The Mini KMS (Key Management Service) is a lightweight, HTTP-based service designed for efficient and secure key management. Leveraging the robust Aries Askar library for key storage and management, this service provides an API for generating, retrieving, and deleting cryptographic keys. Built on the high-performance FastAPI framework, it offers rapid HTTP request handling and automatic API documentation.
This service is currently intended as a simple test stand in for more "complete" KMS solutions. The Askar store is held in a SQLite in-memory database; once the container shuts down, all generated keys will disappear.
The service supports a range of cryptographic operations, including key generation and signing, utilizing various algorithms as specified by the Aries Askar KeyAlg. All data is securely handled in-memory, ensuring fast access and enhanced security by avoiding disk-based storage vulnerabilities.
- In-memory Key Storage: Utilizes SQLite in-memory database for transient storage of cryptographic keys, ensuring fast access and improved security.
- RESTful API: Offers a simple and intuitive API for key management operations, including generating, retrieving, deleting keys, and signing messages.
- Automatic API Documentation: Leverages FastAPI's capability to auto-generate Swagger UI documentation, making it easy to test and integrate the service.
- Docker Support: Includes a Dockerfile for easy building and deployment, allowing the service to be containerized and run in any environment supporting Docker.
- Docker installed on your system.
-
Build the Docker image:
docker build -t mini-kms . -
Run the service:
docker run --rm -it -p 8080:80 mini-kms
This will start the Mini KMS service, binding it to port 8080 on your local machine. The service is now ready to accept API requests.
Once the service is running, you can access the API documentation and try out the API by navigating to http://localhost:8080/docs in your web browser. This page provides an interactive Swagger UI where you can execute API calls directly and view their responses.
Please feel free to submit issues or pull requests on our GitHub repository. For major changes, please open an issue first to discuss what you would like to change.