BSN-DID研究6–客户端生成DID的计算方法

DID研究的第一步就是为用户生成DID标识符, 在帮助文件
14.2 HTTP API · BSN中说明了计算方法,
在SDK代码中 com.reddate.did.sdk.util.DidUtils类提供了生成函数。
1 创建DID过程介绍
有两个方式创建DID, 一种是在服务端创建,然后返回给前端。 另一种是在前端直接创建。 BSN-DID服务支持这两种方法。
//使用服务端创建DID
DidDataWrapper didData = didClient.createDid(false);
String did = didData.getDid();
因为创建DID必须使用公私钥信息,为了安全起见,一般用户多选择在前端(本地)生成公私钥然后计算生成DID,而不会把公私钥发送到服务端去计算。开发者可按下述介绍在本地完成开发。
1)通过椭圆曲线算法Secp256k1生成两对公私钥信息;
2)保存私钥,指定主备公钥拼装Base DID Document,其内容如下示例:
{
   "@context": "https://w3id.org/did/v1",
   "authentication":
   {
      "type": "Secp256k1",
      "publicKey": "28986472722394106073871327423452879123214061743224210681401278929598807211140001274507530324221923795865447680836742348963337343510229880669968499735858"
   }
   "recovery":
   {
      "type": "Secp256k1",
      "publicKey": "9251971168042915941551574641987721503984542761641852064853964541181378832746959340151297908312616596971625573967556676367696067937171601766581709843378481"
   }
}
3)通过base58(ripemd160(sha256()))算法生成DID标识符,其格式如下示例:
did:bsn:3wxYHXwAm57grc9JUr2zrPHt9HC
4)拼装DID Document内容,如下示例:
{
   "did": "did:bsn:3wxYHXwAm57grc9JUr2zrPHt9HC",
   "version": 1,
   "created": "2021-05-20T16:02:20Z",
   "updated": "2021-05-20T16:02:20Z",
   "authentication":
   {
      "type": "Secp256k1",
      "publicKey": "28986472722394106073871327423452879123214061743224210681401278929598807211140001274507530324221923795865447680836742348963337343510229880669968499735858"
   }
   "recovery":
   {
      "type": "Secp256k1",
      "publicKey": "9251971168042915941551574641987721503984542761641852064853964541181378832746959340151297908312616596971625573967556676367696067937171601766581709843378481"
   }
}
5)使用主私钥对DID Document内容进行Secp256k1签名,最终形成带有签名属性的DID Document,如下示例:
{
   "did": "did:bsn:3wxYHXwAm57grc9JUr2zrPHt9HC",
   "version": 1,
   "created": "2021-05-20T16:02:20Z",
   "updated": "2021-05-20T16:02:20Z",
   "authentication":
   {
      "type": "Secp256k1",
      "publicKey": "28986472722394106073871327423452879123214061743224210681401278929598807211140001274507530324221923795865447680836742348963337343510229880669968499735858"
   }
   "recovery":
   {
      "type": "Secp256k1",
      "publicKey": "9251971168042915941551574641987721503984542761641852064853964541181378832746959340151297908312616596971625573967556676367696067937171601766581709843378481"
   }
   "proof":
   {
      "type": "Secp256k1",
      "creator": "did:bsn:3wxYHXwAm57grc9JUr2zrPHt9HC",
      "signatureValue": "zD5nt+P/Ga/CRG2hJU/SMRXy210CLdvATsxQdPxTEy9Mc9Y0OSFpE3Yu5k2+OjQKVOtu5of9VFbgO3Zljw/vQxs="
   }
}
2 DidUtils类中函数解析
// 根据主备公钥拼装Base DID Document
public static BaseDidDocument generateBaseDidDocument(KeyPair primaryKeyPair, KeyPair alternateKeyPair)
//从一个完整的DOC中解析出Base DID Document
public static BaseDidDocument generateBaseDidDocument(final DidDocument didDocument)
// 根据base DID Document计算DID
public static String generateDidIdentifierByBaseDidDocument(BaseDidDocument baseDidDocument)
//含义没搞清楚
public static String generateDidByDidIdentifier(String didIdentifier)
//指定主备公钥DID,生成DOC
public static DidDocument generateDidDocument(KeyPair primaryKeyPair, KeyPair alternateKeyPair, String did)
关键的是看这两个函数:
/**
* Generate base did document
*
* @param primaryKeyPair
* @param alternateKeyPair
*/
public static BaseDidDocument generateBaseDidDocument(KeyPair primaryKeyPair, KeyPair alternateKeyPair)
      throws Exception {
   BaseDidDocument baseDidDocument = new BaseDidDocument();
   baseDidDocument.setContext(CurrencyCode.W3C_FORMAT_ADDRESS);
   PublicKey primaryPublicKey = new PublicKey();
   primaryPublicKey.setType(ECDSAUtils.TYPE);
   primaryPublicKey.setPublicKey(primaryKeyPair.getPublicKey());
   baseDidDocument.setAuthentication(primaryPublicKey);
   PublicKey alternatePublicKey = new PublicKey();
   alternatePublicKey.setType(ECDSAUtils.TYPE);
   alternatePublicKey.setPublicKey(alternateKeyPair.getPublicKey());
   baseDidDocument.setRecovery(alternatePublicKey);
   return baseDidDocument;
}
/**
* Generate did identifier (encode the base did document after hashing twice)
*
* @param baseDidDocument
*/
public static String generateDidIdentifierByBaseDidDocument(BaseDidDocument baseDidDocument) throws Exception {
   String baseDidDocumentStr = JSONArray.toJSON(baseDidDocument).toString();
   // Coding base did with sha256
   byte[] firstHashBaseDidDocument = SHA256Utils.getSha256(baseDidDocumentStr);
   // On this basis, ripemd160 coding is carried out
   byte[] secondHashBaseDidDocument = RipeMDUtils.encodeRipeMd160(firstHashBaseDidDocument);
   // Finally, base28 coding is carried out
   String afterEncodeBaseDidDocument = Base58Utils.encode(secondHashBaseDidDocument);
   return afterEncodeBaseDidDocument;
}
上面代码说明了计算步骤,  第一步sha256计算hash,第二步RipeMd160计算hash,第3步Base58。
【特殊说明1】 Base58Utils类的算法有特殊性。 我测试了,同样的字符串,Base58Utils.encode的结果与一般的base58在线计算工具计算结果不一样。这一点什么原因就没有去分析内部代码啦。
【特殊说明2】 KeyPair生成公钥和私钥字符串也和一般的钱包工具生成结果不同。
一般的钱包工具生成的公私钥是16进制形式的字符串:
例如 
私钥: 5fb92d6e98884f76de468fa3f6278f8807c48bebc13595d45af5bdc4da702133
而KeyPair生成私钥是: 59892406425224321141687523581481793923894983609789633294227503636425859954495
这个字符串是10进制的大整数,因此具体应用时要注意区分转换。
【特殊说明3】baseDocument中填写的公钥字符串是10进制的大整数, 切记不要搞错了。
3 测试代码
我写了一段测试代码,验证目的:
(1)手工拼装的baseDocument字符串与自动生成的字符串相同
(2)计算出did
//先生成两组私钥:
主私钥
privateKey  59892406425224321141687523581481793923894983609789633294227503636425859954495
publicKey   1648062039648339302524063279508895632770137069244278134081956539023412707736391318756182919431261356264811228156011285063580540937190422178407117759695197
备私钥
privateKey  99212890707702586423403586560516123688816915830506844876534947464669890270173
publicKey   4066670788180339434818057706073753563728493176529383949647043421305103177112833274244990482553429820005190263150190403413261964491159960007274805620197902
//测试代码
public static void createMyDid(){
    DidDataWrapper didData = didClient.createDid(false);
    String did = didData.getDid();
    String  baseDoc =
            "{"context":"https://w3id.org/did/v1"," +
                    ""recovery":" +
                    "{" +
                    ""publicKey":"4066670788180339434818057706073753563728493176529383949647043421305103177112833274244990482553429820005190263150190403413261964491159960007274805620197902"," +
                    ""type":"Secp256k1"" +
                    "}," +
                    ""authentication":" +
                    "{" +
                    ""publicKey":"1648062039648339302524063279508895632770137069244278134081956539023412707736391318756182919431261356264811228156011285063580540937190422178407117759695197"," +
                    ""type":"Secp256k1"" +
                    "}" +
                    "}";
    System.out.println("baseDoc = "+baseDoc);
    String sha = SHA256Utils.getSha256String(baseDoc);
    System.out.println("sha = "+ sha);
    BaseDidDocument base = new BaseDidDocument();
    base.setContext("https://w3id.org/did/v1");
    PublicKey authentication = new PublicKey();
    authentication.setPublicKey("1648062039648339302524063279508895632770137069244278134081956539023412707736391318756182919431261356264811228156011285063580540937190422178407117759695197");
    authentication.setType("Secp256k1");
    base.setAuthentication(authentication);
    PublicKey recovery = new PublicKey();
    recovery.setPublicKey("4066670788180339434818057706073753563728493176529383949647043421305103177112833274244990482553429820005190263150190403413261964491159960007274805620197902");
    recovery.setType("Secp256k1");
    base.setRecovery(recovery);
    String baseDidDocumentStr = JSONArray.toJSON(base).toString();
    System.out.println("baseDidDocumentStr = "+ baseDidDocumentStr);
    sha = SHA256Utils.getSha256String(baseDidDocumentStr);
    System.out.println("sha = "+ sha);
    try {
        did = DidUtils.generateDidIdentifierByBaseDidDocument(base);
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
    System.out.println("did = "+ did);
}
运行结果:
baseDoc = {"context":"https://w3id.org/did/v1","recovery":{"publicKey":"4066670788180339434818057706073753563728493176529383949647043421305103177112833274244990482553429820005190263150190403413261964491159960007274805620197902","type":"Secp256k1"},"authentication":{"publicKey":"1648062039648339302524063279508895632770137069244278134081956539023412707736391318756182919431261356264811228156011285063580540937190422178407117759695197","type":"Secp256k1"}}
sha = f1fbda792c9d7bcc09b0e8c9024ae68af09880e421f9a21313f6fd7e76c893a0
baseDidDocumentStr = {"context":"https://w3id.org/did/v1","recovery":{"publicKey":"4066670788180339434818057706073753563728493176529383949647043421305103177112833274244990482553429820005190263150190403413261964491159960007274805620197902","type":"Secp256k1"},"authentication":{"publicKey":"1648062039648339302524063279508895632770137069244278134081956539023412707736391318756182919431261356264811228156011285063580540937190422178407117759695197","type":"Secp256k1"}}
sha = f1fbda792c9d7bcc09b0e8c9024ae68af09880e421f9a21313f6fd7e76c893a0
did = 4SdogXgSRXdetxH28SdJM5dydtKd
大功告成,最后生成了DID: 4SdogXgSRXdetxH28SdJM5dydtKd

本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
THE END
分享
二维码
< <上一篇

)">
下一篇>>