Merge branch '1.1.3' into 1.1.2

README.md

@@ -13,13 +13,11 @@ This is the WHO SMART Trust Implementation Guide
 ###
 ### Publication
 This ImplementationGuide is published in the following locations:
-
-
+ 
+ 
 Continuous Build:  __https://worldhealthorganization.github.io/smart-trust__  
 Canonical / permanent URL: __https://smart.who.int/trust__  
-
-<br> </br>
-
+<br/>
 ### Issues
 Issues and change requests are managed here:  
 

input/fsh/actors/Credential.Holder.fsh

@@ -0,0 +1,13 @@
+Alias: $SGActor = http://smart.who.int/base/StructureDefinition/SGActor
+
+Instance: Credential.Holder
+InstanceOf: $SGActor
+Usage: #example
+* meta.profile = "http://smart.who.int/smart-base/StructureDefinition/SGPersona"
+* type = #system
+* status = #draft
+* identifier.value = "TNP"
+* name = "Credential.Holder"
+* title = "Credential.Holder"
+* experimental = false
+* description = "Credential Holder"

input/fsh/actors/Credential.Issuer.fsh

@@ -0,0 +1,13 @@
+Alias: $SGActor = http://smart.who.int/base/StructureDefinition/SGActor
+
+Instance: Credential.Issuer
+InstanceOf: $SGActor
+Usage: #example
+* meta.profile = "http://smart.who.int/smart-base/StructureDefinition/SGPersona"
+* type = #system
+* status = #draft
+* identifier.value = "TNP"
+* name = "Credential.Issuer"
+* title = "Credential.Issuer"
+* experimental = false
+* description = "Credential Issuer"

input/fsh/actors/GDHCN.fsh

@@ -0,0 +1,13 @@
+Alias: $SGActor = http://smart.who.int/base/StructureDefinition/SGActor
+
+Instance: GDHCN
+InstanceOf: $SGActor
+Usage: #example
+* meta.profile = "http://smart.who.int/smart-base/StructureDefinition/SGPersona"
+* type = #system
+* status = #draft
+* identifier.value = "GDHCN"
+* name = "GDHCN"
+* title = "GDHCN"
+* experimental = false
+* description = "WHO Global Digital Health Certification Network"

input/fsh/actors/TNG.fsh

@@ -0,0 +1,13 @@
+Alias: $SGActor = http://smart.who.int/base/StructureDefinition/SGActor
+
+Instance: TNG
+InstanceOf: $SGActor
+Usage: #example
+* meta.profile = "http://smart.who.int/smart-base/StructureDefinition/SGPersona"
+* type = #system
+* status = #draft
+* identifier.value = "TNG"
+* name = "TNG"
+* title = "TNG"
+* experimental = false
+* description = "Trust Network Gateway"

input/fsh/actors/TNP.fsh

@@ -0,0 +1,13 @@
+Alias: $SGActor = http://smart.who.int/base/StructureDefinition/SGActor
+
+Instance: TNP
+InstanceOf: $SGActor
+Usage: #example
+* meta.profile = "http://smart.who.int/smart-base/StructureDefinition/SGPersona"
+* type = #system
+* status = #draft
+* identifier.value = "TNP"
+* name = "TNP"
+* title = "TNP"
+* experimental = false
+* description = "Trust Network Participant"

input/fsh/codesystems/WHO.TRUST.DOMAIN.fsh

@@ -0,0 +1,10 @@
+CodeSystem: WHO.TRUST.DOMAIN
+Title: "WHO SMART Trust Domains"
+Description: "Controlled vocabulary used to define WHO SMART Trust network service provider characteristics."
+* ^experimental = false
+* ^caseSensitive = true
+* ^name = "WHO_TRUST_DOMAIN"
+
+
+* #DDCC "WHO DDCC"
+* #IPS-PILGRIMAGE "IPS for Pilgrimage"

input/fsh/codesystems/WHO.TRUST.KEYUSAGE.fsh

@@ -0,0 +1,15 @@
+CodeSystem: WHO.TRUST.KEYUSAGE
+Title:        "WHO.TRUST.KEYUSAGE CodeSystem"
+Description:  """
+CodeSystem for TRUST.KEYUSAGE that has usage codes for verification keys published to the Trust Network as defined by the [certificate governance](concepts_certificate_governance.html)
+"""
+
+* ^experimental = true
+* ^caseSensitive = false
+* ^name = "WHO_TRUST_KEYUSAGE"
+* ^status = #active
+
+* #SCA "Signer Certificate Authority (SCA)"	"A certificate which acts a trust anchor in the verification of the certificate chain for the DSCs issued by a Trust Network participant"
+* #DSC "Document Signing Certificate (DSC)"	"A certificate which may be used to verify a digital signature within a Verfifiable Digital Health Certificate"
+* #TLS "Transport Layer Security (TLS)"	 	"Used for establishing (m)TLS connections with systems, in particular between the Trust Network Gateway and backend systems of a Trust Network Participant"
+* #UP  "Upload (UP)"		 		"Used to verify digital signature of cryptographically signed content uploaded to services within the Global Digital Health Certification Network, in particular the Trust Network Gateway"

input/fsh/models/SmartHealthLink.fsh

@@ -0,0 +1,13 @@
+Logical: 	SmartHealthLink
+Title: 		"Smart Health Link (DRAFT)"
+Description:	"Smart Health Link URI (DRAFT)
+
+Logical Model to represent a SMART Health Link as its URI.  It is generated from the content of the SMART Health Link Payload.
+
+
+"
+
+* ^url = "http://smart.who.int/trust/StructureDefinition/SmartHealthLink"
+* ^version = "RC2"
+* ^status = #draft
+* u 1..1 string "URI" "URI of the Smart Health Link.  Should look like 'shlink:/eyJ1cmwiOiJodHRwczovL2Vo....' "

input/fsh/models/SmartHealthLinkPayload.fsh

@@ -0,0 +1,24 @@
+Logical: 	SmartHealthLinkPayload
+Title: 		"Smart Health Link Payload (DRAFT)"
+Description:	"Smart Health Link Payload (DRAFT)
+
+This logical model was taken from the SMART Health Link documentation <https://docs.smarthealthit.org/smart-health-links/spec#construct-a-shlink-payload> as if 30 November 2023.
+
+A [[ SMART Health Link]] is generated from this payload according to the algorithm documented here <https://docs.smarthealthit.org/smart-health-links/spec#example-shlink-generation> to create a 
+
+It is generated 
+
+"
+
+* ^url = "http://smart.who.int/trust/StructureDefinition/SmartHealthLinkPayload"
+* ^version = "RC2"
+* ^status = #draft
+*  url 1..1 string "url" "Manifest URL for this SHLink"
+*  key 1..1 string "Decryption key for processing files returned in the manifest. 43 characters, consisting of 32 random bytes base64urlencoded."
+*  exp 0..1 string "Optional. Number representing expiration time in Epoch seconds, as a hint to help the SHL Receiving Application determine if this QR is stale. (Note: epoch times should be parsed into 64-bit numeric types.)"
+* flag 0..1 string "Optional. String created by concatenating single-character flags in alphabetical order
+  L Indicates the SHLink is intended for long-term use and manifest content can evolve over time
+  P Indicates the SHLink requires a Passcode to resolves
+  U Indicates the SHLink's url resolves to a single encrypted file accessible via GET, bypassing the manifest. SHALL NOT be used in combination with P."
+* label 0..1 string "Optional. String no longer than 80 characters that provides a short description of the data behind the SHLink."
+* v 0..1 string "Optional. Integer representing the SHLinks protocol version this SHLink conforms to. MAY be omitted when the default value (1) applies."

input/fsh/models/hcert.fsh

@@ -0,0 +1,31 @@
+Alias: $IPS = http://hl7.org/fhir/uv/ips/StructureDefinition/Bundle-uv-ips
+Alias: $HCertDCC = http://smart.who.int/ddcc/StructureDefinition/HCertDCC
+Alias: $DDCCVS = http://smart.who.int/ddcc/StructureDefinition/DDCCCoreDataSet.VS
+Alias: $DDCCTR = http://smart.who.int/ddcc/StructureDefinition/DDCCCoreDataSet.TR
+
+Logical:        HCert
+Title:          "Health Certificate"
+Description:    "Logical Model for the HCERT"
+
+//Description:    """Logical Model for the HCERT
+//
+// The full data structure and encoding mechanisms for HCERT are defined here: [Electronic Health Certificate Specification](/smart-trust/hcert_spec.html)
+//
+// An HCERT is claim -260 within the [CBOR Web Token (CWT) Claim](https://www.rfc-editor.org/rfc/rfc8392.html).
+//
+// Note for subclaims:
+// - subclaims 0 and above are reserved by WHO to be assigned, a new sub claim can be requested for by requesting to create a new trust domain
+// - subclaims for negative integer values are for development purposes and are free to use
+// - While this logical model mentions assigned subclaims (below), the ones listed in the Electronic Health Certificate Specification are considered authoritative
+// """
+
+
+* ^url = "http://smart.who.int/trust/StructureDefinition/HCert"
+* ^status = #active
+* 1 0..1 $HCertDCC "HCERT EU DCC"  "HCERT EU DCC"
+//* 2 0..* $RACSEL_DDVC "RACSEL Vaccination Certficate Data Set claim" "RACSEL Vaccination Certificate (PROPOSED)" 
+* 3 0..* $DDCCVS "Vaccination Core Data Set claim" "DDCC Vaccination claim (PROPOSED)"
+* 4 0..* $DDCCTR "Test Result Core Data Set claim" "DDCC Test Result claim (PROPOSED)"
+* 5 0..* SmartHealthLink "SMART Health Link claim" "SMART Health Link"
+//* 6 0..* $IPS "IPS" "IPS Bundle (EXAMPLE)"
+

input/fsh/models/scheme_information.fsh

@@ -0,0 +1,26 @@
+Logical:        SchemeInformation
+Title:          "Scheme Information"
+Description:    "Logical Model for Information on the trusted list and its issuing scheme"
+
+* ^url = "http://smart.who.int/trust/StructureDefinition/SchemeInformation"
+* ^abstract = true
+* ^status = #draft
+* versionIdentifier 1..1 integer "TSL version identifier (clause 5.3.1)" "TSL version identifier (clause 5.3.1)"
+* sequenceNumber 1..1 integer "TSL sequence number (clause 5.3.2)" "TSL sequence number (clause 5.3.2)"
+* type 1..1 uri "TSL type (clause 5.3.3)" "TSL type (clause 5.3.3)"
+* operatorName 1..1 string "Scheme operator name (clause 5.3.4)" "Scheme operator name (clause 5.3.4)"
+* operatorAddress 1..* BackboneElement "Scheme operator address (clause 5.3.5)" "Scheme operator address (clause 5.3.5)"
+  * operatorPostalAddress 1..* Address "Scheme Operator Postal Address" "Scheme Operator Postal Address"
+  * operatorElectronicAddress 0..* ContactPoint "Scheme Operator Electronic Address" "Scheme Operator Electronic Address"
+* name 1..1 string "Scheme name (clause 5.3.6)" "Scheme name (clause 5.3.6) CC:EN_name_value"
+* informationURI 1..1 uri "Scheme information URI (clause 5.3.7)" "Scheme information URI (clause 5.3.7)"
+* statusDeterminiationApproach 1..1 uri "Status determination approach (clause 5.3.8)" "Status determination approach (clause 5.3.8)"
+* schemeType 1..1 uri "Scheme type/community/rules (clause 5.3.9)" "Scheme type/community/rules (clause 5.3.9)"
+* territory 1..1 string "Scheme territory (clause 5.3.10)" "Scheme territory (clause 5.3.10)"
+* policy 1..1 uri "TSL policy/legal notice (clause 5.3.11)" "TSL policy/legal notice (clause 5.3.11)"
+* historicalInformationPeriod 1..1 integer "Historical information period (clause 5.3.12)" "Historical information period (clause 5.3.12)"
+* otherTSL 0..* string "Pointers to other TSLs (clause 5.3.13)" "Pointers to other TSLs (clause 5.3.13)"
+* issDateTime 1..1 dateTime "List issue date and time (clause 5.3.14)" "List issue date and time (clause 5.3.14)"
+* nextUpdate 1..1 dateTime "Next update (clause 5.3.15)" "Next update (clause 5.3.15)"
+* distributionPoints 0..* uri "Distribution points (clause 5.3.16)" "Distribution points (clause 5.3.16)"
+* extensions 0..* string "Scheme extensions (clause 5.3.17)" "Scheme extensions (clause 5.3.17)"

input/fsh/valuesets/WHO.TRUST.DOMAIN.fsh

@@ -0,0 +1,9 @@
+ValueSet: WHO.TRUST.DOMAIN
+Title: "WHO SMART Trust Domains"
+Description: "Health credential type"
+* ^name = "WHO_TRUST_DOMAIN"
+
+* ^experimental = false
+
+* WHO.TRUST.DOMAIN#DDCC
+* WHO.TRUST.DOMAIN#IPS-PILGRIMAGE

input/fsh/valuesets/WHO.TRUST.KEYUSAGE.fsh

@@ -0,0 +1,13 @@
+ValueSet:     WHO.TRUST.KEYUSAGE
+Title:        "TRUST.KEYUSAGE ValueSet of key usage codes "
+Description:  "ValueSet of codes for key usage codes"
+
+* ^status = #active
+* ^experimental = true
+* ^name = "WHO_TRUST_KEYUSAGE"
+
+* WHO.TRUST.KEYUSAGE#SCA "Signing Certificate Authority"
+* WHO.TRUST.KEYUSAGE#DSC "Document Signing Certificate"
+* WHO.TRUST.KEYUSAGE#UP "Upload"
+* WHO.TRUST.KEYUSAGE#TLS "TLS"
+

input/images/openapi/.gitignore

@@ -0,0 +1,44 @@
+HELP.md
+target/
+!.mvn/wrapper/maven-wrapper.jar
+!**/src/main/**
+!**/src/test/**
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+.jpb
+
+### NetBeans ###
+/nbproject/
+/nbbuild/
+/.nb-gradle/
+build/
+
+### VS Code ###
+.vscode/
+
+### Others ###
+~$*.docx
+*.b64
+/testdata/
+*.log
+
+/keystore
+
+/tools/*
+!/tools/*.bat
+!/tools/*.sh
+
+certs/*

input/images/openapi/index.html

@@ -0,0 +1,37 @@
+<!-- HTML for static distribution bundle build -->
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <title>Swagger UI</title>
+  <link rel="stylesheet" type="text/css" href="./swagger-ui.css"/>
+  <link rel="icon" type="image/png" href="./favicon-32x32.png" sizes="32x32"/>
+  <link rel="icon" type="image/png" href="./favicon-16x16.png" sizes="16x16"/>
+  <style>
+    html {
+      box-sizing: border-box;
+      overflow: -moz-scrollbars-vertical;
+      overflow-y: scroll;
+    }
+
+
+
+    body {
+      margin: 0;
+      background: #fafafa;
+    }
+
+    .scheme-container {
+      display: none;
+    }
+  </style>
+</head>
+
+<body>
+<div id="swagger-ui"></div>
+<!--ReleaseHeader--><p id="publish-box">Publish Box goes here</p><!--EndReleaseHeader-->
+<script src="./swagger-ui-bundle.js" charset="UTF-8"></script>
+<script src="./swagger-ui-standalone-preset.js" charset="UTF-8"></script>
+<script src="./onload.js" onload="uiBundle()"></script>
+</body>
+</html>