Verifiable Health Link
0.0.2-current - ci-build
Verifiable Health Link
0.0.2-current - ci-build
Verifiable Health Link, published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 0.0.2-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.VHL/ and changes regularly. See the Directory of published versions
| Active as of 2026-03-13 |
<TestPlan xmlns="http://hl7.org/fhir">
<id value="TestPlan-VHLSharer"/>
<url value="https://profiles.ihe.net/ITI/VHL/TestPlan/TestPlan-VHLSharer"/>
<version value="0.0.2-current"/>
<name value="TestPlan_VHLSharer"/>
<title value="Test Plan – VHL Sharer"/>
<status value="active"/>
<date value="2026-03-13T13:59:49+00:00"/>
<publisher value="IHE IT Infrastructure Technical Committee"/>
<contact>
<telecom>
<system value="url"/>
<value value="https://www.ihe.net/ihe_domains/it_infrastructure/"/>
</telecom>
</contact>
<contact>
<telecom>
<system value="email"/>
<value value="iti@ihe.net"/>
</telecom>
</contact>
<contact>
<name value="IHE IT Infrastructure Technical Committee"/>
<telecom>
<system value="email"/>
<value value="iti@ihe.net"/>
</telecom>
</contact>
<description
value="Unit test plan for the **VHL Sharer** actor of the IHE ITI Verifiable Health Links (VHL) profile.
Scope: validates all behaviour expected of a VHL Sharer across its four transactions:
submitting its own PKI material (ITI-YY1 initiator), retrieving the trust list to obtain peer
keys (ITI-YY2 initiator), generating VHLs on demand (ITI-YY3 responder), and serving document
manifests to authorised VHL Receivers (ITI-YY5 responder). Each test suite corresponds to one
transaction and exercises three atomic feature files."/>
<jurisdiction>
<coding>
<system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/>
<code value="001"/>
</coding>
</jurisdiction>
<scope>🔗
<reference value="ActorDefinition/VHLSharer"/>
</scope>
<testCase>
<sequence value="1"/>
<testRun>
<narrative
value="**ITI-YY1 Message Semantics** – Shared message format file (same as Trust Anchor suite 1).
Verifies the DID Document structure the VHL Sharer must construct."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY1-submit-pki-material-message.feature"/>
<display value="ITI-YY1 Submit PKI Material – Message Semantics"/>
</sourceReference>
</script>
</testRun>
<testRun>
<narrative
value="**ITI-YY1 VHL Sharer Initiator Expected Actions** – Verifies key pair generation, submission
pathways (direct HTTP POST, indirect publication, offline), provenance metadata, response
handling (201/400/401/403/422), and secure private key retention.
Source: sections 2:3.YY1.4.1.2 (Message Semantics) and 2:3.YY1.4.1.3 (Initiator Expected Actions)."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY1-submit-pki-material-initiator.feature"/>
<display
value="ITI-YY1 Submit PKI Material – VHL Sharer Initiator Expected Actions"/>
</sourceReference>
</script>
</testRun>
<testRun>
<narrative
value="**ITI-YY1 Security Considerations** – Shared security file (same as Trust Anchor suite 1)."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY1-submit-pki-material-security.feature"/>
<display
value="ITI-YY1 Submit PKI Material – Security Considerations"/>
</sourceReference>
</script>
</testRun>
</testCase>
<testCase>
<sequence value="2"/>
<testRun>
<narrative
value="**ITI-YY2 Message Semantics** – Shared message format file.
Verifies the request/response format for the trust list retrieval."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY2-retrieve-trust-list-message.feature"/>
<display value="ITI-YY2 Retrieve Trust List – Message Semantics"/>
</sourceReference>
</script>
</testRun>
<testRun>
<narrative
value="**ITI-YY2 VHL Sharer Initiator Expected Actions** – Verifies that the VHL Sharer correctly
constructs retrieval requests, sends them over TLS, validates and caches returned DID Documents,
maps verification methods, tracks expiry, handles revocation notifications, and processes
error responses (401/403/404).
Source: sections 2:3.YY2.4.1 (Request Message) and 2:3.YY2.4.2.3 (Initiator Expected Actions)."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY2-retrieve-trust-list-initiator.feature"/>
<display
value="ITI-YY2 Retrieve Trust List – VHL Sharer Initiator Expected Actions"/>
</sourceReference>
</script>
</testRun>
<testRun>
<narrative
value="**ITI-YY2 Security Considerations** – Shared security file."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY2-retrieve-trust-list-security.feature"/>
<display
value="ITI-YY2 Retrieve Trust List – Security Considerations"/>
</sourceReference>
</script>
</testRun>
</testCase>
<testCase>
<sequence value="3"/>
<testRun>
<narrative
value="**ITI-YY3 Message Semantics** – Verifies the $generate-vhl request parameter definitions
(sourceIdentifier, exp, flag, label, passcode) and the response format
(HTTP 200, FHIR Parameters, Binary qrcode, HC1: prefix)."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY3-generate-vhl-message.feature"/>
<display value="ITI-YY3 Generate VHL – Message Semantics"/>
</sourceReference>
</script>
</testRun>
<testRun>
<narrative
value="**ITI-YY3 VHL Sharer Responder Expected Actions** – Verifies the complete VHL generation
pipeline: passcode hashing (bcrypt/Argon2/PBKDF2), folder ID (256-bit entropy) and 32-byte
encryption key generation, SHL payload construction (url/key/flag/v), mandatory manifest URL
parameters, HCERT/CWT encoding (COSE signing → ZLIB → Base45 → HC1: prefix), QR code
generation (ISO/IEC 18004:2015 Alphanumeric mode Q), and error OperationOutcome responses.
Source: sections 2:3.YY3.4.1.3 (Responder Expected Actions) and 2:3.YY3.4.2 (Response Message)."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY3-generate-vhl-responder.feature"/>
<display
value="ITI-YY3 Generate VHL – VHL Sharer Responder Expected Actions"/>
</sourceReference>
</script>
</testRun>
<testRun>
<narrative
value="**ITI-YY3 Security Considerations** – Verifies HTTPS enforcement, passcode security
(no plaintext storage, no embedding in QR code), key entropy requirements, and PHI exclusion."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY3-generate-vhl-security.feature"/>
<display value="ITI-YY3 Generate VHL – Security Considerations"/>
</sourceReference>
</script>
</testRun>
</testCase>
<testCase>
<sequence value="4"/>
<testRun>
<narrative
value="**ITI-YY5 Message Semantics** – Verifies request format (HTTP POST /List/_search,
Content-Type, Accept, FHIR search parameters, SHL parameters, HTTP Message Signature
headers) and response format (searchset Bundle structure, search.mode, error codes)."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY5-retrieve-manifest-message.feature"/>
<display value="ITI-YY5 Retrieve Manifest – Message Semantics"/>
</sourceReference>
</script>
</testRun>
<testRun>
<narrative
value="**ITI-YY5 VHL Sharer Responder Expected Actions** – Verifies HTTP Message Signature
verification (keyid lookup, RFC 9421 signature base, Content-Digest), OAuth FAST Option
token validation, VHL authorisation (folder ID, expiry, revocation, passcode hash comparison),
FHIR search execution (_include support), Bundle construction, error codes (400/401/403/404/422/429/500),
rate limiting, and audit logging.
Source: sections 2:3.YY5.4.1.5 (Responder Expected Actions), 2:3.YY5.4.2 (Response Message),
and 2:3.YY5.5 (Security Considerations)."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY5-retrieve-manifest-responder.feature"/>
<display
value="ITI-YY5 Retrieve Manifest – VHL Sharer Responder Expected Actions"/>
</sourceReference>
</script>
</testRun>
<testRun>
<narrative
value="**ITI-YY5 Security Considerations** – Verifies TLS requirements, replay prevention (signature
timestamp freshness, OAuth jti uniqueness), passcode timing-attack protection, trust list
enforcement, and audit logging (no plaintext passcode in logs)."/>
<script>
<language>
<coding>
<system value="urn:ietf:bcp:13"/>
<code value="text/x-gherkin"/>
</coding>
<text value="Gherkin"/>
</language>
<sourceReference>
<reference
value="https://build.fhir.org/ig/IHE/ITI.VHL/ITI-YY5-retrieve-manifest-security.feature"/>
<display
value="ITI-YY5 Retrieve Manifest – Security Considerations"/>
</sourceReference>
</script>
</testRun>
</testCase>
</TestPlan>
IG © 2024+ IHE IT Infrastructure Technical Committee. Package ihe.iti.vhl#0.0.2-current based on FHIR 4.0.1. Generated 2026-03-13
Links: Table of Contents |
QA Report
| New Issue | Issues
Version History |
|
Propose a change