BSN-DID 研究 -- 主题一:DID API
- 2024-04-02 浙江
本文字数:6732 字
阅读完需:约 22 分钟
本文开始对帮助手册的 API 进行调用, 分析具体的输入参数和返回结果。
主题 1 :创建 DID、上链、查询、验证, 主要帮助手册的 14.4.1 DID API。
01 通过助记词生成公私钥
用户可以自定义助记词,调用该方法离线生成一对 k1 算法的公私钥。只要助记词相同,那么每次调用所生成的公私钥必然相同。
//14.4.1.1 通过助记词生成公私钥
public static void createKeyPair(){
//创建DidClient实例:
String URL = "https://didservice.bsngate.com:18602";
String PROJECTID = "8320935187";
String TOKEN = "3wxYHXwAm57grc9JUr2zrPHt9HC";
DidClient didClient = new DidClient(URL,PROJECTID,TOKEN);
com.reddate.did.sdk.param.KeyPair keyPair =
Secp256Util.createKeyPair(didClient.getHubCryptoType());
System.out.println(keyPair.getPrivateKey());
System.out.println(keyPair.getPublicKey());
System.out.println(keyPair.getType());
}
【注意】 这个 DID 包中 KeyPair 生成的私钥、公钥都是 10 进制数字字符串,与其他工具生成的 16 进制字符串不同,切记!!
02 创建 DID
createDid 函数返回值是 DidDataWrapper 类对象,包含这几部分:
注意看 authKeyInfo 和 recyKeyInfo,里面包含公钥和私钥、算法类型。
DocumentInfo 的内容实际上就是 Document。
输入参数:false:表示生成的 DID Document 是私下存储,没有保存到链上数据库。用户可以手动执行 storeDidDocumentOnChain 函数上链。还可以手动执行 verifyDidDocument 函数检验 Document 的真伪。
输入参数:true:创建 DID 的时候,自动把 DocumentInfo 的内容上链保存成了 Document。
【上链的好处】 可以根据 DID 获取 DID Document。不上链就是私有的线下保存的文档,无法让别人在链上读取。
测试代码:
DidClient didClient = new DidClient(URL,PROJECTID,TOKEN);
DidDataWrapper didData = didClient.createDid(false);
String did = didData.getDid();
03 验证 DID Document
有了主备公钥和 DID 后就可以创建出一份完整的 Doc,并用自己的私钥签名。 验证 DOC 就是对离线生成的 DID Document 进行内容格式和签名值的验证。
public static void verifyDidDocumentTest() {
DidDataWrapper didDataWrapper = didClient.createDid(false);
//组装DOC
DidDocument didDocument = new DidDocument();
didDocument.setDid(didDataWrapper.getDocument().getDid());
didDocument.setVersion(didDataWrapper.getDocument().getVersion());
didDocument.setCreated(didDataWrapper.getDocument().getCreated());
didDocument.setUpdated(didDataWrapper.getDocument().getUpdated());
PublicKey authentication = new PublicKey();
authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey());
authentication.setType(didDataWrapper.getDocument().getAuthentication().getType());
didDocument.setAuthentication(authentication);
PublicKey recovery = new PublicKey();
recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey());
recovery.setType(didDataWrapper.getDocument().getRecovery().getType());
didDocument.setRecovery(recovery);
Proof proof = new Proof();
proof.setCreator(didDataWrapper.getDocument().getProof().getCreator());
proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue());
proof.setType(didDataWrapper.getDocument().getProof().getType());
didDocument.setProof(proof);
System.out.println("verifyDidDocumentTest() didDocument = "+JSONArray.toJSON(didDocument).toString());
//验证DOC
Boolean verifyResult = didClient.verifyDidDocument(didDocument);
System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult);
}
public static void verifyDidDocumentTest() {
DidDataWrapper didDataWrapper = didClient.createDid(false);
//组装DOC
DidDocument didDocument = new DidDocument();
didDocument.setDid(didDataWrapper.getDocument().getDid());
didDocument.setVersion(didDataWrapper.getDocument().getVersion());
didDocument.setCreated(didDataWrapper.getDocument().getCreated());
didDocument.setUpdated(didDataWrapper.getDocument().getUpdated());
PublicKey authentication = new PublicKey();
authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey());
authentication.setType(didDataWrapper.getDocument().getAuthentication().getType());
didDocument.setAuthentication(authentication);
PublicKey recovery = new PublicKey();
recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey());
recovery.setType(didDataWrapper.getDocument().getRecovery().getType());
didDocument.setRecovery(recovery);
Proof proof = new Proof();
proof.setCreator(didDataWrapper.getDocument().getProof().getCreator());
proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue());
proof.setType(didDataWrapper.getDocument().getProof().getType());
didDocument.setProof(proof);
System.out.println("verifyDidDocumentTest() didDocument = "+JSONArray.toJSON(didDocument).toString());
//验证DOC
Boolean verifyResult = didClient.verifyDidDocument(didDocument);
System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult);
}
//运行结果:展示了didDocument,检验OK!
verifyDidDocumentTest() didDocument =
{
"created":"2022-10-02 01:25:20",
"proof":{
"creator":"did:bsn:4Pbx71ztpMEEFgCMqEEkRC2h8ASt",
"type":"Secp256k1",
"signatureValue":"VJPMuq4IFWGdHTnODQqm8sSs8WoHCYFka/DGVfV2YS5IhJ8lktlyFkLwv5/mz4QSXCn1bvOg1vA3aauz4EUyhAA="
},
"recovery":
{"publicKey":"4136847674594415306398125128522508702209428004937584006833693185792349983493741081348289666743484792096380088085627695598861569341579889630013585744848688", "type":"Secp256k1" },
"updated":"2022-10-02 01:25:20",
"version":"1",
"did":"did:bsn:4Pbx71ztpMEEFgCMqEEkRC2h8ASt",
"authentication":
{"publicKey":"11540136105155077468752733049943874445846521165166711897546602509473852315835071484681946531901029710880905397210498255059417687026911400975483230795774640","type":"Secp256k1"}}
verifyDidDocumentTest() verifyResult = true
04 DID Document 上链、获取链上 DOC
方法名:storeDidDocumentOnChain (DidDocument didDocument)
方法描述:对 DID Document 进行上链存储,内部先执行了验证动作,所以如果想对 DID Document 上链那么直接调用本接口。
DOC 上链表示存储在区块链上,以后就可以根据 DID 随时访问获取 DOC 信息了。
方法名:getDidDocument(String did)
方法描述:DID Document 内的信息是对 DID 身份的记录和说明,所以任何人都可通过 DID 标识符查询链上对应的 DID Document。可用于验证 DID 身份、获取 DID 公钥。
测试代码:
public static void storeDidDocumentOnChainTest() {
DidDataWrapper didDataWrapper = didClient.createDid(false);
DidDocument didDocument = new DidDocument();
didDocument.setDid(didDataWrapper.getDocument().getDid());
didDocument.setVersion(didDataWrapper.getDocument().getVersion());
didDocument.setCreated(didDataWrapper.getDocument().getCreated());
didDocument.setUpdated(didDataWrapper.getDocument().getUpdated());
PublicKey authentication = new PublicKey();
authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey());
authentication.setType(didDataWrapper.getDocument().getAuthentication().getType());
didDocument.setAuthentication(authentication);
PublicKey recovery = new PublicKey();
recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey());
recovery.setType(didDataWrapper.getDocument().getRecovery().getType());
didDocument.setRecovery(recovery);
Proof proof = new Proof();
proof.setCreator(didDataWrapper.getDocument().getProof().getCreator());
proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue());
proof.setType(didDataWrapper.getDocument().getProof().getType());
didDocument.setProof(proof);
Boolean verifyResult = didClient.verifyDidDocument(didDocument);
System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult);
Boolean storeResult = didClient.storeDidDocumentOnChain(didDocument);
System.out.println("storeDidDocumentOnChainTest() storeResult = "+storeResult);
System.out.println("storeDidDocumentOnChainTest() didDocument.did = "+didDocument.getDid());
}
运行结果:
storeDidDocumentOnChainTest() storeResult = true
storeDidDocumentOnChainTest() didDocument.did = did:bsn:CaiZJBeh7NUEWr8yypJ8xE17JQU
String did = "did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN";
DidDocument doc = didClient.getDidDocument(did);
System.out.println(JSONArray.toJSONString(doc));
运行结果:
{"authentication":
{"publicKey":"4664700818889092622364867006498004324042151384192819472061979195648390631866880868387918981924784935127864376722798400872270317689037242661697268458140541","type":"Secp256k1"},
"created":"2022-08-04 09:32:58",
"did":"did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN",
"proof":
{"creator":"did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN","signatureValue":"l+wWJpAAtuEyRGQlpu46AOEtTKL2e2qmCon/l8RQPxxOj/RRI7u9C92ujHykWmj60wRp2y6v1qW+85Rh7pY1IgA=","type":"Secp256k1"},
"recovery":
{"publicKey":"11865520322565513050660694020438936283136484528320009451355251443300928908848680034382861862707021249978980723105155755823595493779379138615829812859063627","type":"Secp256k1"},
"updated":"2022-08-04 09:32:58",
"version":"1"
}
05 验证 DID 标识符
方法名:verifyDIdSign(String did, String didSign)
方法描述:对 DID 标识符的数字签名值进行验签,以确保当前 DID 的真实性和有效性。
public static void verifyDIdSignTest() {
DidDataWrapper didDataWrapper = didClient.createDid(true);
DidSign didSign = new DidSign();
didSign.setDid(didDataWrapper.getDid());
String signs = ECDSAUtils.sign(didDataWrapper.getDid(),
didDataWrapper.getAuthKeyInfo().getPrivateKey());
didSign.setDidSign(signs);
Boolean verifyResult = didClient.verifyDIdSign(didSign);
System.out.println("verifyDIdSignTest() verifyResult = "+verifyResult);
System.out.println("verifyDIdSignTest() didSign.didSign = "+JSONArray.toJSONString(didSign));
}
运行结果:
verifyDIdSignTest() verifyResult = true
verifyDIdSignTest() didSign.didSign =
{"did":"did:bsn:4DuikC1vLKs53dUCLcVmicA3tBkC","didSign":"hFjbn3e2PD2AQOtADQLqRY0lFyeEFAcWuWhAOv/vevRUSZfVpJEp+wm2jtNMnTl9a3WYatP8CAleg3iMrStisgA="}
06 密钥更新
方法名: resetDidAuth(ResetDidAuth restDidAuth)
方法描述: 如果主私钥丢失或者泄漏,可以通过备用的公私钥重新生成一对主公私钥。用户通过备用的公私钥来完成主公私钥更新。密钥更新后用户的 DID Document 也将更新,但是 DID 标识符不会改变。如果用户填写了主公私钥,则使用填写的主公钥更新 DID Document 中的主公钥并重新计算签名;否则自动生成一对新的主公私钥并更新 DID Document 的主公钥和签名计算。注:发证方如果进行了密钥更新,那么之前签发的所有凭证都将无法通过验签(如果发证方在业务系统里进行了凭证的主公钥记录,可以将旧的主公钥信息传送给凭证使用方,则也可通过凭证的验签)。
// 必填项:备用的公私钥。没有填写主公私钥。就自动生成一对新的主公私钥并更新DID Document的主公钥和签名计算。
public static void resetDidAuthTest() {
DidDataWrapper didDataWrapper = didClient.createDid(true);
ResetDidAuth restDidAuth = new ResetDidAuth();
restDidAuth.setDid(didDataWrapper.getDid());
ResetDidAuthKey resetDidAuthKey = new ResetDidAuthKey();
resetDidAuthKey.setPrivateKey(didDataWrapper.getRecyKeyInfo().getPrivateKey());
resetDidAuthKey.setPublicKey(didDataWrapper.getRecyKeyInfo().getPublicKey());
resetDidAuthKey.setType(didDataWrapper.getRecyKeyInfo().getType());
restDidAuth.setRecoveryKey(resetDidAuthKey);
try {
Thread.currentThread().sleep(2000);
} catch (InterruptedException e) {
throw new RuntimeException(e);
}
com.reddate.did.sdk.protocol.common.KeyPair newKeyPair = didClient.resetDidAuth(restDidAuth);
System.out.println("resetDidAuthTest() newKeyPair = "+JSONArray.toJSONString(newKeyPair));
}
//用户填写了主公私钥,则使用填写的主公钥更新DID Document中的主公钥并重新计算签名
public static void resetDidAuthTest2() {
DidDataWrapper didDataWrapper = didClient.createDid(true);
ResetDidAuth restDidAuth = new ResetDidAuth();
restDidAuth.setDid(didDataWrapper.getDid());
try {
restDidAuth.setPrimaryKeyPair(ECDSAUtils.createKey()); //设置新的主公私钥
} catch (Exception e) {
throw new RuntimeException(e);
}
ResetDidAuthKey resetDidAuthKey = new ResetDidAuthKey();
resetDidAuthKey.setPrivateKey(didDataWrapper.getRecyKeyInfo().getPrivateKey());
resetDidAuthKey.setPublicKey(didDataWrapper.getRecyKeyInfo().getPublicKey());
resetDidAuthKey.setType(didDataWrapper.getRecyKeyInfo().getType());
restDidAuth.setRecoveryKey(resetDidAuthKey);
try {
Thread.currentThread().sleep(2000);
} catch (InterruptedException e) {
throw new RuntimeException(e);
}
com.reddate.did.sdk.protocol.common.KeyPair newKeyPair = didClient.resetDidAuth(restDidAuth);
System.out.println("resetDidAuthTest2() newKeyPair = "+JSONArray.toJSONString(newKeyPair));
}
运行结果:
resetDidAuthTest() newKeyPair =
{"privateKey":"4418789078131674202111243961982433639547706271268826938325835630379260731281","publicKey":"5578015747222814006367708261589508549380225684854935025302378153104903255646360153037158753743827682578273342010430878248802959417577723301240139263528695","type":"Secp256k1"}
resetDidAuthTest2() newKeyPair =
{"privateKey":"5951442375366528881459974861070230808439847755642844686852014945755804704563","publicKey":"12644560182770071770846295970933128531517269120614778011777425155706853947892301738969404760003508611952580282724446980595055810845423272260582036533870772","type":"Secp256k1"}
版权声明:本文为 CSDN 博主「快活林高老大」原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
原文链接:
https://blog.csdn.net/u012084827/article/details/127175208
文章原标题:《BSN-DID 研究--主题一:DID API》
旨在传播区块链相关技术,如有侵权请与我们联系删除。
BSN研习社
还未添加个人签名 2021-11-05 加入
还未添加个人简介
评论