说明

Golang SDK 目前处于内测阶段,这里只提供示例代码供大家参考。

创建DID

    // (1)gen key
    fmt.Printf("(1)gen key\n")
    authKey, _ := btcec.NewPrivateKey(btcec.S256())
    recoveryKey, _ := btcec.NewPrivateKey(btcec.S256())

    // (2)create local did and did document
    fmt.Printf("(2)create local did and did document\n")
    didDocument, err := sdk.CreateDID(authKey, recoveryKey, sdk.SetBaiduDIDResolveService())
    if err != nil {
        fmt.Printf("CreateDID err: %v", err)
        os.Exit(-1)
    }

    // (3)post did operation to blockchain
    fmt.Printf("(3)post did operation to blockchain\n")
    resolver, _ := sdk.NewResolver("https://did.baidu.com") // use Baidu DID Resolver
    resp, err := resolver.PostDIDOperation(&sdk.PostDIDOperationRequest{
        DID:       didDocument.ID,
        Document:  didDocument,
        Operation: "create",
        Timestamp: uint64(time.Now().UnixNano() / 1000),
    })
    if err != nil {
        fmt.Printf("PostDIDOperation err: %v", err)
        os.Exit(-1)
    }
    // (4)get did operation result
    retryCount := 20
    for retryCount > 0 {
        fmt.Printf("(4)get did operation result\n")
        opResult, err := resolver.GetDIDOperationResult(resp.Content.OperationID)
        if err != nil {
            fmt.Printf("GetDIDOperationResult err: %v", err)
            os.Exit(-1)
        }
        switch opResult.Content.Status {
        case "Done":
            // op done
            retryCount = -1
        case "Failed":
            fmt.Printf("err: GetDIDOperationResult Failed")
            os.Exit(-1)
        case "Doing":
            retryCount--
            time.Sleep(time.Second * 3)
        }
    }
    // (5)resolve did from Baidu DID Resolver to make sure did is on chain
    fmt.Printf("(5)resolve did from Baidu DID Resolver to make sure did is on chain\n")
    resolvedDidDocument, err := resolver.Resolve(didDocument.ID)
    if err != nil {
        fmt.Printf("Resolve err: %v", err)
        os.Exit(-1)
    }

    // (6)print result
    resolvedDidDocumentBytes, _ := json.MarshalIndent(resolvedDidDocument, "", "  ")
    fmt.Printf("create DID success, DID: %s\n", resolvedDidDocument.ID)
    fmt.Printf("create DID success, DID auth priv key in hex: %s\n", hex.EncodeToString(authKey.Serialize()))
    fmt.Printf("create DID success, DID recovery priv key in hex: %s\n", hex.EncodeToString(recoveryKey.Serialize()))
    fmt.Printf("create DID success, DID Document: \n%v\n", string(resolvedDidDocumentBytes))

解析DID

  // TestDID is just a test did
  TestDID = "did:ccp:38Fj8zDy5nPcjjjopA62GcJqsmeY"

  // new a resolver
    resolver, _ := sdk.NewResolver("https://did.baidu.com") // use Baidu DID Resolver

    // resolve did
    resolvedDidDocument, err := resolver.Resolve(TestDID)
    if err != nil {
        fmt.Printf("Resolve err: %v", err)
        os.Exit(-1)
    }

    // print result
    resolvedDidDocumentBytes, _ := json.MarshalIndent(resolvedDidDocument, "", "  ")
    fmt.Printf("Resolve DID success, DID: %s\n", resolvedDidDocument.ID)
    fmt.Printf("Resolve DID success, DID Document: \n%v\n", string(resolvedDidDocumentBytes))

签发声明和验证声明

const (
    // IssuerDID is the issuer did
    IssuerDID = "did:ccp:3SADbinfdxiQTkZ7RHS558LxAmEo"
    // IssuerDIDPrivKey is the issuer did priv key
    IssuerDIDPrivKey = "703e05ceb2b8b6b068a700235d8ee5fc09af4d5a0d797556b20c351d24bc6a6e"

    // HolderDID is the holder did
    HolderDID = "did:ccp:38Fj8zDy5nPcjjjopA62GcJqsmeY"
)

func main() {
    // issue a claim
    claim := issueClaim()
    claimBytes, _ := json.MarshalIndent(claim, "", "  ")
    fmt.Printf("issue claim success, claim: \n %s\n", string(claimBytes))

    // verify this claim
    if !verifyClaim(claim) {
        fmt.Printf("verifyClaim failed")
        os.Exit(-1)
    }
    fmt.Printf("verifyClaim success")

}

func issueClaim() *sdk.Claim {
    // gen claim
    claim := &sdk.Claim{
        BasicClaim: sdk.BasicClaim{
            Context:        []string{"https://www.w3.org/2018/credentials/v1"},
            Id:             "123",
            Type:           []string{"ProofClaim"},
            Issuer:         IssuerDID,
            IssuanceDate:   time.Now().Format("2006-01-02T15:04:05Z"),
            ExpirationDate: "2066-01-02T15:04:05.999Z",
            CredentialSubject: sdk.CredentialSubject{
                Id:               HolderDID,
                Type:             sdk.RealNameAuthentication,
                ShortDescription: "xxx实名认证",
                LongDescription:  "该DID用户已在本机构完成实名认证",
            },
            Revocation: sdk.RevocationService{
                Id:   "http://example.com/v1/claim/revocations",
                Type: sdk.RevocationServiceTypeV1,
            },
        },
    }

    // sign claim
    issuerDIDPrivKeyByte, err := hex.DecodeString(IssuerDIDPrivKey)
    if err != nil {
        fmt.Printf("DecodeString err: %v", err)
        os.Exit(-1)
    }
    privKey, _ := btcec.PrivKeyFromBytes(btcec.S256(), issuerDIDPrivKeyByte)
    err = claim.Sign(IssuerDID, privKey)
    if err != nil {
        fmt.Printf("Sign err: %v", err)
        os.Exit(-1)
    }
    return claim
}

func verifyClaim(claim *sdk.Claim) bool {
    // get issuer did document
    resolver, _ := sdk.NewResolver("https://did.baidu.com") // use Baidu DID Resolver
    issuerDIDDocument, err := resolver.Resolve(claim.Issuer)
    if err != nil {
        fmt.Printf("Resolve err: %v", err)
        os.Exit(-1)
    }

    // use pub key from issuerDIDDocument to Verify claim issued by issuer
    if claim.Verify(issuerDIDDocument, false) != nil {
        return false
    }
    return true
}

使用DID加密和解密数据

    // HolderDID is the Holder did
    HolderDID = "did:ccp:3SADbinfdxiQTkZ7RHS558LxAmEo"
    // HolderDIDPrivKey is the Holder did priv key
  HolderDIDPrivKey = "703e05ceb2b8b6b068a700235d8ee5fc09af4d5a0d797556b20c351d24bc6a6e"

    // (1)Holder use `HolderDID` to login

    // (2)verifier get HolderDID's public key
    // new a resolver
    resolver, _ := sdk.NewResolver("https://did.baidu.com") // use Baidu DID Resolver
    // resolve did
    holderDIDDocument, err := resolver.Resolve(HolderDID)
    if err != nil {
        fmt.Printf("Resolve err: %v", err)
        os.Exit(-1)
    }

    // (3)verifier use HolderDID's public key to encrypt a random nonce
    nonce := "test-nonce"
    cipherText, err := holderDIDDocument.EncryptWithKey([]byte(nonce), 0)
    if err != nil {
        fmt.Printf("EncryptWithKey err: %v", err)
        os.Exit(-1)
    }
    fmt.Printf("cipherText: %s\n", string(cipherText))

    // (4)holder use priv key to decrypt it
    holderDIDPrivKeyByte, err := hex.DecodeString(HolderDIDPrivKey)
    if err != nil {
        fmt.Printf("DecodeString err: %v", err)
        os.Exit(-1)
    }
    privKey, _ := btcec.PrivKeyFromBytes(btcec.S256(), holderDIDPrivKeyByte)
    plainText, err := holderDIDDocument.DecryptWithKey(cipherText, privKey)
    if err != nil {
        fmt.Printf("DecryptWithKey err: %v", err)
        os.Exit(-1)
    }
    fmt.Printf("plainText: %s\n", string(plainText))

    // (5)if plainText equals random nonce, then auth success
    if string(plainText) == nonce {
        fmt.Printf("DID auth success")
        return
    }
    fmt.Printf("DID auth failed")