id: 1968143690504d698c5e3e66eaf48339 parent_id: d4c869fee9a04d8c82f3665e67af9808 item_type: 1 item_id: 445891dba8674cae8b865a6fd2a3faf1 item_updated_time: 1781521674116 title_diff: "[]" body_diff: "[{\"diffs\":[[1,\"# Ford EoL Key Fob Provisioning System (SCP03)\\\n\\\n\"],[0,\"## Project O\"]],\"start1\":0,\"start2\":0,\"length1\":12,\"length2\":60},{\"diffs\":[[0,\"|\\\n\\\n---\\\n\\\n\"],[1,\"## Implementation Status (2026-06-15)\\\n\\\nA 7-crate Rust workspace has been implemented and committed (`0e0243b`). Everything runs **headless** — no hardware required — against a simulated JCOP applet. **54 unit tests pass, `clippy -D warnings` clean, `fmt` clean.**\\\n\\\n### Workspace Layout\\\n\\\n| Crate | Purpose | Status |\\\n|---|---|---|\\\n| `kf-crypto` | AES-CMAC/CBC (NIST-validated), ISO 9797-1 Method 2 padding, zeroizing keys, `ct_eq` | ✅ Done |\\\n| `kf-apdu` | APDU command/response (short + extended), `StatusWord` enum, GP command builders | ✅ Done |\\\n| `kf-scp03` | Session key derivation, host/card cryptograms, `Scp03Channel` wrap/unwrap, shared `wire` module | ✅ Done |\\\n| `kf-transport` | `SmartcardTransport` trait, `MockTransport`, `SimulatedJcopApplet` | ✅ Done |\\\n| `kf-source` | `ProvisioningSource` trait (async), serde types, `StaticProvisioningSource` | ✅ Done |\\\n| `kf-provision` | `Provisioner` orchestrator + `AuditRecord` | ✅ Done |\\\n| `kf-station` | CLI binary (`self-test`, `provision`) | ✅ Done |\\\n\\\n### Implemented & Tested (headless)\\\n- Crypto primitives validated against NIST SP 800-38B AES-CMAC vectors.\\\n- Full SCP03 state machine: INITIALIZE UPDATE → session key derivation → EXTERNAL AUTHENTICATE → secure messaging wrap/unwrap.\\\n- Simulated JCOP applet handles the complete handshake + STORE DATA / PUT KEY / SET STATUS.\\\n- End-to-end pipeline against the mock (54 tests, all green).\\\n- Security hardening: CSPRNG host challenge (`getrandom`), constant-time compares (`ct_eq`), zeroizing keys, redacted Debug, R-MAC hard-fail.\\\n- Audit records carry real ISO-8601 UTC timestamps + typed error cause.\\\n\\\n### Stubbed Behind Traits (pending external decisions / hardware)\\\n- **File container parser** — `ProvisioningSource` trait ready; awaits sample containers.\\\n- **DLL/SO content provider** — trait ready; awaits DLL interface spec.\\\n- **KLMS REST client** — serde types ready; awaits REST API contract + mTLS details.\\\n- **Real `pcsc` transport** — `SmartcardTransport` trait ready; awaits NFC reader hardware.\\\n\\\n### Build & Test Commands\\\n```sh\\\ncargo fmt --all\\\ncargo clippy --all-targets -- -D warnings\\\ncargo test --workspace\\\ncargo run -p kf-station -- self-test\\\n```\\\n\\\n> See the companion note **\\\"Keyfob Station — Code Review & Open Issues\\\"** for the findings from the code analysis and the items deferred to the real-card / JCShell step.\\\n\\\n### Next Steps (awaiting input)\\\n1. **File container + JCShell script** — user will provide container(s) of provisioning content and the JCShell script(s) that provision them. These will drive the `FileContainerSource` implementation and confirm the exact APDU sequence / lock command.\\\n2. **Real-card validation** — run the pipeline against a real JCOP 4.5 sample to validate the self-derived SCP03 test vector and the R-ENC path.\\\n\\\n---\\\n\\\n\"],[0,\"## Conta\"]],\"start1\":559,\"start2\":559,\"length1\":16,\"length2\":2797},{\"diffs\":[[0,\"2:01\"],[-1,\".123\"],[0,\"Z\\\",\\\n\"]],\"start1\":7391,\"start2\":7391,\"length1\":12,\"length2\":8},{\"diffs\":[[0,\"--|\\\n\"],[-1,\"| `pcsc` | Windows Smart Card API (WinSCard.dll) |\\\n\"],[0,\"| `a\"]],\"start1\":9496,\"start2\":9496,\"length1\":59,\"length2\":8},{\"diffs\":[[0,\"\\\n| `\"],[-1,\"serde` / `serde_json` | KLMS JSON parsing |\\\n| `reqwest` | KLMS REST API client (with mTLS) |\\\n| `zeroize` | Secure memory wiping after ISD lock |\\\n| `hex` | APDU debugging |\\\n| `tracing` | Structured logging |\\\n\\\n### Key Code: Memory Zeroization\\\n```rust\\\nuse zeroize::Zeroize;\\\n\\\nstruct CardStaticKeys {\\\n s_enc: [u8; 16],\\\n s_mac: [u8; 16],\\\n s_dek: [u8; 16],\\\n}\\\n\\\nimpl Zeroize for CardStaticKeys {\\\n fn zeroize(&mut self) {\\\n self.s_enc.zeroize();\\\n self.s_mac.zeroize();\\\n self.s_dek.zeroize();\\\n }\\\n}\\\n```\\\n\\\n### Key Code: Session Key Derivation\\\n```rust\\\nuse aes::Aes128;\\\nuse cmac::{Cmac, Mac};\\\n\\\ntype Aes128Cmac = Cmac;\\\n\\\nlet mut mac = Aes128Cmac::new_from_slice(&s_enc).unwrap();\\\nmac.update(&build_kdf3_input(Label::Enc, &session_context));\\\nlet ses_enc = mac.finalize().into_bytes();\\\n```\"],[1,\"cipher` | Block cipher traits |\\\n| `zeroize` | Secure memory wiping after ISD lock |\\\n| `subtle` | Constant-time comparisons |\\\n| `time` | ISO-8601 timestamps for audit records |\\\n| `getrandom` | CSPRNG host challenge |\\\n| `serde` / `serde_json` | KLMS JSON parsing |\\\n| `hex` | Hex encode/decode |\\\n| `tracing` | Structured logging |\\\n| `clap` | CLI argument parsing |\\\n| `tokio` | Async runtime |\\\n| `async-trait` | Async trait for `ProvisioningSource` |\"],[0,\"\\\n\\\n--\"]],\"start1\":9631,\"start2\":9631,\"length1\":820,\"length2\":454},{\"diffs\":[[0,\"nce\\\n\\\n1. \"],[1,\"~~\"],[0,\"Procure \"]],\"start1\":11539,\"start2\":11539,\"length1\":16,\"length2\":18},{\"diffs\":[[0,\"ion eval\"],[1,\"~~\"],[0,\"\\\n2. \"],[1,\"~~\"],[0,\"Build mi\"]],\"start1\":11638,\"start2\":11638,\"length1\":20,\"length2\":24},{\"diffs\":[[0,\"ATA APDU\"],[1,\"s~~ *(mock transport covers this headless)*\"],[0,\"\\\n3. \"],[1,\"~~\"],[0,\"Implemen\"]],\"start1\":11728,\"start2\":11728,\"length1\":20,\"length2\":65},{\"diffs\":[[0,\" vectors\"],[1,\"~~ ✅\"],[0,\"\\\n4. \"],[1,\"~~\"],[0,\"Implemen\"]],\"start1\":11871,\"start2\":11871,\"length1\":20,\"length2\":26},{\"diffs\":[[0,\"essaging\"],[-1,\"\\\n5\"],[1,\"~~ ✅\\\n5. ~~Implement ISD locking and memory zeroization~~ ✅\\\n6. Implement file container parser (awaiting sample containers)\\\n7\"],[0,\". Integr\"]],\"start1\":11992,\"start2\":11992,\"length1\":18,\"length2\":140},{\"diffs\":[[0,\"LS)\\\n\"],[-1,\"6. Implement ISD locking and memory zeroization\\\n7\"],[1,\"8\"],[0,\". En\"]],\"start1\":12175,\"start2\":12175,\"length1\":57,\"length2\":9},{\"diffs\":[[0,\"5-06-08)\"],[1,\". Updated 2026-06-15 with implementation status.\"],[0,\"*\"]],\"start1\":12278,\"start2\":12278,\"length1\":9,\"length2\":57}]" metadata_diff: {"new":{},"deleted":[]} encryption_cipher_text: encryption_applied: 0 updated_time: 2026-06-15T11:16:55.470Z created_time: 2026-06-15T11:16:55.470Z type_: 13