eSIM RSP SM-DP+ Common Mutual Authentication Part 5: AuthenticateClient

The LPAd takes the response produced by the eUICC in the previous AuthenticateServer step and presents euiccSigned1, euiccSignature1 and the eUICC’s certificates to the SM-DP+ in the AuthenticateClient request:

AuthenticateClient Request Payload

The transaction ID and the base64 encoded authenticateServerResponse are sent by the LPAd to the SM-DP+:

{"transactionId":"0123456789ABCDEF8899aabbccddeeff",
"authenticateServerResponse":"vziCBhigggYUMIIBS4AQASNFZ4mrze+Imaq7zN3u/4MZdGVzdHNtZHBwbHVzMS5leGFtcGxlLmNvbYQQiJmqu8zd7v8AESIzRFVmd78igfiBAwIBAIIDAgIAgwMEBACED4EBAIIEAAgH3oMEAAAcCIUEBn8WwIYDCQIAhwMCAwCIAgSQqSwEFMC8cLo2kp1DtGf/V1cFMOV6uPzYBBT1QXK9+YqV1ly+uIo4ocEdgAqFw6osBBTAvHC6NpKdQ7Rn/1dXBTDlerj82AQU9UFyvfmKldZcvriKOKHBHYAKhcOZAgeABAMAAAEME0cmREFjY3JlZGl0YXRpb25OYnKsSIAfMS4yLjg0MC4xMjM0NTY3L215UGxhdGZvcm1MYWJlbIElaHR0cHM6Ly9teWNvbXBhbnkuY29tL215RExPQVJlZ2lzdHJhcqAOgAIyM6EIgAQ1VQYHoQBfN0Cv1KcLYZZPDhME8zFuB6YL9WNDW5ghWEgjdMLXOYh70CkLzj+Oteb5B+uvjoHDUAxCLPP1EGYu8knESU2MvOwwMIIB/jCCAaWgAwIBAgIJAgAAAAAAAAABMAoGCCqGSM49BAMCMDcxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxSU1AgVGVzdCBFVU0xETAPBgNVBAMMCEVVTSBUZXN0MCAXDTE3MDEwOTE0MzkwM1oYDzc0OTIxMTAyMTQzOTAzWjBkMQswCQYDVQQGEwJERTEVMBMGA1UECgwMUlNQIFRlc3QgRVVNMSkwJwYDVQQFEyA4OTA0OTAzMjEyMzQ1MTIzNDUxMjM0NTY3ODkwMTIzNTETMBEGA1UEAwwKVGVzdCBlVUlDQzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABG2z9Trch9wv8Qx7/Nh60TrpcAmvoGWmdX7lcbPy67GPRsHWjz7esOdLLl1UIFHn0n9QlSAoYFr973n+n//QOVmjazBpMB8GA1UdIwQYMBaAFN09ok01DBzF0K8JZfQOw0xe5AnxMB0GA1UdDgQWBBSlJHavXVCqN2Q3zLHaIXLvRfSE8DAOBgNVHQ8BAf8EBAMCB4AwFwYDVR0gAQH/BA0wCzAJBgdngRIBAgEBMAoGCCqGSM49BAMCA0cAMEQCIF7a6eO5J4o2EmXcvROjv0jXrsQ9KQUSW/rKL0zzp+ZUAiAIn5VruYlZZXfsmG33r2bypEYl84V3TFZlB/byzXLgLDCCAnwwggIhoAMCAQICBBI0VngwCgYIKoZIzj0EAwIwSTEVMBMGA1UEAwwMR1NNQSBUZXN0IENJMREwDwYDVQQLDAhURVNUQ0VSVDEQMA4GA1UECgwHUlNQVEVTVDELMAkGA1UEBhMCSVQwIBcNMTcwMTE5MTgxMDMwWhgPMjA1MTAxMTkxODEwMzBaMDcxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxSU1AgVGVzdCBFVU0xETAPBgNVBAMMCEVVTSBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEzDVklasDLUL2SjQ9MaAB8SF/j9CmIrT7jh1rjP0mDqyO03UwxNA1nbdjhH5xcuhsR62lO7QmU21KSheYyyJBqOCAQUwggEBMB8GA1UdIwQYMBaAFPVBcr35ipXWXL64ijihwR2ACoXDMB0GA1UdDgQWBBTdPaJNNQwcxdCvCWX0DsNMXuQJ8TAOBgNVHQ8BAf8EBAMCAgQwFwYDVR0gAQH/BA0wCzAJBgdngRIBAgECMA4GA1UdEQQHMAWIA4g3BTASBgNVHRMBAf8ECDAGAQH/AgEAMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jaS50ZXN0LmdzbWEuY29tL0NSTC1CLmNybDA+BgNVHR4BAf8ENDAyoDAwLqQsMCoxFTATBgNVBAoMDFJTUCBUZXN0IEVVTTERMA8GA1UEBRMIODkwNDkwMzIwCgYIKoZIzj0EAwIDSQAwRgIhAIxNSyZATqXd6mXrtDwY26sSy5CX3rd/C6FX44x7GLTuAiEA0Y2c86E0h+5lymtI+MGtwC56fYnxdLWuK14dggqbIyOQAA=="
}

AuthenticateClient Parsing authenticateServerResponse

The authenticateServerResponse field is produced by the eUICC and returned to the LPAd. It includes TransactionID, eUICCSigned1, eUICCSignature1 and the eUICC certificate as well as the EUM certificate.

Subsequently the LPAd sends this data to the SM-DP+ in the AuthenticateClient request, base 64 encoded. The following notes deconstruct the decoded hexadecimal.

eUICCSigned1 is provided first containing:

• Transaction ID
• SM-DP+ domain
• Server challenge
• eUICCInfo2
• ctxParams1

// TAG BF38 for authenticateServerResponse 
BF38 820618(1560)   
  A0 820614(1556)

    // eUICCSigned1 ASN.1 SEQUENCE
    30 82014B(331)  

      // Transaction ID
      80 10 0123456789ABCDEF8899AABBCCDDEEFF

      // SM-DP domain UTF-8 testsmdpplus1.example.com
      83 19 74657374736D6470706C7573312E6578616D706C652E636F6D

      // Server challenge
      84 10 8899AABBCCDDEEFF0011223344556677
 

The eUICCInfo2 data structure follows along with the Matching ID and the LPAd generated ctxParams1:

    // TAG BF22 for EUICCInfo2
    BF22 81F8(248)

        // Base eUICC Profile package version supported, v02.01.00
        81 03 020100

        // GSMA SGP.22 version supported (SVN), v02.02.00
        82 03 020200

        // eUICC firmware version, v04.04.00
        83 03 040400

        // Extended Card Resource Information according to ETSI TS 102 226
        84 0F 
          81
          01
          // number of installed apps 
          00
          82
          04
          // free non-volatile memory 
          000807DE
          83
          04
          // free volatile memory
          00001C08

        // UICCCapability BIT STRING
        85 04 067F16C0

        // ts102241Version if supports javacard otherwise omitted ts 102.224
        86 03 090200

        // globalplatformVersion if different to standard
        87 03 020300

        // rspCapability BIT STRING
        88 02 0490

        // TAG A9 is euiccCiPKIdListForVerification, 2C is length = 44 bytes
        A9 2C

          // CIs for verification, by subjectKeyIdentifier
          04 14 C0BC70BA36929D43B467FF57570530E57AB8FCD8
          04 14 F54172BDF98A95D65CBEB88A38A1C11D800A85C3

        // TAG AA is euiccCiPKIdListForSigning, 2C is length
        AA 2C

          // CIs for signing, by subjectKeyIdentifier
          04 14 C0BC70BA36929D43B467FF57570530E57AB8FCD8
          04 14 F54172BDF98A95D65CBEB88A38A1C11D800A85C3

        // euiccCategory is optional and omitted in this example

        // TAG 99 forbiddenProfilePolicyRules is optional and included
        99 02 0780

        // Protection Profile version, 1
        04 03 000001

        // sasAccreditationNumber ASN.1 UTF8String 0..64 = G&DAccreditationNbr
        0C 13 47264441636372656469746174696F6E4E6272

        // CertificationDataObject optional and included
        AC 48

          // UTF-8 string = "1234567/myPlatformLabel"
          80 1F 312E322E3834302E313233343536372F6D79506C6174666F726D4C616265...

          // UTF-8 string "https://mycompany.com/myDLOARegistrar"
          81 25 68747470733A2F2F6D79636F6D70616E792E636F6D2F6D79444C4F41526567697374726172

        // treProperties optional and omitted here

        // treProductReference optional and omitted here
        
        // additionalEuiccProfilePackageVersions optional and omitted here
  

ctxParams1 is generated by the LPAd and contains the Matching ID along with a Device Info data structure:

A0 0E
        // Matching ID UTF-8 string = "12"
        80 02 3233

        A1 08

          // Device Info generated by LPAd
          80 04 35550607
          A1 00

The eUICCSignature1 follows:

    // TAG 5F37 for euiccSignature1
    5F37 40 

      // EC sign r
      AFD4A70B61964F0E1304F3316E07A60BF563435B982158482374C2D739887BD0

      // EC sign s
      290bce3f8eb5e6f907ebaf8e81c3500c422cf3f510662ef249c4494d8cbcec30

And finally the eUICC and EUM certificates are included:

// eUICC cert DER encoded 
308201fe308201a5a0030201020209020000000000000001300a06082a8648ce3d0403023037310b300906035504061302444531153013060355040a0c0c52535020546573742045554d3111300f06035504030c0845554d20546573743020170d3137303130393134333930335a180f37343932313130323134333930335a3064310b300906035504061302444531153013060355040a0c0c52535020546573742045554d312930270603550405132038393034393033323132333435313233343531323334353637383930313233353113301106035504030c0a546573742065554943433059301306072a8648ce3d020106082a8648ce3d030107034200046db3f53adc87dc2ff10c7bfcd87ad13ae97009afa065a6757ee571b3f2ebb18f46c1d68f3edeb0e74b2e5d542051e7d27f50952028605afdef79fe9fffd03959a36b3069301f0603551d23041830168014dd3da24d350c1cc5d0af0965f40ec34c5ee409f1301d0603551d0e04160414a52476af5d50aa376437ccb1da2172ef45f484f0300e0603551d0f0101ff04040302078030170603551d200101ff040d300b3009060767811201020101300a06082a8648ce3d040302034700304402205edae9e3b9278a361265dcbd13a3bf48d7aec43d2905125bfaca2f4cf3a7e6540220089f956bb989596577ec986df7af66f2a44625f385774c566507f6f2cd72e02c

// EUM cert DER encoded 
3082027c30820221a003020102020412345678300a06082a8648ce3d04030230493115301306035504030c0c47534d4120546573742043493111300f060355040b0c0854455354434552543110300e060355040a0c0752535054455354310b30090603550406130249543020170d3137303131393138313033305a180f32303531303131393138313033305a3037310b300906035504061302444531153013060355040a0c0c52535020546573742045554d3111300f06035504030c0845554d20546573743059301306072a8648ce3d020106082a8648ce3d030107034200041330d59256ac0cb50bd928d0f4c68007c485fe3f42988ad3ee3875ae33f4983ab23b4dd4c31340d676dd8e11f9c5cba1b11eb694eed0994db529285e632c8906a382010530820101301f0603551d23041830168014f54172bdf98a95d65cbeb88a38a1c11d800a85c3301d0603551d0e04160414dd3da24d350c1cc5d0af0965f40ec34c5ee409f1300e0603551d0f0101ff04040302020430170603551d200101ff040d300b3009060767811201020102300e0603551d1104073005880388370530120603551d130101ff040830060101ff02010030320603551d1f042b30293027a025a0238621687474703a2f2f63692e746573742e67736d612e636f6d2f43524c2d422e63726c303e0603551d1e0101ff04343032a030302ea42c302a31153013060355040a0c0c52535020546573742045554d3111300f060355040513083839303439303332300a06082a8648ce3d04030203490030460221008c4d4b26404ea5ddea65ebb43c18dbab12cb9097deb77f0ba157e38c7b18b4ee022100d18d9cf3a13487ee65ca6b48f8c1adc02e7a7d89f174b5ae2b5e1d820a9b23239000

Notice that the eUICC certificate contains the EID, expressed as a serial number in the subject line:

SGP.22 v3.0 section 4.5.2.1.0.2

AuthenticateClient Response Payload

The response includes profileMetaData which is provided to the LPAd to display the user with profile information. Note that the user confirmation code isn’t required if it wasn’t originally requested. Whether or not the LPAd displays any information to the user is also left to the client implementation.

smdpSigned2, smdpSignature2 and smdpCertificate are forwarded on by the LPAd to be checked by the eUICC:

{"transactionId":"0123456789abcdef8899aabbccddeeff",
 "profileMetaData":"vyWCACZaCokBMQQQAAAAAHCRBm1vZGU1MZINVGVzdFByb2ZpbGU1MZUBAg==",
  "smdpSigned2":"MBWAEAEjRWeJq83viJmqu8zd7v8BAQA=",
  "smdpSignature2":"XzdAuZxlm/ItPLdkWYVqJNFbbuEm5adgfIeAxbOWaWYW5y4TiCfOaFZ1mmqt4CYNDQYJke/h++2B4CL1/FWOHc/tyA==",
  "smdpCertificate":"MIICOTCCAd+gAwIBAgICAQEwCgYIKoZIzj0EAwIwRDEQMA4GA1UEAwwHVGVzdCBDSTERMA8GA1UECwwIVEVTVENFUlQxEDAOBgNVBAoMB1JTUFRFU1QxCzAJBgNVBAYTAklUMB4XDTIwMDQwMTA4MzQ0NVoXDTMwMDMzMDA4MzQ0NVowJTENMAsGA1UECgwEQUNNRTEUMBIGA1UEAwwLVEVTVCBTTS1EUCswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQQTCrj0C3vnJeSYafGcQB2uXByHQlVomRK4F+uS8IxTl3An2vwEYAmFlNC4hIxh3XjZfO1cyU3MGa5kG4L0TiNo4HfMIHcMB8GA1UdIwQYMBaAFPVBcr35ipXWXL64ijihwR2ACoXDMB0GA1UdDgQWBBTm6vce4PuUMOzNHrtCH4gUN8EyYzAOBgNVHREEBzAFiAOINwowDgYDVR0PAQH/BAQDAgeAMBcGA1UdIAEB/wQNMAswCQYHZ4ESAQIBBTBhBgNVHR8EWjBYMCqgKKAmhiRodHRwOi8vY2kudGVzdC5leGFtcGxlLmNvbS9DUkwtQS5jcmwwKqAooCaGJGh0dHA6Ly9jaS50ZXN0LmV4YW1wbGUuY29tL0NSTC1CLmNybDAKBggqhkjOPQQDAgNIADBFAiA+pRsBKfwR6EPDjIyxBCRMz5LY3bzU1fna/QrvcAqbHAIhAP7zgv9x/vxYFoo2B9VoXbfLSPa0NCYYkUljhbzWtYV6"
}

The profileMetaData decoded payload:

// TAG BF25 for StoreMetaDataRequest 
BF25 

  82001D

    // TAG 5A for ICCID, length and BCD format like EFICCID
    5A 0A 11223344556677889900

    // TAG 91 for ServiceProviderName, "mode51"
    91 06 6D6F64653531

    // TAG 92 for ProfileName, "1234"
    92 04 31323334

    // Profile Class
    95 01 02

The smdpSigned2 decoded payload:

// TAG ASN.1 SEQUENCE
30 15

  // Transaction ID
  80 10 00112233445566778899aabbccddeeff

  // ccRequiredFlag BOOLEAN UNIVERSAL TAG 01
  01 01 00

Please follow us here on Medium and our blog if you would like to receive news updates on the development of mode51 Software’s SM-DP+ and further articles.