Access the DID Document

Document Information Reading

DID Document is mainly used to describe the key information of DID and the information that it needs to disclose. The contents of DID documents are divided into the following categories:

  • Public Keys

    • Authentication keys

    • Authorization keys

  • Controllers

  • Multiple-Signature

  • VeriableCredentials

  • Services

  • Expiration date

  • Document proof

Different DID may use a subset of these attributes. Verifiable Credentials is the extension of Elastos DID to W3C DID. In principle, the DID document should not contain any personal information because it's public and can be read all over the world once published. However, for some public entities, it may be desirable to disclose specific entity information, so a verifiable certificate containing entity information can be embedded into the DID document for disclosure.

DID Document is read-only because it's a sealed object and contained by the signature of the controller. Java’s DID Document implementation provides a series of methods to read the information contained in DID document. See Javadoc for details.

Use DID to Sign and Verify Data

The DID object not only represents and verifies the identity, but also can be used to sign and verify the application data.

DID Controller's Signature Data

DIDStore store; // an opened DIDStore instance
String storePasswd = "secret";
DID did = new DID("did:elastos:iW7JgkXaaF2RKjyC1UJGToNKm5LAk3juen");
byte[] data; // the data to be sign and verify

// Get the existing DIDDocument
DIDDocument doc = store.loadDid(did);
String signature = doc.sign(storePass, data);

The controller can give the data and the data signature generated by his DID to a third party, and then the third party can verify whether the data and the signature match.

The Verification Data and Signature of the Third-party

DID did = new DID("did:elastos:iW7JgkXaaF2RKjyC1UJGToNKm5LAk3juen"); // signer‘s DID
byte[] data; // the data to be verify
String signature; // the signature signed by signer

DIDDocument doc = did.resolve();
if (doc.isValid()) {
    boolean genuine = doc.verify(signature, data);
} else {
    // Signer's DID is invalid, should report error.

Last updated