说明
Golang SDK 目前处于内测阶段,这里只提供示例代码供大家参考。
创建DID
// (1)gen key
fmt.Printf("(1)gen key\n")
authKey, _ := btcec.NewPrivateKey(btcec.S256())
recoveryKey, _ := btcec.NewPrivateKey(btcec.S256())
// (2)create local did and did document
fmt.Printf("(2)create local did and did document\n")
didDocument, err := sdk.CreateDID(authKey, recoveryKey, sdk.SetBaiduDIDResolveService())
if err != nil {
fmt.Printf("CreateDID err: %v", err)
os.Exit(-1)
}
// (3)post did operation to blockchain
fmt.Printf("(3)post did operation to blockchain\n")
resolver, _ := sdk.NewResolver("https://did.baidu.com") // use Baidu DID Resolver
resp, err := resolver.PostDIDOperation(&sdk.PostDIDOperationRequest{
DID: didDocument.ID,
Document: didDocument,
Operation: "create",
Timestamp: uint64(time.Now().UnixNano() / 1000),
})
if err != nil {
fmt.Printf("PostDIDOperation err: %v", err)
os.Exit(-1)
}
// (4)get did operation result
retryCount := 20
for retryCount > 0 {
fmt.Printf("(4)get did operation result\n")
opResult, err := resolver.GetDIDOperationResult(resp.Content.OperationID)
if err != nil {
fmt.Printf("GetDIDOperationResult err: %v", err)
os.Exit(-1)
}
switch opResult.Content.Status {
case "Done":
// op done
retryCount = -1
case "Failed":
fmt.Printf("err: GetDIDOperationResult Failed")
os.Exit(-1)
case "Doing":
retryCount--
time.Sleep(time.Second * 3)
}
}
// (5)resolve did from Baidu DID Resolver to make sure did is on chain
fmt.Printf("(5)resolve did from Baidu DID Resolver to make sure did is on chain\n")
resolvedDidDocument, err := resolver.Resolve(didDocument.ID)
if err != nil {
fmt.Printf("Resolve err: %v", err)
os.Exit(-1)
}
// (6)print result
resolvedDidDocumentBytes, _ := json.MarshalIndent(resolvedDidDocument, "", " ")
fmt.Printf("create DID success, DID: %s\n", resolvedDidDocument.ID)
fmt.Printf("create DID success, DID auth priv key in hex: %s\n", hex.EncodeToString(authKey.Serialize()))
fmt.Printf("create DID success, DID recovery priv key in hex: %s\n", hex.EncodeToString(recoveryKey.Serialize()))
fmt.Printf("create DID success, DID Document: \n%v\n", string(resolvedDidDocumentBytes))
解析DID
// TestDID is just a test did
TestDID = "did:ccp:38Fj8zDy5nPcjjjopA62GcJqsmeY"
// new a resolver
resolver, _ := sdk.NewResolver("https://did.baidu.com") // use Baidu DID Resolver
// resolve did
resolvedDidDocument, err := resolver.Resolve(TestDID)
if err != nil {
fmt.Printf("Resolve err: %v", err)
os.Exit(-1)
}
// print result
resolvedDidDocumentBytes, _ := json.MarshalIndent(resolvedDidDocument, "", " ")
fmt.Printf("Resolve DID success, DID: %s\n", resolvedDidDocument.ID)
fmt.Printf("Resolve DID success, DID Document: \n%v\n", string(resolvedDidDocumentBytes))
签发声明和验证声明
const (
// IssuerDID is the issuer did
IssuerDID = "did:ccp:3SADbinfdxiQTkZ7RHS558LxAmEo"
// IssuerDIDPrivKey is the issuer did priv key
IssuerDIDPrivKey = "703e05ceb2b8b6b068a700235d8ee5fc09af4d5a0d797556b20c351d24bc6a6e"
// HolderDID is the holder did
HolderDID = "did:ccp:38Fj8zDy5nPcjjjopA62GcJqsmeY"
)
func main() {
// issue a claim
claim := issueClaim()
claimBytes, _ := json.MarshalIndent(claim, "", " ")
fmt.Printf("issue claim success, claim: \n %s\n", string(claimBytes))
// verify this claim
if !verifyClaim(claim) {
fmt.Printf("verifyClaim failed")
os.Exit(-1)
}
fmt.Printf("verifyClaim success")
}
func issueClaim() *sdk.Claim {
// gen claim
claim := &sdk.Claim{
BasicClaim: sdk.BasicClaim{
Context: []string{"https://www.w3.org/2018/credentials/v1"},
Id: "123",
Type: []string{"ProofClaim"},
Issuer: IssuerDID,
IssuanceDate: time.Now().Format("2006-01-02T15:04:05Z"),
ExpirationDate: "2066-01-02T15:04:05.999Z",
CredentialSubject: sdk.CredentialSubject{
Id: HolderDID,
Type: sdk.RealNameAuthentication,
ShortDescription: "xxx实名认证",
LongDescription: "该DID用户已在本机构完成实名认证",
},
Revocation: sdk.RevocationService{
Id: "http://example.com/v1/claim/revocations",
Type: sdk.RevocationServiceTypeV1,
},
},
}
// sign claim
issuerDIDPrivKeyByte, err := hex.DecodeString(IssuerDIDPrivKey)
if err != nil {
fmt.Printf("DecodeString err: %v", err)
os.Exit(-1)
}
privKey, _ := btcec.PrivKeyFromBytes(btcec.S256(), issuerDIDPrivKeyByte)
err = claim.Sign(IssuerDID, privKey)
if err != nil {
fmt.Printf("Sign err: %v", err)
os.Exit(-1)
}
return claim
}
func verifyClaim(claim *sdk.Claim) bool {
// get issuer did document
resolver, _ := sdk.NewResolver("https://did.baidu.com") // use Baidu DID Resolver
issuerDIDDocument, err := resolver.Resolve(claim.Issuer)
if err != nil {
fmt.Printf("Resolve err: %v", err)
os.Exit(-1)
}
// use pub key from issuerDIDDocument to Verify claim issued by issuer
if claim.Verify(issuerDIDDocument, false) != nil {
return false
}
return true
}
使用DID加密和解密数据
// HolderDID is the Holder did
HolderDID = "did:ccp:3SADbinfdxiQTkZ7RHS558LxAmEo"
// HolderDIDPrivKey is the Holder did priv key
HolderDIDPrivKey = "703e05ceb2b8b6b068a700235d8ee5fc09af4d5a0d797556b20c351d24bc6a6e"
// (1)Holder use `HolderDID` to login
// (2)verifier get HolderDID's public key
// new a resolver
resolver, _ := sdk.NewResolver("https://did.baidu.com") // use Baidu DID Resolver
// resolve did
holderDIDDocument, err := resolver.Resolve(HolderDID)
if err != nil {
fmt.Printf("Resolve err: %v", err)
os.Exit(-1)
}
// (3)verifier use HolderDID's public key to encrypt a random nonce
nonce := "test-nonce"
cipherText, err := holderDIDDocument.EncryptWithKey([]byte(nonce), 0)
if err != nil {
fmt.Printf("EncryptWithKey err: %v", err)
os.Exit(-1)
}
fmt.Printf("cipherText: %s\n", string(cipherText))
// (4)holder use priv key to decrypt it
holderDIDPrivKeyByte, err := hex.DecodeString(HolderDIDPrivKey)
if err != nil {
fmt.Printf("DecodeString err: %v", err)
os.Exit(-1)
}
privKey, _ := btcec.PrivKeyFromBytes(btcec.S256(), holderDIDPrivKeyByte)
plainText, err := holderDIDDocument.DecryptWithKey(cipherText, privKey)
if err != nil {
fmt.Printf("DecryptWithKey err: %v", err)
os.Exit(-1)
}
fmt.Printf("plainText: %s\n", string(plainText))
// (5)if plainText equals random nonce, then auth success
if string(plainText) == nonce {
fmt.Printf("DID auth success")
return
}
fmt.Printf("DID auth failed")