0

only found some js implementations [1]: https://[smarthealth.cards/en/][1] [2]: https://[giters.com/obrassard/shc-extractor][1] [3]: https://gist.github.com/remi/e3aa2f78845ee13f706ed83aead5145f#file-shc-js-L10

There is a problem with the implementation of specific reading information

I can get information

eyJ6aXAiOiJERUYiLCJhbGciOiJFUzI1NiIsImtpZCI6IjNLZmRnLVh3UC03Z1h5eXd0VWZVQUR3QnVtRE9QS01ReC1pRUxMMTFXOXMifQ.3ZJLb9swEIT_SrC9yno1rSzd4hTo41AUaJpL4QNNrS0WfAgkJcQN9N-7SztAC8Q59RTdVhx-nBnyEVQI0MEQ4xi6oghG-Dig0HHIpfB9KPBBmFFjKEg4oYcM7G4PXfW-LtfXTbtu8_XbJoNZQvcI8TgidD8v496chhUPhLqsU8ZMVv0WUTn7olC6WfVVC9sMpMcebVRCf592v1BGtrQflL9HH5jTwXVe5hXx-O9msr1G1ngMbvIS75J9OC9k5zggndZEOzmhA_yRMhJ50vqH1yR42t-VJHgangF_ozi0nzsUBk8QYZQmHtxY0viQzjioGS33-MUNPG9y2C4UcKco_AcRmVW176pVWa3qEpYle9ZN9bKbz_9WHKKIU0hx-cIj8gXNQkpl8db1iSBdr-whGQ_HENGcnw7dzKCb3PlDwc0WQfWFnB8IINNOqMsGlu2SwXiuINnZo0fL3v5ukEROysmnJQ57p8wJUafAJceiqvbOG3qP7EXI6DwjexVGLVKdm9urj2jRC331yYVRRaGpKCpRu_h1MjveCmX6qosN1q-ywbr93w02vLDQ9wc.EReduRL4-W_FcGNbktsfn1H5FX8DJUE1pdAAJTG1gSw7LSoCrhesJ25-rKhuOsDyo1gvOkqvzS_ZugpLi7t3Xg

from QR, but I don't know how to get the final information For example:

"{
    "header": {
        "zip": "DEF",
        "alg": "ES256",
        "kid": "3Kfdg-XwP-7gXyywtUfUADwBumDOPKMQx-iELL11W9s"
    },
    "payload": {
        "iss": "https://smarthealth.cards/examples/issuer",
        "nbf": 1620847989.837,
        "vc": {
            "type": [
                "https://smarthealth.cards#health-card",
                "https://smarthealth.cards#immunization",
                "https://smarthealth.cards#covid19"
            ],
            "credentialSubject": {
                "fhirVersion": "4.0.1",
                "fhirBundle": {
                    "resourceType": "Bundle",
                    "type": "collection",
                    "entry": [
                        {
                            "fullUrl": "resource:0",
                            "resource": {
                                "resourceType": "Patient",
                                "name": [
                                    {
                                        "family": "Anyperson",
                                        "given": [
                                            "John",
                                            "B."
                                        ]
                                    }
                                ],
                                "birthDate": "1951-01-20"
                            }
                        },
                        {
                            "fullUrl": "resource:1",
                            "resource": {
                                "resourceType": "Immunization",
                                "status": "completed",
                                "vaccineCode": {
                                    "coding": [
                                        {
                                            "system": "http://hl7.org/fhir/sid/cvx",
                                            "code": "207"
                                        }
                                    ]
                                },
                                "patient": {
                                    "reference": "resource:0"
                                },
                                "occurrenceDateTime": "2021-01-01",
                                "performer": [
                                    {
                                        "actor": {
                                            "display": "ABC General Hospital"
                                        }
                                    }
                                ],
                                "lotNumber": "0000001"
                            }
                        },
                        {
                            "fullUrl": "resource:2",
                            "resource": {
                                "resourceType": "Immunization",
                                "status": "completed",
                                "vaccineCode": {
                                    "coding": [
                                        {
                                            "system": "http://hl7.org/fhir/sid/cvx",
                                            "code": "207"
                                        }
                                    ]
                                },
                                "patient": {
                                    "reference": "resource:0"
                                },
                                "occurrenceDateTime": "2021-01-29",
                                "performer": [
                                    {
                                        "actor": {
                                            "display": "ABC General Hospital"
                                        }
                                    }
                                ],
                                "lotNumber": "0000007"
                            }
                        }
                    ]
                }
            }
        }
    },
    "verifications": {
        "trustable": true,
        "verifiedBy": "3Kfdg-XwP-7gXyywtUfUADwBumDOPKMQx-iELL11W9s"
    }
}

use java I think this information should be encrypted(JWT), I don't know how to implement java decryption.

user_for
  • 1
  • 1
  • The header part of the JWT seems to be broken (maybe a character got lost somewhere?), I get `{"zip": "DEF", Y]T[֚]\^[\PUN^ٌMQUȟ` from base64 decoding. The payload part (after the first `.`) is deflated. I have answered a similar question before, related to Smart health cards and inflating ZIP deflated payload in JAVA. Link follows: – jps Feb 05 '22 at 15:05
  • @jps I just modified the string,i try run you code get exception Don't know where the problem is ”java.util.zip.DataFormatException: incorrect header check“ – user_for Feb 05 '22 at 15:23
  • thanks for the update, the header part of the token is now ok. The error you mention is the error that was reported in the linked question. Did you also read my answer on that question and modified the code accordingly? – jps Feb 05 '22 at 15:29
  • @jps Thanks for your help, but how should I use ”Inflater decompressor = new Inflater(true);“ – user_for Feb 05 '22 at 16:05
  • The original code in the question contains `Inflater decompressor = new Inflater();` (see 3rd line). You just have to add the parameter `true`there. I checked with the payload from your question (`String payload = "3ZJLb9swEIT_SrC9yn....`) and it works fine. If it works for you as well (which should be the case after the little modification), don't forget to click on "yes, it answers my question." – jps Feb 05 '22 at 16:11
  • @jps Thank you very much for your answer, one more question, how should I verify the data to prove that it has not been modified, I have jwks – user_for Feb 05 '22 at 16:18
  • With jose4j you should be able to verify a JWT by using a JWK. Here on SO I only found [this answer](https://stackoverflow.com/a/64206757/7329832). But I'm not sure if you might get errors, because in most JWT libs verification and decoding is one step and most libs can't handle ZIP deflated payload (it's non-standard). Give it a try and let me know. – jps Feb 05 '22 at 18:21
  • @jps use jose4j exception occurs( Invalid JWT! org.jose4j.jwt.consumer.InvalidJwtException: Unable to parse what was expected to be the JWT Claim Set JSON: "�[��0��Je^7��I�� ) i find the url (demo-portals.smarthealth.cards/VerifierPortal.html) how do i sign jwt use jwks? – user_for Feb 06 '22 at 13:57

0 Answers0