BSN-DID研究--主题1 ：DID API

最新推荐文章于 2024-05-31 10:38:08 发布

快活林高老大

最新推荐文章于 2024-05-31 10:38:08 发布

阅读量1k

点赞数

分类专栏： BSN-DID代码研究文章标签：区块链

本文链接：https://blog.csdn.net/u012084827/article/details/127175208

版权

BSN-DID代码研究专栏收录该内容

8 篇文章 1 订阅

订阅专栏

本文开始对帮助手册的API进行调用，分析具体的输入参数和返回结果。

主题1 ：创建DID、上链、查询、验证，主要是帮助手册的14.4.1 DID API

-------------------------------------------------------------------------------------------

1 通过助记词生成公私钥

用户可以自定义助记词，调用该方法离线生成一对k1算法的公私钥。只要助记词相同，那么每次调用所生成的公私钥必然相同。

//14.4.1.1 通过助记词生成公私钥

public static void createKeyPair(){

//创建DidClient实例：

String URL = "https://didservice.bsngate.com:18602";

String PROJECTID = "8320935187";

String TOKEN = "3wxYHXwAm57grc9JUr2zrPHt9HC";

DidClient didClient = new DidClient(URL,PROJECTID,TOKEN);

com.reddate.did.sdk.param.KeyPair keyPair = Secp256Util.createKeyPair(didClient.getHubCryptoType());

System.out.println(keyPair.getPrivateKey());

System.out.println(keyPair.getPublicKey());

System.out.println(keyPair.getType());

}

【注意】这个DID包中KeyPair生成的私钥、公钥都是10进制数字字符串，与其他工具生成的16进制字符串不同，切记！！

2 创建DID

createDid函数返回值是DidDataWrapper类对象，包含这几部分：

注意看 authKeyInfo和recyKeyInfo，里面包含公钥和私钥、算法类型。

DocumentInfo的内容实际上就是Document。

输入参数：false：表示生成的DID Document是私下存储，没有保存到链上数据库。

用户可以手动执行storeDidDocumentOnChain函数上链。

还可以手动执行verifyDidDocument函数检验Document的真伪。

输入参数：true：创建DID的时候，自动把DocumentInfo的内容上链保存成了Document。

【上链的好处】可以根据DID获取DID Document。不上链就是私有的线下保存的文档，无法让别人在链上读取。

测试代码：

DidClient didClient = new DidClient(URL,PROJECTID,TOKEN)；

DidDataWrapper didData = didClient.createDid(false);

String did = didData.getDid();

3 验证DID Document

有了主备公钥和DID后就可以创建出一份完整的Doc，并用自己的私钥签名。验证DOC就是对离线生成的DID Document进行内容格式和签名值的验证。

public static void verifyDidDocumentTest() {

DidDataWrapper didDataWrapper = didClient.createDid(false);

//组装DOC

DidDocument didDocument = new DidDocument();

didDocument.setDid(didDataWrapper.getDocument().getDid());

didDocument.setVersion(didDataWrapper.getDocument().getVersion());

didDocument.setCreated(didDataWrapper.getDocument().getCreated());

didDocument.setUpdated(didDataWrapper.getDocument().getUpdated());

PublicKey authentication = new PublicKey();

authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey());

authentication.setType(didDataWrapper.getDocument().getAuthentication().getType());

didDocument.setAuthentication(authentication);

PublicKey recovery = new PublicKey();

recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey());

recovery.setType(didDataWrapper.getDocument().getRecovery().getType());

didDocument.setRecovery(recovery);

Proof proof = new Proof();

proof.setCreator(didDataWrapper.getDocument().getProof().getCreator());

proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue());

proof.setType(didDataWrapper.getDocument().getProof().getType());

didDocument.setProof(proof);

System.out.println("verifyDidDocumentTest() didDocument = "+JSONArray.toJSON(didDocument).toString());

//验证DOC

Boolean verifyResult = didClient.verifyDidDocument(didDocument);

System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult);

}

//运行结果：展示了didDocument，检验OK！

verifyDidDocumentTest() didDocument =

{

"created":"2022-10-02 01:25:20",

"proof":{

"creator":"did:bsn:4Pbx71ztpMEEFgCMqEEkRC2h8ASt",

"type":"Secp256k1",

"signatureValue":"VJPMuq4IFWGdHTnODQqm8sSs8WoHCYFka/DGVfV2YS5IhJ8lktlyFkLwv5/mz4QSXCn1bvOg1vA3aauz4EUyhAA="

"recovery":

{"publicKey":"4136847674594415306398125128522508702209428004937584006833693185792349983493741081348289666743484792096380088085627695598861569341579889630013585744848688", "type":"Secp256k1" },

"updated":"2022-10-02 01:25:20",

"version":"1",

"did":"did:bsn:4Pbx71ztpMEEFgCMqEEkRC2h8ASt",

"authentication": {"publicKey":"11540136105155077468752733049943874445846521165166711897546602509473852315835071484681946531901029710880905397210498255059417687026911400975483230795774640","type":"Secp256k1"}}

verifyDidDocumentTest() verifyResult = true

4 DID Document上链、获取链上DOC

方法名： storeDidDocumentOnChain(DidDocument didDocument)

方法描述：对DID Document进行上链存储，内部先执行了验证动作，所以如果想对DID Document上链那么直接调用本接口。

DOC上链表示存储在区块链上，以后就可以根据DID随时访问获取DOC信息了。

方法名： getDidDocument(String did)

方法描述： DID Document内的信息是对DID身份的记录和说明，所以任何人都可通过DID标识符查询链上对应的DID Document。可用于验证DID身份、获取DID公钥。

测试代码：

public static void storeDidDocumentOnChainTest() {

DidDataWrapper didDataWrapper = didClient.createDid(false);

DidDocument didDocument = new DidDocument();

didDocument.setDid(didDataWrapper.getDocument().getDid());

didDocument.setVersion(didDataWrapper.getDocument().getVersion());

didDocument.setCreated(didDataWrapper.getDocument().getCreated());

didDocument.setUpdated(didDataWrapper.getDocument().getUpdated());

PublicKey authentication = new PublicKey();

authentication.setPublicKey(didDataWrapper.getDocument().getAuthentication().getPublicKey());

authentication.setType(didDataWrapper.getDocument().getAuthentication().getType());

didDocument.setAuthentication(authentication);

PublicKey recovery = new PublicKey();

recovery.setPublicKey(didDataWrapper.getDocument().getRecovery().getPublicKey());

recovery.setType(didDataWrapper.getDocument().getRecovery().getType());

didDocument.setRecovery(recovery);

Proof proof = new Proof();

proof.setCreator(didDataWrapper.getDocument().getProof().getCreator());

proof.setSignatureValue(didDataWrapper.getDocument().getProof().getSignatureValue());

proof.setType(didDataWrapper.getDocument().getProof().getType());

didDocument.setProof(proof);

Boolean verifyResult = didClient.verifyDidDocument(didDocument);

System.out.println("verifyDidDocumentTest() verifyResult = "+verifyResult);

Boolean storeResult = didClient.storeDidDocumentOnChain(didDocument);

System.out.println("storeDidDocumentOnChainTest() storeResult = "+storeResult);

System.out.println("storeDidDocumentOnChainTest() didDocument.did = "+didDocument.getDid());

}

运行结果：

storeDidDocumentOnChainTest() storeResult = true

storeDidDocumentOnChainTest() didDocument.did = did:bsn:CaiZJBeh7NUEWr8yypJ8xE17JQU

String did = "did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN";

DidDocument doc = didClient.getDidDocument(did);

System.out.println(JSONArray.toJSONString(doc));

运行结果：

{"authentication":{"publicKey":"4664700818889092622364867006498004324042151384192819472061979195648390631866880868387918981924784935127864376722798400872270317689037242661697268458140541","type":"Secp256k1"},

"created":"2022-08-04 09:32:58",

"did":"did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN",

"proof":{"creator":"did:bsn:3Cm9jaZwnwBoLZRD8UDN3fwVyhHN","signatureValue":"l+wWJpAAtuEyRGQlpu46AOEtTKL2e2qmCon/l8RQPxxOj/RRI7u9C92ujHykWmj60wRp2y6v1qW+85Rh7pY1IgA=","type":"Secp256k1"},

"recovery":{"publicKey":"11865520322565513050660694020438936283136484528320009451355251443300928908848680034382861862707021249978980723105155755823595493779379138615829812859063627","type":"Secp256k1"},

"updated":"2022-08-04 09:32:58",

"version":"1"

}

5 验证DID 标识符

方法名： verifyDIdSign(String did, String didSign)

方法描述：对DID标识符的数字签名值进行验签，以确保当前DID的真实性和有效性。

public static void verifyDIdSignTest() {

DidDataWrapper didDataWrapper = didClient.createDid(true);

DidSign didSign = new DidSign();

didSign.setDid(didDataWrapper.getDid());

String signs = ECDSAUtils.sign(didDataWrapper.getDid(), didDataWrapper.getAuthKeyInfo().getPrivateKey());

didSign.setDidSign(signs);

Boolean verifyResult = didClient.verifyDIdSign(didSign);

System.out.println("verifyDIdSignTest() verifyResult = "+verifyResult);

System.out.println("verifyDIdSignTest() didSign.didSign = "+JSONArray.toJSONString(didSign));

}

运行结果：

verifyDIdSignTest() verifyResult = true

verifyDIdSignTest() didSign.didSign = {"did":"did:bsn:4DuikC1vLKs53dUCLcVmicA3tBkC","didSign":"hFjbn3e2PD2AQOtADQLqRY0lFyeEFAcWuWhAOv/vevRUSZfVpJEp+wm2jtNMnTl9a3WYatP8CAleg3iMrStisgA="}

6 密钥更新

方法名： resetDidAuth(ResetDidAuth restDidAuth)

方法描述：如果主私钥丢失或者泄漏，可以通过备用的公私钥重新生成一对主公私钥。用户通过备用的公私钥来完成主公私钥更新。密钥更新后用户的DID Document也将更新，但是DID标识符不会改变。如果用户填写了主公私钥，则使用填写的主公钥更新DID Document中的主公钥并重新计算签名；否则自动生成一对新的主公私钥并更新DID Document的主公钥和签名计算。注：发证方如果进行了密钥更新，那么之前签发的所有凭证都将无法通过验签（如果发证方在业务系统里进行了凭证的主公钥记录，可以将旧的主公钥信息传送给凭证使用方，则也可通过凭证的验签）。

// 必填项：备用的公私钥。没有填写主公私钥。就自动生成一对新的主公私钥并更新DID Document的主公钥和签名计算。

public static void resetDidAuthTest() {

DidDataWrapper didDataWrapper = didClient.createDid(true);

ResetDidAuth restDidAuth = new ResetDidAuth();

restDidAuth.setDid(didDataWrapper.getDid());

ResetDidAuthKey resetDidAuthKey = new ResetDidAuthKey();

resetDidAuthKey.setPrivateKey(didDataWrapper.getRecyKeyInfo().getPrivateKey());

resetDidAuthKey.setPublicKey(didDataWrapper.getRecyKeyInfo().getPublicKey());

resetDidAuthKey.setType(didDataWrapper.getRecyKeyInfo().getType());

restDidAuth.setRecoveryKey(resetDidAuthKey);

try {

Thread.currentThread().sleep(2000);

} catch (InterruptedException e) {

throw new RuntimeException(e);

}

com.reddate.did.sdk.protocol.common.KeyPair newKeyPair = didClient.resetDidAuth(restDidAuth);

System.out.println("resetDidAuthTest() newKeyPair = "+JSONArray.toJSONString(newKeyPair));

}

//用户填写了主公私钥，则使用填写的主公钥更新DID Document中的主公钥并重新计算签名

public static void resetDidAuthTest2() {

DidDataWrapper didDataWrapper = didClient.createDid(true);

ResetDidAuth restDidAuth = new ResetDidAuth();

restDidAuth.setDid(didDataWrapper.getDid());

try {

restDidAuth.setPrimaryKeyPair(ECDSAUtils.createKey()); //设置新的主公私钥

} catch (Exception e) {

throw new RuntimeException(e);

}

ResetDidAuthKey resetDidAuthKey = new ResetDidAuthKey();

resetDidAuthKey.setPrivateKey(didDataWrapper.getRecyKeyInfo().getPrivateKey());

resetDidAuthKey.setPublicKey(didDataWrapper.getRecyKeyInfo().getPublicKey());

resetDidAuthKey.setType(didDataWrapper.getRecyKeyInfo().getType());

restDidAuth.setRecoveryKey(resetDidAuthKey);

try {

Thread.currentThread().sleep(2000);

} catch (InterruptedException e) {

throw new RuntimeException(e);

}

com.reddate.did.sdk.protocol.common.KeyPair newKeyPair = didClient.resetDidAuth(restDidAuth);

System.out.println("resetDidAuthTest2() newKeyPair = "+JSONArray.toJSONString(newKeyPair));

}

运行结果：

resetDidAuthTest() newKeyPair = {"privateKey":"4418789078131674202111243961982433639547706271268826938325835630379260731281","publicKey":"5578015747222814006367708261589508549380225684854935025302378153104903255646360153037158753743827682578273342010430878248802959417577723301240139263528695","type":"Secp256k1"}

resetDidAuthTest2() newKeyPair = {"privateKey":"5951442375366528881459974861070230808439847755642844686852014945755804704563","publicKey":"12644560182770071770846295970933128531517269120614778011777425155706853947892301738969404760003508611952580282724446980595055810845423272260582036533870772","type":"Secp256k1"}