aws-sdk-kms 1.81.0 → 1.82.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 58a473bbce762cc59b305678921f3fc9cc407cccf4ad4be2463116e7682a4c98
-  data.tar.gz: 38831f8cd062aaf791f6c5add9a66a7034b6f0f4711e600593fd7b279d6be38f
+  metadata.gz: e76f6e3fb0e6db3c06af73e578a928e2c1cdacb6926ba1f1a26b1d8dcb02afd2
+  data.tar.gz: 58c29914d4b70a3cfbeaba2a076e831bcff93088cb61f1006327b2e42ee5c75f
 SHA512:
-  metadata.gz: 243bea0b6cee595d6e100df13503e689d83a22434874962cdca09b81fdd98bd420786476ce270981d071821f439af0529c15e5737d85e35f55816ac0644dea8d
-  data.tar.gz: 994d51430b4a3da2a9faa8fb27730d221f65f416b918d01d76036ad10c4f10f2415fd397596929ef728873fd7589b89cc76e7da2a2883e5b04d30e39ccf31b74
+  metadata.gz: 40ab0a33992f7dd3331a684fd36d061bd6dc93d34ff46cfcb62012aa960371eb80105534f63bfc502e6e2a0ecd9731234ce946f3794fc6c1a143e1aa3a1d3582
+  data.tar.gz: 01b0c75d8f6b516cfe64102cfc6d1801f43e33c99e44882ea26592f4f10a6d75fcd58619640b7e9e43990afb9a90de87b206fa8823069500fcb0d9edd9372eae

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.82.0 (2024-05-22)
+------------------
+
+* Feature - This release includes feature to import customer's asymmetric (RSA, ECC and SM2) and HMAC keys into KMS in China.
+
 1.81.0 (2024-05-13)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.81.0
+1.82.0

data/lib/aws-sdk-kms/client.rb

@@ -5872,8 +5872,8 @@ module Aws::KMS
     # `GetParametersForImport` returns the items that you need to import
     # your key material.
     #
-    # * The public key (or "wrapping key") of an RSA key pair that KMS
-    #   generates.
+    # * The public key (or "wrapping key") of an asymmetric key pair that
+    #   KMS generates.
     #
     #   You will use this public key to encrypt ("wrap") your key material
     #   while it's in transit to KMS.
@@ -5951,20 +5951,28 @@ module Aws::KMS
     #   DescribeKey.
     #
     # @option params [required, String] :wrapping_algorithm
-    #   The algorithm you will use with the RSA public key (`PublicKey`) in
-    #   the response to protect your key material during import. For more
-    #   information, see [Select a wrapping
+    #   The algorithm you will use with the asymmetric public key
+    #   (`PublicKey`) in the response to protect your key material during
+    #   import. For more information, see [Select a wrapping
     #   algorithm](kms/latest/developerguide/importing-keys-get-public-key-and-token.html#select-wrapping-algorithm)
     #   in the *Key Management Service Developer Guide*.
     #
     #   For RSA\_AES wrapping algorithms, you encrypt your key material with
     #   an AES key that you generate, then encrypt your AES key with the RSA
     #   public key from KMS. For RSAES wrapping algorithms, you encrypt your
-    #   key material directly with the RSA public key from KMS.
+    #   key material directly with the RSA public key from KMS. For SM2PKE
+    #   wrapping algorithms, you encrypt your key material directly with the
+    #   SM2 public key from KMS.
     #
     #   The wrapping algorithms that you can use depend on the type of key
     #   material that you are importing. To import an RSA private key, you
-    #   must use an RSA\_AES wrapping algorithm.
+    #   must use an RSA\_AES wrapping algorithm, except in China Regions,
+    #   where you must use the SM2PKE wrapping algorithm to import an RSA
+    #   private key.
+    #
+    #   The SM2PKE wrapping algorithm is available only in China Regions. The
+    #   `RSA_AES_KEY_WRAP_SHA_256` and `RSA_AES_KEY_WRAP_SHA_1` wrapping
+    #   algorithms are not supported in China Regions.
     #
     #   * **RSA\_AES\_KEY\_WRAP\_SHA\_256** — Supported for wrapping RSA and
     #     ECC key material.
@@ -5987,17 +5995,22 @@ module Aws::KMS
     #   * **RSAES\_PKCS1\_V1\_5** (Deprecated) — As of October 10, 2023, KMS
     #     does not support the RSAES\_PKCS1\_V1\_5 wrapping algorithm.
     #
+    #   * **SM2PKE** (China Regions only) — supported for wrapping RSA, ECC,
+    #     and SM2 key material.
+    #
     # @option params [required, String] :wrapping_key_spec
-    #   The type of RSA public key to return in the response. You will use
-    #   this wrapping key with the specified wrapping algorithm to protect
-    #   your key material during import.
+    #   The type of public key to return in the response. You will use this
+    #   wrapping key with the specified wrapping algorithm to protect your key
+    #   material during import.
     #
-    #   Use the longest RSA wrapping key that is practical.
+    #   Use the longest wrapping key that is practical.
     #
     #   You cannot use an RSA\_2048 public key to directly wrap an
     #   ECC\_NIST\_P521 private key. Instead, use an RSA\_AES wrapping
     #   algorithm or choose a longer RSA public key.
     #
+    #   The SM2 wrapping key spec is available only in China Regions.
+    #
     # @return [Types::GetParametersForImportResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::GetParametersForImportResponse#key_id #key_id} => String
@@ -6088,8 +6101,8 @@ module Aws::KMS
     #
     #   resp = client.get_parameters_for_import({
     #     key_id: "KeyIdType", # required
-    #     wrapping_algorithm: "RSAES_PKCS1_V1_5", # required, accepts RSAES_PKCS1_V1_5, RSAES_OAEP_SHA_1, RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256
-    #     wrapping_key_spec: "RSA_2048", # required, accepts RSA_2048, RSA_3072, RSA_4096
+    #     wrapping_algorithm: "RSAES_PKCS1_V1_5", # required, accepts RSAES_PKCS1_V1_5, RSAES_OAEP_SHA_1, RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256, SM2PKE
+    #     wrapping_key_spec: "RSA_2048", # required, accepts RSA_2048, RSA_3072, RSA_4096, SM2
     #   })
     #
     # @example Response structure
@@ -10458,7 +10471,7 @@ module Aws::KMS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-kms'
-      context[:gem_version] = '1.81.0'
+      context[:gem_version] = '1.82.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-kms/client_api.rb

@@ -993,6 +993,7 @@ module Aws::KMS
         "endpointPrefix" => "kms",
         "jsonVersion" => "1.1",
         "protocol" => "json",
+        "protocols" => ["json"],
         "serviceAbbreviation" => "KMS",
         "serviceFullName" => "AWS Key Management Service",
         "serviceId" => "KMS",

data/lib/aws-sdk-kms/types.rb

@@ -3208,20 +3208,28 @@ module Aws::KMS
     #   @return [String]
     #
     # @!attribute [rw] wrapping_algorithm
-    #   The algorithm you will use with the RSA public key (`PublicKey`) in
-    #   the response to protect your key material during import. For more
-    #   information, see [Select a wrapping
+    #   The algorithm you will use with the asymmetric public key
+    #   (`PublicKey`) in the response to protect your key material during
+    #   import. For more information, see [Select a wrapping
     #   algorithm](kms/latest/developerguide/importing-keys-get-public-key-and-token.html#select-wrapping-algorithm)
     #   in the *Key Management Service Developer Guide*.
     #
     #   For RSA\_AES wrapping algorithms, you encrypt your key material with
     #   an AES key that you generate, then encrypt your AES key with the RSA
     #   public key from KMS. For RSAES wrapping algorithms, you encrypt your
-    #   key material directly with the RSA public key from KMS.
+    #   key material directly with the RSA public key from KMS. For SM2PKE
+    #   wrapping algorithms, you encrypt your key material directly with the
+    #   SM2 public key from KMS.
     #
     #   The wrapping algorithms that you can use depend on the type of key
     #   material that you are importing. To import an RSA private key, you
-    #   must use an RSA\_AES wrapping algorithm.
+    #   must use an RSA\_AES wrapping algorithm, except in China Regions,
+    #   where you must use the SM2PKE wrapping algorithm to import an RSA
+    #   private key.
+    #
+    #   The SM2PKE wrapping algorithm is available only in China Regions.
+    #   The `RSA_AES_KEY_WRAP_SHA_256` and `RSA_AES_KEY_WRAP_SHA_1` wrapping
+    #   algorithms are not supported in China Regions.
     #
     #   * **RSA\_AES\_KEY\_WRAP\_SHA\_256** — Supported for wrapping RSA and
     #     ECC key material.
@@ -3244,18 +3252,23 @@ module Aws::KMS
     #
     #   * **RSAES\_PKCS1\_V1\_5** (Deprecated) — As of October 10, 2023, KMS
     #     does not support the RSAES\_PKCS1\_V1\_5 wrapping algorithm.
+    #
+    #   * **SM2PKE** (China Regions only) — supported for wrapping RSA, ECC,
+    #     and SM2 key material.
     #   @return [String]
     #
     # @!attribute [rw] wrapping_key_spec
-    #   The type of RSA public key to return in the response. You will use
-    #   this wrapping key with the specified wrapping algorithm to protect
-    #   your key material during import.
+    #   The type of public key to return in the response. You will use this
+    #   wrapping key with the specified wrapping algorithm to protect your
+    #   key material during import.
     #
-    #   Use the longest RSA wrapping key that is practical.
+    #   Use the longest wrapping key that is practical.
     #
     #   You cannot use an RSA\_2048 public key to directly wrap an
     #   ECC\_NIST\_P521 private key. Instead, use an RSA\_AES wrapping
     #   algorithm or choose a longer RSA public key.
+    #
+    #   The SM2 wrapping key spec is available only in China Regions.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetParametersForImportRequest AWS API Documentation

data/lib/aws-sdk-kms.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-kms/customizations'
 # @!group service
 module Aws::KMS
 
-  GEM_VERSION = '1.81.0'
+  GEM_VERSION = '1.82.0'
 
 end

data/sig/client.rbs

@@ -433,8 +433,8 @@ module Aws
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#get_parameters_for_import-instance_method
       def get_parameters_for_import: (
                                        key_id: ::String,
-                                       wrapping_algorithm: ("RSAES_PKCS1_V1_5" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "RSA_AES_KEY_WRAP_SHA_1" | "RSA_AES_KEY_WRAP_SHA_256"),
-                                       wrapping_key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096")
+                                       wrapping_algorithm: ("RSAES_PKCS1_V1_5" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "RSA_AES_KEY_WRAP_SHA_1" | "RSA_AES_KEY_WRAP_SHA_256" | "SM2PKE"),
+                                       wrapping_key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "SM2")
                                      ) -> _GetParametersForImportResponseSuccess
                                    | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetParametersForImportResponseSuccess
 

data/sig/types.rbs

@@ -424,8 +424,8 @@ module Aws::KMS
 
     class GetParametersForImportRequest
       attr_accessor key_id: ::String
-      attr_accessor wrapping_algorithm: ("RSAES_PKCS1_V1_5" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "RSA_AES_KEY_WRAP_SHA_1" | "RSA_AES_KEY_WRAP_SHA_256")
-      attr_accessor wrapping_key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096")
+      attr_accessor wrapping_algorithm: ("RSAES_PKCS1_V1_5" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "RSA_AES_KEY_WRAP_SHA_1" | "RSA_AES_KEY_WRAP_SHA_256" | "SM2PKE")
+      attr_accessor wrapping_key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "SM2")
       SENSITIVE: []
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-kms
 version: !ruby/object:Gem::Version
-  version: 1.81.0
+  version: 1.82.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-13 00:00:00.000000000 Z
+date: 2024-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core