Tech-invite3GPPspecsSIPRFCs
Overview21222324252627282931323334353637384‑5x

Content for  TS 31.102  Word version:  17.1.0

Top   Top   Up   Prev   Next
0…   3…   4…   4.2.9…   4.2.17…   4.2.26…   4.2.34…   4.2.44…   4.2.52…   4.2.60…   4.2.68…   4.2.76…   4.2.85…   4.2.93…   4.2.101…   4.2.107…   4.3…   4.4.2…   4.4.2.4…   4.4.3…   4.4.4…   4.4.5…   4.4.6…   4.4.8…   4.4.8.7…   4.4.9…   4.4.11…   4.4.11.7…   4.5…   4.6…   4.7   5…   5.2   5.3   5.4…   5.9…   6…   7…   7.1.2…   7.3…   A   B…   D   E…   G   H…   I…   L…   M…

 

4.4.4  Contents of files at the MexE level

UICC File Structure: DF-MExE under Universal Subscriber Identity Module (USIM) application, according to 3GPP TS-31.102
This clause specifies the EFs in the dedicated file DFMexE. It only applies if the USIM supports MexE (see TS 23.057).
The presence of this DF is indicated in the 'USIM Service Table' as service no. '41' being available.
The EFs in the Dedicated File DFMexE contain execution environment related information.
Up

4.4.4.1  EFMexE-ST (MexE Service table)Word‑p. 152
If service No. 41 is "available", this file shall be present.
This EF indicates which MexE services are available. If a service is not indicated as available in the USIM, the ME shall not select this service.
Identifier: '4F40'Structure: transparentOptional
File size: X bytes, X ≥ 1Update activity: low
Access Conditions:
READPIN
UPDATEADM
DEACTIVATEADM
ACTIVATEADM
Bytes Description M/O Length
1Services No. 1 to No. 8M1 byte
2Services No. 9 to No. 16O1 byte
etc.
XServices (8X-7) to (8X)O1 byte
Services
Contents:Service No. 1:Operator Root Public Key
Service No. 2:Administrator Root Public Key
Service No. 3:Third Party Root Public Key
Service No. 3:RFU
Coding:
the coding rules of the USIM Service Table apply to this table.
Up

4.4.4.2  EFORPK (Operator Root Public Key)

If service No. 41 is "available", this file shall be present.
This EF contains the descriptor(s) of certificates containing the Operator Root Public Key. This EF shall only be allocated if the operator wishes to verify applications and certificates in the MexE operator domain using a root public key held in the USIM. Each record of this EF contains one certificate descriptor.
For example, an operator may provide a second key for recover disaster procedure in order to limit OTA data to load.
Identifier: '4F41'Structure: linear fixedOptional
Record length: X + 10 bytesUpdate activity: low
Access Conditions:
READPIN
UPDATEADM
DEACTIVATEADM
ACTIVATEADM
Bytes Description M/O Length
1Parameters indicatorM1 byte
2FlagsM1 byte
3Type of certificateM1 byte
4 to 5Key/certificate file identifierM2 bytes
6 to 7Offset into key/certificate fileM2 bytes
8 to 9Length of key/certificate dataM2 bytes
10Key identifier length (X)M1 byte
11 to 10+XKey identifierMX bytes
Parameter indicator
Contents:
The parameter indicator indicates if record is full and which optional parameters are present
Coding: bit string
b8 b7 b6 b5 b4 b3 b2 b1
Reserved bit set to 1 (bitx=0 optional parameter present) Certificate descriptor is valid (bit1=0 key descriptor is valid)
 
Flags
Contents:
The authority flag indicates whether the certificate identify an authority (i.e. CA or AA) or not.
Coding:
bit string
b8 b7 b6 b5 b4 b3 b2 b1
RFU RFU Authority certificate (bit=1 certificate of an authority)
 
Type of certificate
Contents:
This field indicates the type of certificate containing the key.
Coding:
binary:
0 : WTLS
1 : X509
2 : X9.68
Other values are reserved for further use
Key/certificate File Identifier
Contents:
these bytes identify an EF which is the key/certificate data file (see clause 4.4.4.5), holding the actual key/certificate data for this record.
Coding:
byte 4: high byte of Key/certificate File Identifier;
byte 5: low byte of Key/certificate File Identifier.
Offset into Key/certificate File
Contents:
these bytes specify an offset into the transparent key/certificate data File identified in bytes 4 and 5.
Coding:
byte 6: high byte of offset into Key/certificate Data File;
byte 7: low byte of offset into Key/certificate Data File
Length of Key/certificate Data
Contents:
these bytes yield the length of the key/certificate data, starting at the offset identified in "Offset into Key/certificate File" field.
Coding:
byte 8: high byte of Key/certificate Data length;
byte 9: low byte of Key/certificate Data length.
Key identifier length
Contents:
This field gives length of key identifier
Coding:
binary
Key identifier
Contents:
This field provides a means of identifying certificates that contain a particular public key (chain building) and linking the public key to its corresponding private key. For more information about value and using see TS 23.057.
Coding:
octet string
Up

4.4.4.3  EFARPK (Administrator Root Public Key)Word‑p. 154
If service No. 41 is "available", this file shall be present.
This EF contains the descriptor(s) of certificates containing the Administrator Root Public Key. This EF shall only be allocated if the SIM issuer wishes to control the Third Party certificates on the terminal using an Administrator root public key held in the USIM. Each record of this EF contents one certificate descriptor.
This file shall contain only one record.
Identifier: '4F42'Structure: linear fixedOptional
Record length: X + 10 bytesUpdate activity: low
Access Conditions:
READPIN
UPDATEADM
DEACTIVATEADM
ACTIVATEADM
Bytes Description M/O Length
1Parameters indicatorM1 byte
2FlagsM1 byte
3Type of certificateM1 byte
4 to 5Key/certificate file identifierM2 bytes
6 to 7Offset into key/certificate fileM2 bytes
8 to 9Length of key/certificate dataM2 bytes
10Key identifier length (X)M1 byte
11 to 10+XKey identifierMX bytes
For contents and coding of all data items see the respective data items of the EF ORPK (clause 4.4.4.2).
Up

4.4.4.4  EFTPRPK (Third Party Root Public Key)Word‑p. 155
If service No. 41 is "available", this file shall be present.
This EF contains descriptor(s) of certificates containing the Third Party root public key (s). This EF shall only be allocated if the USIM issuer wishes to verify applications and certificates in the MexE Third Party domain using root public key(s) held in the USIM. This EF can contain one or more root public keys. Each record of this EF contains one certificate descriptor.
For example, an operator may provide several Third Party Root Public Keys.
Identifier:'4F43'Structure: linear fixedOptional
Record length: X + Y + 11 bytesUpdate activity: low
Access Conditions:
READPIN
UPDATEADM
DEACTIVATEADM
ACTIVATEADM
Bytes Description M/O Length
1Parameters indicatorM1 byte
2FlagsM1 byte
3Type of certificateM1 byte
4 to 5Key/certificate file identifierM2 bytes
6 to 7Offset into key/certificate fileM2 bytes
8 to 9Length of key/certificate dataM2 bytes
10Key identifier length (X)M1 byte
11 to 10+XKey identifierMX bytes
11+XCertificate identifier length (Y)M1 byte
12+X to 11+X+YCertificate identifierMY bytes
Certificate identifier length
Contents:
This field gives the length of the certificate identifier
Coding:
binary
Certificate identifier
Contents:
This field identifies the issuer and provides an easy way to find a certificate. For more information about the value and usage see TS 23.057.
Coding:
Octet string
For contents and coding of all other data items see the respective data items of the EF ORPK (clause 4.4.4.2).
Up

4.4.4.5  EFTKCDF (Trusted Key/Certificates Data Files)

Residing under DFMexE, there may be several key/certificates data files. These EFs containing key/certificates data shall have the following attributes:
Identifier: '4FXX'Structure: transparentOptional
File size: Y bytesUpdate activity: low
Access Conditions:
READPIN
UPDATEADM
DEACTIVATEADM
ACTIVATEADM
Bytes Description M/O Length
1 to YKey/Certificate DataMY bytes
Contents and coding:
Key/certificate data are accessed using the key/certificates descriptors provided by EF TPRPK (see clause 4.4.4.4).
The identifier '4FXX' shall be different from one key/certificate data file to another. For the range of 'XX', see TS 31.101. The length Y may be different from one key/certificate data file to another.
Up

Up   Top   ToC