8.47 EAP authentication +CEAP

27.0073GPPAT command set for User Equipment (UE)Release 18TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

Table 107: +CEAP action command syntax

Command

Possible response(s)

+CEAP=<dfname>,<EAPMethod>,<EAP packet data>[,<DFeap>]

+CEAP: <EAPsessionid>, <EAP packet response>

+CME ERROR: <err>

+CEAP=?

Description

This command allows a TE to exchange EAP packets with the UICC or the ME.

Prior to the execution of this command, the TE shall retrieve the available AIDs using the +CUAD command. The TE shall select one appropriate AID to be addressed. Selection may include asking the user, and considering EAP methods supported by the AIDs. The TE shall set the <dfname> value using the selected AID and shall set the <EAPMethod> value to the requested EAP method. The TE may set the <DFeap> value to the directory file identifier that is applicable to the <EAPMethod>; which is derived from the discretionary data returned by +CUAD. The parameter is mandatory for EAP terminated in UICC.

If the targeted application on the UICC does support the requested EAP method, the MT shall use the value provided in <DFeap>, and it shall transmit the <EAP packet data> to the UICC application using the Authenticate APDU command as defined in ETSI TS 102 310 [66]. The appropriate DF_EAP in the ADF must be selected prior to the submission of an EAP Authenticate command with the <EAP packet data>. Then the EAP Response data sent by the UICC application in its response to the Authenticate command shall be provided to the TE in <EAP packet response>.

If the targeted application on the UICC does not support the requested EAP method and if the MT does support this method then the <EAP packet data> shall be handled by the MT. During the handling of the EAP method, the MT shall run the authentication algorithm on the SIM or USIM, respectively.

Also the MT has to allocate an <EAPsessionid> in order to identify an EAP session and its corresponding keys and parameters.

If neither the MT nor the appropriate UICC application support the requested EAP method, the MT shall respond with +CME ERROR: 49 (EAP method not supported).

Refer clause 9.2 for possible <err> values.

Defined values

<dfname>: string type in hexadecimal character format. All selectable applications are represented in the UICC by an AID coded on 1 to 16 bytes.

<EAPMethod>: string type in hexadecimal character format. This is the EAP Method Type as defined in RFC 3748 [68] in 1 byte format or 8 bytes expanded format. The value range for 1 byte format and for 8 bytes expanded format is defined in RFC 3748 [68].

<EAP packet data>: string type in hexadecimal character format. This is the EAP packet data in hexadecimal character as defined in ETSI TS 102 310 [66].

<DFeap>: string type in hexadecimal character format. Contains the DF(EAP) associated with the specified <EAPMethod> on the SIM/UICC as defined in ETSI TS 102 310 [66] (e.g. "6D34").

<EAPsessionid>: integer type. This is the identifier of the EAP session to be used in order to retrieve the EAP parameters with EAP Retreive Parameters +CERP command. Value range is from 1 to 4294967295.

<EAP packet response>: string type in hexadecimal character format. Defined in ETSI TS 102 310 [66].

Implementation

Optional.