feat: initialize API layer for key management system

agent_api_http/openapi.yaml

@@ -1396,6 +1396,111 @@ paths:
         "201":
           description: Linked VP service created successfully
 
+  /v0/keys/generate-new-key:
+    post:
+      tags:
+        - Identity
+      summary: Generate a new key
+      description: Generates a new cryptographic key and stores it in the key management system.
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required:
+                - alias
+              properties:
+                alias:
+                  type: string
+                  description: A human-readable name for this key.
+                  example: "my-signing-key-01"
+                signatureAlgorithm:
+                  type: string
+                  description: The signature algorithm to use for this key. Defaults to Ed25519 if not specified.
+                  example: "Ed25519"
+
+  /v0/keys/remove-key:
+    post:
+      tags:
+        - Identity
+      summary: Remove an existing key
+      description: Removes an existing cryptographic key from the key management system.
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required:
+                - keyId
+              properties:
+                keyId:
+                  type: string
+                  description: The ID of the key to remove.
+                  example: "a81bc81b-d7a7-4e5d-abff-90865d1e13b1"
+
+  /v0/keys/rename-key-alias:
+    post:
+      tags:
+        - Identity
+      summary: Rename the alias of a key
+      description: Renames the human-readable alias of an existing cryptographic key in the key management system.
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required:
+                - keyId
+                - newAlias
+              properties:
+                keyId:
+                  type: string
+                  description: The ID of the key to rename.
+                  example: "a81bc81b-d7a7-4e5d-abff-90865d1e13b1"
+                newAlias:
+                  type: string
+                  description: The new alias for the key.
+                  example: "my-new-key-alias"
+
+  /v0/keys/set-signing-key:
+    post:
+      tags:
+        - Identity
+      summary: Set a key as the active signing key
+      description: Designates a specific managed key to be used for signing operations.
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required:
+                - keyId
+              properties:
+                keyId:
+                  type: string
+                  description: The ID of the key to set as the signing key.
+                  example: "a81bc81b-abcd-4e5d-abff-90865d1e13b1"
+
+  /v0/keys/list-all:
+    get:
+      tags:
+        - Identity
+      summary: List all managed keys
+      description: Retrieves a list of all cryptographic keys managed by the key management system.
+      responses:
+        "200":
+          description: Keys retrieved successfully
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  type: object
+
   /auth/token:
     post:
       summary: Standard OAuth 2.0 endpoint for fetching a token

agent_api_http/postman/ssi-agent.postman_collection.json

@@ -1,9 +1,10 @@
 {
 	"info": {
-		"_postman_id": "e9b3fbae-f20e-4957-9d3a-6a310f5fda62",
+		"_postman_id": "4da8f32a-5645-4785-911d-5c2c729e2092",
 		"name": "ssi-agent",
 		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
-		"_exporter_id": "38461474"
+		"_exporter_id": "41786572",
+		"_collection_link": "https://impierce-technologies-bv.postman.co/workspace/New-Team-Workspace~1aa38760-77fc-4608-a1f5-e8a6fdaa0ad9/collection/41786572-4da8f32a-5645-4785-911d-5c2c729e2092?action=share&source=collection_link&creator=41786572"
 	},
 	"item": [
 		{
@@ -2281,6 +2282,152 @@
 					"response": []
 				}
 			]
+		},
+		{
+			"name": "v1",
+			"item": [
+				{
+					"name": "Identity",
+					"item": [
+						{
+							"name": "Keys",
+							"item": [
+								{
+									"name": "Generate Key",
+									"request": {
+										"method": "POST",
+										"header": [],
+										"body": {
+											"mode": "raw",
+											"raw": "{\n    \"alias\": \"An Example Alias\",\n    \"signingAlgorithm\": \"ES256\"\n}",
+											"options": {
+												"raw": {
+													"language": "json"
+												}
+											}
+										},
+										"url": {
+											"raw": "{{HOST}}/v0/keys/generate-new-key",
+											"host": [
+												"{{HOST}}"
+											],
+											"path": [
+												"v0",
+												"keys",
+												"generate-new-key"
+											]
+										}
+									},
+									"response": []
+								},
+								{
+									"name": "Remove Key",
+									"request": {
+										"method": "POST",
+										"header": [],
+										"body": {
+											"mode": "raw",
+											"raw": "{\n    \"keyId\": \"your-managed-key-id\"\n}",
+											"options": {
+												"raw": {
+													"language": "json"
+												}
+											}
+										},
+										"url": {
+											"raw": "{{HOST}}/v0/keys/remove-key",
+											"host": [
+												"{{HOST}}"
+											],
+											"path": [
+												"v0",
+												"keys",
+												"remove-key"
+											]
+										}
+									},
+									"response": []
+								},
+								{
+									"name": "Rename Key Alias",
+									"request": {
+										"method": "POST",
+										"header": [],
+										"body": {
+											"mode": "raw",
+											"raw": "{\n    \"keyId\": \"your-managed-key-id\",\n    \"newAlias\": \"new-key-alias\"\n}",
+											"options": {
+												"raw": {
+													"language": "json"
+												}
+											}
+										},
+										"url": {
+											"raw": "{{HOST}}/v0/keys/rename-key-alias",
+											"host": [
+												"{{HOST}}"
+											],
+											"path": [
+												"v0",
+												"keys",
+												"rename-key-alias"
+											]
+										}
+									},
+									"response": []
+								},
+								{
+									"name": "Set Signing Key",
+									"request": {
+										"method": "POST",
+										"header": [],
+										"body": {
+											"mode": "raw",
+											"raw": "{\n    \"keyId\": \"your-managed-key-id\"\n}",
+											"options": {
+												"raw": {
+													"language": "json"
+												}
+											}
+										},
+										"url": {
+											"raw": "{{HOST}}/v0/keys/set-signing-key",
+											"host": [
+												"{{HOST}}"
+											],
+											"path": [
+												"v0",
+												"keys",
+												"set-signing-key"
+											]
+										}
+									},
+									"response": []
+								},
+								{
+									"name": "List all Keys",
+									"request": {
+										"method": "GET",
+										"header": [],
+										"url": {
+											"raw": "{{HOST}}/v0/keys/list-all",
+											"host": [
+												"{{HOST}}"
+											],
+											"path": [
+												"v0",
+												"keys",
+												"list-all"
+											]
+										}
+									},
+									"response": []
+								}
+							]
+						}
+					]
+				}
+			]
 		}
 	],
 	"auth": {

agent_api_http/src/lib.rs

@@ -1,10 +1,12 @@
 pub mod v0;
+pub mod v1;
 
 pub mod error;
 pub mod handlers;
 pub mod metrics;
 pub mod utils;
 
+use crate::v1::identity::IdentityContext;
 use agent_authorization::state::AuthorizationState;
 use agent_holder::state::HolderState;
 use agent_identity::{
@@ -55,13 +57,24 @@ pub fn app(
         issuance_state,
         holder_state,
         verification_state,
-
-        key_generation_saga: _,
-        key_removal_saga: _,
+        key_generation_saga,
+        key_removal_saga,
     }: ApplicationState,
 ) -> Router {
+    let v1_identity_router = match (identity_state.clone(), key_generation_saga, key_removal_saga) {
+        (Some(state), Some(gen_saga), Some(rem_saga)) => {
+            let context = IdentityContext {
+                state,
+                key_generation_saga: gen_saga,
+                key_removal_saga: rem_saga,
+            };
+            v1::identity::router(context)
+        }
+        _ => Router::new(),
+    };
     let app = Router::new()
         .merge(identity_state.map(v0::identity::router).unwrap_or_default())
+        .merge(v1_identity_router)
         .merge(library_state.map(v0::library::router).unwrap_or_default())
         .merge(
             authorization_state

agent_api_http/src/v0/identity/mod.rs

@@ -7,6 +7,10 @@ pub mod well_known;
 
 pub mod error;
 
+use crate::{
+    v0::identity::profiles::{get_profile, patch_profile},
+    API_VERSION,
+};
 use agent_identity::state::IdentityState;
 use axum::{
     routing::{get, post},
@@ -18,11 +22,6 @@ use services::{linked_vp::linked_vp, service, services};
 use std::sync::Arc;
 use well_known::{did::did, did_configuration::did_configuration};
 
-use crate::{
-    v0::identity::profiles::{get_profile, patch_profile},
-    API_VERSION,
-};
-
 pub fn router(identity_state: Arc<IdentityState>) -> Router {
     Router::new()
         .nest(