[Docs] [txt|pdf] [Tracker] [Email] [Diff1] [Diff2] [Nits] [IPR]

Versions: 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37

  Internet Draft                                               P.Urien
  Document: draft-urien-eap-smartcard-05.txt             A.J. Farrugia
                                                               M.Groot
                                                             G.Pujolle
                                                             J.Abellan
  Expires:                                                October 2004

                          EAP-Support in smartcard


Status

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC 2026.
   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.
   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsolete by other documents
   at any time.  It is inappropriate to use Internet-Drafts as
   reference material or to cite them other than as "work in progress."
   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt
   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

1 Abstract

   This document will describe the interface to the EAP protocol in
   smartcards, which could store multiple identities associated to
   Network Access Identifiers.





















   Urien & All      Informational - Expires October 2004              1

                     Integrating EAP in smartcards             May 2004

Table of Contents

   1 Abstract.........................................................1
   2 Overview.........................................................3
   3 Terms............................................................4
   4 Relationship with RFC 2284.......................................4
      4.1 EAP multiplexing model......................................4
      4.2 EAP smartcards..............................................5
   5 Identification label.............................................6
   6 UserID Coding Rules..............................................6
   7 Mandatory and optional services..................................7
      7.1 Add-Identity................................................7
      7.2 Delete-Identity.............................................7
      7.3 Get-Preferred-Identity......................................7
      7.4 Get-Current-Identity........................................7
      7.5 Get-Next-Identity...........................................7
      7.6 Get-Profile-Data............................................8
      7.7 Set-Identity................................................8
      7.8 Process-EAP.................................................8
      7.9 Get-Session-Key (SK)........................................9
      7.10 Get-802.1X-State...........................................9
      7.11 Reset-801.1X-State.........................................9
      7.12 Method Functions...........................................9
      7.13 Relationship with the 802.1X supplicant state machine......9
      7.14 Authentication-Status.....................................10
      7.15 Multiple EAP Identity selections..........................10
   8 Relationships with the Authentication Agent.....................11
   9 ISO 7816-4 APDUs................................................11
      9.1 ISO 7816 Status Word.......................................11
      9.2 PIN Management.............................................12
          9.2.1 Verify PIN...........................................12
          9.2.2 Change PIN...........................................12
          9.2.3 Enable PIN...........................................13
          9.2.4 Disable PIN..........................................13
          9.2.5 Unblock PIN..........................................13
      9.3 Multi-Applications smartcard considerations................13
      9.4 Add-Identity...............................................14
      9.5 Delete-Identity............................................14
      9.6 Get-Preferred-Identity.....................................14
      9.7 Get-Current-Identity.......................................15
      9.8 Get-Next-Identity..........................................15
      9.9 Get-Profile-Data...........................................15
      9.10 Set-Identity..............................................16
      9.11 Set-Multiple-Identity.....................................16
      9.12 Process-EAP...............................................16
      9.13 Method Functions..........................................18
      9.14 Get-Session-Key...........................................19
      9.15 Get-Current-Version.......................................19
      9.16 Get-802.1X-State..........................................20
      9.17 Reset-802.1X-State........................................20
      9.18 Commands summary..........................................21

   Urien & All        Informational - Expires October 2004           2

                     Integrating EAP in smartcards             May 2004

   10 State Machine Sequence.........................................21
      10.1 Supplicant software state machine sequence................21
      10.2 Smartcard EAP framework state machine sequence............22
   11 Security Considerations........................................22
      11.1 General Considerations....................................22
      11.2 PEAP Consideration........................................23
   12 Intellectual Property Right Notice.............................23
   13 Annex 1 (Informative) - EAP/SIM packet detail..................23
   14 Annex 2 (Informative) - EAP/MD5 packet details.................27
   15 Annex 3 (Informative) TLS support..............................29
      15.1 Unix time issue...........................................29
      15.2 Fragment maximum size.....................................30
      15.3 EAP/TLS messages format...................................30
      15.4 Example of EAP/TLS Authentication.........................31
   16 Annex 4 (Normative) ASN.1 BER Tag coding for the subscriber
   profile information...............................................32
      16.1 ASN.1 Subscriber Profile Encoding.........................32
          16.1.1 EapID...............................................32
          16.1.2 EapType.............................................32
          16.1.3 Version.............................................32
          16.1.4 User Credential.....................................32
          16.1.5 UserProfile.........................................33
          16.1.6 UserProfile encoding example........................33
   17 Annex 5 (Informative) APDUs exchange example...................34
   18 Annex 6, EAP-TLS ISO7816 APDUs Trace (T=0 Protocol)............35
      18.1 EAP-TLS session parameters................................35
          18.1.2 CA Public Key (2048 bits)...........................35
          18.1.3 Server Public Key (1024 bits).......................35
          18.1.4 Client Private Key (1024 bits)......................35
      18.2 Full EAP-TLS trace (mode 2)...............................36
      18.3 EAP-TLS mode1 ISO7816 trace (T=0 protocol)................43
   19 References.....................................................45
   20 Author's Addresses.............................................46

2 Overview

   All technologies derived from 802.11 specifications such as 802.11a,
   802.11b, 802.11g need strong security protocols for data privacy,
   integrity and network access. The 802.1X [8] specification describes
   the risks and the protocols for the protection of the exchanged data
   during the network connection.
   802.1X specification requires the Extensible Authentication Protocol
   (EAP) to be used as the framework for application dependent
   authentication processes with a mutual authentication between the
   supplicant and the authenticator. It is obvious that the role of the
   supplicant in this specification could partly be implemented in the
   smartcard as an authentication processing mean. The flexibility of
   EAP (RFC 2284) specification does not provide a Mandatory-to-
   implement solution. The structure of the EAP frames allows the
   applications to identify the EAP type of consequently to operate the
   appropriate authentication.

   Urien & All        Informational - Expires October 2004           3

                     Integrating EAP in smartcards             May 2004

   This draft describes a standard interface to EAP implementation
   embedded in a smartcard. This device is generally considered as the
   most secure computing platform.

3 Terms

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC-2119.

   Authentication Agent: A piece of software implemented in the
   supplicant that processes the authentication sequence.

   AS
   Authentication Server

   Authenticator: See the IEEE 802.1X specification for a definition of
   this concept.

   EAP
   Extensible Authentication Protocol

   GSM
   Global System for Mobile communications

   IMSI
   International Mobile Subscriber Identifier, used in GSM to identify
   subscribers.

   NAI
   Network Access Identifier

   PIN
   Personal Identification Number

   SK
   Session Key

   SIM
   Subscriber Identity Mobile

   Supplicant: an IEEE 802.1X concept, which in the context of IEEE
   802.11 represents a STA (station) seeking to attach to an IEEE 802
   LAN via an IEEE 802.1X Port. See the IEEE 802.1X specification for a
   complete definition.

4 Relationship with RFC 2284

4.1 EAP multiplexing model



   Urien & All        Informational - Expires October 2004           4

                     Integrating EAP in smartcards             May 2004

   According to [14], EAP implementations conceptually consist of the
   three following components:

   [a] Lower layer. The lower layer is responsible for transmitting and
   receiving EAP frames between the peer and authenticator. EAP has
   been run over a variety of lower layers including
   - PPP;
   - Wired IEEE 802 LANs [IEEE-802.1X];
   - IEEE 802.11 wireless LANs [IEEE-802.11];
   - UDP (L2TP [RFC2661] and ISAKMP [PIC]);
   - and TCP [PIC].
   [b] EAP layer. The EAP layer receives and transmits EAP packets via
   the lower layer, implements duplicate detection and retransmission,
   and delivers and receives EAP messages to and from EAP methods.
   [c] EAP method.  EAP methods implement the authentication algorithms
   and receive and transmit EAP messages via the EAP layer. Since
   fragmentation support is not provided by EAP itself, this is the
   responsibility of EAP methods.

4.2 EAP smartcards

   An EAP smartcard implements an EAP method and works in cooperation
   with a smartcard interface entity, that sends and receives EAP
   messages to/from this component. The simplest form of this interface
   is a software bridge that forwards EAP messages to smartcard.
   According to EAP methods complexity and smartcard computing
   capacities, protocols sub-sets, that don’t deal with security
   features may be computed by the smartcard interface entity.
            +-+-+-+-+-+-+
            | EAP method|
            | Smartcard |
            +-+-+-+-+-+-+
                  !
            +-+-+-+-+-+-+-+-+-+-+-+-+  +-+-+-+-+-+-+-+-+-+-+-+-+
            | Smartcard |           |  |           |           |
            | Interface | EAP method|  | EAP method| EAP method|
            | Type = X  | Type = Y  |  | Type = X  | Type = Y  |
            |       V   |           |  |       ^   |           |
            +-+-+-+-!-+-+-+-+-+-+-+-+  +-+-+-+-!-+-+-+-+-+-+-+-+
            |       !               |  |       !               |
            |  EAP  ! Layer         |  |  EAP  !  Layer        |
            |       !               |  |       !               |
            +-+-+-+-!-+-+-+-+-+-+-+-+  +-+-+-+-!-+-+-+-+-+-+-+-+
            |       !               |  |       !               |
            | Lower !  Layer        |  | Lower !  Layer        |
            |       !               |  |       !               |
            +-+-+-+-!-+-+-+-+-+-+-+-+  +-+-+-+-!-+-+-+-+-+-+-+-+
                    !                          !
                    !   Peer                   ! Authenticator
                    +------------>-------------+


   Urien & All        Informational - Expires October 2004           5

                     Integrating EAP in smartcards             May 2004

5 Identification label

   802.1X specification [5] requires an authentication between the
   authentication server (AS) and the supplicant. The authentication is
   embedded in the Extensible Authentication Protocol (EAP) RFC2284 [1]
   specification. The authentication consists of a challenge response
   between both parties without consideration of the involved crypto-
   suite. Before starting the mutual authentication, the AS needs the
   supplicant identity to establish the session. The AS or the
   authenticator sends an EAP Request Identity to the supplicant that
   returns its system identity. A user may own several identities
   associated to corporate networks or operators’ networks.

   The identification label is a pointer to a system identity (the EAP-
   ID value returned in the EAP-Identity.response message) stored in
   smartcard; it may be of various types:

   1. A network SSID as described in the 802.11 standard [4].
   2. A user's identification (userid) e.g. an ASCII string. A network
   access identifier, NAI [6] may be used as userid.
   3. A pseudonym, e.g. a friendly name.

   According to the network environment, the supplicant software needs
   to set the appropriate identity and verifies if the smartcard is
   able to mirror the authenticator.

   If the smartcard is not able to process the authentication related
   to the identity then any setting process is rejected by the NAK
   code.

   The subsequent sections give the description of the methods used by
   a supplicant for processing an 802.1X authentication using the
   smartcard.

   Annex one provides a reference implementation example for a SIM
   based authentication. Annex two provides a reference implementation
   example for a MD5 based authentication. Annex three provides a
   reference implementation for a TLS based authentication. Annex four
   describes the user's profile according to the ASN.1 [9] syntax.
   Annex five illustrates an MD5 authentication scenario that works
   with an EAP smartcard. Annex six shows ISO 7816 data exchanges with
   EAP-TLS smartcards.

6 UserID Coding Rules

   This section describes the structure and the architecture of the
   userid.

   A userid consists of 2 fields separated by the Internet symbol "@".
   The right hand side of the "@" symbol is the userid realms while the
   left hand side is an application dependent and unique identification

   Urien & All        Informational - Expires October 2004           6

                     Integrating EAP in smartcards             May 2004

   number. EAP/SIM has defined the userid where the application
   identification is "1IMSI". Other userid such as email address can be
   used by the application.

7 Mandatory and optional services

   Mandatory services MUST be implemented in any smartcard that claims
   conformance with this draft. Optional services are not required by
   basic authentication operations.

7.1 Add-Identity
   Status: Optional.
   This command and the Delete-Identity are part of the user's identity
   management protocols. The smartcard is initially manufactured
   without any identification label. The personalization or the
   supplicant software adds in the smartcard user's identification
   label that can be retrieved by other smartcard command.

7.2 Delete-Identity
   Status: Optional
   This command and the add-Identity are part of the user's identity
   management protocols. The smartcard contains a list of one or
   several identification labels that can be retrieved by the
   supplication software. The command deletes one entry of the
   smartcard list.

7.3 Get-Preferred-Identity
   Status: Optional
   The smartcard contains at least one user's identity related to the
   user's network subscription. The supplicant software gets from the
   smartcard the initial and preferred identification label. If the
   user has more than one identity the supplicant software uses the
   Get-Next-Identity to read all the available other user's identities.

7.4 Get-Current-Identity
   Status: Mandatory
   The smartcard contains at least one user's identity related to the
   user's network subscription. The supplicant software gets from the
   smartcard its current identification label.

7.5 Get-Next-Identity
   Status: Mandatory
   The smartcard may contain one or more user's identities according to
   the user's network subscriptions. The supplicant software should
   prompt the user's identity and a subsequent selection allows the
   smartcard to process the appropriate EAP authentication type. The
   method Get-Next-Identity allows the supplicant software to read all
   the available user's identities.

   The Get-Next-Identity method may inform the supplicant software when
   all user's identities have been read. Otherwise the supplicant

   Urien & All        Informational - Expires October 2004           7

                     Integrating EAP in smartcards             May 2004

   software detects the identity list end when it gets again the first
   identity.

7.6 Get-Profile-Data
   Status: Optional
   The Authentication Agent or the authenticator may request the
   subscriber profile information. The Get-Profile-Data returns all
   related information available in the smartcard. Details of the
   subscriber profile information are given in annex 4. The
   implementation of the information may be ruled but ASN.1 BER coding
   specification [9] or by an XML dialect [10].

7.7 Set-Identity
   Status: Mandatory
   Once the Identity selection is processed, the supplicant software
   needs to set the smartcard EAP framework according to the selected
   user's identity. The Set-Identity sets or restarts the smartcard EAP
   framework state machine for further processing using the EAP-Packets
   method.

7.8 Process-EAP
   Status: Mandatory
   The EAP process is described in the RFC 2284 specification [1] and
   involves several EAP requests and responses packets,

   1) EAP request/response Identity;
   2) A suite of EAP request/response related to a particular
   authentication scenario; and
   3) EAP success or failure.

   The Set-Identity restarts the smartcard EAP framework state machine
   for further processing using the EAP-Packets method.

   An incoming EAP/Request/Identity restarts the smartcard EAP
   framework state machine for further processing using other EAP-
   Packets methods.

   The smartcard receives the RFC 2284 frames. It retrieves the
   appropriate EAP authentication type in the frame and the identifier.

   The smartcard maintains the EAP state machine and returns an EAP NAK
   packet if the state sequence is broken. In that case it restarts the
   AUTHENTICATING state.

   Any EAP request is silently ignored if the state machine was not
   started.

   The last step of the protocol retrieves the session Key from the
   smartcard.



   Urien & All        Informational - Expires October 2004           8

                     Integrating EAP in smartcards             May 2004

7.9 Get-Session-Key (SK)
   Status: Mandatory.
   At the end of a successful authentication the supplicant needs to
   update the appropriate crypto suite (if any) using the session key.
   The Get-Session-Key returns to the supplicant software the key to
   initialize radio security protocols like TKIP, or CCMP.

   In an 801.1X [5] context, SK should be interpreted as the unicast
   key.

   In an 802.11i or WPA context SK should be interpreted as the PMK
   (Pairwise Master Key).

7.10 Get-802.1X-State.
   Status: Optional.
   This command returns the current smartcard 802.1X state.

7.11 Reset-801.1X-State.
   Status: Mandatory.

   This command forces the EAP smartcard in the AUTHENTICATING state.
   See section -Relationship with the 802.1X supplicant state machine-.

7.12 Method Functions
   Status: Optional.

   EAP smartcards that are not able to completely process an EAP method
   MAY support some essential security procedures, like for example,

    -X509 Certificate storage
    -Random generator
    -Private key encryption
    -Private key decryption
    -Public key encryption
    -Public key decryption
    -Symmetric key encryption
    -Symmetric key decryption

7.13 Relationship with the 802.1X supplicant state machine

   The supplicant state machine, as described in 802.1x standard is
   split between the terminal and the smartcard. The smartcard only
   implements the AUTHENTICATING state. Upon reception of the Set-
   Identity command smartcard unconditionally transits in the
   AUTHENTICATING state. Upon reception of the EAP Identity-Request
   message, smartcard unconditionally moves in the ACQUIRED state,
   delivers an Identity response message and re-enters the
   AUTHENTICATING state. In agreement with the 802.1x state machine all
   EAP requests are processed in the AUTHENTICATING state. The final
   EAP notification message (either success or failure) indicates the
   end of the authentication process. If any error occurs during the

   Urien & All        Informational - Expires October 2004           9

                     Integrating EAP in smartcards             May 2004

   authentication procedure (reception of NAK or failure messages ...)
   the smartcard restarts at the AUTHENTICATING state where it will
   wait for an identity request or the first EAP-Type request.
   If the EAP smartcard support security features like PIN code or
   biometric identification, all EAP messages will be silently discard
   before the occurrence of a successful bearer authentication.

                                    reset
        +-------------------+      +------>+----------------------+
    +-->|     ACQUIRED      |      |   +-->|    AUTHENTICATING    |<-+
    |   +-------------------+      |   |   +----------------------+  |
    |   | txRspId(reveiveId,|      |   |   | txRspAuth(receivedId,|  |
    |   |        previousId)|      |   |   |        previousId)   |  |
    |   | previousId=       |      |   |   |   previousId=        |  |
    |   |     receivedId    |      |   |   |         reveivedId   |  |
    |   +-------------------+      |   |   +--+---+----------+----+  |
    |             |                |   |      |   | reqId    |       |
    |             +----------------+   +--<---+   |          +---->--+
    |                                  reqAuth    |             error
    +--------------------<------------------------+

7.14 Authentication-Status

   At any time, the smartcard may return the authentication status.
   This status may reveal the following situations:

   1) No authentication identity has been selected.
   2) Authenticating
   3) Authentication Success, AUTHENTICATING state restarted.
   4) Authentication failure, AUTHENTICATING state restarted.

7.15 Multiple EAP Identity selections

   Multiple EAP authentications may be processed simultaneously in the
   same smartcard. If this capability is supported, the following rules
   apply:

   1) Multiple EAP Identities may be selected at the same time.
   2) The supplicant software shall indicate in the Set-Identity
   command short identifier to be associated with the selected EAP
   identity.

   Note: If another EAP identity was associated with the same short
   identity this EAP identity becomes necessarily unlinked and is no
   longer more possible to accessible to it unless a new set-identity
   command is processed (in this case the state machine is reset) or
   unless a different short identity has been also associated with it.

   The supplicant software shall include this short identifier within
   the EAP-Packets, Authentication-Status and Get-Session-Key commands


   Urien & All        Informational - Expires October 2004           10

                     Integrating EAP in smartcards             May 2004

   to inform which of the selected EAP identities the command is
   targeted to.

   The smartcard and the supplicant software shall maintain a separate
   EAP state machine for each of the different selected EAP identities.

   Note: the EAP state machine is associated with each EAP identity:
   whether two or more different short identities are associated to the
   same EAP identity, the results of EAP-Packets, Authentication-Status
   and Get-Session-Key commands do not depend on the short identifier
   used to refer the EAP identity. In other words, there is only one
   state machine for selected EAP Identity dependently of the short
   identities associated with it.

8 Relationships with the Authentication Agent

   The authentication agent is a piece of software implemented in the
   supplicant that processes the authentication method. This component
   must be able to detect a smartcard. If this device is not present,
   or if it silently discards an EAP.request message, then
   authentication agent must reject all incoming request messages by
   the NAK code.

9 ISO 7816-4 APDUs

   This section of the document provides an implementation of the
   previous descriptions for an ISO 78176-4 compatible smartcard. The
   section does not preclude of the transport protocol used between the
   smartcard and the reader. Thus, this specification does not mandate-
   to-implement any transport protocol such as T=0 or T=1, which are
   not in the scope of this document. It should be noted that all
   values are in hex representation.

   The restriction and security related descriptions are not present in
   the document. Annexes of this document give implementation examples.

   Note: Class byte value defined in this section ('A0') shall be
   interpreted as an implementation example. Other values may be used
   respecting conventions defined in ISO 78176-4.

9.1 ISO 7816 Status Word

   According to ISO 7816, the status word SW1,SW2 is a two bytes word,
   giving information about current operation either success or
   failure.

   '90' '00' indicates an operation success
   '98' '04' indicates one of the following events,
        - Access Condition not fulfilled, e.g. a pin code presentation
        is required.
        - Unsuccessful user PIN verification, at least one attempt left.

   Urien & All        Informational - Expires October 2004           11

                     Integrating EAP in smartcards             May 2004

   '98' '40' indicate one of the following events
        - Unsuccessful user PIN verification, no attempt left
        - Smartcard blocked
   '67' 'XX'
        - Incorrect parameter P3
   '6B' 'XX'
        - Incorrect parameter P1 or P2
   '6D' 'XX'
        - Unknown instruction code (INS) given in the command
   '6E' 'XX'
        - Wrong instruction class (CLA) given in the command
   '6F' 'XX'
        - Technical problem, not implemented...
   '61 ''XX'
        - Operation result MUST be fetched by the ISO Get Response APDU
        (CLA = 'C0', P3= 'XX')
   '6C ''XX'
         - Operation must be performed again, with the LE parameter
        value sets to 'XX'.
   '70' '00'
        - Packet silently discarded.
   '70' '01'
        - Authentication failure

9.2 PIN Management

   Some services may require that the smartcard’s bearer presents its
   PIN code.

   Smartcard returns the '98' '04' status word when it’s necessary to
   check the PIN code, before accessing to a particular service (see
   previous section). A PIN code is typically a four digits decimal
   number, ASCII encoded, and ranging between '0000' and '9999'.

  9.2.1 Verify PIN
   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   | Verify | A0  |  20 | 00 | 00 | 08 | 00 |
   +--------+-----+-----+----+----+----+----+

   The ISO APDU Verify is used when a PIN code presentation is required

   Lc is the PIN code length, typically height ASCII encoded bytes.


  9.2.2 Change PIN

   This APDU modifies the user PIN code.



   Urien & All        Informational - Expires October 2004           12

                     Integrating EAP in smartcards             May 2004

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   | Change | A0  |  24 | 00 | 00 | 10 | 00 |
   +--------+-----+-----+----+----+----+----+

   The old PIN (8 bytes) and new PIN (8 bytes) are presented

  9.2.3 Enable PIN

   This APDU enables the user PIN function.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   | Enable | A0  |  26 | 00 | 00 | 08 | 00 |
   +--------+-----+-----+----+----+----+----+

   The user PIN code (8 bytes) is presented.

  9.2.4 Disable PIN
   This APDU disables the user PIN function.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   | Disable| A0  |  28 | 00 | 00 | 08 | 00 |
   +--------+-----+-----+----+----+----+----+

   The user PIN code is presented.

  9.2.5 Unblock PIN

   This APDU unblocks a smartcard, blocked after three wrong PIN code
   presentations.
   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   | Unblock| A0  |  2C | 00 | 00 | 10 | 00 |
   +--------+-----+-----+----+----+----+----+

   The user PIN code (8 bytes) and an unblock code (8 bytes) are
   presented.

9.3 Multi-Applications smartcard considerations

   A smartcard may store several applications, each of them being
   identified by a set of bytes referred as the Application IDentifier
   (AID).



   Urien & All        Informational - Expires October 2004           13

                     Integrating EAP in smartcards             May 2004

   The ISO APDU Select is used when it's necessary to select an
   application, able to process one or more EAP authentication
   scenarios.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   | Select | 00  |  A4 | 04 | 00 | XX | 00 |
   +--------+-----+-----+----+----+----+----+

   Le is the AID length.

   According to ISO 7816-7 AID is made of two parts
   -RID, a mandatory 5 bytes field that identifies a company or a
   standardization body.
   -PIX, up to 11 bytes, which identifies an application.

9.4 Add-Identity

   This command adds an identification label as described in the
   section: Identification Label Coding Rules. The smartcard list is
   managed by the smartcard. The identification label is appended as
   the last element of the list.

   Identity coding guidelines are not yet specified.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  17 | 00 | 81 | xx | 00 |
   +--------+-----+-----+----+----+----+----+

9.5 Delete-Identity

   This command deletes the identification label as described in the
   section: Identification Label Coding Rules. The command parameter
   gives the identification label to be deleted.
   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  17 | 00 | 82 | xx | 00 |
   +--------+-----+-----+----+----+----+----+


9.6 Get-Preferred-Identity

   This command returns the user's preferred identification label as
   described in the section: Identification Label Coding Rules

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |

   Urien & All        Informational - Expires October 2004           14

                     Integrating EAP in smartcards             May 2004

   +--------+-----+-----+----+----+----+----+
   |        | A0  |  17 | 00 | 02 | 00 | XX |
   +--------+-----+-----+----+----+----+----+

9.7 Get-Current-Identity

   This command returns user's current identification label as
   described in the section: Identification Label Coding Rules.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  18 | 00 | AA | 00 | XX |
   +--------+-----+-----+----+----+----+----+

   If "multiple EAP Identity selection" is not supported, P2 (AA value)
   shall be set to '00'.

   If "multiple EAP Identity selection" is supported, P2 (AA value)
   shall indicate the short identifier associated with the selected EAP
   identity to which the command is targeted. These short identifiers
   are coded as described in Set-Identity command.

9.8 Get-Next-Identity

   This command returns a user identification label as described in the
   section: Identification Label Coding Rules.
   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  17 | 00 | 01 | 00 | XX |
   +--------+-----+-----+----+----+----+----+

9.9 Get-Profile-Data

   The command returns the related subscriber profile information
   according to the application requirements and format. Profile coding
   rules are defined in annex 4.
   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  1A | 00 | AA | 00 | YY |
   +--------+-----+-----+----+----+----+----+

   If "multiple EAP Identity selection" is not supported, P2 (AA value)
   shall be set to '00'.

   If "multiple EAP Identity selection" is supported, P2 (AA value)
   shall indicate the short identifier associated with the selected EAP
   identity to which the command is targeted. These short identifiers
   are coded as described

   Urien & All        Informational - Expires October 2004           15

                     Integrating EAP in smartcards             May 2004


9.10 Set-Identity

   The command resets and initializes the state machine for processing
   the EAP Packets. The first step after this command is an EAP request
   identity packet. If a different EAP packet is sent to the smartcard
   the smartcard returns an EAP NAK response.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  16 | 00 | 80 | XX | 00 |
   +--------+-----+-----+----+----+----+----+

9.11 Set-Multiple-Identity

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  16 | 00 | 83 | XX | 00 |
   +--------+-----+-----+----+----+----+----+

   The command resets and initializes the state machine for processing
   the EAP Packets. The first step after this command is an EAP request
   identity packet. If a different EAP packet is sent to the smartcard
   the smartcard returns an EAP NAK response.

   When "multiple EAP Identity selection" is supported, then the first
   status byte is '90' and the second one indicates the short
   identifier (coded in 1 byte) to be associated with the selected
   identity.

9.12 Process-EAP

   The command is the method for EAP packet management. The smartcard
   identifies the EAP packet type and processes the EAP authentication
   according to current state machine. The state machine sequences have
   to be respected and the smartcard enforces the EAP sequence
   processing.




   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | 80  | 00 | AA | XX | YY |
   +--------+-----+-----+----+----+----+----+
   The EAP request or response packet lengths are represented by the
   unknown value XX and YY. The supplicant software should set these
   elements in accordance with the EAP packet types.

   Urien & All        Informational - Expires October 2004           16

                     Integrating EAP in smartcards             May 2004


   If "multiple EAP Identity selection" is not supported, P2 (AA value)
   shall be set to '00'.

   If "multiple EAP Identity selection" is supported, P2 (AA value)
   shall indicate the short identifier associated with the selected EAP
   identity to which the command is targeted. These short identifiers
   are coded as described in Set-Identity command.

   Most EAP request packets will produce an EAP response packet from
   the smartcard. If no response is to be produced (e.g. packet
   silently discard because invalid sequence) the smartcard shall
   inform the client software with an alert status word (70 00).

   Success and failure packets do not require any response from the EAP
   client. A "successfully ending of command (90 00)" status word shall
   be send from the smartcard once a success EAP packet is processed.
   An alert status word (70 00) shall be send from the smartcard once a
   failure EAP packet is received.

   EAP Identity packets are independent of the authentication type;
   this section of the document provides the packet details. The rest
   of the EAP packet being authentication protocol dependent, they are
   detailed in the informative annex of this document.

   The description of the EAP/Request/Identity is detailed according to
   the IETF RFC 2284 [1].

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Request    |  Identifier   |          Length = 5           |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 01   |
   +-+-+-+-+-+-+-+-+

   The description of the EAP/Response/identity is detailed according
   to the IETF RFC 2284 [1].

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Response   |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 01   |                                               |
   +-+-+-+-+-+-+-+-+                                               |
   |                        User Identity                          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   Note : Command chaining and extended length


   Urien & All        Informational - Expires October 2004           17

                     Integrating EAP in smartcards             May 2004

   1) When an incoming EAP packet exceeds 255 bytes, the transport
   mechanisms for Extended APDU described in ISO/IEC 7816-3 for T=0 and
   T=1 may be used
   For T=0 the APDU Command (APDU-C) is split into data strings of at
   most 255 bytes  and transported in the Data Field of a series of
   consecutive APDU ENVELOPE
   For T=1 the APDU-C is split into data strings of at most 254 bytes
   and transported in the Information Field of chained I-blocks. In
   both cases, on reception of the TPDU the smartcard has to
   concatenate the successive data strings in order to obtain the
   original APDU.

   2) When an outgoing EAP packet exceeds 256 bytes, the smartcard may
   use the mechanisms described in ISO/IEC 7816-4, i.e. extended length
   field (ISO/IEC 7816-4 2002) for T=0 and T=1.
   For T=0 the APDU response (APDU-R) is split into successive data
   strings of at most 256 bytes by the card. The Terminal can retrieve
   them by a series of consecutive GET RESPONSE APDU.
   For T=1 the APDU-R is split into data strings of at most 254 bytes
   by the card and transported in the Information Field of chained I-
   blocks. On reception, the Terminal performs the concatenation of the
   Information Field of the successive I-blocks to get the APDU-R. The
   supplicant software shall then reassemble the complete EAP packet
   before sending it to the authenticator.

9.13 Method Functions.

   EAP smartcards that are not able to process a specific full EAP
   method may support some essential security procedures.


   +------------+-----+-----+----+----+----+----+
   |   Command  |Class| INS | P1 | P2 | Lc | Le |
   +------------+-----+-----+----+----+----+----+
   | Method-FCT | A0  | 60  | zz | AA | xx | yy |
   +------------+-----+-----+----+----+----+----+

   If "multiple EAP Identity selection" is not supported, P2 (AA value)
   shall be set to '00'.

   If "multiple EAP Identity selection" is supported, P2 (AA value)
   shall indicate the short identifier associated with the selected EAP
   identity to which the command is targeted. These short identifiers
   are coded as described in Set-Identity Command.

   xx is the length of the input value.
   yy is the length of the returned value.

   P1 identifies a particular function, and is organized according to
   the following scheme:


   Urien & All        Informational - Expires October 2004           18

                     Integrating EAP in smartcards             May 2004

   b7b6     00-Do.Final, 01-Initialize  10-More 11-Reserved
   b5b4     Function index
   b3b2b1   Function type
    0 X509      Certificate reading
    1 Random  Number Generator
    2 Private   key encrypt
    3 Private   key decrypt
    4 Public    key encrypt
    5 Public    key decrypt
    6 Symmetric key encrypt
    7 Symmetric key decrypt
   b0 reserved


9.14 Get-Session-Key

   Once the state machine has received the EAP Success packet the
   smartcard process is able to send the Session Key used by the 802.1X
   specification for the crypto-suite.

   As an illustration the EAP SIM authentication [2] specifies the
   Session Key usage according to the system cryptographic suite.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | A6  | 00 | AA | 00 | 20 |
   +--------+-----+-----+----+----+----+----+

   If "multiple EAP Identity selection" is not supported, P2 (AA value)
   shall be set to '00'.

   If "multiple EAP Identity selection" is supported, P2 (AA value)
   shall indicate the short identifier associated with the selected EAP
   identity to which the command is targeted. These short identifiers
   are coded as described in Set-Identity Command.


9.15 Get-Current-Version

   This command returns the EAP-Type protocol version and the WLAN-SCC
   version.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  18 | xx | yy | 00 | 02 |
   +--------+-----+-----+----+----+----+----+

   P1=00, Reserved
   P1 is the current EAP-Type

   Urien & All        Informational - Expires October 2004           19

                     Integrating EAP in smartcards             May 2004

   P2=0, gets the EAP-Type version
   P2=1, gets the WLAN-SCC version

9.16 Get-802.1X-State

   This command returns the current smartcard 802.1X state.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  19 | 00 | AA | 00 | 01 |
   +--------+-----+-----+----+----+----+----+

   If "multiple EAP Identity selection" is not supported, P2 (AA value)
   shall be set to '00'.

   If "multiple EAP Identity selection" is supported, P2 (AA value)
   shall indicate the short identifier associated with the selected EAP
   identity to which the command is targeted. These short identifiers
   are coded as described in Set-Identity Command.

   Returned values:
   01 No Identity set, EAP messages silently discarded.
   02 EAP/Request/Identity received, AUTHENTICATING state.
   03 Authentication in progress, AUTHENTICATING state.
   04 Success, AUTHENTICATING state, waiting for an EAP/Request
   05 Failure, AUTHENTICATING state, waiting for an EAP/Request
   06 Error, AUTHENTICATING state, waiting for an EAP/Request

9.17 Reset-802.1X-State

   This command forces the EAP smartcard to the 802.1X AUTHENTICATING
   state
   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  |  19 | 10 | AA | 00 | 01 |
   +--------+-----+-----+----+----+----+----+

   If "multiple EAP Identity selection" is not supported, P2 (AA value)
   shall be set to '00'.

   If "multiple EAP Identity selection" is supported, P2 (AA value)
   shall indicate the short identifier associated with the selected EAP
   identity to which the command is targeted. These short identifiers
   are coded as described in Set-Identity Command.

   Returned values:
   01 No Identity set, EAP messages are silently discarded.
   04 Success, AUTHENTICATING state, waiting for an EAP/Request


   Urien & All        Informational - Expires October 2004           20

                     Integrating EAP in smartcards             May 2004

9.18 Commands summary.

    +------------------------+-----+-----+----+----+----+----+
    |         Command        |Class| INS | P1 | P2 | Lc | Le |
    +------------------------+-----+-----+----+----+----+----+
    |       Process-EAP      | A0  |  80 | 00 | ii | xx | yy |
    +------------------------+-----+-----+----+----+----+----+
    |        Method-FCT      | A0  |  60 | zz | ii | xx | yy |
    +------------------------+-----+-----+----+----+----+----+
    |    Get-802.1X-State    | A0  |  19 | 00 | ii | 00 | 01 |
    +------------------------+-----+-----+----+----+----+----+
    |    Reset-802.1X-State  | A0  |  19 | 10 | ii | 00 | 01 |
    +------------------------+-----+-----+----+----+----+----+
    |     Get-Session-Key    | A0  |  A6 | 00 | ii | 00 | xx |
    +------------------------+-----+-----+----+----+----+----+
    |    Get-Profile-Data    | A0  |  1A | 00 | ii | 00 | yy |
    +------------------------+-----+-----+----+----+----+----+
    |  Get-Current-Identity  | A0  |  18 | 00 | ii | 00 | yy |
    +------------------------+-----+-----+----+----+----+----+
    |    Get-Next-Identity   | A0  |  17 | 00 | 01 | 00 | yy |
    +------------------------+-----+-----+----+----+----+----+
    | Get-Preferred-Identity | A0  |  17 | 00 | 02 | 00 | yy |
    +------------------------+-----+-----+----+----+----+----+
    |      Set-Identity      | A0  |  16 | 00 | 80 | xx | 00 |
    +------------------------+-----+-----+----+----+----+----+
    | Set-Multiple-Identity  | A0  |  16 | 00 | 83 | xx | 00 |
    +------------------------+-----+-----+----+----+----+----+
    |       Add-Identity     | A0  |  17 | 00 | 81 | xx | 00 |
    +------------------------+-----+-----+----+----+----+----+
    |     Delete-Identity    | A0  |  17 | 00 | 82 | xx | 00 |
    +------------------------+-----+-----+----+----+----+----+
    |   Get-Current-Version  | A0  |  18 | xx | yy | 00 | 02 |
    +------------------------+-----+-----+----+----+----+----+
    |       Verify-PIN       | A0  |  20 | 00 | 00 | 08 | 00 |
    +------------------------+-----+-----+----+----+----+----+
    |       Change-PIN       | A0  |  24 | 00 | 00 | 10 | 00 |
    +------------------------+-----+-----+----+----+----+----+
    |       Enable-PIN       | A0  |  26 | 00 | 00 | 08 | 00 |
    +------------------------+-----+-----+----+----+----+----+
    |       Disable-PIN      | A0  |  28 | 00 | 00 | 08 | 00 |
    +------------------------+-----+-----+----+----+----+----+
    |       Unblock-PIN      | A0  |  2C | 00 | 00 | 10 | 00 |
    +------------------------+-----+-----+----+----+----+----+
    |       Select-AID       | A0  |  A4 | 04 | 00 | xx | 00 |
    +------------------------+-----+-----+----+----+----+----+

10 State Machine Sequence

10.1 Supplicant software state machine sequence



   Urien & All        Informational - Expires October 2004           21

                     Integrating EAP in smartcards             May 2004

   +-----------------------+   +-----------------------+
   |A-Get user's identity  |>>>|B-Set user's identity  |>>>
   +-----------------------+   +-----------------------+
   +---------------------------+   +---------------------------+
   |C-send/receive EAP packets |>>>|D-Get-Session-Key          |
   +---------------------------+   +---------------------------+

   Transitions:

   A-B : All available identities received by Get-Next-Identity
   commands
   B-C : Set-Identity command successfully performed
   C-D : Successful ending of EAP-Packets command with no outgoing
   packet(Status word of the command equals '9000'). This can be also
   detected by 'authenticated' status following the Authentication-
   Status command.
   D-C : An incoming EAP packet

10.2 Smartcard EAP framework state machine sequence

   +----------------------+   +----------------------+
   | Z-Identity not set   |>>>| Y-Authenticating     |>>>
   +----------------------+   +----------------------+

   +----------------------+   +----------------------+
   | X-Authenticated      |   | W- Not authenticated |
   |   /Authenticating    |   |    /Authenticating   |
   +----------------------+   +----------------------+

   Transitions:

   Z-Y : An available identity successfully set
   Y-X : EAP success packet received
   Y-W : EAP failure packet received
   X-Y : EAP Request identity packet received
   W-Y : EAP Request identity packet received

11 Security Considerations

11.1 General Considerations

   As a reference implementation the previous section provides the
   details of the EAP authentication using the GSM SIM. This section of
   the document highlights the new potential risks providers of
   application may face by re-using deployed networks for other
   purposes. From the document [7] fatal flaw does exist when have
   physical access to the smartcard.

   The nature of the Internet network does no longer require getting
   physical access to the smartcard. Worms, Trojan horses or viruses
   can move to the computing platforms and performs the jobs. It is

   Urien & All        Informational - Expires October 2004           22

                     Integrating EAP in smartcards             May 2004

   important for a reference implementation to provide the relevant
   level of protection for the new applications but not to create other
   flaws.

   Other consideration have been introduced in [2] to protect the
   smartcard against crypto attack and recommends the authentication
   should take place in a PROTECTED ENVIRONMENT.

11.2 PEAP Consideration

   Protected Extensible Authentication Protocol (PEAP) [12] is a pre-
   processing protocol that allows the privacy of data when processing
   EAP [1] protocol. EAP protocol, as defined in [1], starts by an EAP
   packet request/Identity. The EAP packet response Identity returns
   the user's identification label with no privacy being not part of
   [1].

   PEAP protocol allows both part of the EAP packet exchange creating a
   session key that can be for privacy over the subsequent execution of
   the EAP protocol.

   This implementation of EAP in the smartcard shall allow performing a
   PEAP tunnel for privacy. Once PEAP first phase has been successfully
   preformed, the EAP protocol (or other protocol) has defined shall be
   performed according the EAP smartcard requirements.


12 Intellectual Property Right Notice

   To be specify according to the author and participant.

13 Annex 1 (Informative) - EAP/SIM packet detail.

   The protocol implementation is out of the scope of this document but
   as a reference implementation this section gives details using the
   SIM as specified by [3]. Other protocol can be implemented using ISO
   7816-3 TPDU. This section of the document gives the APDU syntax and
   coding which makes the specification protocol free.
   The first EAP packet is the EAP Request Identity. This initial
   packet format complies with [1]. The smartcard returns an EAP
   response identity according to the IMSI length and the supported
   version according to [2].

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | 80  | 00 | 00 | 05 | YY |
   +--------+-----+-----+----+----+----+----+




   Urien & All        Informational - Expires October 2004           23

                     Integrating EAP in smartcards             May 2004

   The description of the EAP/Request/identity is detailed according to
   the IETF RFC 2284 [1]. This EAP packet doesn’t respect the EAP/SIM
   format since it is only part of [1].




    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Request    |  Identifier   |          Length = 5            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 01   |
   +-+-+-+-+-+-+-+-+

   The description of the EAP/Response/identity is detailed according
   to the IETF RFC 2284 [1].

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Response   |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 01   |                                               |
   +-+-+-+-+-+-+-+-+                                               |
   |                                                               |
   |                         User Identity                         |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   Note the EAP/Response/Identity when returning the user's identity
   that includes the IMSI includes the real coded IMSI in the EAP
   packet and not the IMSI coded for GSM network. Further information
   can be retrieved in [3] for the IMSI coding in the SIM during the
   SIM setting.

   The user Identity field can contains the user's permanent pseudonym
   or re-authentication identity.
   The second EAP Packet is the EAP request SIM start as represented in
   the IETF draft document [2].

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | 80  | 00 | 00 | XX | YY |
   +--------+-----+-----+----+----+----+----+

   The description of the EAP/Request/SIM/Start is detailed according
   to [2] incoming SIM data where further information can be retrieved.
    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

   Urien & All        Informational - Expires October 2004           24

                     Integrating EAP in smartcards             May 2004

   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Request    |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 18   | Subtype = 10  |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |AT_PERM..._REQ | Length = 1    |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |AT_FULL..._RES | Length = 1    |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |AT_ANY_ID_REQ  | Length = 1    |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |AT_VERSION_L...| Length        | Actual Version List Length    |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | Supported version 1           | Supported version 2           |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | Supported version 3           | Padding                       |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   The description of the EAP/Response/SIM/Start is detailed according
   to [2] outgoing SIM data where further information can be retrieved.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Response   |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 18   | Subtype = 10  |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |AT_NONCE_MT    | Length = 5    |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   |                           NONCE_MT                            |
   |                                                               |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  AT_SELECTED  | Length = 1    |   Select Version              |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  AT_IDENTITY  |    Length     | Actual Identity Length        |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   |                User Identity (Optional)                       |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   The description of the EAP/Response/SIM/Start is detailed according
   to [2] outgoing SIM data where further information can be retrieved.
   The third EAP Packet is the EAP request SIM Challenge as represented
   in the IETF draft document [2].




   Urien & All        Informational - Expires October 2004           25

                     Integrating EAP in smartcards             May 2004

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | 80  | 00 | 00 | XX | 1C |
   +--------+-----+-----+----+----+----+----+

   The description of the EAP/Request/SIM/Challenge is detailed
   according to [2] incoming SIM data where further information can be
   retrieved.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Request   |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 18   | Subtype = 11  |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | AT_RAND       | Length        |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   |                           n*RAND                              |
   |                                                               |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | AT_MAC        | Length = 5    |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   |                              MAC                              |
   |                                                               |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | AT_IV         | Length = 5    |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   |               Initialization Vector (Optional)                |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | AT_ENCR_DATA  | Length        |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   |                Encrypted Data (Optional)                      |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   The description of the EAP/Response/SIM/Challenge is detailed
   according to [2] outgoing SIM data where further information can be
   retrieved.





   Urien & All        Informational - Expires October 2004           26

                     Integrating EAP in smartcards             May 2004

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Response   |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 18   | Subtype = 11  |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  AT_MAC       | Length = 5    |           Reserved            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   |                           MAC                                 |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   The last EAP Packet is the EAP success notification as represented
   in the IETF RFC 2284 [2].

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | 80  | 00 | 00 | 04 | 00 |
   +--------+-----+-----+----+----+-- -+----+

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Success    |  Identifier   |          Length = 04          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

14 Annex 2 (Informative) - EAP/MD5 packet details

   The first EAP packet is the EAP Request Identity. This initial
   packet format complies with the RFC 2284. The smartcard returns an
   EAP response identity according to the NAI length.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | 80  | 00 | 00 | 05 | YY |
   +--------+-----+-----+----+----+----+----+

   The description of the EAP/Request/identity is detailed according to
   the IETF RFC 2284 [1].

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Request     |  Identifier   |            Length = 5         |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  Type = 01    |
   +-+-+-+-+-+-+-+-+

   Urien & All        Informational - Expires October 2004           27

                     Integrating EAP in smartcards             May 2004


   The description of the EAP/Response/identity is detailed according
   to the IETF RFC 2284 [1].


    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Response    |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 01   |                                               |
   |-+-+-+-+-+-+-+-+             Identity Value                    |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   The second EAP Packet is the EAP/request/MD5/challenge as
   represented in the IETF RFC 2284 [1].
   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | 80  | 00 | 00 | XX | 16 |
   +--------+-----+-----+----+----+----+----+
   The description of the EAP/Request/MD5/challenge is detailed
   according to the IETF RFC 2284 [1].
    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Request    |  Identifier   |           Length              |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 04   |                                               |
   |-+-+-+-+-+-+-+-+           MD5-Challenge.Value                 |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   The description of the EAP/Response/MD5/challenge is detailed
   according to the IETF RFC 2284 [1].

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Response   |  Identifier   |        Length = 16            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 04   |  Type_Size=10 |                               |
   |-+-+-+-+-+-+-+-+---------------+     MD5 Digest Value          |
   |                                                               |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+





   Urien & All        Informational - Expires October 2004           28

                     Integrating EAP in smartcards             May 2004

   The third EAP Packet is the EAP success notification as represented
   in the IETF RFC 2284 [1].
   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | 80  | 00 | 00 | 04 | 00 |
   +--------+-----+-----+----+----+-- -+----+

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Success    |  Identifier   |          Length = 04          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   Further information can be retrieved from the IETF draft document
   [2].

15 Annex 3 (Informative) TLS support.

   EAP-TLS smartcards securely store at least the following items
   - Client X509 certificate
   - Client Private RSA Key
   - Certification Authority Public Key

   According to the smartcard computing capacities, two mode are
   defined in this draft (see details in annex 6)

   - Mode 1: smartcard supports five functions :
       - Public Key Encryption, with the server public key
       - Private Key Encryption, with the client private key
       - Public Key decryption, with the Certification Authority (CA)
         public key
       - Reading of the client's certificate
       - Random Number Generator

   - Mode 2: smartcard fully processes the EAP-TLS protocol

15.1 Unix time issue.

   As mentioned in [15] TLS RFC the client hello message includes a 32
   byte random number, whose first 4 bytes are interpreted as the Unix
   time. As smartcard is not able to maintain a clock, this parameter
   MUST be added to the EAP-TLS Start message.

   +--------+-----+-----+----+----+----+----+
   |Command |Class| INS | P1 | P2 | Lc | Le |
   +--------+-----+-----+----+----+----+----+
   |        | A0  | 80  | 00 | 00 | 0A | YY |
   +--------+-----+-----+----+----+----+----+



   Urien & All        Informational - Expires October 2004           29

                     Integrating EAP in smartcards             May 2004

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Code=01   |  Identifier   |      Length  = 6              |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 13   |     Flag=20   |          Unix Time            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |             Unix Time         |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+



15.2 Fragment maximum size.

   A single TLS record may be up to 16384 octets in length, but a TLS
   message may span multiple TLS records, and a TLS certificate message
   may in principle be as long as 16MB. The group of EAP-TLS messages
   sent in a single round may thus be larger than the maximum RADIUS
   packet size of 4096 octets, or the maximum 802 LAN frame size.

   The chaining and extended length mechanisms identified in this
   document provide enough extension to manage incoming and outgoing
   EAP-TLS packets. Then, authenticator shall not necessary follow a
   specific fragment policy regarding whether EAP-TLS is provided by
   the smartcard or not.

   However, in order to prevent multiple segmentation and re-assembly
   operations, the maximum EAP message length of a no fragmented packet
   shall be set to 240 bytes. For a fragmented EAP message, the maximum
   length value shall be 240 bytes.

   As defined in EAP-TLS, when the smartcard receives an EAP-Request
   packet with the M bit set, it MUST respond with an EAP-Response with
   EAP-Type=EAP-TLS and no data.  This serves as a fragment ACK.

15.3 EAP/TLS messages format.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Code      |  Identifier   |      Length  <= 240           |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   Type = 13   |     Flag      |        TLS Message Length     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |       TLS Message Length      |          TLS DATA             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               |
   |                                                               |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+



   Urien & All        Informational - Expires October 2004           30

                     Integrating EAP in smartcards             May 2004

   Flags
    0 1 2 3 4 5 6 7
   +-+-+-+-+-+-+-+-+
   |L M S R R R R R|
   +-+-+-+-+-+-+-+-+
   L = Length included.
   M = More fragments
   S = EAP-TLS start, set in an EAP-TLS Start message.
   R = Reserved

15.4 Example of EAP/TLS Authentication

      Smartcard           Authentication Server
                              <- EAP-Request/
                                 Identity
   EAP-Response/
   Identity (MyID) ->
                              <- EAP-Request/
                              EAP-Type=EAP-TLS
                              (TLS Start)
   EAP-Response/
   EAP-Type=EAP-TLS
   TLS client_hello)->
                              <- EAP-Request/
                                 EAP-Type=EAP-TLS
                                (TLS server_hello,
                                 TLS certificate,
                                 TLS certificate_request,
                                 TLS server_hello_done)
                                 (Fragment 1: L, M bits set)
   EAP-Response/
   EAP-Type=EAP-TLS ->
                              <- PPP EAP-Request/
                                 EAP-Type=EAP-TLS
                                (Fragment 2)

   EAP-Type=EAP-TLS
   (TLS certificate,
    TLS client_key_exchange,
    TLS certificate_verify,
    TLS change_cipher_spec,
    TLS finished) ->
                              <- EAP-Request/
                                 EAP-Type=EAP-TLS
                                (TLS change_cipher_spec,
                                 TLS finished)
   EAP-Response/
   EAP-Type=EAP-TLS ->
                              <- EAP-Success



   Urien & All        Informational - Expires October 2004           31

                     Integrating EAP in smartcards             May 2004

16 Annex 4 (Normative) ASN.1 BER Tag coding for the subscriber profile
information

   The subscriber profile is a collection of data associated to every
   identity. It can be used be the operating system of a wireless
   terminal in order to get information about user credentials.

   Various information (photos...) MAY be also available.

16.1 ASN.1 Subscriber Profile Encoding

  16.1.1 EapID

   EapID ::= OCTET STRING

   The EAP-ID associated to the current identity.

  16.1.2 EapType

   EapType ::= INTEGER

   The EAP type associated to the current identity.

  16.1.3 Version

   Version ::= INTEGER

   The protocol version associated to an EAP type.

  16.1.4 User Credential

   UserCredential ::= SEQUENCE OF CredentialObject

   CredentialObject ::= SEQUENCE {
   ObjectValue SubscriberInformation
   }

   SubscriberInformation ::= CHOICE {

   SSIDList [0] IMPLICIT SEQUENCE OF {
   SSIDName OCTET STRING
   },

   SubscriberCertificate [1] IMPLICIT SEQUENCE OF {
   Certificate X509Certificate
   },

   RootCertificate [2] IMPLICIT SEQUENCE OF {
   Certificate X509Certificate
   }


   Urien & All        Informational - Expires October 2004           32

                     Integrating EAP in smartcards             May 2004

   UserData [3] IMPLICIT SEQUENCE OF {
   { SubscriberFile UserFile
   }

   UserFile SEQUENCE OF {
   Name  OCTET STRING,
   Value BIT STRING Value
   }

   X509Certificate an ASN.1 definition, as described in [13].
  16.1.5 UserProfile

   UserProfile ::= SEQUENCE {
   ThisEapID   EapID,
   ThisEapType EapType,
   ThisVersion Version,
   ThisCredential UserCredential
   }

  16.1.6 UserProfile encoding example

   30 82 xx yy
    04 05 31 32 33 34 35          EapID   = 1235
    02 01 0D                      EapType = EAP-TLS
    02 01 01                      Version = 1
    30 xx
     A0 0E
      04 05 61 62 63 64 65       SSID = abcde
      04 05 66 67 68 69 6A       SSID = fghij
     A1 82 xx yy
      First  X509Certificate
      Second X509Certificate
     A2 82 xx yy
      First  Root X509Certificate
      Second Root X509Certificate
     A3 82 xx yy
      30 82 zz tt
       04 05 61 62 63 64 65  // Name = abcde
       03 82 zz tt
        File content












   Urien & All        Informational - Expires October 2004           33

                     Integrating EAP in smartcards             May 2004

17 Annex 5 (Informative) APDUs exchange example

   This annex shows ISO 7816 (T=0) TPDUs exchanged between the
   smartcard and the authentication agent

   // Select EAP application (AID= 11 22 33 44 55 66 01)
   Select.request:  00 A4 04 00 07 11 22 33 44 55 66 01
   Select.response: 90 00

   // Get current identity
   Get-Current-Identity.request:       A0 18 00 00 00
   Get-Current-Identity.response       98 04
   // !Pin code is requested

   // PIN code verification      (0000)
   Verify.request:             A0 20 00 00 08 30 30 30 30 FF FF FF FF
   Verify.response:            90 00

   // Try again
   Get-Current-Identity.request:       A0 18 00 00 00
   Get-Current-Identity.response:      6C 04
   Get-Current-Identity.request        A0 18 00 00 04
   Get-Current-Identity.response:      61 62 63 64 90 00


   // Get-Next-Identity()
   Get-Next-Identity.request:  A0 17 00 01 00
   Get-Next-Identity.response: 6C 04
   Get-Next-Identity.request:  A0 17 00 01 04
   Get-Next-Identity.response: 61 62 63 64 90 00

   // Set-Identity()
   Set-Identity.request:  A0 16 00 80 04 61 62 63 64
   Set-Identity.response: 90 00

   // Process EAP-Packets()
   EAP-Packet.request:   A0 80 00 00 05 01 A5 00 05 01
   EAP-Packet.response:  61 09
   GetResponse.request:  A0 C0 00 00 09
   GetResponse.response: 02 A5 00 09 01 61 62 63 64 90 00
   EAP-Packet.request    A0 80 00 00 08 01 A6 00 08 04 02 12 34
   EAP-Packet.response:  61 16
   GetResponse.request:  A0 C0 00 00 16
   GetResponse.response: 02 A6 00 16 04 10 CF A5 2D CD 63 5F 5C 6D
                         55 B8 09 FD B7 BB EC 3C 90 00







   Urien & All        Informational - Expires October 2004           34

                     Integrating EAP in smartcards             May 2004

18 Annex 6, EAP-TLS ISO7816 APDUs Trace (T=0 Protocol)

18.1 EAP-TLS session parameters

  18.1.2 CA Public Key (2048 bits)

   modulus:
       00:a5:62:a0:41:52:9a:ec:8e:27:24:a1:0c:a2:45:
       68:e3:ed:bd:3d:64:9a:7c:c2:74:5a:e2:60:fa:ac:
       6d:0f:dd:4c:45:ce:9d:b9:74:4e:35:fd:74:cd:13:
       63:dd:dc:ce:19:25:b9:d7:06:31:13:d7:ea:1e:54:
       1a:07:36:eb:97:2f:88:19:58:c5:76:ec:f9:b3:71:
       66:fa:3a:4e:94:f9:04:98:ff:b0:7f:b0:dc:af:c3:
       c8:a6:35:3d:ab:d4:67:07:ff:c6:e8:f0:03:a5:f1:
       5b:00:c8:8f:36:a1:f3:88:e8:23:f1:04:c6:d4:26:
       af:37:ad:a2:54:83:ab:13:56:83:8e:6f:b4:3a:d3:
       63:95:00:ad:ec:57:5d:95:2d:01:f5:7b:ae:6c:b6:
       43:4b:da:2b:e1:ed:f4:ab:e1:75:27:0f:2e:06:5c:
       42:30:b4:5e:06:59:58:e4:4b:b6:0e:ba:71:d6:1c:
       a0:70:ac:b1:2c:b2:fe:6b:7d:d8:42:1d:45:9d:d5:
       4a:62:06:2e:e2:dc:88:5b:8b:72:45:ac:e1:24:ea:
       08:66:30:5f:8c:e6:52:12:37:70:04:b0:37:5c:09:
       1e:3b:d4:97:0c:9b:41:3f:86:08:d7:db:19:cb:07:
       a3:b9:cb:75:49:99:dc:20:cd:f0:db:52:19:4b:15:
       f1:6d
   publicExponent: 65537 (0x10001)

  18.1.3 Server Public Key (1024 bits)
   modulus:
       00:bc:67:01:3c:b9:15:ec:12:81:e6:5a:4d:af:49:
       80:1d:db:6d:5c:f3:0c:fd:2f:f6:3f:5d:37:79:29:
       c7:39:1b:fd:76:6f:67:dd:0f:e9:e8:42:51:43:ba:
       46:ae:95:ff:76:91:9f:30:a3:9c:45:9a:22:f2:2b:
       75:66:52:97:95:c3:2f:ee:7d:cf:c9:dc:de:11:69:
       a3:46:ef:e8:25:24:62:14:df:02:2b:ad:f9:83:b9:
       3c:bb:a8:1c:44:c1:5a:11:39:70:1b:69:f9:95:4c:
       9b:d2:fd:fa:1a:e4:01:e3:bd:6f:d0:6c:f5:85:41:
       3c:28:ae:80:2b:46:70:a8:f3
   publicExponent: 65537 (0x10001)

  18.1.4 Client Private Key (1024 bits)
   modulus: // N
       00:de:7d:0e:f5:1d:17:16:c0:6f:51:b0:4c:ef:2e:
       c6:ca:f4:d8:66:01:bc:7b:21:12:37:ce:dc:61:72:
       f3:c8:ff:83:5c:2f:f5:2b:f8:f0:0f:bd:89:86:6a:
       3f:c2:8b:3b:bd:c7:98:fd:4b:1d:67:8f:85:66:12:
       74:6f:64:74:d0:31:07:46:04:ba:b1:74:70:b1:fc:
       d9:42:44:f8:97:c2:74:b9:45:5c:84:15:33:ec:4a:
       cb:41:d2:6e:7c:6d:bd:bc:cd:3e:64:ff:8f:33:63:
       fe:06:55:69:96:c6:96:fa:17:db:f8:7f:eb:5b:fe:
       00:3e:d1:8e:42:83:62:be:c3

   Urien & All        Informational - Expires October 2004           35

                     Integrating EAP in smartcards             May 2004

   publicExponent: 65537 (0x10001)
   privateExponent:
       00:9f:ad:4b:5d:d9:79:e7:a7:46:7d:6f:35:57:f7:
       cf:4e:7b:f9:0f:04:b1:fc:00:99:2d:9a:76:0a:2e:
       51:0e:71:6b:1a:6f:84:db:01:37:71:64:8b:5d:ff:
       c5:30:df:72:89:da:c5:4f:0c:68:d7:19:67:19:01:
       a7:b5:06:78:da:57:2f:2f:f6:c5:ce:75:b7:ca:9d:
       b2:f8:5a:62:27:40:b2:5c:42:f3:78:fd:42:f6:1a:
       56:44:a3:42:94:24:f6:37:53:fc:78:42:06:8a:1a:
       0b:43:cf:f8:92:60:8d:10:61:2c:ff:d3:79:ba:78:
       ed:f7:28:fb:61:dc:88:37:91
   prime1: // P
       00:fc:30:c8:10:41:80:f7:f2:1a:0c:28:2b:58:a0:
       44:3e:01:13:91:66:4f:96:27:0e:c3:0a:4f:58:b5:
       73:9a:3c:7a:fa:b9:19:8f:2b:32:8b:c8:bf:6c:77:
       b3:4d:e5:71:80:e5:74:9a:76:a5:c0:41:14:81:76:
       e0:9b:46:bd:db
   prime2: // Q
       00:e1:d9:6b:5e:41:2d:3e:b9:2a:a8:6b:6e:d0:fc:
       aa:b1:df:a7:4e:90:8d:11:54:7c:0d:ea:64:d5:f5:
       c1:d1:2b:02:77:b2:d2:6e:d8:93:56:ad:ee:ca:5a:
       c0:92:64:4b:b8:d8:f4:a2:8c:f0:18:17:64:51:0b:
       db:04:f3:3b:39
   exponent1: // DP1
       00:db:27:a9:34:37:38:54:3f:d7:d2:e8:b5:82:77:
       03:d6:be:28:bb:1a:25:df:5e:61:bd:ac:9f:f7:7e:
       f7:ce:f8:f0:06:22:04:cc:1d:c5:f7:23:a4:f6:25:
       af:73:ea:08:10:f3:55:b9:45:92:14:d8:79:71:68:
       55:17:9b:0a:31
   exponent2: // DQ1
       37:87:0e:27:d9:5c:77:6c:6d:39:85:58:74:97:7a:
       9c:4b:01:c6:86:31:b8:ce:0d:c6:1a:17:fa:a6:f6:
       a5:27:ae:ee:a1:0f:ad:e3:1f:ae:93:0a:ff:c3:7a:
       4f:43:cb:7e:42:11:3b:99:ed:39:ef:1e:61:f2:c9:
       41:99:4f:b9
   coefficient: //PQ
       5f:88:21:11:1f:0d:f0:cd:56:47:4f:1f:64:81:0e:
       d1:02:eb:39:42:01:c7:e4:4b:b6:31:65:2a:fd:51:
       11:1f:cd:3a:68:d4:e8:3c:4e:47:c1:ce:76:6b:2b:
       52:bd:76:dd:71:81:76:0f:69:9a:94:c3:41:3a:2e:
       c9:47:3c:e5

18.2 Full EAP-TLS trace (mode 2)

   // Set-Identity (abc) type=TLS
   Tx: A016800003616263
   Rx: 9000

   // TLS-START + GMT-UNIX-TIME
   Tx: A080000000A 011400060D20 3FAA2B6A
   Rx: 6150

   Urien & All        Informational - Expires October 2004           36

                     Integrating EAP in smartcards             May 2004

   Tx: A0C0000050
   // Client Hello
   Rx: 021400500D000000004616030100410100003D03013FAA2B6A08BDD285B43D1F
       3BC9715FC9F85FC453FE58F3A9E07FF397CD65392200001600040005000A0009
       006400620003000600130012006301009000

   // Server_Hello fragment#1 1396 octets size = 4710 octets
   Tx: A0800100F0011505740DC00000126616030112610200004603013FAA2B9BCC3D
       6179E2D7E78460A2596342C5014289B753209CA02A31DEDB9142206124000089
       2B16D27FEBD10B93D1EFC224C322B69B994C1A8FB2B5BD4094861A0004000B00
       05A80005A50005A23082059E30820486A003020102020A613116E50000000000
       03300D06092A864886F70D0101050500305231123010060A0992268993F22C64
       01191602667231143012060A0992268993F22C6401191604656E737431153013
       060A0992268993F22C64011916056261647261310F300D060355040313066361
       77696669301E170D3033313030323135323331345A
   Rx: 9000
   Tx: A0800100F0170D3035313030313135323331345A3066310B3009060355040613
       024652311630140603550408130D696C65206465206672616E6365310E300C06
       0355040713057061726973310D300B060355040A1304656E7374310F300D0603
       55040B1306696E66726573310F300D06035504031306616B6B61723130819F30
       0D06092A864886F70D010101050003818D0030818902818100BC67013CB915EC
       1281E65A4DAF49801DDB6D5CF30CFD2FF63F5D377929C7391BFD766F67DD0FE9
       E8425143BA46AE95FF76919F30A39C459A22F22B7566529795C32FEE7DCFC9DC
       DE1169A346EFE825246214DF022BADF983B93CBBA8
   Rx: 9000
   Tx: A0800100F01C44C15A1139701B69F9954C9BD2FDFA1AE401E3BD6FD06CF58541
       3C28AE802B4670A8F30203010001A38202E4308202E0300B0603551D0F040403
       0205A0304406092A864886F70D01090F04373035300E06082A864886F70D0302
       02020080300E06082A864886F70D030402020080300706052B0E030207300A06
       082A864886F70D030730130603551D25040C300A06082B06010505070301301D
       0603551D0E04160414234B9E6578CB280E3D968C5B6C4EA0911C1A7F73301F06
       03551D23041830168014E56DC55020881E3900398AF99EE0789DA4230F893081
       FB0603551D1F0481F33081F03081EDA081EAA081E7
   Rx: 9000
   Tx: A0800100F08681B16C6461703A2F2F2F434E3D6361776966692C434E3D616B6B
       6172312C434E3D4344502C434E3D5075626C69632532304B6579253230536572
       76696365732C434E3D53657276696365732C434E3D436F6E6669677572617469
       6F6E2C44433D62616472612C44433D656E73742C44433D66723F636572746966
       69636174655265766F636174696F6E4C6973743F626173653F6F626A65637443
       6C6173733D63524C446973747269627574696F6E506F696E748631687474703A
       2F2F616B6B6172312E62616472612E656E73742E66722F43657274456E726F6C
       6C2F6361776966692E63726C3082011306082B0601
   Rx: 9000
   Tx: A0800100F0050507010104820105308201013081AA06082B0601050507300286
       819D6C6461703A2F2F2F434E3D6361776966692C434E3D4149412C434E3D5075
       626C69632532304B657925323053657276696365732C434E3D53657276696365
       732C434E3D436F6E66696775726174696F6E2C44433D62616472612C44433D65
       6E73742C44433D66723F634143657274696669636174653F626173653F6F626A
       656374436C6173733D63657274696669636174696F6E417574686F7269747930
       5206082B060105050730028646687474703A2F2F616B6B6172312E6261647261
       2E656E73742E66722F43657274456E726F6C6C2F61

   Urien & All        Informational - Expires October 2004           37

                     Integrating EAP in smartcards             May 2004

   Rx: 9000
   Tx: A0800000C46B6B6172312E62616472612E656E73742E66725F6361776966692E
       637274302106092B060104018237140204141E12005700650062005300650072
       007600650072300D06092A864886F70D01010505000382010100946E33F7044A
       18F16E18337D8A22A230415DF07766ED94835E8A1FCBB7B16571D6EC6A9564AA
       C163383D17B223C29AB57825AE36156083249AA0A8EABED8C880D7E1EE58A301
       9D04D935EA3C6427052FDE1CCB60681691436C3580439F4C592ABA6489D43ABF
       EF9660EF60DA97FDA9
   Rx: 6106
   Tx: A0C0000006
   Rx: 021500060D009000 // EAP-ACK fragment#1

   // server hello fragment#2 1396 octets
   Tx: A0800100F0011605740D40E8436722315A8D1479DCA19BFFC9F6B15A538D80E1
       A0C107F079DF79DB2674DD914481C8E1B388577645C100F44F4EC3A7E077CC4B
       3AC3577FD1CD0575E651FF1BCD6C716402DD83858563EC791593018CEB0BD9DB
       12F4B2E8D19FC185787E1717265BA3E11E76E343D2DA8AD83C77188E4E96C049
       B3F3B7BCB886BB574858FE331EE4407AA893212C171B1883A3B0EA580D000C63
       0201020C5E00C43081C1310B300906035504061302555331173015060355040A
       130E566572695369676E2C20496E632E313C303A060355040B1333436C617373
       2031205075626C6963205072696D61727920436572
   Rx: 9000
   Tx: A0800100F074696669636174696F6E20417574686F72697479202D204732313A
       3038060355040B1331286329203139393820566572695369676E2C20496E632E
       202D20466F7220617574686F72697A656420757365206F6E6C79311F301D0603
       55040B1316566572695369676E205472757374204E6574776F726B00C43081C1
       310B300906035504061302555331173015060355040A130E566572695369676E
       2C20496E632E313C303A060355040B1333436C6173732034205075626C696320
       5072696D6172792043657274696669636174696F6E20417574686F7269747920
       2D204732313A3038060355040B1331286329203139
   Rx: 9000
   Tx: A0800100F0393820566572695369676E2C20496E632E202D20466F7220617574
       686F72697A656420757365206F6E6C79311F301D060355040B13165665726953
       69676E205472757374204E6574776F726B00D43081D1310B3009060355040613
       025A41311530130603550408130C5765737465726E2043617065311230100603
       55040713094361706520546F776E311A3018060355040A131154686177746520
       436F6E73756C74696E6731283026060355040B131F4365727469666963617469
       6F6E205365727669636573204469766973696F6E312430220603550403131B54
       686177746520506572736F6E616C20467265656D61
   Rx: 9000
   Tx: A0800100F0696C204341312B302906092A864886F70D010901161C706572736F
       6E616C2D667265656D61696C407468617774652E636F6D00D23081CF310B3009
       060355040613025A41311530130603550408130C5765737465726E2043617065
       31123010060355040713094361706520546F776E311A3018060355040A131154
       686177746520436F6E73756C74696E6731283026060355040B131F4365727469
       6669636174696F6E205365727669636573204469766973696F6E312330210603
       550403131A54686177746520506572736F6E616C205072656D69756D20434131
       2A302806092A864886F70D010901161B706572736F
   Rx: 9000
   Tx: A0800100F06E616C2D7072656D69756D407468617774652E636F6D0086308183
       310B3009060355040613025553312D302B060355040A13244669727374204461

   Urien & All        Informational - Expires October 2004           38

                     Integrating EAP in smartcards             May 2004

       7461204469676974616C2043657274696669636174657320496E632E31453043
       0603550403133C46697273742044617461204469676974616C20436572746966
       69636174657320496E632E2043657274696669636174696F6E20417574686F72
       69747900CE3081CB310B3009060355040613025A41311530130603550408130C
       5765737465726E204361706531123010060355040713094361706520546F776E
       311A3018060355040A131154686177746520436F6E
   Rx: 9000
   Tx: A0800000C473756C74696E6731283026060355040B131F436572746966696361
       74696F6E205365727669636573204469766973696F6E3121301F060355040313
       1854686177746520506572736F6E616C2042617369632043413128302606092A
       864886F70D0109011619706572736F6E616C2D6261736963407468617774652E
       636F6D0061305F310B300906035504061302555331173015060355040A130E56
       6572695369676E2C20496E632E31373035060355040B132E436C617373203320
       5075626C6963205072
   Rx: 6106
   Tx: A0C0000006
   Rx: 021600060D009000 // EAP-ACK fragment#2

   // server hello fragment#3 1396 octets
   Tx: A0800100F0011705740D40696D6172792043657274696669636174696F6E2041
       7574686F726974790061305F310B300906035504061302555331173015060355
       040A130E566572695369676E2C20496E632E31373035060355040B132E436C61
       73732032205075626C6963205072696D6172792043657274696669636174696F
       6E20417574686F726974790061305F310B300906035504061302555331173015
       060355040A130E566572695369676E2C20496E632E31373035060355040B132E
       436C6173732031205075626C6963205072696D61727920436572746966696361
       74696F6E20417574686F7269747900C43081C1310B
   Rx: 9000
   Tx: A0800100F0300906035504061302555331173015060355040A130E5665726953
       69676E2C20496E632E313C303A060355040B1333436C6173732033205075626C
       6963205072696D6172792043657274696669636174696F6E20417574686F7269
       7479202D204732313A3038060355040B13312863292031393938205665726953
       69676E2C20496E632E202D20466F7220617574686F72697A656420757365206F
       6E6C79311F301D060355040B1316566572695369676E205472757374204E6574
       776F726B009C308199310B30090603550406130248553111300F060355040713
       08427564617065737431273025060355040A131E4E
   Rx: 9000
   Tx: A0800100F065744C6F636B2048616C6F7A617462697A746F6E73616769204B66
       742E311A3018060355040B131154616E7573697476616E796B6961646F6B3132
       3030060355040313294E65744C6F636B20557A6C6574692028436C6173732042
       292054616E7573697476616E796B6961646F00473045310B3009060355040613
       02555331183016060355040A130F47544520436F72706F726174696F6E311C30
       1A06035504031313475445204379626572547275737420526F6F740077307531
       0B300906035504061302555331183016060355040A130F47544520436F72706F
       726174696F6E31273025060355040B131E47544520
   Rx: 9000
   Tx: A0800100F04379626572547275737420536F6C7574696F6E732C20496E632E31
       2330210603550403131A475445204379626572547275737420476C6F62616C20
       526F6F7400C63081C3310B300906035504061302555331143012060355040A13
       0B456E74727573742E6E6574313B3039060355040B13327777772E656E747275
       73742E6E65742F43505320696E636F72702E206279207265662E20286C696D69

   Urien & All        Informational - Expires October 2004           39

                     Integrating EAP in smartcards             May 2004

       7473206C6961622E2931253023060355040B131C286329203139393920456E74
       727573742E6E6574204C696D69746564313A303806035504031331456E747275
       73742E6E6574205365637572652053657276657220
   Rx: 9000
   Tx: A0800100F043657274696669636174696F6E20417574686F7269747900B23081
       AF310B30090603550406130248553110300E0603550408130748756E67617279
       3111300F06035504071308427564617065737431273025060355040A131E4E65
       744C6F636B2048616C6F7A617462697A746F6E73616769204B66742E311A3018
       060355040B131154616E7573697476616E796B6961646F6B3136303406035504
       03132D4E65744C6F636B204B6F7A6A6567797A6F692028436C61737320412920
       54616E7573697476616E796B6961646F00C43081C1310B300906035504061302
       555331173015060355040A130E566572695369676E
   Rx: 9000
   Tx: A0800000C42C20496E632E313C303A060355040B1333436C6173732032205075
       626C6963205072696D6172792043657274696669636174696F6E20417574686F
       72697479202D204732313A3038060355040B1331286329203139393820566572
       695369676E2C20496E632E202D20466F7220617574686F72697A656420757365
       206F6E6C79311F301D060355040B1316566572695369676E205472757374204E
       6574776F726B0070306E310B300906035504061302555331183016060355040A
       130F47544520436F72
   Rx: 6106
   Tx: A0C0000006
   Rx: 021700060D009000 // EAP-ACK fragment#3

   // Server hello fragment#4 550 octets
   Tx: A0800100F0011802260D00706F726174696F6E31273025060355040B131E4754
       45204379626572547275737420536F6C7574696F6E732C20496E632E311C301A
       06035504031313475445204379626572547275737420526F6F74009E30819B31
       0B30090603550406130248553111300F06035504071308427564617065737431
       273025060355040A131E4E65744C6F636B2048616C6F7A617462697A746F6E73
       616769204B66742E311A3018060355040B131154616E7573697476616E796B69
       61646F6B313430320603550403132B4E65744C6F636B20457870726573737A20
       28436C6173732043292054616E7573697476616E79
   Rx: 9000
   Tx: A0800100F06B6961646F0054305231123010060A0992268993F22C6401191602
       667231143012060A0992268993F22C6401191604656E737431153013060A0992
       268993F22C64011916056261647261310F300D06035504031306636177696669
       00723070312B3029060355040B1322436F707972696768742028632920313939
       37204D6963726F736F667420436F72702E311E301C060355040B13154D696372
       6F736F667420436F72706F726174696F6E3121301F060355040313184D696372
       6F736F667420526F6F7420417574686F726974790061305F31133011060A0992
       268993F22C6401191603636F6D31193017060A0992
   Rx: 9000
   Tx: A080000046268993F22C64011916096D6963726F736F6674312D302B06035504
       0313244D6963726F736F667420526F6F74204365727469666963617465204175
       74686F726974790E000000

   // Client Response
   Rx: 61FA // = 240 + 6 + 4
   Tx: A0C00000FA // fragment#1
   Rx: 021700FA0D4000000721160301071C0B0005E10005DE0005DB308205D7308204

   Urien & All        Informational - Expires October 2004           40

                     Integrating EAP in smartcards             May 2004

       BFA003020102020A61253DFF000000000006300D06092A864886F70D01010505
       00305231123010060A0992268993F22C6401191602667231143012060A099226
       8993F22C6401191604656E737431153013060A0992268993F22C640119160562
       61647261310F300D06035504031306636177696669301E170D30333131303630
       39333635395A170D3034313130353039333635395A306231123010060A099226
       8993F22C6401191602667231143012060A0992268993F22C6401191604656E73
       7431153013060A0992268993F22C64011916056261647261310E9000

   Tx: A080000006011800060D00 // EAP-ACK fragment#1
   Rx: 61F6
   Tx: A0C00000F6 // fragment#2
   Rx: 021700F60D40300C060355040313055573657273310F300D0603550403130668
       616A6A656830819F300D06092A864886F70D010101050003818D003081890281
       8100DE7D0EF51D1716C06F51B04CEF2EC6CAF4D86601BC7B211237CEDC6172F3
       C8FF835C2FF52BF8F00FBD89866A3FC28B3BBDC798FD4B1D678F856612746F64
       74D031074604BAB17470B1FCD94244F897C274B9455C841533EC4ACB41D26E7C
       6DBDBCCD3E64FF8F3363FE06556996C696FA17DBF87FEB5BFE003ED18E428362
       BEC30203010001A38203213082031D300B0603551D0F0404030205A030440609
       2A864886F70D01090F04373035300E06082A864886F79000

   Tx: A080000006011900060D00 // EAP-ACK fragment#2
   Rx: 61F6
   Tx: A0C00000F6 // fragment#3
   Rx: 021700F60D400D030202020080300E06082A864886F70D030402020080300706
       052B0E030207300A06082A864886F70D0307301D0603551D0E04160414526E17
       0649667E12FD1EC69D4CC8A02640B75928301706092B0601040182371402040A
       1E080055007300650072301F0603551D23041830168014E56DC55020881E3900
       398AF99EE0789DA4230F893081FB0603551D1F0481F33081F03081EDA081EAA0
       81E78681B16C6461703A2F2F2F434E3D6361776966692C434E3D616B6B617231
       2C434E3D4344502C434E3D5075626C69632532304B6579253230536572766963
       65732C434E3D53657276696365732C434E3D436F6E669000

   Tx: A080000006011A00060D00 // EAP-ACK fragment#3
   Rx: 61F6
   Tx: A0C00000F6 // fragment#4
   Rx: 021700F60D40696775726174696F6E2C44433D62616472612C44433D656E7374
       2C44433D66723F63657274696669636174655265766F636174696F6E4C697374
       3F626173653F6F626A656374436C6173733D63524C446973747269627574696F
       6E506F696E748631687474703A2F2F616B6B6172312E62616472612E656E7374
       2E66722F43657274456E726F6C6C2F6361776966692E63726C3082011306082B
       0601050507010104820105308201013081AA06082B0601050507300286819D6C
       6461703A2F2F2F434E3D6361776966692C434E3D4149412C434E3D5075626C69
       632532304B657925323053657276696365732C434E3D9000

   Tx: A080000006011B00060D00// EAP-ACK fragment#4
   Rx: 61F6
   Tx: A0C00000F6 // fragment#5
   Rx: 021700F60D4053657276696365732C434E3D436F6E66696775726174696F6E2C
       44433D62616472612C44433D656E73742C44433D66723F634143657274696669
       636174653F626173653F6F626A656374436C6173733D63657274696669636174
       696F6E417574686F72697479305206082B060105050730028646687474703A2F

   Urien & All        Informational - Expires October 2004           41

                     Integrating EAP in smartcards             May 2004

       2F616B6B6172312E62616472612E656E73742E66722F43657274456E726F6C6C
       2F616B6B6172312E62616472612E656E73742E66725F6361776966692E637274
       30290603551D2504223020060A2B0601040182370A030406082B060105050703
       0406082B06010505070302302F0603551D11042830269000

   Tx: A080000006011C00060D00 // EAP-ACK fragment#5
   Rx: 61F6
   Tx: A0C00000F6 // fragment#6
   Rx: 021700F60D40A024060A2B060104018237140203A0160C1468616A6A65684062
       616472612E656E73742E6672300D06092A864886F70D01010505000382010100
       13A233AA6EDB4282A69EF9D023D51F32FD0B97AF03C4BACD6B7ED5C155110EBA
       CC3F0FAD6D853DEE845CC33D0E9D8ECC7514295F854D16F6409DFEB61A60C9A1
       EF0BC09AD3C1A93BEE546B2DF9DBAB8AD9A90AAB5CEE35FF6751275873D1C509
       3339B4ADEA0F40C54754DAE7461966322B5772B460B7FA2F5985D496C52CAF74
       56DF2D78E4DE9B1C48F2ACB987BA9BDE3D1624645330F0FBF0103C547DA547C1
       F03B1C2BB5CDD06D38D2ABFAFD06387235E8E49DEDCB9000

   Tx: A080000006011D00060D00 // EAP-ACK fragment#6
   Rx: 61F6
   Tx: A0C00000F6 // fragment#7
   Rx: 021700F60D407E2B7E80A15B1317A04ECF1ADBF475AC82D67514A6EF5EBFFAD4
       0D5D5F7395179677703BFC3A9D34623BD28EC9186A1078130652552D5CFEF1B6
       CDBA5197910A4C87CAD1F92FA7EB7A0B1000008200808FD83C571FE7D71E76A8
       6405BDBC95BA4BD67A48F4BD8084F4F944C1ACDF1FACF85FFC111BE3CE8AFFB4
       8F6DA6C5477761A34C7889CB148DA42141BBC1E942BAC8752B7FD255574F654D
       BED3DEF89EE0F79BEEBF43DC737F158F99C17A2461B2C5D5E2A75FCBBD7F5275
       AD781127300E46EC61408EF2BABC200F85363926301E0F0000820080BDD2429D
       21DAE14D9727D2F715BF30A65E61C7608D5C0B6035BC9000

   Tx: A080000006011E00060D00 // EAP-ACK fragment#7
   Rx: 6197
   Tx: ACC00000F6 // fragment#8
   Rx: 021700970D00CC014BAFE24BB98550AF86E13B6D8D371E5A922D20DD338B563B
       7E9C9AF0EF9110C77B468A651915575D348A7D29B89CC5A8D4B8AA715D53E340
       E6E7AD6B6E3438F358B870C5DA5E61C45EE5E3F9454219F48A34CC9810A946F0
       C652675E3CA81ABA229309B71403010001011603010020C97EBCFF0C20271CAE
       21FAA80898278660D393CB4C640390CDEB14592A0392F7752B7FD255574F654D
       BED3DEF89EE0F79BEEBF43DC737F158F99C17A2461B2C5D5E2A75FCBBD7F5275
       AD781127300E46EC61408EF2BABC200F85363926301E0F0000820080BDD2429D
       21DAE14D9727D2F715BF30A65E61C7608D5C0B6035BC9000

   Tx: A080000006011F00060D00 // EAP-ACK fragment#8
   Rx: 6197
   Tx: A0C0000097 // fragment#9
   Rx: 021700970D00CC014BAFE24BB98550AF86E13B6D8D371E5A922D20DD338B563B
       7E9C9AF0EF9110C77B468A651915575D348A7D29B89CC5A8D4B8AA715D53E340
       E6E7AD6B6E3438F358B870C5DA5E61C45EE5E3F9454219F48A34CC9810A946F0
       C652675E3CA81ABA229309B71403010001011603010020C97EBCFF0C20271CAE
       21FAA80898278660D393CB4C640390CDEB14592A0392F79000

   // Server Finished

   Urien & All        Informational - Expires October 2004           42

                     Integrating EAP in smartcards             May 2004

   Tx: A080000035012A00350D800000002B14030100010116030100209255D2089E41
       30B5984AF43B604A108AA11376F368E71BCF81EEFEBC00289C1C
   Rx: 6106
   Tx: ACC0000006
   Rx: 022A00060D009000 // EAP-ACK Server-Finished

   // Get PMK
   Tx: A0A6000040
   Rx: B7CD0C7DCBD83D45B2DB1D6598FE696A10176E21B62D8A33AD2970A560CE5E84
       8F0A6773E9C0264015861CE712C9A692844A28B6D5641E4D90D38994A94A2C6D
       9000

18.3 EAP-TLS mode1 ISO7816 trace (T=0 protocol)

   The EAP-TLS smartcard mode1, supports five functions
   - Public Key Encryption, with the server public key
   - Private Key Encryption, with the client private key
   - Public Key decryption, with the Certification Authority (CA)
     public key
   - Reading of the client's certificate
   - Random Number Generator

   In this mode the EAP-TLS smartcard interface doesn't provide RSA
   functions. Furthermore all client's parameters (RSA keys and
   certificate) are stored in the smartcard.

   // Set-Identity (abc TLS) type=TLS
   Tx: A016800003616263
   Rx: 9000

   // RANDOM Number Generator
   Tx: A060 0200 1C  // 28 bytes
   Rx: 08BDD285B43D1F3BC9715FC9F85FC453FE58F3A9E07FF397CD653922

   // Set Server Public KEY (FCT = Initialize + Public-Encrypt)
   Tx: A0604800870080bc67013cb915ec1281e65a4daf49801ddb6d5cf30cfd2ff63f
       5d377929c7391bfd766f67dd0fe9e8425143ba46ae95ff76919f30a39c459a22
   ....f22b7566529795c32fee7dcfc9dcde1169a346efe825246214df022badf983b9
   ....cbba81c44c15a1139701b69f9954c9bd2fdfa1ae401e3bd6fd06cf585413c28a
   ....e802b4670a8f30003010001

   // Pre-Master Secret Encryption with the Server Public Key
   // FCT = Do-Final + Public-Encrypt
   Tx: A0600800300301c5a68fb75123308e2ddbb27b63fe021e8724e7bc5c17078b3b
   ....3f90ba00d128f80b07ad786b6de36e5f94ffdfeb49
   RX: 6180
   TX: 8fd83c571fe7d71e76a86405bdbc95ba4bd67a48f4bd8084f4f944c1acdf1fac
       f85ffc111be3ce8affb48f6da6c5477761a34c7889cb148da42141bbc1e942ba
       c8752b7fd255574f654dbed3def89ee0f79beebf43dc737f158f99c17a2461b2
       c5d5e2a75fcbbd7f5275ad781127300e46ec61408ef2babc200f85363926301e


   Urien & All        Informational - Expires October 2004           43

                     Integrating EAP in smartcards             May 2004

   // Private Encrypt with Client Private Key
   // FCT = Do-Final + Private-Encrypt
   // (Client Certificate Verify)
   Tx: A0604002249c0326e6d899fa802cc981b86e9b65f41234db8e2456e5f3dccd68
       a34f25b4e72153f50e
   Rx: 6180
   Tx: A0C0000080
   Rx: bdd2429d21dae14d9727d2f715bf30a65e61c7608d5c0b6035bccc014bafe24b
       b98550af86e13b6d8d371e5a922d20dd338b563b7e9c9af0ef9110c77b468a65
       1915575d348a7d29b89cc5a8d4b8aa715d53e340e6e7ad6b6e3438f358b870c5
       da5e61c45ee5e3f9454219f48a34cc9810a946f0c652675e3ca81aba229309b7

   // Public Decrypt#1 with CA public key, first byte
   // FCT = Do-Final + Index#1 + Public-Decrypt
   // Checking of server certificate
   Tx: A061 1B 00 01 13
   Rx: 9000
   // Public Decrypt#1 (with CA public key, 255 bytes)
   Tx: A0601A00FFA233AA6EDB4282A69EF9D023D51F32FD0B97AF03C4BACD6B7ED5C1
       55110EBACC3F0FAD6D853DEE845CC33D0E9D8ECC7514295F854D16F6409DFEB6
       1A60C9A1EF0BC09AD3C1A93BEE546B2DF9DBAB8AD9A90AAB5CEE35FF67512758
       73D1C5093339B4ADEA0F40C54754DAE7461966322B5772B460B7FA2F5985D496
       C52CAF7456DF2D78E4DE9B1C48F2ACB987BA9BDE3D1624645330F0FBF0103C54
       7DA547C1F03B1C2BB5CDD06D38D2ABFAFD06387235E8E49DEDCB7E2B7E80A15B
       1317A04ECF1ADBF475AC82D67514A6EF5EBFFAD40D5D5F7395179677703BFC3A
       9D34623BD28EC9186A1078130652552D5CFEF1B6CDBA5197910A4C87CAD1F92F
       A7EB7A0B
   Rx: 6123
   Tx: A0C0000023 // Certificate Hash
   Rx: 3021300906052B0E03021A0500041429A563710F25832AFB692E44F4B9AFF36F
       BE91A79000

   // Read Client Certificate
   // Certificate Init
   // FCT = INIT + Certificate
   Tx: A060 4000 00 // Certificate fragment#1
   Rx: 308205D7308204BFA003020102020A61253DFF000000000006300D06092A8648
       86F70D0101050500305231123010060A0992268993F22C640119160266723114
       3012060A0992268993F22C6401191604656E737431153013060A0992268993F2
       2C64011916056261647261310F300D06035504031306636177696669301E170D
       3033313130363039333635395A170D3034313130353039333635395A30623112
       3010060A0992268993F22C6401191602667231143012060A0992268993F22C64
       01191604656E737431153013060A0992268993F22C6401191605626164726131
       0E300C060355040313055573657273310F300D0603550403130668616A6A6568
       9000
   Tx: A060 0000 00 // Certificate fragment#2
   Rx: 30819F300D06092A864886F70D010101050003818D0030818902818100DE7D0E
       F51D1716C06F51B04CEF2EC6CAF4D86601BC7B211237CEDC6172F3C8FF835C2F
       F52BF8F00FBD89866A3FC28B3BBDC798FD4B1D678F856612746F6474D0310746
       04BAB17470B1FCD94244F897C274B9455C841533EC4ACB41D26E7C6DBDBCCD3E
       64FF8F3363FE06556996C696FA17DBF87FEB5BFE003ED18E428362BEC3020301

   Urien & All        Informational - Expires October 2004           44

                     Integrating EAP in smartcards             May 2004

       0001A38203213082031D300B0603551D0F0404030205A0304406092A864886F7
       0D01090F04373035300E06082A864886F70D030202020080300E06082A864886
       F70D030402020080300706052B0E030207300A06082A864886F70D0307301D06
       9000
   Tx: A060 0000 00 // Certificate fragment#3
   Rx: 03551D0E04160414526E170649667E12FD1EC69D4CC8A02640B7592830170609
       2B0601040182371402040A1E080055007300650072301F0603551D2304183016
       8014E56DC55020881E3900398AF99EE0789DA4230F893081FB0603551D1F0481
       F33081F03081EDA081EAA081E78681B16C6461703A2F2F2F434E3D6361776966
       692C434E3D616B6B6172312C434E3D4344502C434E3D5075626C69632532304B
       657925323053657276696365732C434E3D53657276696365732C434E3D436F6E
       66696775726174696F6E2C44433D62616472612C44433D656E73742C44433D66
       723F63657274696669636174655265766F636174696F6E4C6973743F62617365
       9000
   Tx: A060 0000 00 // Certificate fragment#4
   Rx: 3F6F626A656374436C6173733D63524C446973747269627574696F6E506F696E
       748631687474703A2F2F616B6B6172312E62616472612E656E73742E66722F43
       657274456E726F6C6C2F6361776966692E63726C3082011306082B0601050507
       010104820105308201013081AA06082B0601050507300286819D6C6461703A2F
       2F2F434E3D6361776966692C434E3D4149412C434E3D5075626C69632532304B
       657925323053657276696365732C434E3D53657276696365732C434E3D436F6E
       66696775726174696F6E2C44433D62616472612C44433D656E73742C44433D66
       723F634143657274696669636174653F626173653F6F626A656374436C617373
       9000
   Tx: A060 0000 00 // Certificate fragment#5
   Rx: 3D63657274696669636174696F6E417574686F72697479305206082B06010505
       0730028646687474703A2F2F616B6B6172312E62616472612E656E73742E6672
       2F43657274456E726F6C6C2F616B6B6172312E62616472612E656E73742E6672
       5F6361776966692E63727430290603551D2504223020060A2B0601040182370A
       030406082B0601050507030406082B06010505070302302F0603551D11042830
       26A024060A2B060104018237140203A0160C1468616A6A65684062616472612E
       656E73742E6672300D06092A864886F70D0101050500038201010013A233AA6E
       DB4282A69EF9D023D51F32FD0B97AF03C4BACD6B7ED5C155110EBACC3F0FAD6D
       9000
   Tx: A060 0000 00 // Certificate fragment#6
   Rx: 6CDB
   Tx: A060 0000 DB // Certificate fragment#6
   Rx: 853DEE845CC33D0E9D8ECC7514295F854D16F6409DFEB61A60C9A1EF0BC09AD3
       C1A93BEE546B2DF9DBAB8AD9A90AAB5CEE35FF6751275873D1C5093339B4ADEA
       0F40C54754DAE7461966322B5772B460B7FA2F5985D496C52CAF7456DF2D78E4
       DE9B1C48F2ACB987BA9BDE3D1624645330F0FBF0103C547DA547C1F03B1C2BB5
       CDD06D38D2ABFAFD06387235E8E49DEDCB7E2B7E80A15B1317A04ECF1ADBF475
       AC82D67514A6EF5EBFFAD40D5D5F7395179677703BFC3A9D34623BD28EC9186A
       1078130652552D5CFEF1B6CDBA5197910A4C87CAD1F92FA7EB7A0B9000

19 References

   [1] L. Blunk, J. Vollbrecht, "PPP Extensible Authentication Protocol
   (EAP)", RFC 2284, March 1998. (NORMATIVE)

   [2] EAP SIM Authentication,  draft-haverinen-pppext-eap-sim-13.txt.

   Urien & All        Informational - Expires October 2004           45

                     Integrating EAP in smartcards             May 2004


   [3] GSM Technical Specification GSM 11.11. Digital cellular
   telecommunications system (Phase 2+); Specification of the
   Subscriber Identity Module - Mobile Equipment (SIM - ME)

   [4] Part 11: Wireless LAN Medium Access Control (MAC) and Physical
   Layer (PHY) Specifications

   [5] Standards for Local and Metropolitan Area Networks: Standard for
   Port based Network Access Control.

   [6] "The Network Access Identifier" RFC 2486

   [7] "Can you Clone a GSM Smartcard (SIM)? " From Charles Brookson
   Chairman GSM Association Security Group

   [8] Part 11: Wireless Medium Access Control (MAC) and physical layer
   (PHY) specifications: Specification for Enhanced Security

   [9] ASN.1 standard 2002 edition ISO/IEC 8825.1.
   http://asn1.elibel.tm.fr/en/standards/index.htm

   [10] Extensible Markup Language (XML) 1.0 (Second Edition), W3C
   Recommendation 6 October 2000

   [11] B. Aboba, D. Simon, EAP TLS Authentication Protocol RFC 2716,
   October 1999.

   [12] H. Andersson, S. Josefsson, G. Zorn, D. Simon, A. Palekar,
   "Protected EAP Protocol (PEAP)", draft-josefsson-pppext-eap-tls-eap-
   05.txt, work-in-progress, September 2002. (INFORMATIVE)

   [13] PKCS #6: Extended-Certificate Syntax Standard, An RSA
   Laboratories Technical Note, Version 1.5, Revised November 1, 1993.

   [14] RFC 2284 bis, draft-ietf-eap-rfc2284bis-08.txt

   [15] T.Dierks, C.Allen, RFC 2246, "The TLS Protocol Version 1.0",
   January 1999.

20 Author's Addresses

   Pascal Urien
   ENST
   46 rue Barrault
   75013 Paris               Phone: NA
   France                    Email: Pascal.Urien@enst.fr

   Augustin J. Farrugia
   Impasse des CAMEGIERS     Phone: NA
   Ceyreste, 13600 France    Email: afarrugia@csi.com

   Urien & All        Informational - Expires October 2004           46

                     Integrating EAP in smartcards             May 2004


   Max de Groot
   Gemplus
   Avenue du Pic de Bertagne
   BP 100, 13881 Gemenos     Phone: NA
   France                    Email: max.de-groot@gemplus.com

   Guy Pujolle
   LIP6 - University Paris 6
   8 rue Capitaine Scott     Phone: NA
   Paris 75015 France        Email: Guy.Pujolle@lip6.fr

   Jorge Abellan
   Axalto.
   50, Av Jean Jaures        Phone: +33 1 46 00 59 33
   Montrouge 92542 France    Email: Jorge.abellan@slb.com




































   Urien & All        Informational - Expires October 2004           47


Html markup produced by rfcmarkup 1.129c, available from https://tools.ietf.org/tools/rfcmarkup/