DIVOC
DIVOC 3.0
DIVOC 3.0
  • Introduction to DIVOC
    • What DIVOC is and what it's not
    • DIVOC Docs Index
  • Platform
    • Release Notes
      • DIVOC 2.0 Release Features
      • DIVOC 3.0 Release Features
    • Specification
      • API Documentation
      • Setting up DIVOC development environment
    • DIVOC's Verifiable Certificate Features 2.0
      • Creating a DIVOC Certificate
        • Overview of DIVOC’s digital certificates
        • What information is included in the DIVOC certificate?
        • DIVOC’s certificate generation service: How does it work?
        • Compliance with internationally used COVID-19 certificate schemas
      • Distributing a DIVOC Certificate
      • Updating a DIVOC Certificate
      • Revoking a DIVOC Certificate
      • Verifying a DIVOC Certificate
      • DIVOC's Native COVID-19 Certificate Specification
      • DIVOC’s EU-DCC Adapter Service
      • DIVOC’s SHC Adapter Service
      • Adding a User Type in DIVOC
      • Printing Certificates at a Facility
      • Normal QR Code Versus Signed/Verifiable QR Code
      • What Information Goes Into a QR Code?
      • WHO Master Vaccine Checklist
      • EU Master Vaccine Checklist
    • DIVOC's Verifiable Certificate Features 3.0
      • How to Configure a New Tenant?
      • How to Access the VC System and Generate Tokens
      • How to Generate Certificates
      • How to Fetch Certificates
      • How to Update Certificates
      • How to Revoke Certificates
      • How to Suspend Certificates
    • DIVOC Architecture
    • Installation
      • Skills needed to set up DIVOC
      • Implementation Checklist
      • Setting Up DIVOC in k8 Cluster
        • How to Install DIVOC
        • How to Install DIVOC for V3.0
        • Backup & Restore: Postgres, Clickhouse, Kafka, & Redis
        • Infrastructure Recovery
        • Server Hardening
    • Verifiable Credential (VC): Production Deployment
    • Configuration
      • Configuring the Certification and Verification Component
        • Generating Signed Key Pairs
        • Configuring certificates
          • Step 1: Create a certification generation request
          • Step 2: Configure the QR code content
          • Step 3: Configure the certificate template
        • How to set up the verification portal for implementation
        • How to configure the update certificate API
        • Configuring Environment Variables in 2.0
      • Configuration Management Via ETCD
        • Adding a New Vaccine and ICD-11 Mapping
          • Adding a New Vaccine and ICD-11 Mapping Using ETCD CLI
        • PDF Template Change for Vaccine Certificates
          • PDF Template Change for Vaccine Certificates via ETCD CLI
        • EU Vaccine Configurations
          • Adding a New Vaccine and its Mapping via ETCD CLI
        • Payload Changes in the QR Code
          • Payload Changes in the QR Code via ETCD CLI
    • Performance Report
  • Products
    • Issuing COVID-19 Vaccination Certificates in India
    • Issuing COVID-19 Test Reports in India
    • Issuing COVID-19 Vaccination Certificates in Sri Lanka
    • Issuing COVID-19 Vaccination Certificates in the Philippines
    • Issuing COVID-19 Vaccination Certificates in Jamaica
      • Troubleshooting
    • Issuing COVID-19 Vaccination Certificates in Indonesia
    • Open Events
      • Past Events
      • DIVOC in the Media
  • DIVOC Demo
    • Program Setup (Via Orchestration Module)
    • Facility App
    • Issue and Verify Certificates
    • Citizen Portal
    • Feedback
    • Analytics
  • Community
    • Roadmap
    • Partner Support
      • Terms and Conditions of Using the DIVOC Site
      • Privacy Policy: Short Version for Display
      • Privacy Policy: Detailed
      • Platform Policy Guidelines
      • Privacy Policy Recommendations
      • Troubleshooting Guide
    • Source Code
    • Discussion Forum
    • Issues
    • Project Repo
Powered by GitBook
On this page
  • QR payload structure
  • Header
  • Payload
  • Signature algorithm
  • Sample Payload
  1. Platform
  2. DIVOC's Verifiable Certificate Features 2.0

DIVOC's Native COVID-19 Certificate Specification

PreviousVerifying a DIVOC CertificateNextDIVOC’s EU-DCC Adapter Service

Last updated 2 years ago

When the “Certify API” is called by a vaccinating system, a unique QR code is generated for that specific event. This document specifies the data structure that can be used to generate a QR code-based digitally verifiable certificate for a registered health event.

QR payload structure

The payload structure follows the JSON Web Token (JWT) digital signature and is defined in . The payload is transported in a DIVOC certificate. JWT includes the following:

  • Header

  • Payload

  • Signature algorithm

Header

This contains the information about the certificate, which is based on the . The header also indicates the type of certificate being issued.

Payload

This is divided into several parts:

  • The first part contains the details of who is issuing the certificate along with the timestamp.

  • The second part contains the details of the beneficiary to whom the certificate has been issued.

  • The final part contains details on the event for which the certificate has been generated. The event part has details of the health event (such as vaccination) along with a timestamp, which includes information on the type of vaccine, dose details, and location of the vaccination.

Signature algorithm

DIVOC is capable of self-generating a public-private key pair. It also supports a signing configuration where the country has onboarded a CA (certificate authority) responsible for generating the keys. In the latter case, DIVOC will use the private key issued by the CA and sign the QR code.

  • The DIVOC certificate is flexible and multiple signing algorithms can be used.

  • Self-generated keys or the keys from a country’s PKI service provider can also be used. DIVOC currently uses two default signature algorithms:

1. PS256 - Using "crit" with "b64"

2. ES256

  • The public key along with the method of signing will be provided to verifiers to authenticate certificates.

  • Based on the algorithm that is being used for certificate generation, the certificate can be verified by the verifier.

Sample Payload

{
   "@context":[
      "https://www.w3.org/2018/credentials/v1",
      "https://cowin.gov.in/credentials/vaccination/v1" 
   ],
   "type":[
      "VerifiableCredential",
      "ProofOfVaccinationCredential"
   ],
   "credentialSubject":{
      "type":"Person",
      "id":"19882120590",
      "refId":"77889950",
      "name":"Juan Dela Cruz ",
      "gender":"Female",
      "age":"33",
      “dob”:””,
      "nationality":"India",
      "address":{
         "streetAddress":"114/1/15,Horahena Road, Kottawa",
         "streetAddress2":"",
         "district":"colombo",
         "city":"",
         "addressRegion":"Western",
         "addressCountry":"IN",
         "postalCode":"121212"
      }
   },
   "issuer":"https://cowin.gov.in/",
   "issuanceDate":"2021-06-28T07:21:39.684Z",
   "evidence":[
      {
         "id":"https://cowin.gov.in/vaccine/448086902",  
         "feedbackUrl":"https://cowin.gov.in/?448086902",
         "infoUrl":"https://cowin.gov.in/?448086902", 
         "certificateId":"448086902",
         "type":[
            "Vaccination"
         ],
         "batch":"batch-01",
         "vaccine":"Pfizer",
         "manufacturer":"US",
         "date":"2021-06-28T05:30:28.187Z",
         "effectiveStart":"2021-04-21",
         "effectiveUntil":"2022-04-21",
         "dose":1,
         "totalDoses":2,
         "verifier":{
            "name":"ss"
         },
         "facility":{
            "name":"MOH Gothatuwa",
            "address":{
               "streetAddress":"df",
               "streetAddress2":"",
               "district":"wew",
               "city":"",
               "addressRegion":"w",
               "addressCountry":"IN",
               "postalCode":"121212"
            }
         }
      }
   ],
   "nonTransferable":"true",
   "proof":{
   "type":"RsaSignature2018",
      "created":"2021-06-28T07:21:39Z",
      "verificationMethod":"did:india",
      "proofPurpose":"assertionMethod",
      "jws":"eyJhbGciOiJQUzI1NiIsImI################4v_Gq6tIkDfhQQ"
   }
}

()

()

Click to see the various versions of the algorithm.

Click to know more about what data set goes inside the QR code.

All content on this page by is licensed under a .

RFC 7519
W3C verifiable credentials data model
https://w3c-ccg.github.io/security-vocab/#RsaSignature2018
https://w3c-ccg.github.io/security-vocab/#EcdsaSecp256k1Signature2019
here
here
eGov Foundation
Creative Commons Attribution 4.0 International License
Creative Commons License