •  com.intel.util.AMT class
  •  com.intel.util.SEMonotonicCounter class

1.6

8

 TXE 3.0

 ME 11.5

Broxton

Kaby Lake

com.intel.sensors.* APIs are not supported

  • java.lang.Class class
  • com.intel.langutil.TypeConverter.bytesToLong
  • com.intel.langutil.TypeConverter.longToBytes
  • com.intel.util.PlatformInfo.isCoinBatteryPresent
  • com.intel.util.PlatformInfo.getSecurityDomainUUID
  • com.intel.sensors.SensorNotSupportedException class
  • com.intel.sensors.Sensor.getSerialNumber
  • com.intel.sensors.SensorDataField.getSingleValueSize
  • com.intel.sensors.SensorProperty.getSingleValueSize

1.6

8 TXE 3.0 Broxton
  • ECIES
  • SSL Client 
    Authentication
  •  com.intel.crypto.AuthenticatedBlockCipherAlg class
  •  com.intel.crypto.KeyWrap class
  •  com.intel.crypto.PlatformSeed class
  • com.intel.util.PlatformInfo.retrieveOemPublicKeyHash
1.6
8 ME 11.5 Kaby Lake
  • AMTProvision
  • FipsMode
  • com.intel.util.AMT.getWlanProfileType
  • com.intel.util.AMT.isInterfaceIpValid
  • com.intel.util.PlatformInfo.getUniquePlatformId
1.6
8

ME 11.8

TXE3.1.50

Kaby Lake

Broxton

  • DataMigration
  • com.intel.util.PlatformInfo.getSecurityEngineSVN
  • com.intel.util.SEMonotonicCounter.clearTpmComponent
  • com.intel.util.PlatformInfo.retrieveTpmComponent
  • com.intel.util.PlatformInfo.retrieveTpmEkPublicKeyHash
  • com.intel.crypto.PlatformSeed.retrieveUniqueSeedByCurrSvn
  • com.intel.crypto.PlatformSeed.retrieveUniqueSeedByPrevSvn
1.6
8

TXE 4.0

Gemini Lake

 

  • com.intel.util.FlashStorage.getAntiReplayType
1.6
9

ME 12.0

Cannon Lake

  • EPID / Sigma 2.0
  • com.intel.crypto.NotReadyException class
  • com.intel.util.PlatformInfo.getEOMState
1.6

 

The Intel DAL SDK includes the following API packages:  

  • Crypto - provides an interface for cryptographic services.  
    This package includes interfaces to Cipher, Hash, SecureSession, SequentialCipher, SequentialSignature, Signature and StreamCipher.
  • Langutil - provides language related Intel extensions.  
    This package includes an interface to Enumerator.
  • NFC - provides an interface to Intel proprietary services available for applets usage, allowing detection and communication with NFC cards.  
    This package includes an interface to CardClient.
  • Sensors - provides an interface to the sensors attached to the platform.  
    This package includes an interface to SensorManager.
  • UI - interface for building custom user dialogs and displaying them in a protected way.  
    This package includes an interface to Clickable.
  • Util - interface to Intel proprietary services available for trusted application usage.  
    This package includes an interface to TimerClient.

For information on the Intel DAL Host Interface Service APIs, see Intel DAL Host Interface Service.

Developer Notes

When developing your code, keep the following points in mind:

  • Ensure that array sizes are large enough.  Mismatches between the allocated array size and a called array index value or provided length will result in a java.lang.ArrayIndexOutOfBoundsException.
  • Ensure that buffers sizes are positive and large enough for the data to be stored.  Mismatches between defined and called buffer sizes will result in a java.lang.ArrayIndexOutOfBoundsException.
  • Ensure that required parameters are allocated and initialized. Providing a required parameter as null will result in a java.lang.NullPointerException.
  • Floating point or double variable type parameters are not supported by Intel DAL due to the embedded nature of the JVM.
  • Ensure that RSA key modulus is not set to zero [0].  A zero value modulus results in a division by zero and that can cause unexpected behaviors in the system.

Intel DAL API Levels & Features

Level Security Engine CPU/Platform Features Functions JDK
1  ME 7.x  Sandy Bridge 
  • Crypto
  • Basic APIs - JAVA functions
1.3
1.1  ME 8.x lite  Sandy Bridge  
  • IntelApplet.setResponseCode function
  • IntelApplet.getResponseBufferSize function
  • IntelApplet.getSessionIdLength function
  • IntelApplet.getSessionId function
1.3
2.0  ME 8.0  Ivy Bridge
  • Secured_UI
  • Events
  • Timers
  • Java.util namespace
  • List class
  • Enumerator class
  • PlatformCapability class
  • SigmaAlgEx class
1.3
3

ME 8.1

SEC 1.0

SEC 2.0

Ivy Bridge

Bay Trail

Cherry Trail

  • NFC
  1.3
4  ME 9.x  Haswell
  • SSL
  • EPID_1.1
  • com.intel.util.Calendar.DateTime.isAfter 
  • com.intel.util.Calendar.DateTime.isBefore 
  • com.intel.util.Calendar.DateTime.equals 
  • com.intel.util.Calendar.TimeRange.contains
1.3
5  ME 10.0  Haswell

 

  • com.intel.crypto.RsaAlg.getPrivateKeyComponents
  • com.intel.crypto.RsaAlg.getPrivateKeyComponentsSize
  • com.intel.crypto.PasswordKeyDerivationAlg class 
  • com.intel.util.PlatformInfo class  
1.6
6  ME 10.0.20

 Haswell

Broadwell

 
  • com.intel.crypto.CertificateChain class

1.6

7

 ME 11.0

Sky Lake

 

  • Sensors
  • Inter-Applet Communication (IAC)
  •  com.intel.crypto.SigmaAlgEx.setProperty 
  •  com.intel.crypto.SigmaAlgEx.getProperty
  •  com.intel.crypto.EccAlg class
  •  com.intel.crypto.EccAlg.CurvePoint class
  •  com.intel.crypto.EccAlg.CurveProperties class
  •  com.intel.util.FlashStorage.setProperty
  •  com.intel.util.FlashStorage.getProperty
  •  com.intel.langutil.Iterator<E> interface
  •  com.intel.langutil.LinkedList<E> class
  •  com.intel.util.AMT class
  •  com.intel.util.SEMonotonicCounter class

1.6

8

 TXE 3.0

 ME 11.5

Broxton

Kaby Lake

com.intel.sensors.* APIs are not supported

  • java.lang.Class class
  • com.intel.langutil.TypeConverter.bytesToLong
  • com.intel.langutil.TypeConverter.longToBytes
  • com.intel.util.PlatformInfo.isCoinBatteryPresent
  • com.intel.util.PlatformInfo.getSecurityDomainUUID
  • com.intel.sensors.SensorNotSupportedException class
  • com.intel.sensors.Sensor.getSerialNumber
  • com.intel.sensors.SensorDataField.getSingleValueSize
  • com.intel.sensors.SensorProperty.getSingleValueSize

1.6

8 TXE 3.0 Broxton
  • ECIES
  • SSL Client 
    Authentication
  •  com.intel.crypto.AuthenticatedBlockCipherAlg class
  •  com.intel.crypto.KeyWrap class
  •  com.intel.crypto.PlatformSeed class
  • com.intel.util.PlatformInfo.retrieveOemPublicKeyHash
1.6
8 ME 11.5 Kaby Lake
  • AMTProvision
  • FipsMode
  • com.intel.util.AMT.getWlanProfileType
  • com.intel.util.AMT.isInterfaceIpValid
  • com.intel.util.PlatformInfo.getUniquePlatformId
1.6
8

ME 11.8

TXE3.1.50

Kaby Lake

Broxton

  • DataMigration
  • com.intel.util.PlatformInfo.getSecurityEngineSVN
  • com.intel.util.SEMonotonicCounter.clearTpmComponent
  • com.intel.util.PlatformInfo.retrieveTpmComponent
  • com.intel.util.PlatformInfo.retrieveTpmEkPublicKeyHash
  • com.intel.crypto.PlatformSeed.retrieveUniqueSeedByCurrSvn
  • com.intel.crypto.PlatformSeed.retrieveUniqueSeedByPrevSvn
1.6
8

TXE 4.0

Gemini Lake

 

  • com.intel.util.FlashStorage.getAntiReplayType
1.6
9

ME 12.0

Cannon Lake

  • EPID / Sigma 2.0
  • com.intel.crypto.NotReadyException class
  • com.intel.util.PlatformInfo.getEOMState
1.6