Verifiable Health Link
0.0.2-current - ci-build
Verifiable Health Link
0.0.2-current - ci-build
Verifiable Health Link, published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 0.0.2-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.VHL/ and changes regularly. See the Directory of published versions
| Active as of 2026-03-13 |
{
"resourceType" : "TestPlan",
"id" : "TestPlan-VHLSharer",
"url" : "https://profiles.ihe.net/ITI/VHL/TestPlan/TestPlan-VHLSharer",
"version" : "0.0.2-current",
"name" : "TestPlan_VHLSharer",
"title" : "Test Plan – VHL Sharer",
"status" : "active",
"date" : "2026-03-13T13:59:49+00:00",
"publisher" : "IHE IT Infrastructure Technical Committee",
"contact" : [
{
"telecom" : [
{
"system" : "url",
"value" : "https://www.ihe.net/ihe_domains/it_infrastructure/"
}
]
},
{
"telecom" : [
{
"system" : "email",
"value" : "iti@ihe.net"
}
]
},
{
"name" : "IHE IT Infrastructure Technical Committee",
"telecom" : [
{
"system" : "email",
"value" : "iti@ihe.net"
}
]
}
],
"description" : "Unit test plan for the **VHL Sharer** actor of the IHE ITI Verifiable Health Links (VHL) profile.\n\nScope: validates all behaviour expected of a VHL Sharer across its four transactions:\nsubmitting its own PKI material (ITI-YY1 initiator), retrieving the trust list to obtain peer\nkeys (ITI-YY2 initiator), generating VHLs on demand (ITI-YY3 responder), and serving document\nmanifests to authorised VHL Receivers (ITI-YY5 responder). Each test suite corresponds to one\ntransaction and exercises three atomic feature files.",
"jurisdiction" : [
{
"coding" : [
{
"system" : "http://unstats.un.org/unsd/methods/m49/m49.htm",
"code" : "001"
}
]
}
],
"scope" : [
{
🔗 "reference" : "ActorDefinition/VHLSharer"
}
],
"testCase" : [
{
"sequence" : 1,
"testRun" : [
{
"narrative" : "**ITI-YY1 Message Semantics** – Shared message format file (same as Trust Anchor suite 1).\nVerifies the DID Document structure the VHL Sharer must construct.",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY1-submit-pki-material-message.feature",
"display" : "ITI-YY1 Submit PKI Material – Message Semantics"
}
}
},
{
"narrative" : "**ITI-YY1 VHL Sharer Initiator Expected Actions** – Verifies key pair generation, submission\npathways (direct HTTP POST, indirect publication, offline), provenance metadata, response\nhandling (201/400/401/403/422), and secure private key retention.\nSource: sections 2:3.YY1.4.1.2 (Message Semantics) and 2:3.YY1.4.1.3 (Initiator Expected Actions).",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY1-submit-pki-material-initiator.feature",
"display" : "ITI-YY1 Submit PKI Material – VHL Sharer Initiator Expected Actions"
}
}
},
{
"narrative" : "**ITI-YY1 Security Considerations** – Shared security file (same as Trust Anchor suite 1).",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY1-submit-pki-material-security.feature",
"display" : "ITI-YY1 Submit PKI Material – Security Considerations"
}
}
}
]
},
{
"sequence" : 2,
"testRun" : [
{
"narrative" : "**ITI-YY2 Message Semantics** – Shared message format file.\nVerifies the request/response format for the trust list retrieval.",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY2-retrieve-trust-list-message.feature",
"display" : "ITI-YY2 Retrieve Trust List – Message Semantics"
}
}
},
{
"narrative" : "**ITI-YY2 VHL Sharer Initiator Expected Actions** – Verifies that the VHL Sharer correctly\nconstructs retrieval requests, sends them over TLS, validates and caches returned DID Documents,\nmaps verification methods, tracks expiry, handles revocation notifications, and processes\nerror responses (401/403/404).\nSource: sections 2:3.YY2.4.1 (Request Message) and 2:3.YY2.4.2.3 (Initiator Expected Actions).",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY2-retrieve-trust-list-initiator.feature",
"display" : "ITI-YY2 Retrieve Trust List – VHL Sharer Initiator Expected Actions"
}
}
},
{
"narrative" : "**ITI-YY2 Security Considerations** – Shared security file.",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY2-retrieve-trust-list-security.feature",
"display" : "ITI-YY2 Retrieve Trust List – Security Considerations"
}
}
}
]
},
{
"sequence" : 3,
"testRun" : [
{
"narrative" : "**ITI-YY3 Message Semantics** – Verifies the $generate-vhl request parameter definitions\n(sourceIdentifier, exp, flag, label, passcode) and the response format\n(HTTP 200, FHIR Parameters, Binary qrcode, HC1: prefix).",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY3-generate-vhl-message.feature",
"display" : "ITI-YY3 Generate VHL – Message Semantics"
}
}
},
{
"narrative" : "**ITI-YY3 VHL Sharer Responder Expected Actions** – Verifies the complete VHL generation\npipeline: passcode hashing (bcrypt/Argon2/PBKDF2), folder ID (256-bit entropy) and 32-byte\nencryption key generation, SHL payload construction (url/key/flag/v), mandatory manifest URL\nparameters, HCERT/CWT encoding (COSE signing → ZLIB → Base45 → HC1: prefix), QR code\ngeneration (ISO/IEC 18004:2015 Alphanumeric mode Q), and error OperationOutcome responses.\nSource: sections 2:3.YY3.4.1.3 (Responder Expected Actions) and 2:3.YY3.4.2 (Response Message).",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY3-generate-vhl-responder.feature",
"display" : "ITI-YY3 Generate VHL – VHL Sharer Responder Expected Actions"
}
}
},
{
"narrative" : "**ITI-YY3 Security Considerations** – Verifies HTTPS enforcement, passcode security\n(no plaintext storage, no embedding in QR code), key entropy requirements, and PHI exclusion.",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY3-generate-vhl-security.feature",
"display" : "ITI-YY3 Generate VHL – Security Considerations"
}
}
}
]
},
{
"sequence" : 4,
"testRun" : [
{
"narrative" : "**ITI-YY5 Message Semantics** – Verifies request format (HTTP POST /List/_search,\nContent-Type, Accept, FHIR search parameters, SHL parameters, HTTP Message Signature\nheaders) and response format (searchset Bundle structure, search.mode, error codes).",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY5-retrieve-manifest-message.feature",
"display" : "ITI-YY5 Retrieve Manifest – Message Semantics"
}
}
},
{
"narrative" : "**ITI-YY5 VHL Sharer Responder Expected Actions** – Verifies HTTP Message Signature\nverification (keyid lookup, RFC 9421 signature base, Content-Digest), OAuth FAST Option\ntoken validation, VHL authorisation (folder ID, expiry, revocation, passcode hash comparison),\nFHIR search execution (_include support), Bundle construction, error codes (400/401/403/404/422/429/500),\nrate limiting, and audit logging.\nSource: sections 2:3.YY5.4.1.5 (Responder Expected Actions), 2:3.YY5.4.2 (Response Message),\nand 2:3.YY5.5 (Security Considerations).",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY5-retrieve-manifest-responder.feature",
"display" : "ITI-YY5 Retrieve Manifest – VHL Sharer Responder Expected Actions"
}
}
},
{
"narrative" : "**ITI-YY5 Security Considerations** – Verifies TLS requirements, replay prevention (signature\ntimestamp freshness, OAuth jti uniqueness), passcode timing-attack protection, trust list\nenforcement, and audit logging (no plaintext passcode in logs).",
"script" : {
"language" : {
"coding" : [
{
"system" : "urn:ietf:bcp:13",
"code" : "text/x-gherkin"
}
],
"text" : "Gherkin"
},
"sourceReference" : {
"reference" : "https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY5-retrieve-manifest-security.feature",
"display" : "ITI-YY5 Retrieve Manifest – Security Considerations"
}
}
}
]
}
]
}
IG © 2024+ IHE IT Infrastructure Technical Committee. Package ihe.iti.vhl#0.0.2-current based on FHIR 4.0.1. Generated 2026-03-13
Links: Table of Contents |
QA Report
| New Issue | Issues
Version History |
|
Propose a change