Comprehensive technical knowledge base covering 12 GSMA eSIM specifications. 84+ articles on Remote SIM Provisioning — SGP.02, SGP.22, SGP.32, SGP.41, SGP.29, SGP.23, SGP.25, SGP.26 and more.
🏠 eUICC.tech > SGP.23 Test Specifications > Testing the SM-DP+ and SM-DS
💡 Why this matters: The SM-DP+ is the profile factory and the SM-DS is the notification backbone. Together they form the server-side of every eSIM deployment. SGP.23 tests these components across six interfaces (ES2+, ES8+, ES9+, ES12, ES11, TLS) with strict requirements for cryptographic correctness, error handling, and inter-component coordination.
Key takeaways:
- SM-DP+ is tested across three interfaces: ES2+ (Operator-facing, 6 functions), ES8+ (eUICC-facing, 5 functions), and ES9+ (LPA-facing, 5 functions)
- ES2+ testing uses a simulated MNO to verify profile ordering, confirmation, cancellation, release, and progress tracking
- ES8+ testing verifies the end-to-end secure channel: InitialiseSecureChannel, ConfigureISDP, StoreMetadata, LoadProfileElements, ReplaceSessionKeys
- ES9+ testing verifies mutual authentication, bound profile package delivery, client authentication, and notification handling
- SM-DS is tested across ES12 (event registration/deletion from SM-DP+), ES11 (event retrieval by LPA), and ES15 (inter-SM-DS cascading)
- TLS interface testing (Section 4.6) independently verifies mutual authentication, server authentication, and cipher suite compliance
Where SGP.22 defines the server interfaces, SGP.23 defines the test cases that prove a server implementation is correct. This article covers the SM-DP+ and SM-DS testing defined in Sections 4.3, 4.5, and 4.6 of the specification.
The SM-DP+ is tested in up to three configurations:
| Environment | Interfaces Active | Simulated Counterparts |
|---|---|---|
| TE_P1 | ES12 only | S_SM-DS |
| TE_P2 | ES9+ only | S_LPAd |
| TE_P3 | ES2+ + ES9+ + ES12 | S_MNO + S_LPAd + S_SM-DS |
Test data is provided in JSON format. The SM-DP+ IUT is tested as both a TLS server (for ES9+ and ES2+ connections) and a TLS client (for ES12 connections to the SM-DS).
ES2+ is how an operator orders profiles. Six functions are tested:
The operator reserves an ICCID from the SM-DP+’s pool before confirming the order. Test cases verify:
The operator provides the target EID, triggering the SM-DP+ to prepare a profile bound to that specific eUICC. Test cases verify:
ConfirmOrder called twice: optional feature O_P_ES2+_RETRY)ConfirmOrderResponseThe operator can query the status of a profile download in progress. Test cases verify that the SM-DP+ correctly reports download states.
The ES2+ connection itself is tested: the SM-DP+ must present a valid TLS server certificate and optionally perform mutual TLS authentication with the operator.
ES8+ is tunnelled through the LPA: the SM-DP+ sends commands that the LPA relays to the eUICC without seeing the payload. Five functions are tested:
Establishes the end-to-end encrypted channel between the SM-DP+ and the eUICC’s target ISD-P. The SM-DP+ sends SCP03t (Secure Channel Protocol 03: tunnelled) TLVs containing:
<S-ENC> and <S-MAC>Test cases verify that the SM-DP+ generates correct SCP03t structures, uses the eUICC’s one-time public key (otPK.eUICC.ECKA) from PrepareDownload, and derives session keys correctly.
Creates and configures the ISD-P container. The SM-DP+ specifies:
Test cases verify correct ISD-P creation and that the SM-DP+ can configure the ISD-P to the expected state before profile loading begins.
Writes the profile’s metadata into the ISD-P: ICCID, Service Provider Name, Profile Name, Profile Class, Profile Policy Rules, notification addresses. Test cases verify:
The profile package is streamed in chunks. This function is called repeatedly, each time delivering a portion of the bound profile package. Test cases verify:
Optionally replaces the session keys mid-download for enhanced security. When session keys are used (O_P_SESSION_KEYS), test cases verify that the SM-DP+ correctly transitions to new keys without breaking the secure channel.
ES9+ is the HTTPS interface between the SM-DP+ and the device’s LPA (LPD component). Five functions are tested:
The LPA sends the eUICC’s challenge and device info, and the SM-DP+ responds with its own challenge, certificate chain, and transaction ID. Test cases verify:
InitiateAuthenticationResponse)euiccCiPKIdListForSigning)CERT.DPauth.ECDSA must chain to the selected CI)The LPA forwards the eUICC’s signed challenge, and the SM-DP+ verifies the eUICC is genuine. Test cases verify:
The LPA requests the encrypted profile package. The SM-DP+ delivers the BoundProfilePackage : encrypted specifically for the target eUICC. Test cases verify:
The LPA sends profile operation notifications (install result, enable, disable, delete) to the SM-DP+. Test cases verify:
HandleNotificationRequest2.999.10 for SM-DP+) and support the required cipher suite (TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256).The SM-DS is tested across three interfaces, with seven test environments depending on whether it is a Root SM-DS or an Alternative SM-DS:
The SM-DP+ registers an Event on the SM-DS when a profile is ready for a specific eUICC. Two functions:
TLS mutual authentication is required: the SM-DS must verify the SM-DP+’s client certificate.
The device’s LDS polls the SM-DS for pending Events. Test cases verify:
In cascaded SM-DS deployments, Alternative SM-DSs forward Events to a Root SM-DS. Test cases verify:
TLS is tested independently because both SM-DP+ and SM-DS act as TLS servers and TLS clients in different contexts:
Test cases verify: supported cipher suites, certificate chain validation, OID matching (SM-DP+ OID: 2.999.10, SM-DS OID: 2.999.15), supported signature algorithms (ECDSA with SHA-256), and proper handling of TLS session IDs.
Based on GSMA SGP.23 v1.16 (29 April 2025) : RSP Test Specification, Sections 4.3 (SM-DP+ Interfaces), 4.5 (SM-DS Interfaces), 4.6 (TLS Interfaces), 3.2.2 (SM-DP+ and SM-DS Test Environment)
| ← Previous: Testing the LPA: LDS, LPD, and LUI Conformance | Section Index | Next: SGP.23 Certification: From Test Cases to DLOA → |