本文开始对帮助手册的 API 进行调用, 分析具体的输入参数和返回结果。
主题 1 :创建 DID、上链、查询、验证, 主要帮助手册的 14.4.1 DID API。
01 通过助记词生成公私钥
用户可以自定义助记词,调用该方法离线生成一对 k1 算法的公私钥。只要助记词相同,那么每次调用所生成的公私钥必然相同。
//14.4.1.1 通过助记词生成公私钥public static void createKeyPair(){ //创建DidClient实例: String URL = "https://didservice.bsngate.com:18602"; String PROJECTID = "8320935187"; String TOKEN = "3wxYHXwAm57grc9JUr2zrPHt9HC"; DidClient didClient = new DidClient(URL,PROJECTID,TOKEN); com.reddate.did.sdk.param.KeyPair keyPair = Secp256Util.createKeyPair(didClient.getHubCryptoType()); System.out.println(keyPair.getPrivateKey()); System.out.println(keyPair.getPublicKey()); System.out.println(keyPair.getType());}
复制代码
【注意】 这个 DID 包中 KeyPair 生成的私钥、公钥都是 10 进制数字字符串,与其他工具生成的 16 进制字符串不同,切记!!
02 创建 DID
createDid 函数返回值是 DidDataWrapper 类对象,包含这几部分:
注意看 authKeyInfo 和 recyKeyInfo,里面包含公钥和私钥、算法类型。
DocumentInfo 的内容实际上就是 Document。
输入参数:false:表示生成的 DID Document 是私下存储,没有保存到链上数据库。用户可以手动执行 storeDidDocumentOnChain 函数上链。还可以手动执行 verifyDidDocument 函数检验 Document 的真伪。
输入参数:true:创建 DID 的时候,自动把 DocumentInfo 的内容上链保存成了 Document。
【上链的好处】 可以根据 DID 获取 DID Document。不上链就是私有的线下保存的文档,无法让别人在链上读取。
测试代码:
DidClient didClient = new DidClient(URL,PROJECTID,TOKEN);DidDataWrapper didData = didClient.createDid(false);String did = didData.getDid();
复制代码
03 验证 DID Document
有了主备公钥和 DID 后就可以创建出一份完整的 Doc,并用自己的私钥签名。 验证 DOC 就是对离线生成的 DID Document 进行内容格式和签名值的验证。
public static void verifyDidDocumentTest() { DidDataWrapper didDataWrapper = didClient.createDid(false); //组装DOC DidDocument didDocument = new DidDocument(); didDocument.setDid(didDataWrapper.getDocument().getDid()); didDocument.setVersion(didDataWrapper.getDocument().getVersion()); didDocument.setCreated(didDataWrapper.getDocument().getCreated()); didDocument.setUpdated(didDataWrapper.getDocument().getUpdated()); PublicKey authentication = new PublicKey(); authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey()); authentication.setType(didDataWrapper.getDocument().getAuthentication().getType()); didDocument.setAuthentication(authentication); PublicKey recovery = new PublicKey(); recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey()); recovery.setType(didDataWrapper.getDocument().getRecovery().getType()); didDocument.setRecovery(recovery); Proof proof = new Proof(); proof.setCreator(didDataWrapper.getDocument().getProof().getCreator()); proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue()); proof.setType(didDataWrapper.getDocument().getProof().getType()); didDocument.setProof(proof); System.out.println("verifyDidDocumentTest() didDocument = "+JSONArray.toJSON(didDocument).toString()); //验证DOC Boolean verifyResult = didClient.verifyDidDocument(didDocument); System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult);}public static void verifyDidDocumentTest() { DidDataWrapper didDataWrapper = didClient.createDid(false); //组装DOC DidDocument didDocument = new DidDocument(); didDocument.setDid(didDataWrapper.getDocument().getDid()); didDocument.setVersion(didDataWrapper.getDocument().getVersion()); didDocument.setCreated(didDataWrapper.getDocument().getCreated()); didDocument.setUpdated(didDataWrapper.getDocument().getUpdated()); PublicKey authentication = new PublicKey(); authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey()); authentication.setType(didDataWrapper.getDocument().getAuthentication().getType()); didDocument.setAuthentication(authentication); PublicKey recovery = new PublicKey(); recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey()); recovery.setType(didDataWrapper.getDocument().getRecovery().getType()); didDocument.setRecovery(recovery); Proof proof = new Proof(); proof.setCreator(didDataWrapper.getDocument().getProof().getCreator()); proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue()); proof.setType(didDataWrapper.getDocument().getProof().getType()); didDocument.setProof(proof); System.out.println("verifyDidDocumentTest() didDocument = "+JSONArray.toJSON(didDocument).toString()); //验证DOC Boolean verifyResult = didClient.verifyDidDocument(didDocument); System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult);}
复制代码
//运行结果:展示了didDocument,检验OK!verifyDidDocumentTest() didDocument = { "created":"2022-10-02 01:25:20", "proof":{ "creator":"did:bsn:4Pbx71ztpMEEFgCMqEEkRC2h8ASt", "type":"Secp256k1",
"signatureValue":"VJPMuq4IFWGdHTnODQqm8sSs8WoHCYFka/DGVfV2YS5IhJ8lktlyFkLwv5/mz4QSXCn1bvOg1vA3aauz4EUyhAA=" }, "recovery":{"publicKey":"4136847674594415306398125128522508702209428004937584006833693185792349983493741081348289666743484792096380088085627695598861569341579889630013585744848688", "type":"Secp256k1" }, "updated":"2022-10-02 01:25:20", "version":"1", "did":"did:bsn:4Pbx71ztpMEEFgCMqEEkRC2h8ASt", "authentication": {"publicKey":"11540136105155077468752733049943874445846521165166711897546602509473852315835071484681946531901029710880905397210498255059417687026911400975483230795774640","type":"Secp256k1"}}verifyDidDocumentTest() verifyResult = true
复制代码
04 DID Document 上链、获取链上 DOC
方法名:storeDidDocumentOnChain (DidDocument didDocument)
方法描述:对 DID Document 进行上链存储,内部先执行了验证动作,所以如果想对 DID Document 上链那么直接调用本接口。
DOC 上链表示存储在区块链上,以后就可以根据 DID 随时访问获取 DOC 信息了。
方法名:getDidDocument(String did)
方法描述:DID Document 内的信息是对 DID 身份的记录和说明,所以任何人都可通过 DID 标识符查询链上对应的 DID Document。可用于验证 DID 身份、获取 DID 公钥。
测试代码:
public static void storeDidDocumentOnChainTest() { DidDataWrapper didDataWrapper = didClient.createDid(false); DidDocument didDocument = new DidDocument(); didDocument.setDid(didDataWrapper.getDocument().getDid()); didDocument.setVersion(didDataWrapper.getDocument().getVersion()); didDocument.setCreated(didDataWrapper.getDocument().getCreated()); didDocument.setUpdated(didDataWrapper.getDocument().getUpdated()); PublicKey authentication = new PublicKey(); authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey()); authentication.setType(didDataWrapper.getDocument().getAuthentication().getType()); didDocument.setAuthentication(authentication); PublicKey recovery = new PublicKey(); recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey()); recovery.setType(didDataWrapper.getDocument().getRecovery().getType()); didDocument.setRecovery(recovery); Proof proof = new Proof(); proof.setCreator(didDataWrapper.getDocument().getProof().getCreator()); proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue()); proof.setType(didDataWrapper.getDocument().getProof().getType()); didDocument.setProof(proof); Boolean verifyResult = didClient.verifyDidDocument(didDocument); System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult); Boolean storeResult = didClient.storeDidDocumentOnChain(didDocument); System.out.println("storeDidDocumentOnChainTest() storeResult = "+storeResult); System.out.println("storeDidDocumentOnChainTest() didDocument.did = "+didDocument.getDid());}
复制代码
运行结果:
storeDidDocumentOnChainTest() storeResult = truestoreDidDocumentOnChainTest() didDocument.did = did:bsn:CaiZJBeh7NUEWr8yypJ8xE17JQUString did = "did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN";DidDocument doc = didClient.getDidDocument(did);System.out.println(JSONArray.toJSONString(doc));
复制代码
运行结果:
{"authentication":{"publicKey":"4664700818889092622364867006498004324042151384192819472061979195648390631866880868387918981924784935127864376722798400872270317689037242661697268458140541","type":"Secp256k1"},"created":"2022-08-04 09:32:58","did":"did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN","proof":{"creator":"did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN","signatureValue":"l+wWJpAAtuEyRGQlpu46AOEtTKL2e2qmCon/l8RQPxxOj/RRI7u9C92ujHykWmj60wRp2y6v1qW+85Rh7pY1IgA=","type":"Secp256k1"},"recovery":{"publicKey":"11865520322565513050660694020438936283136484528320009451355251443300928908848680034382861862707021249978980723105155755823595493779379138615829812859063627","type":"Secp256k1"},"updated":"2022-08-04 09:32:58","version":"1"}
复制代码
05 验证 DID 标识符
方法名:verifyDIdSign(String did, String didSign)
方法描述:对 DID 标识符的数字签名值进行验签,以确保当前 DID 的真实性和有效性。
public static void verifyDIdSignTest() { DidDataWrapper didDataWrapper = didClient.createDid(true); DidSign didSign = new DidSign(); didSign.setDid(didDataWrapper.getDid()); String signs = ECDSAUtils.sign(didDataWrapper.getDid(), didDataWrapper.getAuthKeyInfo().getPrivateKey()); didSign.setDidSign(signs); Boolean verifyResult = didClient.verifyDIdSign(didSign); System.out.println("verifyDIdSignTest() verifyResult = "+verifyResult); System.out.println("verifyDIdSignTest() didSign.didSign = "+JSONArray.toJSONString(didSign));}
复制代码
运行结果:
verifyDIdSignTest() verifyResult = trueverifyDIdSignTest() didSign.didSign ={"did":"did:bsn:4DuikC1vLKs53dUCLcVmicA3tBkC","didSign":"hFjbn3e2PD2AQOtADQLqRY0lFyeEFAcWuWhAOv/vevRUSZfVpJEp+wm2jtNMnTl9a3WYatP8CAleg3iMrStisgA="}
复制代码
06 密钥更新
方法名: resetDidAuth(ResetDidAuth restDidAuth)
方法描述: 如果主私钥丢失或者泄漏,可以通过备用的公私钥重新生成一对主公私钥。用户通过备用的公私钥来完成主公私钥更新。密钥更新后用户的 DID Document 也将更新,但是 DID 标识符不会改变。如果用户填写了主公私钥,则使用填写的主公钥更新 DID Document 中的主公钥并重新计算签名;否则自动生成一对新的主公私钥并更新 DID Document 的主公钥和签名计算。注:发证方如果进行了密钥更新,那么之前签发的所有凭证都将无法通过验签(如果发证方在业务系统里进行了凭证的主公钥记录,可以将旧的主公钥信息传送给凭证使用方,则也可通过凭证的验签)。
// 必填项:备用的公私钥。没有填写主公私钥。就自动生成一对新的主公私钥并更新DID Document的主公钥和签名计算。public static void resetDidAuthTest() { DidDataWrapper didDataWrapper = didClient.createDid(true); ResetDidAuth restDidAuth = new ResetDidAuth(); restDidAuth.setDid(didDataWrapper.getDid()); ResetDidAuthKey resetDidAuthKey = new ResetDidAuthKey(); resetDidAuthKey.setPrivateKey(didDataWrapper.getRecyKeyInfo().getPrivateKey()); resetDidAuthKey.setPublicKey(didDataWrapper.getRecyKeyInfo().getPublicKey()); resetDidAuthKey.setType(didDataWrapper.getRecyKeyInfo().getType()); restDidAuth.setRecoveryKey(resetDidAuthKey); try { Thread.currentThread().sleep(2000); } catch (InterruptedException e) { throw new RuntimeException(e); } com.reddate.did.sdk.protocol.common.KeyPair newKeyPair = didClient.resetDidAuth(restDidAuth); System.out.println("resetDidAuthTest() newKeyPair = "+JSONArray.toJSONString(newKeyPair));}
复制代码
//用户填写了主公私钥,则使用填写的主公钥更新DID Document中的主公钥并重新计算签名public static void resetDidAuthTest2() { DidDataWrapper didDataWrapper = didClient.createDid(true); ResetDidAuth restDidAuth = new ResetDidAuth(); restDidAuth.setDid(didDataWrapper.getDid()); try { restDidAuth.setPrimaryKeyPair(ECDSAUtils.createKey()); //设置新的主公私钥 } catch (Exception e) { throw new RuntimeException(e); } ResetDidAuthKey resetDidAuthKey = new ResetDidAuthKey(); resetDidAuthKey.setPrivateKey(didDataWrapper.getRecyKeyInfo().getPrivateKey()); resetDidAuthKey.setPublicKey(didDataWrapper.getRecyKeyInfo().getPublicKey()); resetDidAuthKey.setType(didDataWrapper.getRecyKeyInfo().getType()); restDidAuth.setRecoveryKey(resetDidAuthKey); try { Thread.currentThread().sleep(2000); } catch (InterruptedException e) { throw new RuntimeException(e); } com.reddate.did.sdk.protocol.common.KeyPair newKeyPair = didClient.resetDidAuth(restDidAuth); System.out.println("resetDidAuthTest2() newKeyPair = "+JSONArray.toJSONString(newKeyPair));}
复制代码
运行结果:
resetDidAuthTest() newKeyPair = {"privateKey":"4418789078131674202111243961982433639547706271268826938325835630379260731281","publicKey":"5578015747222814006367708261589508549380225684854935025302378153104903255646360153037158753743827682578273342010430878248802959417577723301240139263528695","type":"Secp256k1"}resetDidAuthTest2() newKeyPair = {"privateKey":"5951442375366528881459974861070230808439847755642844686852014945755804704563","publicKey":"12644560182770071770846295970933128531517269120614778011777425155706853947892301738969404760003508611952580282724446980595055810845423272260582036533870772","type":"Secp256k1"}
复制代码
版权声明:本文为 CSDN 博主「快活林高老大」原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
原文链接:
https://blog.csdn.net/u012084827/article/details/127175208
文章原标题:《BSN-DID 研究--主题一:DID API》
旨在传播区块链相关技术,如有侵权请与我们联系删除。
评论