本文开始对帮助手册的API进行调用, 分析具体的输入参数和返回结果。
主题3 :签发凭证、验证凭证、吊销凭证、查询已吊销凭证, 内容来源于帮助手册的14.4.3 凭证。
-------------------------------------------------------------------------------------------
1 签发凭证
方法名: createCredential(CreateCredential createCredential)
方法描述:发证方通过本方法,为DID用户签发凭证,签发凭证的Claim参数如果多于凭证模板的定义,服务侧将作舍弃处理。
凭证模板内定义的属性值,由发证方为DID用户提供前端可提交页面进行获取。
【说明】 userDid 指的是拥有证书的用户。
public static void createCredentialTest() {
//创建两个DID用户
DidDataWrapper didDataWrapper = didClient.createDid(true);
DidDataWrapper didDataWrapper2 = didClient.createDid(true);
//DID1注册为发证方
RegisterAuthorityIssuer register = new RegisterAuthorityIssuer();
register.setDid(didDataWrapper.getDid());
register.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey());
register.setName("xxxx company");
boolean registerresult = didClient.registerAuthIssuer(register);
//注册证书模板
RegisterCpt registerCpt = new RegisterCpt();
registerCpt.setDid(didDataWrapper.getDid());
registerCpt.setTitle("test cpt template 01");
registerCpt.setDescription("test cpt tempalte 01 long descriptuion");
registerCpt.setType("Proof");
registerCpt.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey());
Map<String, JsonSchema> cptJsonSchemas = new HashMap<>();
JsonSchema jsonSchema1 = new JsonSchema();
jsonSchema1.setDescription("user name");
jsonSchema1.setRequired(true);
jsonSchema1.setType("String");
cptJsonSchemas.put("name", jsonSchema1);
JsonSchema jsonSchema2 = new JsonSchema();
jsonSchema2.setDescription("user sex");
jsonSchema2.setRequired(false);
jsonSchema2.setType("String");
cptJsonSchemas.put("sex", jsonSchema2);
JsonSchema jsonSchema3 = new JsonSchema();
jsonSchema3.setDescription("user age");
jsonSchema3.setRequired(true);
jsonSchema3.setType("Number");
cptJsonSchemas.put("age", jsonSchema3);
registerCpt.setCptJsonSchema(cptJsonSchemas);
CptBaseInfo cptBaseInfo = didClient.registerCpt(registerCpt);
//DID1为DID2用户颁发证书,按照模板填写内容
CreateCredential createCredential = new CreateCredential();
createCredential.setCptId(cptBaseInfo.getCptId());
createCredential.setIssuerDid(didDataWrapper.getDid());
createCredential.setUserDid(didDataWrapper2.getDid()); //这就是用户
createCredential.setExpirationDate("2025-03-17");
Map<String,Object> clainMap = new HashMap<>();
clainMap.put("name", "aa");
clainMap.put("sex", "female");
clainMap.put("age", 38);
createCredential.setClaim(clainMap);
createCredential.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey());
CredentialWrapper credentialWrapper = didClient.createCredential(createCredential);
System.out.println(JSONArray.toJSONString(credentialWrapper));
}
运行结果:
{
"claim":{
"sex":"female",
"name":"aa",
"age":38
},
"context":"https://www.w3.org/2018/credentials/v1",
"cptId":942210021536416315,
"created":"2022-10-02 07:36:43",
"expirationDate":"2025-03-17",
"id":"1576476257296715776",
"issuerDid":"did:bsn:2nbUugNA1D7M4ZRxsMqqYYYFkX5W",
"proof":{
"creator":"did:bsn:2nbUugNA1D7M4ZRxsMqqYYYFkX5W",
"type":"Secp256k1",
"signatureValue":"VZPd9+fTOJ6nfDC2YRfhwZRJ0WAF4D1h8e7hRsjI8OJ43gSjIMeZB98uVtuJreRLMIJc5Q3KZ8EKXQwJDXdO3gA="
},
"shortDesc":"test cpt template 01",
"type":"Proof",
"userDid":"did:bsn:2xFB7ki3FraKLVsYWyR65JJ7iVL5"
}
2 验证凭证
方法名: verifyCredential(CredentialWrapper createCredential,PublicKey publicKey)
方法描述: 一般由验证方调用,可验证某个凭证是否有效。分别验证凭证的签名、凭证是否过期、凭证是否吊销。
【说明】 应用场景:验证方得到用户出具的凭证后发起验证, 确定证书是否有效。
问题: 如何获得证书呢(CredentialWrapper)没看到查询证书内容的函数, 待考察研究!!!!!
心得: 证书都是发给用户的, 链上并没有保存,因此无法查询。 一般应用环境是 用户出具证书,验证方拿到证书内容发起验证,得到服务端返回的验证结果。
public static void verifyCredentialTest() {
DidDataWrapper didDataWrapper = didClient.createDid(true);
DidDataWrapper didDataWrapper2 = didClient.createDid(true);
RegisterAuthorityIssuer register = new RegisterAuthorityIssuer();
register.setDid(didDataWrapper.getDid());
register.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey());
register.setName("xxxx company");
boolean registerresult = didClient.registerAuthIssuer(register);
RegisterCpt registerCpt = new RegisterCpt();
registerCpt.setDid(didDataWrapper.getDid());
registerCpt.setTitle("test cpt template 01");
registerCpt.setDescription("test cpt tempalte 01 long descriptuion");
registerCpt.setType("Proof");
registerCpt.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey());
Map<String, JsonSchema> cptJsonSchemas = new HashMap<>();
JsonSchema jsonSchema1 = new JsonSchema();
jsonSchema1.setDescription("user name");
jsonSchema1.setRequired(true);
jsonSchema1.setType("String");
cptJsonSchemas.put("name", jsonSchema1);
JsonSchema jsonSchema2 = new JsonSchema();
jsonSchema2.setDescription("user sex");
jsonSchema2.setRequired(false);
jsonSchema2.setType("String");
cptJsonSchemas.put("sex", jsonSchema2);
JsonSchema jsonSchema3 = new JsonSchema();
jsonSchema3.setDescription("user age");
jsonSchema3.setRequired(true);
jsonSchema3.setType("Number");
cptJsonSchemas.put("age", jsonSchema3);
registerCpt.setCptJsonSchema(cptJsonSchemas);
CptBaseInfo cptBaseInfo = didClient.registerCpt(registerCpt);
CreateCredential createCredential = new CreateCredential();
createCredential.setCptId(cptBaseInfo.getCptId());
createCredential.setIssuerDid(didDataWrapper.getDid());
createCredential.setUserDid(didDataWrapper2.getDid());
createCredential.setExpirationDate("2025-03-17");
Map<String,Object> clainMap = new HashMap<>();
clainMap.put("name", "aa");
clainMap.put("sex", "female");
clainMap.put("age", 38);
createCredential.setClaim(clainMap);
createCredential.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey());
CredentialWrapper credentialWrapper = didClient.createCredential(createCredential);
PublicKey publicKey1 = new PublicKey();
publicKey1.setPublicKey(didDataWrapper.getAuthKeyInfo().getPublicKey());
publicKey1.setType(didDataWrapper.getAuthKeyInfo().getType());
boolean verifyResult = didClient.verifyCredential(credentialWrapper, publicKey1);
System.out.println("verifyResult = "+verifyResult);
}
运行结果:
verifyResult = true
3 吊销凭证
方法名: revokeCredential(RevokeCredential cred)
方法描述:由发证方调用,对已签发的某个凭证进行吊销或者作废。由于已签发的凭证已经由用户保管,所以吊销凭证后将对其凭证ID进行上链, 以后再验证时就会失败。
public static void revokeCredentialTest() {
DidDataWrapper didDataWrapper = didClient.createDid(true);
DidDataWrapper didDataWrapper2 = didClient.createDid(true);
RegisterAuthorityIssuer register = new RegisterAuthorityIssuer();
register.setDid(didDataWrapper.getDid());
register.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey());
register.setName("xxxx company");
boolean registerresult = didClient.registerAuthIssuer(register);
RegisterCpt registerCpt = new RegisterCpt();
registerCpt.setDid(didDataWrapper.getDid());
registerCpt.setTitle("test cpt template 01");
registerCpt.setDescription("test cpt tempalte 01 long descriptuion");
registerCpt.setType("Proof");
registerCpt.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey());
Map<String, JsonSchema> cptJsonSchemas = new HashMap<>();
JsonSchema jsonSchema1 = new JsonSchema();
jsonSchema1.setDescription("user name");
jsonSchema1.setRequired(true);
jsonSchema1.setType("String");
cptJsonSchemas.put("name", jsonSchema1);
JsonSchema jsonSchema2 = new JsonSchema();
jsonSchema2.setDescription("user sex");
jsonSchema2.setRequired(false);
jsonSchema2.setType("String");
cptJsonSchemas.put("sex", jsonSchema2);
JsonSchema jsonSchema3 = new JsonSchema();
jsonSchema3.setDescription("user age");
jsonSchema3.setRequired(true);
jsonSchema3.setType("Number");
cptJsonSchemas.put("age", jsonSchema3);
registerCpt.setCptJsonSchema(cptJsonSchemas);
CptBaseInfo cptBaseInfo = didClient.registerCpt(registerCpt);
CreateCredential createCredential = new CreateCredential();
createCredential.setCptId(cptBaseInfo.getCptId());
createCredential.setIssuerDid(didDataWrapper.getDid());
createCredential.setUserDid(didDataWrapper2.getDid());
createCredential.setExpirationDate("2025-03-17");
Map<String,Object> clainMap = new HashMap<>();
clainMap.put("name", "aa");
clainMap.put("sex", "female");
clainMap.put("age", 38);
createCredential.setClaim(clainMap);
createCredential.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey());
CredentialWrapper credentialWrapper = didClient.createCredential(createCredential);
RevokeCredential cred = new RevokeCredential();
cred.setCredId(credentialWrapper.getId()); //凭证ID
cred.setCptId(cptBaseInfo.getCptId()); //凭证模板ID
cred.setDid(didDataWrapper.getDid()); //DID标识符
cred.setPrivateKey(didDataWrapper.getAuthKeyInfo().getPrivateKey()); //发证方私钥
System.out.println(JSONArray.toJSONString(cred));
boolean revokeResult = didClient.revokeCredential(cred);
System.out.println("revokeResult = "+ revokeResult);
}
运行结果:
{"cptId":242210021641392768,"credId":"1576492605515108352",
"did":"did:bsn:o521uugmtDtZXhFZdF2FofCDmxV",
"privateKey":"73175455454268636389095583123742498720230514858747301183768003363189031700555"}
revokeResult = true
4 查询已吊销凭证
方法名: getRevokedCredList(QueryCredentialList queryCredentialList)
方法描述:通过发证方的DID标识符,查出其所有已吊销的凭证ID。
【说明】输入参数did是指发证方的DID标识符,不是用户的did。 发证方发出许多凭证,也会吊销许多证书,本函数返回的是吊销证书查询列表。
did参数必须填写正确,不能为""、NULL。
public static void getRevokedCredListTest() {
QueryCredential queryCredential = new QueryCredential();
// queryCredential.setDid(didDataWrapper.getDid());
queryCredential.setDid("did:bsn:o521uugmtDtZXhFZdF2FofCDmxV");
queryCredential.setPage(1);
queryCredential.setSize(10);
System.out.println(JSONArray.toJSONString("queryCredential = "+queryCredential));
Pages<BaseCredential> pages = didClient.getRevokedCredList(queryCredential);
System.out.println("pages = "+JSONArray.toJSONString(pages));
//必须用这样方法获取数据
System.out.println("=================="+JSONArray.toJSONString(pages.getResult()));
String ret = JSONArray.toJSONString(pages.getResult());
JSONArray jarray = JSONArray.parseArray(ret);
for(int i=0;i<jarray.size();i++){
System.out.println("\n"+jarray.get(i));
JSONObject jobj = jarray.getJSONObject(i);
}
运行结果只有一个吊销证书:
queryCredential: {"did":"did:bsn:o521uugmtDtZXhFZdF2FofCDmxV","page":1,"size":10}
{"page":1,"result":[{"id":"1576492605515108352"}],"size":10,"totalNum":1,"totalPage":1}
==================[{"id":"1576492605515108352"}]