/api/rke/status

GET

Returns the current status of the RKE (RAIDA Key Exchange) subsystem, including active sessions and cached encryption keys.

http://localhost:8080/api/rke/status

Description

The RKE (RAIDA Key Exchange) system provides distributed encryption for secure communication with Content Servers. This endpoint returns comprehensive status information about the RKE subsystem.

What is RKE?

RAIDA Key Exchange (RKE) is a distributed key derivation protocol that uses the RAIDA network as a distributed key authority. Instead of a single server holding encryption keys, the key is split across multiple RAIDA servers. This provides:

  • No Single Point of Failure: No single RAIDA knows the complete key
  • Threshold Security: Requires 13+ RAIDA servers to derive a key
  • Session-Based Encryption: Keys are session-specific with automatic expiration
  • Key Caching: Derived keys are cached locally to avoid repeated RAIDA requests
Use Case

Use this endpoint to:

  • Monitor active RKE sessions
  • Check keystore cache utilization
  • Verify RKE subsystem health
  • Debug session and key expiration issues

Parameters

This endpoint does not require any parameters.

Response

Returns a JSON object containing RKE subsystem statistics.

Response Properties

command string
Always "rke_status".
success boolean
Always true for this endpoint.
sessions object
Session store statistics.
sessions.total integer
Total number of sessions (active + expired).
sessions.active integer
Number of currently active (non-expired) sessions.
sessions.max integer
Maximum concurrent sessions allowed (default: 16).
keystore object
Key cache statistics.
keystore.total integer
Total number of cached keys.
keystore.valid integer
Number of valid (non-expired) cached keys.
keystore.expired integer
Number of expired keys pending cleanup.
keystore.max integer
Maximum cached keys allowed (default: 64).
keystore.default_ttl_hours integer
Default time-to-live for cached keys in hours (default: 24).
config object
RKE configuration values.
config.session_timeout_sec integer
Session timeout in seconds (default: 3600 = 1 hour).
config.min_key_shares integer
Minimum RAIDA key shares required for key derivation (default: 13).

Example Response

{
  "command": "rke_status",
  "success": true,
  "sessions": {
    "total": 2,
    "active": 2,
    "max": 16
  },
  "keystore": {
    "total": 5,
    "valid": 4,
    "expired": 1,
    "max": 64,
    "default_ttl_hours": 24
  },
  "config": {
    "session_timeout_sec": 3600,
    "min_key_shares": 13
  }
}

Examples

JavaScript (fetch)

const API_HOST = 'http://localhost:8080';

async function getRkeStatus() {
    try {
        const response = await fetch(`${API_HOST}/api/rke/status`);
        const result = await response.json();

        if (result.success) {
            console.log('RKE Status:');
            console.log(`  Active Sessions: ${result.sessions.active}/${result.sessions.max}`);
            console.log(`  Cached Keys: ${result.keystore.valid}/${result.keystore.max}`);
            console.log(`  Expired Keys: ${result.keystore.expired}`);
            console.log(`  Session Timeout: ${result.config.session_timeout_sec}s`);

            // Check if keystore is getting full
            const keystoreUsage = result.keystore.total / result.keystore.max;
            if (keystoreUsage > 0.8) {
                console.warn('Warning: Keystore is over 80% full');
            }
        }

        return result;
    } catch (error) {
        console.error('Error fetching RKE status:', error);
    }
}

getRkeStatus();

cURL

# Get RKE status
curl "http://localhost:8080/api/rke/status"

# Pretty print with jq
curl "http://localhost:8080/api/rke/status" | jq

# Extract just session count
curl "http://localhost:8080/api/rke/status" | jq '.sessions.active'

Go

package main

import (
    "encoding/json"
    "fmt"
    "io/ioutil"
    "net/http"
)

const ApiHost = "http://localhost:8080"

type RkeStatusResponse struct {
    Command  string `json:"command"`
    Success  bool   `json:"success"`
    Sessions struct {
        Total  int `json:"total"`
        Active int `json:"active"`
        Max    int `json:"max"`
    } `json:"sessions"`
    Keystore struct {
        Total          int `json:"total"`
        Valid          int `json:"valid"`
        Expired        int `json:"expired"`
        Max            int `json:"max"`
        DefaultTTLHours int `json:"default_ttl_hours"`
    } `json:"keystore"`
    Config struct {
        SessionTimeoutSec int `json:"session_timeout_sec"`
        MinKeyShares      int `json:"min_key_shares"`
    } `json:"config"`
}

func GetRkeStatus() (*RkeStatusResponse, error) {
    resp, err := http.Get(fmt.Sprintf("%s/api/rke/status", ApiHost))
    if err != nil {
        return nil, err
    }
    defer resp.Body.Close()

    body, err := ioutil.ReadAll(resp.Body)
    if err != nil {
        return nil, err
    }

    var result RkeStatusResponse
    if err := json.Unmarshal(body, &result); err != nil {
        return nil, err
    }

    return &result, nil
}

func main() {
    status, err := GetRkeStatus()
    if err != nil {
        panic(err)
    }

    fmt.Printf("RKE Status\n")
    fmt.Printf("==========\n")
    fmt.Printf("Sessions: %d/%d active\n", status.Sessions.Active, status.Sessions.Max)
    fmt.Printf("Keystore: %d/%d keys (%d expired)\n",
        status.Keystore.Valid, status.Keystore.Max, status.Keystore.Expired)
}

Related Endpoints

/api/rke/sessions

List all active RKE sessions with details.

View Details

/api/rke/session

Create a new RKE session for a Content Server.

View Details

/api/rke/discover

Discover RKE configuration from a Content Server's DNS.

View Details