RSP Profile Download

CoreESIM: SM-DP+ Activation Handshake Protocol Reference

3 min read

CoreESIM functions as the embedded Universal Integrated Circuit Card (eUICC) platform, responsible for the secure management and execution of digital SIM profiles. Remote SIM Provisioning (RSP) enables the over-the-air (OTA) provisioning and lifecycle management of these profiles. Central to the RSP ecosystem is the Subscription Manager - Data Preparation+ (SM-DP+), the entity tasked with the secure preparation, storage, and delivery of operational profiles to an eUICC.

The SM-DP+ Activation Handshake

The SM-DP+ activation handshake facilitates the secure download and installation of an operational profile onto an eUICC, such as CoreESIM. This process adheres primarily to the GSMA SGP.22 specification for consumer devices, which defines the architecture, roles, and interactions between the eUICC (CoreESIM), the Local Profile Assistant (LPA) residing on the device, and the SM-DP+.

The provisioning process is typically initiated by the LPA on the host device. The LPA first obtains the SM-DP+ address information, commonly through scanning a QR code, manual entry, or by querying a Discovery Server (DS). If a DS is utilized, the LPA sends an ES9+ Get SM-DP+ Address request to retrieve the fully qualified domain name (FQDN) of the appropriate SM-DP+ for the target profile.

Upon identifying the SM-DP+, the LPA, acting on behalf of the eUICC, initiates a Transport Layer Security (TLS) 1.2 or 1.3 connection to the SM-DP+. A critical phase involves mutual authentication: the SM-DP+ authenticates the eUICC's EID (eUICC ID) using its digitally signed certificate, while the eUICC authenticates the SM-DP+'s identity via its own certificate chain. This validation against trusted root Certificate Authorities (CAs) leverages a Public Key Infrastructure (PKI) conforming to GSMA SGP.22 Annex B. Successful authentication establishes a secure, encrypted communication channel.

With the secure channel established, the LPA transmits an ES9+ GetBoundProfilePackage request to the SM-DP+, specifying the EID and, if applicable, a matching ID for the desired profile. The SM-DP+ then generates, signs, and encrypts the profile package specifically for the target eUICC. This encrypted profile package is securely transmitted over the established channel to CoreESIM. CoreESIM subsequently decrypts, verifies the integrity and authenticity of the package, and installs the profile, updating its internal state to reflect the new operational profile.

Finally, upon successful installation, the LPA sends an ES10b EnableProfile command to CoreESIM, activating the newly downloaded profile for network access. The SM-DP+ is notified of the profile's state change via ES9+ HandleProfileActivated or similar status updates, ensuring consistent synchronization for profile lifecycle management. Robust error handling, including retry mechanisms and state integrity checks, is implemented at each stage to ensure reliable and secure provisioning.