eSIM RSP SM-DP+ Common Mutual Authentication Part 4: AuthenticateServer

The LPAd takes the SM-DP+’s response to the previous InitiateAuthentication step and sends it on to the eUICC, with the addition of ctxParams1. This is the ES10b.AuthenticateServer procedure.

The eUICC confirms that the CERT.DPauth.ECDSA is available and uses the public key from it to verify that serverSignature1 is correct:

In ES10b.AuthenticateServer the LPAd sends the InitiateAuthentication response from the SM-DP+ on to the eUICC

AuthenticateServer Response

A new euiccSigned1 data structure containing the transaction ID, server challenge, ctxParams1 and a new euiccInfo2 along with the eUICC and EUM certificates is returned by the eUICC to the LPAd:

In the next step, part 5, the LPAd sends this data on via AuthenticateClient to the SM-DP+.