Lib.rs

Security
#cosmian #key-management #kms

cosmian_kms_client

Cosmian KMS REST Client

by Emmanuel Coste, Bruno Grieder and 18 contributors

16 stable releases

Uses new Rust 2024

new 5.14.1 Dec 26, 2025
5.12.1 Nov 28, 2025
5.6.1 Jul 28, 2025
0.4.0 May 9, 2025

#109 in Security

Download history 61/week @ 2025-08-29 308/week @ 2025-09-05 231/week @ 2025-09-12 102/week @ 2025-09-19 83/week @ 2025-09-26 45/week @ 2025-10-03 51/week @ 2025-10-10 173/week @ 2025-10-17 201/week @ 2025-10-24 53/week @ 2025-10-31 47/week @ 2025-11-07 92/week @ 2025-11-14 61/week @ 2025-11-21 110/week @ 2025-11-28 240/week @ 2025-12-05 175/week @ 2025-12-12

608 downloads per month
Used in 7 crates (2 directly)

BUSL-1.1

180KB
3K SLoC

Cosmian KMS Client

The KMS Client crate provides a high-level Rust client library for communicating with the Cosmian KMS server. It offers a convenient and type-safe interface for all KMS operations.

Overview

This crate provides a comprehensive client library that handles:

  • HTTP Communication: Secure HTTPS communication with the KMS server
  • Authentication: Support for various authentication mechanisms
  • Request/Response Handling: Automatic serialization and deserialization
  • Error Management: Comprehensive error handling and reporting
  • Configuration Management: Flexible client configuration options

Features

Core Functionality

  • Key Management: Generate, import, export, and manage cryptographic keys
  • Certificate Operations: Handle X.509 certificates and PKI operations
  • Cryptographic Operations: Encryption, decryption, signing, and verification
  • Batch Operations: Efficient bulk operations for large datasets
  • Object Management: Store and retrieve arbitrary cryptographic objects

Authentication Support

  • API Keys: Simple API key authentication
  • OAuth 2.0: Integration with OAuth 2.0 providers
  • Certificate Authentication: Client certificate-based authentication
  • Custom Headers: Support for custom authentication headers

Communication Features

  • HTTPS: Secure communication with TLS/SSL
  • Connection Pooling: Efficient connection reuse
  • Timeout Configuration: Configurable request timeouts
  • Retry Logic: Automatic retry for transient failures
  • Compression: Optional response compression

Dependencies

Core Dependencies

  • cosmian_kms_client_utils: Shared client utilities
  • cosmian_kmip: KMIP protocol implementation
  • reqwest: HTTP client library
  • tokio: Async runtime
  • serde: Serialization framework

Optional Dependencies

  • rustls: TLS implementation
  • native-tls: Native TLS support
  • cosmian_config_utils: Configuration utilities

Feature Flags

  • rustls: Use rustls for TLS (default)
  • native-tls: Use system TLS implementation
  • non-fips: Enable non-FIPS features

Building

# Default build
cargo build

# With native TLS
cargo build --features native-tls

# With non-FIPS features
cargo build --features non-fips

Testing

# Run unit tests
cargo test --lib

# Run integration tests (requires running KMS server)
cargo test --test integration_tests

Examples

See the examples/ directory for more comprehensive examples:

  • Basic Operations: Simple key management operations
  • Batch Operations: Bulk import/export operations
  • Certificate Management: PKI operations
  • Custom Authentication: Advanced authentication scenarios

License

This crate is part of the Cosmian KMS project and is licensed under the Business Source License 1.1 (BUSL-1.1).

Dependencies

~42–62MB
~1M SLoC