{"id":19122866,"url":"https://github.com/digitalbazaar/bedrock-kms-http","last_synced_at":"2025-05-05T18:26:29.834Z","repository":{"id":39708352,"uuid":"170735775","full_name":"digitalbazaar/bedrock-kms-http","owner":"digitalbazaar","description":"HTTP APIs for Bedrock Key Management","archived":false,"fork":false,"pushed_at":"2025-04-11T20:32:16.000Z","size":443,"stargazers_count":2,"open_issues_count":6,"forks_count":2,"subscribers_count":11,"default_branch":"main","last_synced_at":"2025-05-05T18:26:23.008Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/digitalbazaar.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-02-14T18:06:47.000Z","updated_at":"2025-04-11T20:32:20.000Z","dependencies_parsed_at":"2024-08-02T06:25:45.486Z","dependency_job_id":"0245dc2f-ae14-429e-9a9c-812f2e0507e9","html_url":"https://github.com/digitalbazaar/bedrock-kms-http","commit_stats":{"total_commits":580,"total_committers":9,"mean_commits":64.44444444444444,"dds":0.4620689655172414,"last_synced_commit":"7c9ccb07747688d6fc88473e83eb391fe6521cff"},"previous_names":[],"tags_count":59,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalbazaar%2Fbedrock-kms-http","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalbazaar%2Fbedrock-kms-http/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalbazaar%2Fbedrock-kms-http/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalbazaar%2Fbedrock-kms-http/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/digitalbazaar","download_url":"https://codeload.github.com/digitalbazaar/bedrock-kms-http/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252552070,"owners_count":21766632,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-09T05:23:19.001Z","updated_at":"2025-05-05T18:26:29.812Z","avatar_url":"https://github.com/digitalbazaar.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Bedrock Key Management System API module _(@bedrock/kms-http)_\n\u003e HTTP APIs for Bedrock Key Management.\n\n## Table of Contents\n\n- [Install](#install)\n- [Usage](#usage)\n- [Contribute](#contribute)\n- [Commercial Support](#commercial-support)\n- [License](#license)\n\n## Install\n\n- Node.js 18+ is required.\n\n### NPM\n\nTo install via NPM:\n\n```\nnpm install @bedrock/kms-http\n```\n\n### Development\n\nTo install locally (for development):\n\n```\ngit clone https://github.com/digitalbazaar/bedrock-kms-http.git\ncd bedrock-kms-http\nnpm install\n```\n\n## Usage\n\nIn `lib/index.js` (or `main.js`, as appropriate):\n\n```js\nimport 'bedrock-kms-http';\n```\n\n### KMS HTTP API\n\nThis module exposes the following API endpoints.\n\n#### Create a Keystore - `POST /kms/keystores`\n\n#### Request Example:\n```\n{\n  sequence: 0,\n  controller: 'did:key:z6MkoyZVQSetDxU66AsfinUPzgSEu5N9Jf1anHEY4YCzcE54',\n  meterId: 'https://localhost:18443/meters/z19ygjQcNmQ9AbG7hCF39Kizs',\n  kmsModule: 'ssm-v1'\n}\n```\n\n#### Headers\n```\n{\n  accept: 'application/ld+json, application/json',\n  host: 'localhost:18443',\n  'capability-invocation': 'zcap id=\"urn:zcap:root:https%3A%2F%2Flocalhost%3A18443%2Fkms%2Fkeystores\",action=\"write\"',\n  digest: 'mh=uEiAWwH_YYtljJn-tba5XZ_s5k9lcFoJW9Mg8EdPY3ShEvQ',\n  'content-type': 'application/json',\n  authorization: 'Signature keyId=\"did:key:z6MkoyZVQSetDxU66AsfinUPzgSEu5N9Jf1anHEY4YCzcE54#z6MkoyZVQSetDxU66AsfinUPzgSEu5N9Jf1anHEY4YCzcE54\",headers=\"(key-id) (created) (expires) (request-target) host capability-invocation content-type digest\",signature=\"hTFuyAyfdwmTRJ1DmK2AVgDZ+RCQYsc5n9YF///5t4QY3VaTtUGWRDWQHRTSMGHybda782fCW9XczmIJEMfFDQ==\",created=\"1638504433\",expires=\"1638505033\"'\n}\n```\n\n#### Response Example:\n```\n{\n  id: 'https://localhost:18443/kms/keystores/z1AByGXEmfZnyG8rgM3aVpYxG',\n  meterId: 'https://localhost:18443/meters/z19ygjQcNmQ9AbG7hCF39Kizs',\n  sequence: 0,\n  controller: 'did:key:z6MkoyZVQSetDxU66AsfinUPzgSEu5N9Jf1anHEY4YCzcE54',\n  kmsModule: 'ssm-v1'\n}\n```\n\n#### Update Keystore Config - `POST /kms/keystores/:keystoreId`\n\n#### Request Example:\n```\n{\n  controller: 'did:key:z6MknP29cPcQ7G76MWmnsuEEdeFya8ij3fXvJcTJYLXadmp9',\n  id: 'https://localhost:18443/kms/keystores/z19xPXyqB3dnqKZ7BtVFvqSLH',\n  sequence: 1\n}\n```\n\n#### Headers\n```\n{\n  accept: 'application/ld+json, application/json',\n  host: 'localhost:18443',\n  'capability-invocation': 'zcap id=\"urn:zcap:root:https%3A%2F%2Flocalhost%3A18443%2Fkms%2Fkeystores%2Fz19xPXyqB3dnqKZ7BtVFvqSLH\",action=\"write\"',\n  digest: 'mh=uEiDiFdv-C0VNNIvltnoIxwqUA5crG1H42OyvQtPRa7mjvw',\n  'content-type': 'application/json',\n  authorization: 'Signature keyId=\"did:key:z6MkqnGN2jgckeejguN28RE1SM5a1rwu9nigkY5PhSQuTybX#z6MkqnGN2jgckeejguN28RE1SM5a1rwu9nigkY5PhSQuTybX\",headers=\"(key-id) (created) (expires) (request-target) host capability-invocation content-type digest\",signature=\"6i3yXShQMQ8H+XFJpUEi0WcO7hcrcpdApuyU2WrSAm0bMuAby+pZKSt+ACBWRrpocEaxAa6lwefvtGVYVXO7BQ==\",created=\"1638505029\",expires=\"1638505629\"'\n}\n```\n\n#### Response Example:\n```\n{\n  success: true,\n  config: {\n    controller: 'did:key:z6MknP29cPcQ7G76MWmnsuEEdeFya8ij3fXvJcTJYLXadmp9',\n    id: 'https://localhost:18443/kms/keystores/z19xPXyqB3dnqKZ7BtVFvqSLH',\n    sequence: 1,\n    meterId: 'https://localhost:18443/meters/z19zMxFgrtXrR3RArhogVQ78T',\n    kmsModule: 'ssm-v1'\n  }\n}\n```\n\n#### Get Keystore Config - `GET /kms/keystores/:keystoreId`\n\n#### Request Example:\n\n#### Headers\n```\n{\n  accept: 'application/ld+json, application/json',\n  host: 'localhost:18443',\n  'capability-invocation': 'zcap id=\"urn:zcap:root:https%3A%2F%2Flocalhost%3A18443%2Fkms%2Fkeystores%2Fz1A2Dahs56An4rttS3t2QKi69\",action=\"read\"',\n  authorization: 'Signature keyId=\"did:key:z6MkoyZVQSetDxU66AsfinUPzgSEu5N9Jf1anHEY4YCzcE54#z6MkoyZVQSetDxU66AsfinUPzgSEu5N9Jf1anHEY4YCzcE54\",headers=\"(key-id) (created) (expires) (request-target) host capability-invocation\",signature=\"P8ZYsAO/oQPllqRCW4GJdKwHhGfk53li88pzySd2jJVhNJCkxwPVNTGS0CsK/tK1cLvwjUABUqO2VUlP//T3DA==\",created=\"1638505290\",expires=\"1638505890\"'\n}\n```\n\n#### Response Example:\n```\n{\n  id: 'https://localhost:18443/kms/keystores/z1A2Dahs56An4rttS3t2QKi69',\n  meterId: 'https://localhost:18443/meters/z19zMxFgrtXrR3RArhogVQ78T',\n  sequence: 0,\n  controller: 'did:key:z6MkoyZVQSetDxU66AsfinUPzgSEu5N9Jf1anHEY4YCzcE54',\n  kmsModule: 'ssm-v1'\n}\n```\n\n#### Generate a new Key - `POST /kms/keystores/:keystoreId/keys`\n\n#### Request Example:\n```\n{\n  '@context': [\n    'https://w3id.org/webkms/v1',\n    'https://w3id.org/security/suites/ed25519-2020/v1'\n  ],\n  type: 'GenerateKeyOperation',\n  invocationTarget: { type: 'Ed25519VerificationKey2020' }\n}\n```\n\n#### Headers:\n```\n{\n  accept: 'application/ld+json, application/json',\n  host: 'localhost:18443',\n  'capability-invocation': 'zcap id=\"urn:zcap:root:https%3A%2F%2Flocalhost%3A18443%2Fkms%2Fkeystores%2Fz19mH7zKauTKBWS3831MyWM2f\",action=\"generateKey\"',\n  digest: 'mh=uEiC4fs8V2JzjgB25wxRhyKGc17b0yu-JvjnYF6IutYMEzQ',\n  'content-type': 'application/json',\n  authorization: 'Signature keyId=\"did:key:z6MkoSN3SbRHZAFdYwphhgHhuLXdBCMu7Yoam5H436b1PZAp#z6MkoSN3SbRHZAFdYwphhgHhuLXdBCMu7Yoam5H436b1PZAp\",headers=\"(key-id) (created) (expires) (request-target) host capability-invocation content-type digest\",signature=\"fntyQjEsGMIOwh7OftKS76yJ/1wpx+3eVWJjIToqcfJPOlmuU3DZmbag4bZ3cw3weLg4kDYQNxsJ8nNVtpd4DQ==\",created=\"1638506601\",expires=\"1638507201\"'\n}\n```\n#### Response Example:\n```\n{\n  id: 'https://localhost:18443/kms/keystores/z19mH7zKauTKBWS3831MyWM2f/keys/z1A3XvbwPFZ5WceoeXcQMzBZ5',\n  type: 'Ed25519VerificationKey2020',\n  '@context': 'https://w3id.org/security/suites/ed25519-2020/v1',\n  publicKeyMultibase: 'z6MknYsXcwi19ohJKGu5RHzxAkyVDGCP3ggpHY2FqxNFFyZb'\n}\n```\n\n#### Invoke KMS Operation on Existing Key - `POST /kms/keystores/:keystoreId/keys/:keyId`\n\n#### Request Example:\n```\n{\n  '@context': 'https://w3id.org/webkms/v1',\n  type: 'SignOperation',\n  invocationTarget: 'https://localhost:18443/kms/keystores/z19zhh4xhWEeBn7u5NXQaeU2e/keys/z1A4nmgJS9XkDAsDDHFhAEba3',\n  verifyData: 'aGVsbG8'\n}\n```\n\n#### Headers\n```\n{\n  accept: 'application/ld+json, application/json',\n  host: 'localhost:18443',\n  'capability-invocation': 'zcap id=\"urn:zcap:root:https%3A%2F%2Flocalhost%3A18443%2Fkms%2Fkeystores%2Fz19zhh4xhWEeBn7u5NXQaeU2e\",action=\"sign\"',\n  digest: 'mh=uEiADFF5OnUq5SCTrVVBSAMP5DpXfSF7f1bIH-SrX6S9Fdw',\n  'content-type': 'application/json',\n  authorization: 'Signature keyId=\"did:key:z6MkoyZVQSetDxU66AsfinUPzgSEu5N9Jf1anHEY4YCzcE54#z6MkoyZVQSetDxU66AsfinUPzgSEu5N9Jf1anHEY4YCzcE54\",headers=\"(key-id) (created) (expires) (request-target) host capability-invocation content-type digest\",signature=\"upDUCqfbaIqixWmFjnHq/NIY2/r5TserYAQMOEkiwoUIyHgww/auN+cMYqH7x23cmymfmDIlDqqoE+Pi06j+AQ==\",created=\"1638508033\",expires=\"1638508633\"'\n}\n```\n\n\n#### Response Example:\n```\n{ signatureValue: 'qtL549jF562rlea6oQBzIKYCZeOPFX9OBzmn3iSzOpI' }\n```\n\n#### Get Public Key Description - `GET /kms/keystores/:keystoreId/keys/:keyId`\n\n#### Request Example:\n\n#### Headers\n```\n{\n  accept: 'application/ld+json, application/json',\n  host: 'localhost:18443',\n  'capability-invocation': 'zcap id=\"urn:zcap:root:https%3A%2F%2Flocalhost%3A18443%2Fkms%2Fkeystores%2Fz1AEdRUJm7Ld4xBNBKkAGHjzZ%2Fkeys%2Fz1A5vBtppSSaS1svFyQb6Ezwj\",action=\"read\"',\n  authorization: 'Signature keyId=\"did:key:z6MkhRjrvpEAxh8oSWsPgMdP28xvrotsDBCvcwTtbUuUEp38#z6MkhRjrvpEAxh8oSWsPgMdP28xvrotsDBCvcwTtbUuUEp38\",headers=\"(key-id) (created) (expires) (request-target) host capability-invocation\",signature=\"gmB9DXTu29QKO4FlHXcEJGHMjaRpvXosRw+KeShiDB9YU2kwjMdd7eMT15TgeKzN3K5eqbEyEWh0NCgT/ULFAA==\",created=\"1638539438\",expires=\"1638540038\"'\n}\n```\n\n#### Response Example:\n```\n{\n  '@context': 'https://w3id.org/security/suites/ed25519-2020/v1',\n  id: 'https://localhost:18443/kms/keystores/z1AEdRUJm7Ld4xBNBKkAGHjzZ/keys/z1A5vBtppSSaS1svFyQb6Ezwj',\n  type: 'Ed25519VerificationKey2020',\n  publicKeyMultibase: 'z6MkuP4PkTPZy2KvictPAsAHAbH6Umw9tsRJzmpGR65brddP'\n}\n```\n\n#### Insert a Revocation - `POST /kms/keystores/:keystoreId/revocations/:zcapId`\n\n#### Request Example:\n```\n{\n  '@context': [\n    'https://w3id.org/zcap/v1',\n    'https://w3id.org/security/suites/ed25519-2020/v1'\n  ],\n  id: 'urn:zcap:38c42aff-76e0-4624-88dc-0341fe3f9ccd',\n  invoker: 'did:key:z6MkootHWoSfwsPz1E3pE3aALJCEiawN1XNf4CPoUNeUEgY8#z6MkootHWoSfwsPz1E3pE3aALJCEiawN1XNf4CPoUNeUEgY8',\n  parentCapability: 'urn:zcap:45bbf83c-bb97-474d-9a54-f4dac1e257ad',\n  allowedAction: 'sign',\n  invocationTarget: {\n    publicAlias: 'did:key:z6Mkf8beJEDMQM77i12Siuw8UwuidEin6qvUQH65EBs3VqcW#z6Mkf8beJEDMQM77i12Siuw8UwuidEin6qvUQH65EBs3VqcW',\n    id: 'https://localhost:18443/kms/keystores/z19zzGxGeo6Z4FhqhP1ZJZhNp/keys/z19qdYFKqymy8BoPpdfSkeRrZ',\n    type: 'Ed25519VerificationKey2020'\n  },\n  proof: {\n    type: 'Ed25519Signature2020',\n    created: '2021-12-03T00:54:36Z',\n    verificationMethod: 'did:key:z6MkfrMHgiLotA5tX5JqtmQw1WmtmHCay7eY651TQzKdHAcB#z6MkfrMHgiLotA5tX5JqtmQw1WmtmHCay7eY651TQzKdHAcB',\n    proofPurpose: 'capabilityDelegation',\n    capabilityChain: [\n      'urn:zcap:root:https%3A%2F%2Flocalhost%3A18443%2Fkms%2Fkeystores%2Fz19zzGxGeo6Z4FhqhP1ZJZhNp',\n      [Object]\n    ],\n    proofValue: 'z5UMPNnR2sXv5tZ4XVrRjGqwh6zPchrcNBgedXDS4XEnSgeQAFEuiAx89nUcxDZV2e2Tb17cZKoLvyvSdRorKHoHw'\n  }\n}\n```\n\n#### Headers\n```\n{\n  accept: 'application/ld+json, application/json',\n  host: 'localhost:18443',\n  'capability-invocation': 'zcap id=\"urn:zcap:root:https%3A%2F%2Flocalhost%3A18443%2Fkms%2Fkeystores%2Fz1ADWeUn1vp2oTr33SaSoiiDj%2Frevocations%2Furn%253Azcap%253A61f9fce0-595d-4763-9854-c5db561e6981\",action=\"write\"',\n  digest: 'mh=uEiCQYBu8dlESvD_MO4VxN3FcJMuSRg1HRh3B-ciaEHpsxQ',\n  'content-type': 'application/json',\n  authorization: 'Signature keyId=\"did:key:z6MkprpMfcYbjbCmhb84TWwhkwevqTX67EQvd7bdLTJ3DkA6#z6MkprpMfcYbjbCmhb84TWwhkwevqTX67EQvd7bdLTJ3DkA6\",headers=\"(key-id) (created) (expires) (request-target) host capability-invocation content-type digest\",signature=\"Z5DUpumlZYK3UplUDjz4szzWf+XO3zHd/Y6/wPMtUQn+7ZxNoLRa7Ny589CNASxYS7kg9Hv9KDF+R8wtiCJhAg==\",created=\"1638492060\",expires=\"1638492660\"'\n}\n```\n\n## Contribute\n\nSee [the contribute file](https://github.com/digitalbazaar/bedrock/blob/master/CONTRIBUTING.md)!\n\nPRs accepted.\n\nIf editing the Readme, please conform to the\n[standard-readme](https://github.com/RichardLitt/standard-readme) specification.\n\n## Commercial Support\n\nCommercial support for this library is available upon request from\nDigital Bazaar: support@digitalbazaar.com\n\n## License\n\n[Bedrock Non-Commercial License v1.0](LICENSE.md) © Digital Bazaar\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdigitalbazaar%2Fbedrock-kms-http","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdigitalbazaar%2Fbedrock-kms-http","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdigitalbazaar%2Fbedrock-kms-http/lists"}