写点什么

BSN-DID 研究 -- 主题一:DID API

作者:BSN研习社
  • 2024-04-02
    浙江
  • 本文字数:6732 字

    阅读完需:约 22 分钟

BSN-DID研究--主题一:DID API

本文开始对帮助手册的 API 进行调用, 分析具体的输入参数和返回结果。

主题 1 :创建 DID、上链、查询、验证, 主要帮助手册的 14.4.1 DID API。


01 通过助记词生成公私钥

用户可以自定义助记词,调用该方法离线生成一对 k1 算法的公私钥。只要助记词相同,那么每次调用所生成的公私钥必然相同。 


//14.4.1.1 通过助记词生成公私钥public static void createKeyPair(){    //创建DidClient实例:    String URL = "https://didservice.bsngate.com:18602";    String PROJECTID = "8320935187";    String TOKEN = "3wxYHXwAm57grc9JUr2zrPHt9HC";    DidClient didClient = new DidClient(URL,PROJECTID,TOKEN);    com.reddate.did.sdk.param.KeyPair keyPair =   Secp256Util.createKeyPair(didClient.getHubCryptoType());    System.out.println(keyPair.getPrivateKey());    System.out.println(keyPair.getPublicKey());    System.out.println(keyPair.getType());}
复制代码

【注意】 这个 DID 包中 KeyPair 生成的私钥、公钥都是 10 进制数字字符串,与其他工具生成的 16 进制字符串不同,切记!!


02 创建 DID

createDid 函数返回值是 DidDataWrapper 类对象,包含这几部分:

注意看 authKeyInfo 和 recyKeyInfo,里面包含公钥和私钥、算法类型。

DocumentInfo 的内容实际上就是 Document。

输入参数:false:表示生成的 DID Document 是私下存储,没有保存到链上数据库。用户可以手动执行 storeDidDocumentOnChain 函数上链。还可以手动执行 verifyDidDocument 函数检验 Document 的真伪。

输入参数:true:创建 DID 的时候,自动把 DocumentInfo 的内容上链保存成了 Document。

【上链的好处】 可以根据 DID 获取 DID Document。不上链就是私有的线下保存的文档,无法让别人在链上读取。


测试代码:

DidClient didClient = new DidClient(URL,PROJECTID,TOKEN);DidDataWrapper didData = didClient.createDid(false);String did = didData.getDid();
复制代码


03 验证 DID Document

有了主备公钥和 DID 后就可以创建出一份完整的 Doc,并用自己的私钥签名。 验证 DOC 就是对离线生成的 DID Document 进行内容格式和签名值的验证。



public static void verifyDidDocumentTest() { DidDataWrapper didDataWrapper = didClient.createDid(false); //组装DOC DidDocument didDocument = new DidDocument(); didDocument.setDid(didDataWrapper.getDocument().getDid()); didDocument.setVersion(didDataWrapper.getDocument().getVersion()); didDocument.setCreated(didDataWrapper.getDocument().getCreated()); didDocument.setUpdated(didDataWrapper.getDocument().getUpdated()); PublicKey authentication = new PublicKey(); authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey()); authentication.setType(didDataWrapper.getDocument().getAuthentication().getType()); didDocument.setAuthentication(authentication); PublicKey recovery = new PublicKey(); recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey()); recovery.setType(didDataWrapper.getDocument().getRecovery().getType()); didDocument.setRecovery(recovery); Proof proof = new Proof(); proof.setCreator(didDataWrapper.getDocument().getProof().getCreator()); proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue()); proof.setType(didDataWrapper.getDocument().getProof().getType()); didDocument.setProof(proof); System.out.println("verifyDidDocumentTest() didDocument = "+JSONArray.toJSON(didDocument).toString()); //验证DOC Boolean verifyResult = didClient.verifyDidDocument(didDocument); System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult);}public static void verifyDidDocumentTest() { DidDataWrapper didDataWrapper = didClient.createDid(false); //组装DOC DidDocument didDocument = new DidDocument(); didDocument.setDid(didDataWrapper.getDocument().getDid()); didDocument.setVersion(didDataWrapper.getDocument().getVersion()); didDocument.setCreated(didDataWrapper.getDocument().getCreated()); didDocument.setUpdated(didDataWrapper.getDocument().getUpdated()); PublicKey authentication = new PublicKey(); authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey()); authentication.setType(didDataWrapper.getDocument().getAuthentication().getType()); didDocument.setAuthentication(authentication); PublicKey recovery = new PublicKey(); recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey()); recovery.setType(didDataWrapper.getDocument().getRecovery().getType()); didDocument.setRecovery(recovery); Proof proof = new Proof(); proof.setCreator(didDataWrapper.getDocument().getProof().getCreator()); proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue()); proof.setType(didDataWrapper.getDocument().getProof().getType()); didDocument.setProof(proof); System.out.println("verifyDidDocumentTest() didDocument = "+JSONArray.toJSON(didDocument).toString()); //验证DOC Boolean verifyResult = didClient.verifyDidDocument(didDocument); System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult);}
复制代码


//运行结果:展示了didDocument,检验OK!verifyDidDocumentTest() didDocument = { "created":"2022-10-02 01:25:20", "proof":{     "creator":"did:bsn:4Pbx71ztpMEEFgCMqEEkRC2h8ASt",     "type":"Secp256k1",
"signatureValue":"VJPMuq4IFWGdHTnODQqm8sSs8WoHCYFka/DGVfV2YS5IhJ8lktlyFkLwv5/mz4QSXCn1bvOg1vA3aauz4EUyhAA=" }, "recovery":{"publicKey":"4136847674594415306398125128522508702209428004937584006833693185792349983493741081348289666743484792096380088085627695598861569341579889630013585744848688", "type":"Secp256k1" }, "updated":"2022-10-02 01:25:20", "version":"1", "did":"did:bsn:4Pbx71ztpMEEFgCMqEEkRC2h8ASt", "authentication": {"publicKey":"11540136105155077468752733049943874445846521165166711897546602509473852315835071484681946531901029710880905397210498255059417687026911400975483230795774640","type":"Secp256k1"}}verifyDidDocumentTest() verifyResult = true
复制代码

04 DID Document 上链、获取链上 DOC


方法名:storeDidDocumentOnChain (DidDocument didDocument)

方法描述:对 DID Document 进行上链存储,内部先执行了验证动作,所以如果想对 DID Document 上链那么直接调用本接口。

DOC 上链表示存储在区块链上,以后就可以根据 DID 随时访问获取 DOC 信息了。

方法名:getDidDocument(String did)

方法描述:DID Document 内的信息是对 DID 身份的记录和说明,所以任何人都可通过 DID 标识符查询链上对应的 DID Document。可用于验证 DID 身份、获取 DID 公钥。

测试代码:


public static void storeDidDocumentOnChainTest() { DidDataWrapper didDataWrapper = didClient.createDid(false); DidDocument didDocument = new DidDocument(); didDocument.setDid(didDataWrapper.getDocument().getDid()); didDocument.setVersion(didDataWrapper.getDocument().getVersion()); didDocument.setCreated(didDataWrapper.getDocument().getCreated()); didDocument.setUpdated(didDataWrapper.getDocument().getUpdated()); PublicKey authentication = new PublicKey(); authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey()); authentication.setType(didDataWrapper.getDocument().getAuthentication().getType()); didDocument.setAuthentication(authentication); PublicKey recovery = new PublicKey(); recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey()); recovery.setType(didDataWrapper.getDocument().getRecovery().getType()); didDocument.setRecovery(recovery); Proof proof = new Proof(); proof.setCreator(didDataWrapper.getDocument().getProof().getCreator()); proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue()); proof.setType(didDataWrapper.getDocument().getProof().getType()); didDocument.setProof(proof); Boolean verifyResult = didClient.verifyDidDocument(didDocument); System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult); Boolean storeResult = didClient.storeDidDocumentOnChain(didDocument); System.out.println("storeDidDocumentOnChainTest() storeResult = "+storeResult); System.out.println("storeDidDocumentOnChainTest() didDocument.did = "+didDocument.getDid());}
复制代码

运行结果:

storeDidDocumentOnChainTest() storeResult = truestoreDidDocumentOnChainTest() didDocument.did = did:bsn:CaiZJBeh7NUEWr8yypJ8xE17JQUString did = "did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN";DidDocument doc = didClient.getDidDocument(did);System.out.println(JSONArray.toJSONString(doc));
复制代码

运行结果:

{"authentication":{"publicKey":"4664700818889092622364867006498004324042151384192819472061979195648390631866880868387918981924784935127864376722798400872270317689037242661697268458140541","type":"Secp256k1"},"created":"2022-08-04 09:32:58","did":"did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN","proof":{"creator":"did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN","signatureValue":"l+wWJpAAtuEyRGQlpu46AOEtTKL2e2qmCon/l8RQPxxOj/RRI7u9C92ujHykWmj60wRp2y6v1qW+85Rh7pY1IgA=","type":"Secp256k1"},"recovery":{"publicKey":"11865520322565513050660694020438936283136484528320009451355251443300928908848680034382861862707021249978980723105155755823595493779379138615829812859063627","type":"Secp256k1"},"updated":"2022-08-04 09:32:58","version":"1"}
复制代码


05 验证 DID 标识符

方法名:verifyDIdSign(String did, String didSign)

方法描述:对 DID 标识符的数字签名值进行验签,以确保当前 DID 的真实性和有效性。

public static void verifyDIdSignTest() {    DidDataWrapper didDataWrapper = didClient.createDid(true);    DidSign didSign = new DidSign();    didSign.setDid(didDataWrapper.getDid());    String signs = ECDSAUtils.sign(didDataWrapper.getDid(),  didDataWrapper.getAuthKeyInfo().getPrivateKey());    didSign.setDidSign(signs);    Boolean verifyResult = didClient.verifyDIdSign(didSign);    System.out.println("verifyDIdSignTest()  verifyResult = "+verifyResult);    System.out.println("verifyDIdSignTest()  didSign.didSign = "+JSONArray.toJSONString(didSign));}
复制代码

运行结果:

verifyDIdSignTest()  verifyResult = trueverifyDIdSignTest()  didSign.didSign ={"did":"did:bsn:4DuikC1vLKs53dUCLcVmicA3tBkC","didSign":"hFjbn3e2PD2AQOtADQLqRY0lFyeEFAcWuWhAOv/vevRUSZfVpJEp+wm2jtNMnTl9a3WYatP8CAleg3iMrStisgA="}
复制代码


06 密钥更新

方法名:   resetDidAuth(ResetDidAuth restDidAuth)

方法描述: 如果主私钥丢失或者泄漏,可以通过备用的公私钥重新生成一对主公私钥。用户通过备用的公私钥来完成主公私钥更新。密钥更新后用户的 DID Document 也将更新,但是 DID 标识符不会改变。如果用户填写了主公私钥,则使用填写的主公钥更新 DID Document 中的主公钥并重新计算签名;否则自动生成一对新的主公私钥并更新 DID Document 的主公钥和签名计算。注:发证方如果进行了密钥更新,那么之前签发的所有凭证都将无法通过验签(如果发证方在业务系统里进行了凭证的主公钥记录,可以将旧的主公钥信息传送给凭证使用方,则也可通过凭证的验签)。


// 必填项:备用的公私钥。没有填写主公私钥。就自动生成一对新的主公私钥并更新DID Document的主公钥和签名计算。public static void resetDidAuthTest() {    DidDataWrapper didDataWrapper = didClient.createDid(true);    ResetDidAuth restDidAuth = new ResetDidAuth();    restDidAuth.setDid(didDataWrapper.getDid());    ResetDidAuthKey resetDidAuthKey = new ResetDidAuthKey();    resetDidAuthKey.setPrivateKey(didDataWrapper.getRecyKeyInfo().getPrivateKey());    resetDidAuthKey.setPublicKey(didDataWrapper.getRecyKeyInfo().getPublicKey());    resetDidAuthKey.setType(didDataWrapper.getRecyKeyInfo().getType());    restDidAuth.setRecoveryKey(resetDidAuthKey);    try {        Thread.currentThread().sleep(2000);    } catch (InterruptedException e) {        throw new RuntimeException(e);    }    com.reddate.did.sdk.protocol.common.KeyPair newKeyPair = didClient.resetDidAuth(restDidAuth);    System.out.println("resetDidAuthTest()  newKeyPair = "+JSONArray.toJSONString(newKeyPair));}
复制代码


//用户填写了主公私钥,则使用填写的主公钥更新DID Document中的主公钥并重新计算签名public static void resetDidAuthTest2() {    DidDataWrapper didDataWrapper = didClient.createDid(true);    ResetDidAuth restDidAuth = new ResetDidAuth();    restDidAuth.setDid(didDataWrapper.getDid());    try {        restDidAuth.setPrimaryKeyPair(ECDSAUtils.createKey());  //设置新的主公私钥    } catch (Exception e) {        throw new RuntimeException(e);    }    ResetDidAuthKey resetDidAuthKey = new ResetDidAuthKey();    resetDidAuthKey.setPrivateKey(didDataWrapper.getRecyKeyInfo().getPrivateKey());    resetDidAuthKey.setPublicKey(didDataWrapper.getRecyKeyInfo().getPublicKey());    resetDidAuthKey.setType(didDataWrapper.getRecyKeyInfo().getType());    restDidAuth.setRecoveryKey(resetDidAuthKey);    try {        Thread.currentThread().sleep(2000);    } catch (InterruptedException e) {        throw new RuntimeException(e);    }    com.reddate.did.sdk.protocol.common.KeyPair newKeyPair = didClient.resetDidAuth(restDidAuth);    System.out.println("resetDidAuthTest2()  newKeyPair = "+JSONArray.toJSONString(newKeyPair));}
复制代码

运行结果:

resetDidAuthTest()  newKeyPair = {"privateKey":"4418789078131674202111243961982433639547706271268826938325835630379260731281","publicKey":"5578015747222814006367708261589508549380225684854935025302378153104903255646360153037158753743827682578273342010430878248802959417577723301240139263528695","type":"Secp256k1"}resetDidAuthTest2()  newKeyPair = {"privateKey":"5951442375366528881459974861070230808439847755642844686852014945755804704563","publicKey":"12644560182770071770846295970933128531517269120614778011777425155706853947892301738969404760003508611952580282724446980595055810845423272260582036533870772","type":"Secp256k1"}
复制代码

版权声明:本文为 CSDN 博主「快活林高老大」原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。                    

原文链接:

https://blog.csdn.net/u012084827/article/details/127175208

文章原标题:《BSN-DID 研究--主题一:DID API》

旨在传播区块链相关技术,如有侵权请与我们联系删除。

用户头像

BSN研习社

关注

还未添加个人签名 2021-11-05 加入

还未添加个人简介

评论

发布
暂无评论
BSN-DID研究--主题一:DID API_区块链_BSN研习社_InfoQ写作社区