android-fhir icon indicating copy to clipboard operation
android-fhir copied to clipboard
verified publisher icon google

Demonstrate support for GDHCN in Android FHIR SDK

Open fredhersch opened this issue 1 year ago • 7 comments

The Global Digital Health Certification Network by the WHO enables a number of use-cases that leverage FHIR IPS.

We want to enable developers to be able to use the Android FHIR SDK as the underlying SDK for different use-cases.

To do this, the SDK needs to be able to manage the GDHCN keys in a secure manner.

fredhersch avatar Jan 15 '25 09:01 fredhersch

These GDHCN keys are typically public keys used to verify digital signatures on health certificates. They correspond to private keys held by trusted certificate issuers (e.g., national health authorities).

Storing private keys on device is probably discouraged and not clear to me also as its something that is owned by national health authorities. Is storing (& managing perhaps) public keys on android devices what you are suggesting ? Are you also suggesting to build capabilities to sync and verify GDHCN certificates (which will be some fhir resources I guess ?) using the stored public keys ? Is it something without our libraries won't work in the GDHCN network ? (=> I think its not a P1)

MJ1998 avatar Jan 16 '25 07:01 MJ1998

Should it be renamed to support GDHCN in the SDK instead? I am not convinced the Engine module is the place for GDHCN since they are not FHIR models but W3C DIDs.

vitorpamplona avatar Feb 19 '25 13:02 vitorpamplona

@vitorpamplona Has there been any further discussion with Carl about this work from your side?

fredhersch avatar Feb 20 '25 02:02 fredhersch

Not really. Just a basic evaluation after our discussion last year.

There are basically three buckets to this work:

  1. Download and Store (or cache in memory) the keys themselves;
  2. Run the cryptographic verification using those keys; and
  3. Integrate hashing and cryptographic signatures in the IPS data models.

1 is basically data sync and management like the Engine does, but for DIDs.

2 will include a bunch of cryptographic libraries to the SDK since the DID spec allows the use any cryptographic scheme the user chooses.

3 will need some definitions on how to hash the IPS outside of the QR codes already defined for covid. Maybe this needs a new IG. But hopefully the hashing mechanism gets standardized and becomes part of the main Fhir spec.

vitorpamplona avatar Feb 20 '25 03:02 vitorpamplona

Should it be renamed to support GDHCN in the SDK instead? I am not convinced the Engine module is the place for GDHCN since they are not FHIR models but W3C DIDs.

to this end - it sounds like your later comment suggests that this should be a separate support library?

jingtang10 avatar Mar 12 '25 09:03 jingtang10

Based on the thread, I've updated the title to reflect that this is:

  • Going to be a separate library that implements the key functionality
  • We want to demonstrate this working in an Android FHIR SDK based app using this 3P library

@vitorpamplona Are you working on these libraries? Or any updates you know of we should track here?

fredhersch avatar May 07 '25 01:05 fredhersch

Not really. I did some work on that application back in September-December, but it was mostly to support the hackathon they were having. We can probably use the code as a base for a more serious and general library, but I don't know if anyone is still working on that type of implementation these days. Back in those days, each member state was coding their own implementation in order to customize key caching, structure maps, and other IG-related interactions in their own apps.

vitorpamplona avatar May 07 '25 14:05 vitorpamplona