# Keymaster
Secure API key management for the various APIs you use, with support for OpenAI, Anthropic, Stability AI, and DeepSeek. Addional support for any other API service you want to add.
## Features
- ✅ Secure key storage using macOS Keychain
- ✅ Multiple environment support (dev/staging/prod)
- ✅ Interactive service and environment selection
- ✅ Encrypted audit logging with timestamps
- ✅ API key validation and testing
- ✅ Key rotation support
- ✅ Environment file generation
- ✅ Case-insensitive service names
- ✅ Secure key backup during replacement
- ✅ SQLite metadata storage
- ✅ Direct API integration with:
- OpenAI
- Anthropic
- Stability AI
- DeepSeek
## Requirements
- Python 3.11 or higher
- Supported Operating Systems:
- macOS: Uses Keychain
- Linux: Uses SecretService (GNOME Keyring/KWallet)
- Windows: Uses Windows Credential Locker
- Internet connection for API validation
## Installation
1. Create and activate a virtual environment:
```bash
python3 -m venv venv
source venv/bin/activate
```
2. Install from source:
```bash
git clone https://github.com/joeazure/keymaster.git
cd keymaster
pip install -e .
```
## Usage
### Initialize Keymaster
```bash
keymaster init
```
This will:
- Create necessary directories (~/.keymaster)
- Initialize configuration
- Set up logging
- Verify keychain access
- Create SQLite database
### Managing API Keys
#### Add a Key
```bash
# Interactive mode
keymaster add-key
# Non-interactive mode
keymaster add-key --service openai --environment dev --api_key <your_api_key>
# Force replace existing key
keymaster add-key --service openai --environment dev --api_key <your_api_key> --force
```
#### Remove a Key
```bash
# Interactive mode
keymaster remove-key
# Non-interactive mode
keymaster remove-key --service openai --environment dev
```
#### List Keys
```bash
# List all keys
keymaster list-keys
# List keys for specific service
keymaster list-keys --service openai
# Show key values (requires confirmation)
keymaster list-keys --show-values
```
#### Test a Key
```bash
# Interactive mode
keymaster test-key
# Non-interactive mode
keymaster test-key --service openai --environment dev
```
### Environment File Generation
```bash
# Interactive mode
keymaster generate-env
# Non-interactive mode
keymaster generate-env --service openai --environment dev --output .env
```
### Configuration Management
```bash
# Show current configuration
keymaster config show
# Reset configuration
keymaster config reset
```
### Audit Logging
```bash
# View all audit logs
keymaster audit
# Filter by service
keymaster audit --service openai
# Filter by environment
keymaster audit --environment prod
# Filter by date range
keymaster audit --start-date 2024-01-01 --end-date 2024-01-31
# View sensitive data (requires confirmation)
keymaster audit --decrypt
```
## Security Features
- Secure storage in macOS Keychain
- Encrypted audit logs
- Secure key backup before replacement
- SQLite metadata storage
- Automatic directory permission management
- Key validation before storage
- Sensitive data masking in logs
## Directory Structure
```
~/.keymaster/
├── config.yaml # Configuration file
├── logs/
│ ├── keymaster.log # Application logs
│ └── audit.log # Encrypted audit logs
└── db/
└── keymaster.db # SQLite metadata database
```
## Supported Services
- **OpenAI**: API key management for OpenAI services
- **Anthropic**: Claude and other Anthropic API services
- **Stability AI**: Image generation and AI models
- **DeepSeek**: AI language models and services
## Development
### Running Tests
```bash
pip install -e ".[test]" # Install test dependencies
pytest # Run tests with coverage
```
### Contributing
1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Run tests
5. Submit a pull request
## License
Copyright 2024 Joe Azure
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
### CLI Commands
```bash
keymaster init # Initialize in project directory
keymaster add-key # Add new API key
keymaster remove-key # Remove stored key
keymaster list-keys # List available keys
keymaster test-key # Test API key validity
keymaster generate-env # Generate .env file
keymaster rotate-key # Rotate API keys
keymaster audit # View audit log
keymaster config # Manage configuration
keymaster register-provider # Register new API provider
```
### Command Options
#### add-key
```bash
# Interactive mode
keymaster add-key
# Non-interactive mode
keymaster add-key --service openai --environment dev --api_key <your_api_key>
# Force replace existing key
keymaster add-key --service openai --environment dev --api_key <your_api_key> --force
```
#### test-key
```bash
# Test single key
keymaster test-key --service openai --environment dev
# Test all keys
keymaster test-key --all
# Verbose output
keymaster test-key --service openai --environment dev --verbose
```
#### audit
```bash
# View all audit logs
keymaster audit
# Filter by service and environment
keymaster audit --service openai --environment prod
# Filter by date range
keymaster audit --start-date 2024-01-01 --end-date 2024-01-31
# View sensitive data
keymaster audit --decrypt
```
#### register-provider
```bash
# Register new API provider
keymaster register-provider
# Prompts for:
# - Service name
# - Description
# - Test URL (optional)
```
Raw data
{
"_id": null,
"home_page": null,
"name": "keymaster",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.11",
"maintainer_email": null,
"keywords": "security, api-keys, key-management, ai-services",
"author": null,
"author_email": "Joe Azure <jazure@gmail.com>",
"download_url": "https://files.pythonhosted.org/packages/e7/fe/0f353cf56b61afedcfe6bd4fccd511a92734c016e6360ea9f0e0d0ed2906/keymaster-0.1.1.tar.gz",
"platform": null,
"description": "\n\n\n# Keymaster\n\nSecure API key management for the various APIs you use, with support for OpenAI, Anthropic, Stability AI, and DeepSeek. Addional support for any other API service you want to add.\n\n## Features\n\n- \u2705 Secure key storage using macOS Keychain\n- \u2705 Multiple environment support (dev/staging/prod)\n- \u2705 Interactive service and environment selection\n- \u2705 Encrypted audit logging with timestamps\n- \u2705 API key validation and testing\n- \u2705 Key rotation support\n- \u2705 Environment file generation\n- \u2705 Case-insensitive service names\n- \u2705 Secure key backup during replacement\n- \u2705 SQLite metadata storage\n- \u2705 Direct API integration with:\n - OpenAI\n - Anthropic\n - Stability AI\n - DeepSeek\n\n## Requirements\n\n- Python 3.11 or higher\n- Supported Operating Systems:\n - macOS: Uses Keychain\n - Linux: Uses SecretService (GNOME Keyring/KWallet)\n - Windows: Uses Windows Credential Locker\n- Internet connection for API validation\n\n## Installation\n\n1. Create and activate a virtual environment:\n```bash\npython3 -m venv venv\nsource venv/bin/activate\n```\n\n2. Install from source:\n```bash\ngit clone https://github.com/joeazure/keymaster.git\ncd keymaster\npip install -e .\n```\n\n## Usage\n\n### Initialize Keymaster\n```bash\nkeymaster init\n```\nThis will:\n- Create necessary directories (~/.keymaster)\n- Initialize configuration\n- Set up logging\n- Verify keychain access\n- Create SQLite database\n\n### Managing API Keys\n\n#### Add a Key\n```bash\n# Interactive mode\nkeymaster add-key\n\n# Non-interactive mode\nkeymaster add-key --service openai --environment dev --api_key <your_api_key>\n\n# Force replace existing key\nkeymaster add-key --service openai --environment dev --api_key <your_api_key> --force\n```\n\n#### Remove a Key\n```bash\n# Interactive mode\nkeymaster remove-key\n\n# Non-interactive mode\nkeymaster remove-key --service openai --environment dev\n```\n\n#### List Keys\n```bash\n# List all keys\nkeymaster list-keys\n\n# List keys for specific service\nkeymaster list-keys --service openai\n\n# Show key values (requires confirmation)\nkeymaster list-keys --show-values\n```\n\n#### Test a Key\n```bash\n# Interactive mode\nkeymaster test-key\n\n# Non-interactive mode\nkeymaster test-key --service openai --environment dev\n```\n\n### Environment File Generation\n\n```bash\n# Interactive mode\nkeymaster generate-env\n\n# Non-interactive mode\nkeymaster generate-env --service openai --environment dev --output .env\n```\n\n### Configuration Management\n\n```bash\n# Show current configuration\nkeymaster config show\n\n# Reset configuration\nkeymaster config reset\n```\n\n### Audit Logging\n\n```bash\n# View all audit logs\nkeymaster audit\n\n# Filter by service\nkeymaster audit --service openai\n\n# Filter by environment\nkeymaster audit --environment prod\n\n# Filter by date range\nkeymaster audit --start-date 2024-01-01 --end-date 2024-01-31\n\n# View sensitive data (requires confirmation)\nkeymaster audit --decrypt\n```\n\n## Security Features\n\n- Secure storage in macOS Keychain\n- Encrypted audit logs\n- Secure key backup before replacement\n- SQLite metadata storage\n- Automatic directory permission management\n- Key validation before storage\n- Sensitive data masking in logs\n\n## Directory Structure\n\n```\n~/.keymaster/\n\u251c\u2500\u2500 config.yaml # Configuration file\n\u251c\u2500\u2500 logs/\n\u2502 \u251c\u2500\u2500 keymaster.log # Application logs\n\u2502 \u2514\u2500\u2500 audit.log # Encrypted audit logs\n\u2514\u2500\u2500 db/\n \u2514\u2500\u2500 keymaster.db # SQLite metadata database\n```\n\n## Supported Services\n\n- **OpenAI**: API key management for OpenAI services\n- **Anthropic**: Claude and other Anthropic API services\n- **Stability AI**: Image generation and AI models\n- **DeepSeek**: AI language models and services\n\n## Development\n\n### Running Tests\n```bash\npip install -e \".[test]\" # Install test dependencies\npytest # Run tests with coverage\n```\n\n### Contributing\n1. Fork the repository\n2. Create a feature branch\n3. Make your changes\n4. Run tests\n5. Submit a pull request\n\n## License\n\nCopyright 2024 Joe Azure\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n### CLI Commands\n\n```bash\nkeymaster init # Initialize in project directory\nkeymaster add-key # Add new API key\nkeymaster remove-key # Remove stored key\nkeymaster list-keys # List available keys\nkeymaster test-key # Test API key validity\nkeymaster generate-env # Generate .env file\nkeymaster rotate-key # Rotate API keys\nkeymaster audit # View audit log\nkeymaster config # Manage configuration\nkeymaster register-provider # Register new API provider\n```\n\n### Command Options\n\n#### add-key\n```bash\n# Interactive mode\nkeymaster add-key\n\n# Non-interactive mode\nkeymaster add-key --service openai --environment dev --api_key <your_api_key>\n\n# Force replace existing key\nkeymaster add-key --service openai --environment dev --api_key <your_api_key> --force\n```\n\n#### test-key\n```bash\n# Test single key\nkeymaster test-key --service openai --environment dev\n\n# Test all keys\nkeymaster test-key --all\n\n# Verbose output\nkeymaster test-key --service openai --environment dev --verbose\n```\n\n#### audit\n```bash\n# View all audit logs\nkeymaster audit\n\n# Filter by service and environment\nkeymaster audit --service openai --environment prod\n\n# Filter by date range\nkeymaster audit --start-date 2024-01-01 --end-date 2024-01-31\n\n# View sensitive data\nkeymaster audit --decrypt\n```\n\n#### register-provider\n```bash\n# Register new API provider\nkeymaster register-provider\n# Prompts for:\n# - Service name\n# - Description\n# - Test URL (optional)\n```\n\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "Secure API key management for the API services you use, including AI services.",
"version": "0.1.1",
"project_urls": {
"Documentation": "https://github.com/joeazure/keymaster#readme",
"Homepage": "https://github.com/joeazure/keymaster",
"Issues": "https://github.com/joeazure/keymaster/issues",
"Repository": "https://github.com/joeazure/keymaster.git"
},
"split_keywords": [
"security",
" api-keys",
" key-management",
" ai-services"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "e10ad463447d186c692c026ef207fff372347c8e052797f7a215ea872093fab4",
"md5": "2b8637e4376ae0b48f2b7c75848b3e9c",
"sha256": "626697acf00e43cb5ed12c63c0ee81e154ac4890a68815e7d5f343f6654e6d43"
},
"downloads": -1,
"filename": "keymaster-0.1.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "2b8637e4376ae0b48f2b7c75848b3e9c",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.11",
"size": 24938,
"upload_time": "2025-02-01T01:18:54",
"upload_time_iso_8601": "2025-02-01T01:18:54.148451Z",
"url": "https://files.pythonhosted.org/packages/e1/0a/d463447d186c692c026ef207fff372347c8e052797f7a215ea872093fab4/keymaster-0.1.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "e7fe0f353cf56b61afedcfe6bd4fccd511a92734c016e6360ea9f0e0d0ed2906",
"md5": "5a90047f535666bb85c2e08c841d5e0d",
"sha256": "c22fe0d546938f264b6f8194d0b3c5225fca441d6b180ec8c47d0bc168c2fa90"
},
"downloads": -1,
"filename": "keymaster-0.1.1.tar.gz",
"has_sig": false,
"md5_digest": "5a90047f535666bb85c2e08c841d5e0d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.11",
"size": 209892,
"upload_time": "2025-02-01T01:18:56",
"upload_time_iso_8601": "2025-02-01T01:18:56.056739Z",
"url": "https://files.pythonhosted.org/packages/e7/fe/0f353cf56b61afedcfe6bd4fccd511a92734c016e6360ea9f0e0d0ed2906/keymaster-0.1.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-02-01 01:18:56",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "joeazure",
"github_project": "keymaster#readme",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "keymaster"
}
JSON
