aws-sdk-paymentcryptography 1.10.0 → 1.12.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-paymentcryptography/client.rb +574 -376
- data/lib/aws-sdk-paymentcryptography/client_api.rb +67 -50
- data/lib/aws-sdk-paymentcryptography/plugins/endpoints.rb +1 -0
- data/lib/aws-sdk-paymentcryptography/types.rb +380 -288
- data/lib/aws-sdk-paymentcryptography/waiters.rb +15 -0
- data/lib/aws-sdk-paymentcryptography.rb +2 -1
- data/sig/client.rbs +465 -0
- data/sig/errors.rbs +40 -0
- data/sig/resource.rbs +80 -0
- data/sig/types.rbs +467 -0
- data/sig/waiters.rbs +13 -0
- metadata +10 -4
@@ -22,6 +22,7 @@ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
|
|
22
22
|
require 'aws-sdk-core/plugins/response_paging.rb'
|
23
23
|
require 'aws-sdk-core/plugins/stub_responses.rb'
|
24
24
|
require 'aws-sdk-core/plugins/idempotency_token.rb'
|
25
|
+
require 'aws-sdk-core/plugins/invocation_id.rb'
|
25
26
|
require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
26
27
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
27
28
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
@@ -72,6 +73,7 @@ module Aws::PaymentCryptography
|
|
72
73
|
add_plugin(Aws::Plugins::ResponsePaging)
|
73
74
|
add_plugin(Aws::Plugins::StubResponses)
|
74
75
|
add_plugin(Aws::Plugins::IdempotencyToken)
|
76
|
+
add_plugin(Aws::Plugins::InvocationId)
|
75
77
|
add_plugin(Aws::Plugins::JsonvalueConverter)
|
76
78
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
77
79
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
@@ -196,10 +198,17 @@ module Aws::PaymentCryptography
|
|
196
198
|
# When set to 'true' the request body will not be compressed
|
197
199
|
# for supported operations.
|
198
200
|
#
|
199
|
-
# @option options [String] :endpoint
|
200
|
-
#
|
201
|
-
#
|
202
|
-
#
|
201
|
+
# @option options [String, URI::HTTPS, URI::HTTP] :endpoint
|
202
|
+
# Normally you should not configure the `:endpoint` option
|
203
|
+
# directly. This is normally constructed from the `:region`
|
204
|
+
# option. Configuring `:endpoint` is normally reserved for
|
205
|
+
# connecting to test or custom endpoints. The endpoint should
|
206
|
+
# be a URI formatted like:
|
207
|
+
#
|
208
|
+
# 'http://example.com'
|
209
|
+
# 'https://example.com'
|
210
|
+
# 'http://example.com:123'
|
211
|
+
#
|
203
212
|
#
|
204
213
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
205
214
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -347,50 +356,65 @@ module Aws::PaymentCryptography
|
|
347
356
|
# @option options [Aws::PaymentCryptography::EndpointProvider] :endpoint_provider
|
348
357
|
# The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::PaymentCryptography::EndpointParameters`
|
349
358
|
#
|
350
|
-
# @option options [
|
351
|
-
#
|
352
|
-
#
|
353
|
-
#
|
354
|
-
#
|
355
|
-
#
|
356
|
-
#
|
357
|
-
#
|
358
|
-
#
|
359
|
-
#
|
360
|
-
#
|
361
|
-
# @option options [Float] :
|
362
|
-
#
|
363
|
-
#
|
364
|
-
#
|
365
|
-
#
|
366
|
-
#
|
367
|
-
#
|
368
|
-
#
|
369
|
-
#
|
370
|
-
#
|
371
|
-
#
|
372
|
-
#
|
373
|
-
#
|
374
|
-
#
|
375
|
-
#
|
376
|
-
#
|
377
|
-
#
|
359
|
+
# @option options [Float] :http_continue_timeout (1)
|
360
|
+
# The number of seconds to wait for a 100-continue response before sending the
|
361
|
+
# request body. This option has no effect unless the request has "Expect"
|
362
|
+
# header set to "100-continue". Defaults to `nil` which disables this
|
363
|
+
# behaviour. This value can safely be set per request on the session.
|
364
|
+
#
|
365
|
+
# @option options [Float] :http_idle_timeout (5)
|
366
|
+
# The number of seconds a connection is allowed to sit idle before it
|
367
|
+
# is considered stale. Stale connections are closed and removed from the
|
368
|
+
# pool before making a request.
|
369
|
+
#
|
370
|
+
# @option options [Float] :http_open_timeout (15)
|
371
|
+
# The default number of seconds to wait for response data.
|
372
|
+
# This value can safely be set per-request on the session.
|
373
|
+
#
|
374
|
+
# @option options [URI::HTTP,String] :http_proxy
|
375
|
+
# A proxy to send requests through. Formatted like 'http://proxy.com:123'.
|
376
|
+
#
|
377
|
+
# @option options [Float] :http_read_timeout (60)
|
378
|
+
# The default number of seconds to wait for response data.
|
379
|
+
# This value can safely be set per-request on the session.
|
380
|
+
#
|
381
|
+
# @option options [Boolean] :http_wire_trace (false)
|
382
|
+
# When `true`, HTTP debug output will be sent to the `:logger`.
|
383
|
+
#
|
384
|
+
# @option options [Proc] :on_chunk_received
|
385
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
386
|
+
# of the response body is received. It provides three arguments: the chunk,
|
387
|
+
# the number of bytes received, and the total number of
|
388
|
+
# bytes in the response (or nil if the server did not send a `content-length`).
|
389
|
+
#
|
390
|
+
# @option options [Proc] :on_chunk_sent
|
391
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
392
|
+
# of the request body is sent. It provides three arguments: the chunk,
|
393
|
+
# the number of bytes read from the body, and the total number of
|
394
|
+
# bytes in the body.
|
395
|
+
#
|
396
|
+
# @option options [Boolean] :raise_response_errors (true)
|
397
|
+
# When `true`, response errors are raised.
|
398
|
+
#
|
399
|
+
# @option options [String] :ssl_ca_bundle
|
400
|
+
# Full path to the SSL certificate authority bundle file that should be used when
|
401
|
+
# verifying peer certificates. If you do not pass `:ssl_ca_bundle` or
|
402
|
+
# `:ssl_ca_directory` the the system default will be used if available.
|
403
|
+
#
|
404
|
+
# @option options [String] :ssl_ca_directory
|
405
|
+
# Full path of the directory that contains the unbundled SSL certificate
|
406
|
+
# authority files for verifying peer certificates. If you do
|
407
|
+
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the system
|
408
|
+
# default will be used if available.
|
378
409
|
#
|
379
|
-
# @option options [
|
380
|
-
#
|
381
|
-
# connection.
|
410
|
+
# @option options [String] :ssl_ca_store
|
411
|
+
# Sets the X509::Store to verify peer certificate.
|
382
412
|
#
|
383
|
-
# @option options [
|
384
|
-
#
|
385
|
-
# verifying peer certificates. If you do not pass
|
386
|
-
# `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
|
387
|
-
# will be used if available.
|
413
|
+
# @option options [Float] :ssl_timeout
|
414
|
+
# Sets the SSL timeout in seconds
|
388
415
|
#
|
389
|
-
# @option options [
|
390
|
-
#
|
391
|
-
# authority files for verifying peer certificates. If you do
|
392
|
-
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
|
393
|
-
# system default will be used if available.
|
416
|
+
# @option options [Boolean] :ssl_verify_peer (true)
|
417
|
+
# When `true`, SSL peer certificates are verified when establishing a connection.
|
394
418
|
#
|
395
419
|
def initialize(*args)
|
396
420
|
super
|
@@ -410,28 +434,32 @@ module Aws::PaymentCryptography
|
|
410
434
|
# Services Region, but you can create another alias with the same name
|
411
435
|
# in a different Amazon Web Services Region.
|
412
436
|
#
|
413
|
-
# To change the key that's associated with the alias, call
|
414
|
-
# To delete the alias, call DeleteAlias. These
|
415
|
-
# the underlying key. To get the alias that you
|
416
|
-
# ListAliases.
|
437
|
+
# To change the key that's associated with the alias, call
|
438
|
+
# [UpdateAlias][3]. To delete the alias, call [DeleteAlias][4]. These
|
439
|
+
# operations don't affect the underlying key. To get the alias that you
|
440
|
+
# created, call [ListAliases][5].
|
417
441
|
#
|
418
442
|
# **Cross-account use**: This operation can't be used across different
|
419
443
|
# Amazon Web Services accounts.
|
420
444
|
#
|
421
445
|
# **Related operations:**
|
422
446
|
#
|
423
|
-
# * DeleteAlias
|
447
|
+
# * [DeleteAlias][4]
|
424
448
|
#
|
425
|
-
# * GetAlias
|
449
|
+
# * [GetAlias][6]
|
426
450
|
#
|
427
|
-
# * ListAliases
|
451
|
+
# * [ListAliases][5]
|
428
452
|
#
|
429
|
-
# * UpdateAlias
|
453
|
+
# * [UpdateAlias][3]
|
430
454
|
#
|
431
455
|
#
|
432
456
|
#
|
433
457
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_EncryptData.html
|
434
458
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_DecryptData.html
|
459
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html
|
460
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
461
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html
|
462
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html
|
435
463
|
#
|
436
464
|
# @option params [required, String] :alias_name
|
437
465
|
# A friendly name that you can use to refer to a key. An alias must
|
@@ -503,23 +531,18 @@ module Aws::PaymentCryptography
|
|
503
531
|
#
|
504
532
|
# **Related operations:**
|
505
533
|
#
|
506
|
-
# * DeleteKey
|
534
|
+
# * [DeleteKey][2]
|
507
535
|
#
|
508
|
-
# * GetKey
|
536
|
+
# * [GetKey][3]
|
509
537
|
#
|
510
|
-
# * ListKeys
|
538
|
+
# * [ListKeys][4]
|
511
539
|
#
|
512
540
|
#
|
513
541
|
#
|
514
542
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
515
|
-
#
|
516
|
-
#
|
517
|
-
#
|
518
|
-
# activated for use within the service. If the key is not enabled, then
|
519
|
-
# it is created but not activated. The default value is enabled.
|
520
|
-
#
|
521
|
-
# @option params [required, Boolean] :exportable
|
522
|
-
# Specifies whether the key is exportable from the service.
|
543
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
544
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetKey.html
|
545
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListKeys.html
|
523
546
|
#
|
524
547
|
# @option params [required, Types::KeyAttributes] :key_attributes
|
525
548
|
# The role of the key, the algorithm it supports, and the cryptographic
|
@@ -537,11 +560,19 @@ module Aws::PaymentCryptography
|
|
537
560
|
# using a CMAC algorithm where the input data is 16 bytes of zero and
|
538
561
|
# retaining the 3 highest order bytes of the encrypted result.
|
539
562
|
#
|
563
|
+
# @option params [required, Boolean] :exportable
|
564
|
+
# Specifies whether the key is exportable from the service.
|
565
|
+
#
|
566
|
+
# @option params [Boolean] :enabled
|
567
|
+
# Specifies whether to enable the key. If the key is enabled, it is
|
568
|
+
# activated for use within the service. If the key is not enabled, then
|
569
|
+
# it is created but not activated. The default value is enabled.
|
570
|
+
#
|
540
571
|
# @option params [Array<Types::Tag>] :tags
|
541
572
|
# Assigns one or more tags to the Amazon Web Services Payment
|
542
573
|
# Cryptography key. Use this parameter to tag a key when it is created.
|
543
574
|
# To tag an existing Amazon Web Services Payment Cryptography key, use
|
544
|
-
# the TagResource operation.
|
575
|
+
# the [TagResource][1] operation.
|
545
576
|
#
|
546
577
|
# Each tag consists of a tag key and a tag value. Both the tag key and
|
547
578
|
# the tag value are required, but the tag value can be an empty (null)
|
@@ -557,6 +588,10 @@ module Aws::PaymentCryptography
|
|
557
588
|
#
|
558
589
|
# </note>
|
559
590
|
#
|
591
|
+
#
|
592
|
+
#
|
593
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
594
|
+
#
|
560
595
|
# @return [Types::CreateKeyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
561
596
|
#
|
562
597
|
# * {Types::CreateKeyOutput#key #key} => Types::Key
|
@@ -564,25 +599,25 @@ module Aws::PaymentCryptography
|
|
564
599
|
# @example Request syntax with placeholder values
|
565
600
|
#
|
566
601
|
# resp = client.create_key({
|
567
|
-
# enabled: false,
|
568
|
-
# exportable: false, # required
|
569
602
|
# key_attributes: { # required
|
570
|
-
#
|
603
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
571
604
|
# key_class: "SYMMETRIC_KEY", # required, accepts SYMMETRIC_KEY, ASYMMETRIC_KEY_PAIR, PRIVATE_KEY, PUBLIC_KEY
|
605
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
572
606
|
# key_modes_of_use: { # required
|
573
|
-
# decrypt: false,
|
574
|
-
# derive_key: false,
|
575
607
|
# encrypt: false,
|
608
|
+
# decrypt: false,
|
609
|
+
# wrap: false,
|
610
|
+
# unwrap: false,
|
576
611
|
# generate: false,
|
577
|
-
# no_restrictions: false,
|
578
612
|
# sign: false,
|
579
|
-
# unwrap: false,
|
580
613
|
# verify: false,
|
581
|
-
#
|
614
|
+
# derive_key: false,
|
615
|
+
# no_restrictions: false,
|
582
616
|
# },
|
583
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
584
617
|
# },
|
585
618
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
619
|
+
# exportable: false, # required
|
620
|
+
# enabled: false,
|
586
621
|
# tags: [
|
587
622
|
# {
|
588
623
|
# key: "TagKey", # required
|
@@ -593,30 +628,30 @@ module Aws::PaymentCryptography
|
|
593
628
|
#
|
594
629
|
# @example Response structure
|
595
630
|
#
|
596
|
-
# resp.key.create_timestamp #=> Time
|
597
|
-
# resp.key.delete_pending_timestamp #=> Time
|
598
|
-
# resp.key.delete_timestamp #=> Time
|
599
|
-
# resp.key.enabled #=> Boolean
|
600
|
-
# resp.key.exportable #=> Boolean
|
601
631
|
# resp.key.key_arn #=> String
|
602
|
-
# resp.key.key_attributes.
|
632
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
603
633
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
604
|
-
# resp.key.key_attributes.
|
605
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
634
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
606
635
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
636
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
637
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
638
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
607
639
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
608
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
609
640
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
610
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
611
641
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
612
|
-
# resp.key.key_attributes.key_modes_of_use.
|
613
|
-
# resp.key.key_attributes.
|
642
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
643
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
614
644
|
# resp.key.key_check_value #=> String
|
615
645
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
616
|
-
# resp.key.
|
646
|
+
# resp.key.enabled #=> Boolean
|
647
|
+
# resp.key.exportable #=> Boolean
|
617
648
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
649
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
650
|
+
# resp.key.create_timestamp #=> Time
|
618
651
|
# resp.key.usage_start_timestamp #=> Time
|
619
652
|
# resp.key.usage_stop_timestamp #=> Time
|
653
|
+
# resp.key.delete_pending_timestamp #=> Time
|
654
|
+
# resp.key.delete_timestamp #=> Time
|
620
655
|
#
|
621
656
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/CreateKey AWS API Documentation
|
622
657
|
#
|
@@ -630,23 +665,31 @@ module Aws::PaymentCryptography
|
|
630
665
|
# Deletes the alias, but doesn't affect the underlying key.
|
631
666
|
#
|
632
667
|
# Each key can have multiple aliases. To get the aliases of all keys,
|
633
|
-
# use the
|
634
|
-
# DeleteAlias to delete the current alias and then use
|
635
|
-
# create a new alias. To associate an existing alias
|
636
|
-
# key, call UpdateAlias.
|
668
|
+
# use the [UpdateAlias][1] operation. To change the alias of a key,
|
669
|
+
# first use [DeleteAlias][2] to delete the current alias and then use
|
670
|
+
# [CreateAlias][3] to create a new alias. To associate an existing alias
|
671
|
+
# with a different key, call [UpdateAlias][1].
|
637
672
|
#
|
638
673
|
# **Cross-account use:** This operation can't be used across different
|
639
674
|
# Amazon Web Services accounts.
|
640
675
|
#
|
641
676
|
# **Related operations:**
|
642
677
|
#
|
643
|
-
# * CreateAlias
|
678
|
+
# * [CreateAlias][3]
|
679
|
+
#
|
680
|
+
# * [GetAlias][4]
|
681
|
+
#
|
682
|
+
# * [ListAliases][5]
|
644
683
|
#
|
645
|
-
# *
|
684
|
+
# * [UpdateAlias][1]
|
646
685
|
#
|
647
|
-
# * ListAliases
|
648
686
|
#
|
649
|
-
#
|
687
|
+
#
|
688
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html
|
689
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
690
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html
|
691
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html
|
692
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html
|
650
693
|
#
|
651
694
|
# @option params [required, String] :alias_name
|
652
695
|
# A friendly name that you can use to refer Amazon Web Services Payment
|
@@ -689,25 +732,31 @@ module Aws::PaymentCryptography
|
|
689
732
|
# You should delete a key only when you are sure that you don't need to
|
690
733
|
# use it anymore and no other parties are utilizing this key. If you
|
691
734
|
# aren't sure, consider deactivating it instead by calling
|
692
|
-
# StopKeyUsage.
|
735
|
+
# [StopKeyUsage][1].
|
693
736
|
#
|
694
737
|
# **Cross-account use:** This operation can't be used across different
|
695
738
|
# Amazon Web Services accounts.
|
696
739
|
#
|
697
740
|
# **Related operations:**
|
698
741
|
#
|
699
|
-
# * RestoreKey
|
742
|
+
# * [RestoreKey][2]
|
700
743
|
#
|
701
|
-
# * StartKeyUsage
|
744
|
+
# * [StartKeyUsage][3]
|
745
|
+
#
|
746
|
+
# * [StopKeyUsage][1]
|
702
747
|
#
|
703
|
-
# * StopKeyUsage
|
704
748
|
#
|
705
|
-
#
|
706
|
-
#
|
749
|
+
#
|
750
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StopKeyUsage.html
|
751
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_RestoreKey.html
|
752
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StartKeyUsage.html
|
707
753
|
#
|
708
754
|
# @option params [required, String] :key_identifier
|
709
755
|
# The `KeyARN` of the key that is scheduled for deletion.
|
710
756
|
#
|
757
|
+
# @option params [Integer] :delete_key_in_days
|
758
|
+
# The waiting period for key deletion. The default value is seven days.
|
759
|
+
#
|
711
760
|
# @return [Types::DeleteKeyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
712
761
|
#
|
713
762
|
# * {Types::DeleteKeyOutput#key #key} => Types::Key
|
@@ -715,36 +764,36 @@ module Aws::PaymentCryptography
|
|
715
764
|
# @example Request syntax with placeholder values
|
716
765
|
#
|
717
766
|
# resp = client.delete_key({
|
718
|
-
# delete_key_in_days: 1,
|
719
767
|
# key_identifier: "KeyArnOrKeyAliasType", # required
|
768
|
+
# delete_key_in_days: 1,
|
720
769
|
# })
|
721
770
|
#
|
722
771
|
# @example Response structure
|
723
772
|
#
|
724
|
-
# resp.key.create_timestamp #=> Time
|
725
|
-
# resp.key.delete_pending_timestamp #=> Time
|
726
|
-
# resp.key.delete_timestamp #=> Time
|
727
|
-
# resp.key.enabled #=> Boolean
|
728
|
-
# resp.key.exportable #=> Boolean
|
729
773
|
# resp.key.key_arn #=> String
|
730
|
-
# resp.key.key_attributes.
|
774
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
731
775
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
732
|
-
# resp.key.key_attributes.
|
733
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
776
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
734
777
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
778
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
779
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
780
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
735
781
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
736
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
737
782
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
738
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
739
783
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
740
|
-
# resp.key.key_attributes.key_modes_of_use.
|
741
|
-
# resp.key.key_attributes.
|
784
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
785
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
742
786
|
# resp.key.key_check_value #=> String
|
743
787
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
744
|
-
# resp.key.
|
788
|
+
# resp.key.enabled #=> Boolean
|
789
|
+
# resp.key.exportable #=> Boolean
|
745
790
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
791
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
792
|
+
# resp.key.create_timestamp #=> Time
|
746
793
|
# resp.key.usage_start_timestamp #=> Time
|
747
794
|
# resp.key.usage_stop_timestamp #=> Time
|
795
|
+
# resp.key.delete_pending_timestamp #=> Time
|
796
|
+
# resp.key.delete_timestamp #=> Time
|
748
797
|
#
|
749
798
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DeleteKey AWS API Documentation
|
750
799
|
#
|
@@ -791,6 +840,25 @@ module Aws::PaymentCryptography
|
|
791
840
|
# within Amazon Web Services Payment Cryptography and has to be
|
792
841
|
# re-generated each time during export.
|
793
842
|
#
|
843
|
+
# For key exchange using TR-31 or TR-34 key blocks, you can also export
|
844
|
+
# optional blocks within the key block header which contain additional
|
845
|
+
# attribute information about the key. The `KeyVersion` within
|
846
|
+
# `KeyBlockHeaders` indicates the version of the key within the key
|
847
|
+
# block. Furthermore, `KeyExportability` within `KeyBlockHeaders` can be
|
848
|
+
# used to further restrict exportability of the key after export from
|
849
|
+
# Amazon Web Services Payment Cryptography.
|
850
|
+
#
|
851
|
+
# The `OptionalBlocks` contain the additional data related to the key.
|
852
|
+
# For information on data type that can be included within optional
|
853
|
+
# blocks, refer to [ASC X9.143-2022][1].
|
854
|
+
#
|
855
|
+
# <note markdown="1"> Data included in key block headers is signed but transmitted in clear
|
856
|
+
# text. Sensitive or confidential information should not be included in
|
857
|
+
# optional blocks. Refer to ASC X9.143-2022 standard for information on
|
858
|
+
# allowed data type.
|
859
|
+
#
|
860
|
+
# </note>
|
861
|
+
#
|
794
862
|
# **To export initial keys (KEK) or IPEK using TR-34**
|
795
863
|
#
|
796
864
|
# Using this operation, you can export initial key using TR-34
|
@@ -803,26 +871,26 @@ module Aws::PaymentCryptography
|
|
803
871
|
# the key.
|
804
872
|
#
|
805
873
|
# To initiate TR-34 key export, the KRD must obtain an export token by
|
806
|
-
# calling GetParametersForExport. This operation also generates a
|
807
|
-
# pair for the purpose of key export, signs the key and returns back
|
808
|
-
# signing public key certificate (also known as KDH signing
|
809
|
-
# and root certificate chain. The KDH uses the private key
|
810
|
-
# the export payload and the signing public key certificate
|
811
|
-
# to KRD to verify the signature. The KRD can import the
|
812
|
-
# certificate into its Hardware Security Module (HSM), as required.
|
813
|
-
# export token and the associated KDH signing certificate expires
|
814
|
-
# 7 days.
|
874
|
+
# calling [GetParametersForExport][2]. This operation also generates a
|
875
|
+
# key pair for the purpose of key export, signs the key and returns back
|
876
|
+
# the signing public key certificate (also known as KDH signing
|
877
|
+
# certificate) and root certificate chain. The KDH uses the private key
|
878
|
+
# to sign the the export payload and the signing public key certificate
|
879
|
+
# is provided to KRD to verify the signature. The KRD can import the
|
880
|
+
# root certificate into its Hardware Security Module (HSM), as required.
|
881
|
+
# The export token and the associated KDH signing certificate expires
|
882
|
+
# after 7 days.
|
815
883
|
#
|
816
884
|
# Next the KRD generates a key pair for the the purpose of encrypting
|
817
885
|
# the KDH key and provides the public key cerificate (also known as KRD
|
818
886
|
# wrapping certificate) back to KDH. The KRD will also import the root
|
819
887
|
# cerificate chain into Amazon Web Services Payment Cryptography by
|
820
|
-
# calling ImportKey for `RootCertificatePublicKey`. The KDH, Amazon
|
821
|
-
# Services Payment Cryptography, will use the KRD wrapping
|
822
|
-
# encrypt (wrap) the key under export and signs it with
|
823
|
-
# key to generate a TR-34 WrappedKeyBlock. For more
|
824
|
-
# key export, see section [Exporting symmetric
|
825
|
-
# Web Services Payment Cryptography User Guide*.
|
888
|
+
# calling [ImportKey][3] for `RootCertificatePublicKey`. The KDH, Amazon
|
889
|
+
# Web Services Payment Cryptography, will use the KRD wrapping
|
890
|
+
# cerificate to encrypt (wrap) the key under export and signs it with
|
891
|
+
# signing private key to generate a TR-34 WrappedKeyBlock. For more
|
892
|
+
# information on TR-34 key export, see section [Exporting symmetric
|
893
|
+
# keys][4] in the *Amazon Web Services Payment Cryptography User Guide*.
|
826
894
|
#
|
827
895
|
# Set the following parameters:
|
828
896
|
#
|
@@ -837,7 +905,8 @@ module Aws::PaymentCryptography
|
|
837
905
|
# * `CertificateAuthorityPublicKeyIdentifier`: The `KeyARN` of the
|
838
906
|
# certificate chain that signed the KRD wrapping key certificate.
|
839
907
|
#
|
840
|
-
# * `ExportToken`: Obtained from KDH by calling
|
908
|
+
# * `ExportToken`: Obtained from KDH by calling
|
909
|
+
# [GetParametersForImport][5].
|
841
910
|
#
|
842
911
|
# * `WrappingKeyCertificate`: The public key certificate in PEM format
|
843
912
|
# (base64 encoded) of the KRD wrapping key Amazon Web Services Payment
|
@@ -856,7 +925,7 @@ module Aws::PaymentCryptography
|
|
856
925
|
# asymmetric key pair on the receiving HSM and obtain the public key
|
857
926
|
# certificate in PEM format (base64 encoded) for the purpose of wrapping
|
858
927
|
# and the root certifiate chain. Import the root certificate into Amazon
|
859
|
-
# Web Services Payment Cryptography by calling ImportKey for
|
928
|
+
# Web Services Payment Cryptography by calling [ImportKey][3] for
|
860
929
|
# `RootCertificatePublicKey`.
|
861
930
|
#
|
862
931
|
# Next call `ExportKey` and set the following parameters:
|
@@ -880,7 +949,7 @@ module Aws::PaymentCryptography
|
|
880
949
|
# Using this operation, you can export working keys or IPEK using TR-31
|
881
950
|
# symmetric key exchange. In TR-31, you must use an initial key such as
|
882
951
|
# KEK to encrypt or wrap the key under export. To establish a KEK, you
|
883
|
-
# can use CreateKey or ImportKey.
|
952
|
+
# can use [CreateKey][6] or [ImportKey][3].
|
884
953
|
#
|
885
954
|
# Set the following parameters:
|
886
955
|
#
|
@@ -901,24 +970,29 @@ module Aws::PaymentCryptography
|
|
901
970
|
#
|
902
971
|
# **Related operations:**
|
903
972
|
#
|
904
|
-
# * GetParametersForExport
|
973
|
+
# * [GetParametersForExport][2]
|
905
974
|
#
|
906
|
-
# * ImportKey
|
975
|
+
# * [ImportKey][3]
|
907
976
|
#
|
908
977
|
#
|
909
978
|
#
|
910
|
-
# [1]: https://
|
979
|
+
# [1]: https://webstore.ansi.org/standards/ascx9/ansix91432022
|
980
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForExport.html
|
981
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
982
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-export.html
|
983
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForImport.html
|
984
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
911
985
|
#
|
912
|
-
# @option params [Types::
|
913
|
-
# The
|
986
|
+
# @option params [required, Types::ExportKeyMaterial] :key_material
|
987
|
+
# The key block format type, for example, TR-34 or TR-31, to use during
|
988
|
+
# key material export.
|
914
989
|
#
|
915
990
|
# @option params [required, String] :export_key_identifier
|
916
991
|
# The `KeyARN` of the key under export from Amazon Web Services Payment
|
917
992
|
# Cryptography.
|
918
993
|
#
|
919
|
-
# @option params [
|
920
|
-
# The
|
921
|
-
# key material export.
|
994
|
+
# @option params [Types::ExportAttributes] :export_attributes
|
995
|
+
# The attributes for IPEK generation during export.
|
922
996
|
#
|
923
997
|
# @return [Types::ExportKeyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
924
998
|
#
|
@@ -927,39 +1001,75 @@ module Aws::PaymentCryptography
|
|
927
1001
|
# @example Request syntax with placeholder values
|
928
1002
|
#
|
929
1003
|
# resp = client.export_key({
|
930
|
-
# export_attributes: {
|
931
|
-
# export_dukpt_initial_key: {
|
932
|
-
# key_serial_number: "HexLength20Or24", # required
|
933
|
-
# },
|
934
|
-
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
935
|
-
# },
|
936
|
-
# export_key_identifier: "KeyArnOrKeyAliasType", # required
|
937
1004
|
# key_material: { # required
|
938
|
-
# key_cryptogram: {
|
939
|
-
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
940
|
-
# wrapping_key_certificate: "CertificateType", # required
|
941
|
-
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
942
|
-
# },
|
943
1005
|
# tr_31_key_block: {
|
944
1006
|
# wrapping_key_identifier: "KeyArnOrKeyAliasType", # required
|
1007
|
+
# key_block_headers: {
|
1008
|
+
# key_modes_of_use: {
|
1009
|
+
# encrypt: false,
|
1010
|
+
# decrypt: false,
|
1011
|
+
# wrap: false,
|
1012
|
+
# unwrap: false,
|
1013
|
+
# generate: false,
|
1014
|
+
# sign: false,
|
1015
|
+
# verify: false,
|
1016
|
+
# derive_key: false,
|
1017
|
+
# no_restrictions: false,
|
1018
|
+
# },
|
1019
|
+
# key_exportability: "EXPORTABLE", # accepts EXPORTABLE, NON_EXPORTABLE, SENSITIVE
|
1020
|
+
# key_version: "KeyVersion",
|
1021
|
+
# optional_blocks: {
|
1022
|
+
# "OptionalBlockId" => "OptionalBlockValue",
|
1023
|
+
# },
|
1024
|
+
# },
|
945
1025
|
# },
|
946
1026
|
# tr_34_key_block: {
|
947
1027
|
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1028
|
+
# wrapping_key_certificate: "CertificateType", # required
|
948
1029
|
# export_token: "ExportTokenId", # required
|
949
1030
|
# key_block_format: "X9_TR34_2012", # required, accepts X9_TR34_2012
|
950
1031
|
# random_nonce: "HexLength16",
|
1032
|
+
# key_block_headers: {
|
1033
|
+
# key_modes_of_use: {
|
1034
|
+
# encrypt: false,
|
1035
|
+
# decrypt: false,
|
1036
|
+
# wrap: false,
|
1037
|
+
# unwrap: false,
|
1038
|
+
# generate: false,
|
1039
|
+
# sign: false,
|
1040
|
+
# verify: false,
|
1041
|
+
# derive_key: false,
|
1042
|
+
# no_restrictions: false,
|
1043
|
+
# },
|
1044
|
+
# key_exportability: "EXPORTABLE", # accepts EXPORTABLE, NON_EXPORTABLE, SENSITIVE
|
1045
|
+
# key_version: "KeyVersion",
|
1046
|
+
# optional_blocks: {
|
1047
|
+
# "OptionalBlockId" => "OptionalBlockValue",
|
1048
|
+
# },
|
1049
|
+
# },
|
1050
|
+
# },
|
1051
|
+
# key_cryptogram: {
|
1052
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
951
1053
|
# wrapping_key_certificate: "CertificateType", # required
|
1054
|
+
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
1055
|
+
# },
|
1056
|
+
# },
|
1057
|
+
# export_key_identifier: "KeyArnOrKeyAliasType", # required
|
1058
|
+
# export_attributes: {
|
1059
|
+
# export_dukpt_initial_key: {
|
1060
|
+
# key_serial_number: "HexLength20Or24", # required
|
952
1061
|
# },
|
1062
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
953
1063
|
# },
|
954
1064
|
# })
|
955
1065
|
#
|
956
1066
|
# @example Response structure
|
957
1067
|
#
|
1068
|
+
# resp.wrapped_key.wrapping_key_arn #=> String
|
1069
|
+
# resp.wrapped_key.wrapped_key_material_format #=> String, one of "KEY_CRYPTOGRAM", "TR31_KEY_BLOCK", "TR34_KEY_BLOCK"
|
1070
|
+
# resp.wrapped_key.key_material #=> String
|
958
1071
|
# resp.wrapped_key.key_check_value #=> String
|
959
1072
|
# resp.wrapped_key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
960
|
-
# resp.wrapped_key.key_material #=> String
|
961
|
-
# resp.wrapped_key.wrapped_key_material_format #=> String, one of "KEY_CRYPTOGRAM", "TR31_KEY_BLOCK", "TR34_KEY_BLOCK"
|
962
|
-
# resp.wrapped_key.wrapping_key_arn #=> String
|
963
1073
|
#
|
964
1074
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ExportKey AWS API Documentation
|
965
1075
|
#
|
@@ -978,13 +1088,20 @@ module Aws::PaymentCryptography
|
|
978
1088
|
#
|
979
1089
|
# **Related operations:**
|
980
1090
|
#
|
981
|
-
# * CreateAlias
|
1091
|
+
# * [CreateAlias][1]
|
1092
|
+
#
|
1093
|
+
# * [DeleteAlias][2]
|
1094
|
+
#
|
1095
|
+
# * [ListAliases][3]
|
982
1096
|
#
|
983
|
-
# *
|
1097
|
+
# * [UpdateAlias][4]
|
984
1098
|
#
|
985
|
-
# * ListAliases
|
986
1099
|
#
|
987
|
-
#
|
1100
|
+
#
|
1101
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html
|
1102
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
1103
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html
|
1104
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html
|
988
1105
|
#
|
989
1106
|
# @option params [required, String] :alias_name
|
990
1107
|
# The alias of the Amazon Web Services Payment Cryptography key.
|
@@ -1022,11 +1139,17 @@ module Aws::PaymentCryptography
|
|
1022
1139
|
#
|
1023
1140
|
# **Related operations:**
|
1024
1141
|
#
|
1025
|
-
# * CreateKey
|
1142
|
+
# * [CreateKey][1]
|
1143
|
+
#
|
1144
|
+
# * [DeleteKey][2]
|
1145
|
+
#
|
1146
|
+
# * [ListKeys][3]
|
1147
|
+
#
|
1026
1148
|
#
|
1027
|
-
# * DeleteKey
|
1028
1149
|
#
|
1029
|
-
#
|
1150
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
1151
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
1152
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListKeys.html
|
1030
1153
|
#
|
1031
1154
|
# @option params [required, String] :key_identifier
|
1032
1155
|
# The `KeyARN` of the Amazon Web Services Payment Cryptography key.
|
@@ -1043,30 +1166,30 @@ module Aws::PaymentCryptography
|
|
1043
1166
|
#
|
1044
1167
|
# @example Response structure
|
1045
1168
|
#
|
1046
|
-
# resp.key.create_timestamp #=> Time
|
1047
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1048
|
-
# resp.key.delete_timestamp #=> Time
|
1049
|
-
# resp.key.enabled #=> Boolean
|
1050
|
-
# resp.key.exportable #=> Boolean
|
1051
1169
|
# resp.key.key_arn #=> String
|
1052
|
-
# resp.key.key_attributes.
|
1170
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1053
1171
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1054
|
-
# resp.key.key_attributes.
|
1055
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1172
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1056
1173
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
1174
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
1175
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
1176
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1057
1177
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1058
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1059
1178
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1060
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1061
1179
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1062
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1063
|
-
# resp.key.key_attributes.
|
1180
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1181
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1064
1182
|
# resp.key.key_check_value #=> String
|
1065
1183
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1066
|
-
# resp.key.
|
1184
|
+
# resp.key.enabled #=> Boolean
|
1185
|
+
# resp.key.exportable #=> Boolean
|
1067
1186
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
1187
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
1188
|
+
# resp.key.create_timestamp #=> Time
|
1068
1189
|
# resp.key.usage_start_timestamp #=> Time
|
1069
1190
|
# resp.key.usage_stop_timestamp #=> Time
|
1191
|
+
# resp.key.delete_pending_timestamp #=> Time
|
1192
|
+
# resp.key.delete_timestamp #=> Time
|
1070
1193
|
#
|
1071
1194
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetKey AWS API Documentation
|
1072
1195
|
#
|
@@ -1082,18 +1205,23 @@ module Aws::PaymentCryptography
|
|
1082
1205
|
#
|
1083
1206
|
# The signing key certificate signs the wrapped key under export within
|
1084
1207
|
# the TR-34 key payload. The export token and signing key certificate
|
1085
|
-
# must be in place and operational before calling ExportKey. The
|
1086
|
-
# token expires in 7 days. You can use the same export token to
|
1087
|
-
# multiple keys from your service account.
|
1208
|
+
# must be in place and operational before calling [ExportKey][1]. The
|
1209
|
+
# export token expires in 7 days. You can use the same export token to
|
1210
|
+
# export multiple keys from your service account.
|
1088
1211
|
#
|
1089
1212
|
# **Cross-account use:** This operation can't be used across different
|
1090
1213
|
# Amazon Web Services accounts.
|
1091
1214
|
#
|
1092
1215
|
# **Related operations:**
|
1093
1216
|
#
|
1094
|
-
# * ExportKey
|
1217
|
+
# * [ExportKey][1]
|
1218
|
+
#
|
1219
|
+
# * [GetParametersForImport][2]
|
1220
|
+
#
|
1095
1221
|
#
|
1096
|
-
#
|
1222
|
+
#
|
1223
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ExportKey.html
|
1224
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForImport.html
|
1097
1225
|
#
|
1098
1226
|
# @option params [required, String] :key_material_type
|
1099
1227
|
# The key block format type (for example, TR-34 or TR-31) to use during
|
@@ -1108,11 +1236,11 @@ module Aws::PaymentCryptography
|
|
1108
1236
|
#
|
1109
1237
|
# @return [Types::GetParametersForExportOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1110
1238
|
#
|
1111
|
-
# * {Types::GetParametersForExportOutput#export_token #export_token} => String
|
1112
|
-
# * {Types::GetParametersForExportOutput#parameters_valid_until_timestamp #parameters_valid_until_timestamp} => Time
|
1113
|
-
# * {Types::GetParametersForExportOutput#signing_key_algorithm #signing_key_algorithm} => String
|
1114
1239
|
# * {Types::GetParametersForExportOutput#signing_key_certificate #signing_key_certificate} => String
|
1115
1240
|
# * {Types::GetParametersForExportOutput#signing_key_certificate_chain #signing_key_certificate_chain} => String
|
1241
|
+
# * {Types::GetParametersForExportOutput#signing_key_algorithm #signing_key_algorithm} => String
|
1242
|
+
# * {Types::GetParametersForExportOutput#export_token #export_token} => String
|
1243
|
+
# * {Types::GetParametersForExportOutput#parameters_valid_until_timestamp #parameters_valid_until_timestamp} => Time
|
1116
1244
|
#
|
1117
1245
|
# @example Request syntax with placeholder values
|
1118
1246
|
#
|
@@ -1123,11 +1251,11 @@ module Aws::PaymentCryptography
|
|
1123
1251
|
#
|
1124
1252
|
# @example Response structure
|
1125
1253
|
#
|
1126
|
-
# resp.export_token #=> String
|
1127
|
-
# resp.parameters_valid_until_timestamp #=> Time
|
1128
|
-
# resp.signing_key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1129
1254
|
# resp.signing_key_certificate #=> String
|
1130
1255
|
# resp.signing_key_certificate_chain #=> String
|
1256
|
+
# resp.signing_key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1257
|
+
# resp.export_token #=> String
|
1258
|
+
# resp.parameters_valid_until_timestamp #=> Time
|
1131
1259
|
#
|
1132
1260
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForExport AWS API Documentation
|
1133
1261
|
#
|
@@ -1145,18 +1273,23 @@ module Aws::PaymentCryptography
|
|
1145
1273
|
#
|
1146
1274
|
# The wrapping key certificate wraps the key under import. The import
|
1147
1275
|
# token and wrapping key certificate must be in place and operational
|
1148
|
-
# before calling ImportKey. The import token expires in 7 days. You
|
1149
|
-
# use the same import token to import multiple keys into your
|
1150
|
-
# account.
|
1276
|
+
# before calling [ImportKey][1]. The import token expires in 7 days. You
|
1277
|
+
# can use the same import token to import multiple keys into your
|
1278
|
+
# service account.
|
1151
1279
|
#
|
1152
1280
|
# **Cross-account use:** This operation can't be used across different
|
1153
1281
|
# Amazon Web Services accounts.
|
1154
1282
|
#
|
1155
1283
|
# **Related operations:**
|
1156
1284
|
#
|
1157
|
-
# * GetParametersForExport
|
1285
|
+
# * [GetParametersForExport][2]
|
1286
|
+
#
|
1287
|
+
# * [ImportKey][1]
|
1288
|
+
#
|
1289
|
+
#
|
1158
1290
|
#
|
1159
|
-
#
|
1291
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
1292
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForExport.html
|
1160
1293
|
#
|
1161
1294
|
# @option params [required, String] :key_material_type
|
1162
1295
|
# The method to use for key material import. Import token is only
|
@@ -1177,11 +1310,11 @@ module Aws::PaymentCryptography
|
|
1177
1310
|
#
|
1178
1311
|
# @return [Types::GetParametersForImportOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1179
1312
|
#
|
1180
|
-
# * {Types::GetParametersForImportOutput#import_token #import_token} => String
|
1181
|
-
# * {Types::GetParametersForImportOutput#parameters_valid_until_timestamp #parameters_valid_until_timestamp} => Time
|
1182
|
-
# * {Types::GetParametersForImportOutput#wrapping_key_algorithm #wrapping_key_algorithm} => String
|
1183
1313
|
# * {Types::GetParametersForImportOutput#wrapping_key_certificate #wrapping_key_certificate} => String
|
1184
1314
|
# * {Types::GetParametersForImportOutput#wrapping_key_certificate_chain #wrapping_key_certificate_chain} => String
|
1315
|
+
# * {Types::GetParametersForImportOutput#wrapping_key_algorithm #wrapping_key_algorithm} => String
|
1316
|
+
# * {Types::GetParametersForImportOutput#import_token #import_token} => String
|
1317
|
+
# * {Types::GetParametersForImportOutput#parameters_valid_until_timestamp #parameters_valid_until_timestamp} => Time
|
1185
1318
|
#
|
1186
1319
|
# @example Request syntax with placeholder values
|
1187
1320
|
#
|
@@ -1192,11 +1325,11 @@ module Aws::PaymentCryptography
|
|
1192
1325
|
#
|
1193
1326
|
# @example Response structure
|
1194
1327
|
#
|
1195
|
-
# resp.import_token #=> String
|
1196
|
-
# resp.parameters_valid_until_timestamp #=> Time
|
1197
|
-
# resp.wrapping_key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1198
1328
|
# resp.wrapping_key_certificate #=> String
|
1199
1329
|
# resp.wrapping_key_certificate_chain #=> String
|
1330
|
+
# resp.wrapping_key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1331
|
+
# resp.import_token #=> String
|
1332
|
+
# resp.parameters_valid_until_timestamp #=> Time
|
1200
1333
|
#
|
1201
1334
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForImport AWS API Documentation
|
1202
1335
|
#
|
@@ -1333,13 +1466,13 @@ module Aws::PaymentCryptography
|
|
1333
1466
|
# Amazon Web Services Payment Cryptography who receives the key.
|
1334
1467
|
#
|
1335
1468
|
# To initiate TR-34 key import, the KDH must obtain an import token by
|
1336
|
-
# calling GetParametersForImport. This operation generates an
|
1337
|
-
# keypair for the purpose of key import, signs the key and
|
1338
|
-
# the wrapping key certificate (also known as KRD wrapping
|
1339
|
-
# and the root certificate chain. The KDH must trust and
|
1340
|
-
# wrapping certificate on its HSM and use it to encrypt
|
1341
|
-
# key during TR-34 WrappedKeyBlock generation. The import
|
1342
|
-
# associated KRD wrapping certificate expires after 7 days.
|
1469
|
+
# calling [GetParametersForImport][1]. This operation generates an
|
1470
|
+
# encryption keypair for the purpose of key import, signs the key and
|
1471
|
+
# returns back the wrapping key certificate (also known as KRD wrapping
|
1472
|
+
# certificate) and the root certificate chain. The KDH must trust and
|
1473
|
+
# install the KRD wrapping certificate on its HSM and use it to encrypt
|
1474
|
+
# (wrap) the KDH key during TR-34 WrappedKeyBlock generation. The import
|
1475
|
+
# token and associated KRD wrapping certificate expires after 7 days.
|
1343
1476
|
#
|
1344
1477
|
# Next the KDH generates a key pair for the purpose of signing the
|
1345
1478
|
# encrypted KDH key and provides the public certificate of the signing
|
@@ -1347,7 +1480,7 @@ module Aws::PaymentCryptography
|
|
1347
1480
|
# need to import the root certificate chain of the KDH signing
|
1348
1481
|
# certificate by calling `ImportKey` for `RootCertificatePublicKey`. For
|
1349
1482
|
# more information on TR-34 key import, see section [Importing symmetric
|
1350
|
-
# keys][
|
1483
|
+
# keys][2] in the *Amazon Web Services Payment Cryptography User Guide*.
|
1351
1484
|
#
|
1352
1485
|
# Set the following parameters:
|
1353
1486
|
#
|
@@ -1356,7 +1489,8 @@ module Aws::PaymentCryptography
|
|
1356
1489
|
# * `CertificateAuthorityPublicKeyIdentifier`: The `KeyARN` of the
|
1357
1490
|
# certificate chain that signed the KDH signing key certificate.
|
1358
1491
|
#
|
1359
|
-
# * `ImportToken`: Obtained from KRD by calling
|
1492
|
+
# * `ImportToken`: Obtained from KRD by calling
|
1493
|
+
# [GetParametersForImport][1].
|
1360
1494
|
#
|
1361
1495
|
# * `WrappedKeyBlock`: The TR-34 wrapped key material from KDH. It
|
1362
1496
|
# contains the KDH key under import, wrapped with KRD wrapping
|
@@ -1374,12 +1508,12 @@ module Aws::PaymentCryptography
|
|
1374
1508
|
#
|
1375
1509
|
# Using this operation, you can import initial key using asymmetric RSA
|
1376
1510
|
# wrap and unwrap key exchange method. To initiate import, call
|
1377
|
-
# GetParametersForImport with `KeyMaterial` set to `KEY_CRYPTOGRAM`
|
1378
|
-
# generate an import token. This operation also generates an
|
1379
|
-
# keypair for the purpose of key import, signs the key and
|
1380
|
-
# the wrapping key certificate in PEM format (base64
|
1381
|
-
# root certificate chain. The import token and
|
1382
|
-
# certificate expires after 7 days.
|
1511
|
+
# [GetParametersForImport][1] with `KeyMaterial` set to `KEY_CRYPTOGRAM`
|
1512
|
+
# to generate an import token. This operation also generates an
|
1513
|
+
# encryption keypair for the purpose of key import, signs the key and
|
1514
|
+
# returns back the wrapping key certificate in PEM format (base64
|
1515
|
+
# encoded) and its root certificate chain. The import token and
|
1516
|
+
# associated KRD wrapping certificate expires after 7 days.
|
1383
1517
|
#
|
1384
1518
|
# You must trust and install the wrapping certificate and its
|
1385
1519
|
# certificate chain on the sending HSM and use it to wrap the key under
|
@@ -1392,8 +1526,8 @@ module Aws::PaymentCryptography
|
|
1392
1526
|
# Amazon Web Services Payment Cryptography uses TR-31 symmetric key
|
1393
1527
|
# exchange norm to import working keys. A KEK must be established within
|
1394
1528
|
# Amazon Web Services Payment Cryptography by using TR-34 key import or
|
1395
|
-
# by using CreateKey. To initiate a TR-31 key import, set the
|
1396
|
-
# parameters:
|
1529
|
+
# by using [CreateKey][3]. To initiate a TR-31 key import, set the
|
1530
|
+
# following parameters:
|
1397
1531
|
#
|
1398
1532
|
# * `KeyMaterial`: Use `Tr31KeyBlock` parameters.
|
1399
1533
|
#
|
@@ -1411,16 +1545,20 @@ module Aws::PaymentCryptography
|
|
1411
1545
|
#
|
1412
1546
|
# **Related operations:**
|
1413
1547
|
#
|
1414
|
-
# * ExportKey
|
1548
|
+
# * [ExportKey][4]
|
1415
1549
|
#
|
1416
|
-
# * GetParametersForImport
|
1550
|
+
# * [GetParametersForImport][1]
|
1417
1551
|
#
|
1418
1552
|
#
|
1419
1553
|
#
|
1420
|
-
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/
|
1554
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForImport.html
|
1555
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-import.html
|
1556
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
1557
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ExportKey.html
|
1421
1558
|
#
|
1422
|
-
# @option params [
|
1423
|
-
#
|
1559
|
+
# @option params [required, Types::ImportKeyMaterial] :key_material
|
1560
|
+
# The key or public key certificate type to use during key material
|
1561
|
+
# import, for example TR-34 or RootCertificatePublicKey.
|
1424
1562
|
#
|
1425
1563
|
# @option params [String] :key_check_value_algorithm
|
1426
1564
|
# The algorithm that Amazon Web Services Payment Cryptography uses to
|
@@ -1433,15 +1571,14 @@ module Aws::PaymentCryptography
|
|
1433
1571
|
# using a CMAC algorithm where the input data is 16 bytes of zero and
|
1434
1572
|
# retaining the 3 highest order bytes of the encrypted result.
|
1435
1573
|
#
|
1436
|
-
# @option params [
|
1437
|
-
#
|
1438
|
-
#
|
1439
|
-
#
|
1574
|
+
# @option params [Boolean] :enabled
|
1575
|
+
# Specifies whether import key is enabled.
|
1576
|
+
#
|
1440
1577
|
# @option params [Array<Types::Tag>] :tags
|
1441
1578
|
# Assigns one or more tags to the Amazon Web Services Payment
|
1442
1579
|
# Cryptography key. Use this parameter to tag a key when it is imported.
|
1443
1580
|
# To tag an existing Amazon Web Services Payment Cryptography key, use
|
1444
|
-
# the TagResource operation.
|
1581
|
+
# the [TagResource][1] operation.
|
1445
1582
|
#
|
1446
1583
|
# Each tag consists of a tag key and a tag value. Both the tag key and
|
1447
1584
|
# the tag value are required, but the tag value can be an empty (null)
|
@@ -1460,6 +1597,10 @@ module Aws::PaymentCryptography
|
|
1460
1597
|
#
|
1461
1598
|
# </note>
|
1462
1599
|
#
|
1600
|
+
#
|
1601
|
+
#
|
1602
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
1603
|
+
#
|
1463
1604
|
# @return [Types::ImportKeyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1464
1605
|
#
|
1465
1606
|
# * {Types::ImportKeyOutput#key #key} => Types::Key
|
@@ -1467,83 +1608,83 @@ module Aws::PaymentCryptography
|
|
1467
1608
|
# @example Request syntax with placeholder values
|
1468
1609
|
#
|
1469
1610
|
# resp = client.import_key({
|
1470
|
-
# enabled: false,
|
1471
|
-
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
1472
1611
|
# key_material: { # required
|
1473
|
-
#
|
1474
|
-
# exportable: false, # required
|
1475
|
-
# import_token: "ImportTokenId", # required
|
1612
|
+
# root_certificate_public_key: {
|
1476
1613
|
# key_attributes: { # required
|
1477
|
-
#
|
1614
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1478
1615
|
# key_class: "SYMMETRIC_KEY", # required, accepts SYMMETRIC_KEY, ASYMMETRIC_KEY_PAIR, PRIVATE_KEY, PUBLIC_KEY
|
1616
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
1479
1617
|
# key_modes_of_use: { # required
|
1480
|
-
# decrypt: false,
|
1481
|
-
# derive_key: false,
|
1482
1618
|
# encrypt: false,
|
1619
|
+
# decrypt: false,
|
1620
|
+
# wrap: false,
|
1621
|
+
# unwrap: false,
|
1483
1622
|
# generate: false,
|
1484
|
-
# no_restrictions: false,
|
1485
1623
|
# sign: false,
|
1486
|
-
# unwrap: false,
|
1487
1624
|
# verify: false,
|
1488
|
-
#
|
1625
|
+
# derive_key: false,
|
1626
|
+
# no_restrictions: false,
|
1489
1627
|
# },
|
1490
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1491
1628
|
# },
|
1492
|
-
#
|
1493
|
-
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
1629
|
+
# public_key_certificate: "CertificateType", # required
|
1494
1630
|
# },
|
1495
|
-
#
|
1631
|
+
# trusted_certificate_public_key: {
|
1496
1632
|
# key_attributes: { # required
|
1497
|
-
#
|
1633
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1498
1634
|
# key_class: "SYMMETRIC_KEY", # required, accepts SYMMETRIC_KEY, ASYMMETRIC_KEY_PAIR, PRIVATE_KEY, PUBLIC_KEY
|
1635
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
1499
1636
|
# key_modes_of_use: { # required
|
1500
|
-
# decrypt: false,
|
1501
|
-
# derive_key: false,
|
1502
1637
|
# encrypt: false,
|
1638
|
+
# decrypt: false,
|
1639
|
+
# wrap: false,
|
1640
|
+
# unwrap: false,
|
1503
1641
|
# generate: false,
|
1504
|
-
# no_restrictions: false,
|
1505
1642
|
# sign: false,
|
1506
|
-
# unwrap: false,
|
1507
1643
|
# verify: false,
|
1508
|
-
#
|
1644
|
+
# derive_key: false,
|
1645
|
+
# no_restrictions: false,
|
1509
1646
|
# },
|
1510
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1511
1647
|
# },
|
1512
1648
|
# public_key_certificate: "CertificateType", # required
|
1649
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1513
1650
|
# },
|
1514
1651
|
# tr_31_key_block: {
|
1515
|
-
# wrapped_key_block: "Tr31WrappedKeyBlock", # required
|
1516
1652
|
# wrapping_key_identifier: "KeyArnOrKeyAliasType", # required
|
1653
|
+
# wrapped_key_block: "Tr31WrappedKeyBlock", # required
|
1517
1654
|
# },
|
1518
1655
|
# tr_34_key_block: {
|
1519
1656
|
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1657
|
+
# signing_key_certificate: "CertificateType", # required
|
1520
1658
|
# import_token: "ImportTokenId", # required
|
1659
|
+
# wrapped_key_block: "Tr34WrappedKeyBlock", # required
|
1521
1660
|
# key_block_format: "X9_TR34_2012", # required, accepts X9_TR34_2012
|
1522
1661
|
# random_nonce: "HexLength16",
|
1523
|
-
# signing_key_certificate: "CertificateType", # required
|
1524
|
-
# wrapped_key_block: "Tr34WrappedKeyBlock", # required
|
1525
1662
|
# },
|
1526
|
-
#
|
1527
|
-
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1663
|
+
# key_cryptogram: {
|
1528
1664
|
# key_attributes: { # required
|
1529
|
-
#
|
1665
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1530
1666
|
# key_class: "SYMMETRIC_KEY", # required, accepts SYMMETRIC_KEY, ASYMMETRIC_KEY_PAIR, PRIVATE_KEY, PUBLIC_KEY
|
1667
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
1531
1668
|
# key_modes_of_use: { # required
|
1532
|
-
# decrypt: false,
|
1533
|
-
# derive_key: false,
|
1534
1669
|
# encrypt: false,
|
1670
|
+
# decrypt: false,
|
1671
|
+
# wrap: false,
|
1672
|
+
# unwrap: false,
|
1535
1673
|
# generate: false,
|
1536
|
-
# no_restrictions: false,
|
1537
1674
|
# sign: false,
|
1538
|
-
# unwrap: false,
|
1539
1675
|
# verify: false,
|
1540
|
-
#
|
1676
|
+
# derive_key: false,
|
1677
|
+
# no_restrictions: false,
|
1541
1678
|
# },
|
1542
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1543
1679
|
# },
|
1544
|
-
#
|
1680
|
+
# exportable: false, # required
|
1681
|
+
# wrapped_key_cryptogram: "WrappedKeyCryptogram", # required
|
1682
|
+
# import_token: "ImportTokenId", # required
|
1683
|
+
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
1545
1684
|
# },
|
1546
1685
|
# },
|
1686
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
1687
|
+
# enabled: false,
|
1547
1688
|
# tags: [
|
1548
1689
|
# {
|
1549
1690
|
# key: "TagKey", # required
|
@@ -1554,30 +1695,30 @@ module Aws::PaymentCryptography
|
|
1554
1695
|
#
|
1555
1696
|
# @example Response structure
|
1556
1697
|
#
|
1557
|
-
# resp.key.create_timestamp #=> Time
|
1558
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1559
|
-
# resp.key.delete_timestamp #=> Time
|
1560
|
-
# resp.key.enabled #=> Boolean
|
1561
|
-
# resp.key.exportable #=> Boolean
|
1562
1698
|
# resp.key.key_arn #=> String
|
1563
|
-
# resp.key.key_attributes.
|
1699
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1564
1700
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1565
|
-
# resp.key.key_attributes.
|
1566
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1701
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1567
1702
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
1703
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
1704
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
1705
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1568
1706
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1569
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1570
1707
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1571
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1572
1708
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1573
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1574
|
-
# resp.key.key_attributes.
|
1709
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1710
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1575
1711
|
# resp.key.key_check_value #=> String
|
1576
1712
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1577
|
-
# resp.key.
|
1713
|
+
# resp.key.enabled #=> Boolean
|
1714
|
+
# resp.key.exportable #=> Boolean
|
1578
1715
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
1716
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
1717
|
+
# resp.key.create_timestamp #=> Time
|
1579
1718
|
# resp.key.usage_start_timestamp #=> Time
|
1580
1719
|
# resp.key.usage_stop_timestamp #=> Time
|
1720
|
+
# resp.key.delete_pending_timestamp #=> Time
|
1721
|
+
# resp.key.delete_timestamp #=> Time
|
1581
1722
|
#
|
1582
1723
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ImportKey AWS API Documentation
|
1583
1724
|
#
|
@@ -1605,17 +1746,26 @@ module Aws::PaymentCryptography
|
|
1605
1746
|
#
|
1606
1747
|
# **Related operations:**
|
1607
1748
|
#
|
1608
|
-
# * CreateAlias
|
1749
|
+
# * [CreateAlias][2]
|
1609
1750
|
#
|
1610
|
-
# * DeleteAlias
|
1751
|
+
# * [DeleteAlias][3]
|
1611
1752
|
#
|
1612
|
-
# * GetAlias
|
1753
|
+
# * [GetAlias][4]
|
1613
1754
|
#
|
1614
|
-
# * UpdateAlias
|
1755
|
+
# * [UpdateAlias][5]
|
1615
1756
|
#
|
1616
1757
|
#
|
1617
1758
|
#
|
1618
1759
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-managealias.html
|
1760
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html
|
1761
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
1762
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html
|
1763
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html
|
1764
|
+
#
|
1765
|
+
# @option params [String] :next_token
|
1766
|
+
# Use this parameter in a subsequent request after you receive a
|
1767
|
+
# response with truncated results. Set it to the value of `NextToken`
|
1768
|
+
# from the truncated response you just received.
|
1619
1769
|
#
|
1620
1770
|
# @option params [Integer] :max_results
|
1621
1771
|
# Use this parameter to specify the maximum number of items to return.
|
@@ -1626,11 +1776,6 @@ module Aws::PaymentCryptography
|
|
1626
1776
|
# This value is optional. If you include a value, it must be between 1
|
1627
1777
|
# and 100, inclusive. If you do not include a value, it defaults to 50.
|
1628
1778
|
#
|
1629
|
-
# @option params [String] :next_token
|
1630
|
-
# Use this parameter in a subsequent request after you receive a
|
1631
|
-
# response with truncated results. Set it to the value of `NextToken`
|
1632
|
-
# from the truncated response you just received.
|
1633
|
-
#
|
1634
1779
|
# @return [Types::ListAliasesOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1635
1780
|
#
|
1636
1781
|
# * {Types::ListAliasesOutput#aliases #aliases} => Array<Types::Alias>
|
@@ -1641,8 +1786,8 @@ module Aws::PaymentCryptography
|
|
1641
1786
|
# @example Request syntax with placeholder values
|
1642
1787
|
#
|
1643
1788
|
# resp = client.list_aliases({
|
1644
|
-
# max_results: 1,
|
1645
1789
|
# next_token: "NextToken",
|
1790
|
+
# max_results: 1,
|
1646
1791
|
# })
|
1647
1792
|
#
|
1648
1793
|
# @example Response structure
|
@@ -1676,15 +1821,26 @@ module Aws::PaymentCryptography
|
|
1676
1821
|
#
|
1677
1822
|
# **Related operations:**
|
1678
1823
|
#
|
1679
|
-
# * CreateKey
|
1824
|
+
# * [CreateKey][1]
|
1680
1825
|
#
|
1681
|
-
# * DeleteKey
|
1826
|
+
# * [DeleteKey][2]
|
1682
1827
|
#
|
1683
|
-
# * GetKey
|
1828
|
+
# * [GetKey][3]
|
1829
|
+
#
|
1830
|
+
#
|
1831
|
+
#
|
1832
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
1833
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
1834
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetKey.html
|
1684
1835
|
#
|
1685
1836
|
# @option params [String] :key_state
|
1686
1837
|
# The key state of the keys you want to list.
|
1687
1838
|
#
|
1839
|
+
# @option params [String] :next_token
|
1840
|
+
# Use this parameter in a subsequent request after you receive a
|
1841
|
+
# response with truncated results. Set it to the value of `NextToken`
|
1842
|
+
# from the truncated response you just received.
|
1843
|
+
#
|
1688
1844
|
# @option params [Integer] :max_results
|
1689
1845
|
# Use this parameter to specify the maximum number of items to return.
|
1690
1846
|
# When this value is present, Amazon Web Services Payment Cryptography
|
@@ -1694,11 +1850,6 @@ module Aws::PaymentCryptography
|
|
1694
1850
|
# This value is optional. If you include a value, it must be between 1
|
1695
1851
|
# and 100, inclusive. If you do not include a value, it defaults to 50.
|
1696
1852
|
#
|
1697
|
-
# @option params [String] :next_token
|
1698
|
-
# Use this parameter in a subsequent request after you receive a
|
1699
|
-
# response with truncated results. Set it to the value of `NextToken`
|
1700
|
-
# from the truncated response you just received.
|
1701
|
-
#
|
1702
1853
|
# @return [Types::ListKeysOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1703
1854
|
#
|
1704
1855
|
# * {Types::ListKeysOutput#keys #keys} => Array<Types::KeySummary>
|
@@ -1710,30 +1861,30 @@ module Aws::PaymentCryptography
|
|
1710
1861
|
#
|
1711
1862
|
# resp = client.list_keys({
|
1712
1863
|
# key_state: "CREATE_IN_PROGRESS", # accepts CREATE_IN_PROGRESS, CREATE_COMPLETE, DELETE_PENDING, DELETE_COMPLETE
|
1713
|
-
# max_results: 1,
|
1714
1864
|
# next_token: "NextToken",
|
1865
|
+
# max_results: 1,
|
1715
1866
|
# })
|
1716
1867
|
#
|
1717
1868
|
# @example Response structure
|
1718
1869
|
#
|
1719
1870
|
# resp.keys #=> Array
|
1720
|
-
# resp.keys[0].enabled #=> Boolean
|
1721
|
-
# resp.keys[0].exportable #=> Boolean
|
1722
1871
|
# resp.keys[0].key_arn #=> String
|
1723
|
-
# resp.keys[0].
|
1872
|
+
# resp.keys[0].key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
1873
|
+
# resp.keys[0].key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1724
1874
|
# resp.keys[0].key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1725
|
-
# resp.keys[0].key_attributes.
|
1726
|
-
# resp.keys[0].key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1875
|
+
# resp.keys[0].key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1727
1876
|
# resp.keys[0].key_attributes.key_modes_of_use.encrypt #=> Boolean
|
1877
|
+
# resp.keys[0].key_attributes.key_modes_of_use.decrypt #=> Boolean
|
1878
|
+
# resp.keys[0].key_attributes.key_modes_of_use.wrap #=> Boolean
|
1879
|
+
# resp.keys[0].key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1728
1880
|
# resp.keys[0].key_attributes.key_modes_of_use.generate #=> Boolean
|
1729
|
-
# resp.keys[0].key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1730
1881
|
# resp.keys[0].key_attributes.key_modes_of_use.sign #=> Boolean
|
1731
|
-
# resp.keys[0].key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1732
1882
|
# resp.keys[0].key_attributes.key_modes_of_use.verify #=> Boolean
|
1733
|
-
# resp.keys[0].key_attributes.key_modes_of_use.
|
1734
|
-
# resp.keys[0].key_attributes.
|
1883
|
+
# resp.keys[0].key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1884
|
+
# resp.keys[0].key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1735
1885
|
# resp.keys[0].key_check_value #=> String
|
1736
|
-
# resp.keys[0].
|
1886
|
+
# resp.keys[0].exportable #=> Boolean
|
1887
|
+
# resp.keys[0].enabled #=> Boolean
|
1737
1888
|
# resp.next_token #=> String
|
1738
1889
|
#
|
1739
1890
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListKeys AWS API Documentation
|
@@ -1759,9 +1910,22 @@ module Aws::PaymentCryptography
|
|
1759
1910
|
#
|
1760
1911
|
# **Related operations:**
|
1761
1912
|
#
|
1762
|
-
# * TagResource
|
1913
|
+
# * [TagResource][1]
|
1914
|
+
#
|
1915
|
+
# * [UntagResource][2]
|
1916
|
+
#
|
1763
1917
|
#
|
1764
|
-
#
|
1918
|
+
#
|
1919
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
1920
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UntagResource.html
|
1921
|
+
#
|
1922
|
+
# @option params [required, String] :resource_arn
|
1923
|
+
# The `KeyARN` of the key whose tags you are getting.
|
1924
|
+
#
|
1925
|
+
# @option params [String] :next_token
|
1926
|
+
# Use this parameter in a subsequent request after you receive a
|
1927
|
+
# response with truncated results. Set it to the value of `NextToken`
|
1928
|
+
# from the truncated response you just received.
|
1765
1929
|
#
|
1766
1930
|
# @option params [Integer] :max_results
|
1767
1931
|
# Use this parameter to specify the maximum number of items to return.
|
@@ -1772,35 +1936,27 @@ module Aws::PaymentCryptography
|
|
1772
1936
|
# This value is optional. If you include a value, it must be between 1
|
1773
1937
|
# and 100, inclusive. If you do not include a value, it defaults to 50.
|
1774
1938
|
#
|
1775
|
-
# @option params [String] :next_token
|
1776
|
-
# Use this parameter in a subsequent request after you receive a
|
1777
|
-
# response with truncated results. Set it to the value of `NextToken`
|
1778
|
-
# from the truncated response you just received.
|
1779
|
-
#
|
1780
|
-
# @option params [required, String] :resource_arn
|
1781
|
-
# The `KeyARN` of the key whose tags you are getting.
|
1782
|
-
#
|
1783
1939
|
# @return [Types::ListTagsForResourceOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1784
1940
|
#
|
1785
|
-
# * {Types::ListTagsForResourceOutput#next_token #next_token} => String
|
1786
1941
|
# * {Types::ListTagsForResourceOutput#tags #tags} => Array<Types::Tag>
|
1942
|
+
# * {Types::ListTagsForResourceOutput#next_token #next_token} => String
|
1787
1943
|
#
|
1788
1944
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1789
1945
|
#
|
1790
1946
|
# @example Request syntax with placeholder values
|
1791
1947
|
#
|
1792
1948
|
# resp = client.list_tags_for_resource({
|
1793
|
-
# max_results: 1,
|
1794
|
-
# next_token: "NextToken",
|
1795
1949
|
# resource_arn: "ResourceArn", # required
|
1950
|
+
# next_token: "NextToken",
|
1951
|
+
# max_results: 1,
|
1796
1952
|
# })
|
1797
1953
|
#
|
1798
1954
|
# @example Response structure
|
1799
1955
|
#
|
1800
|
-
# resp.next_token #=> String
|
1801
1956
|
# resp.tags #=> Array
|
1802
1957
|
# resp.tags[0].key #=> String
|
1803
1958
|
# resp.tags[0].value #=> String
|
1959
|
+
# resp.next_token #=> String
|
1804
1960
|
#
|
1805
1961
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListTagsForResource AWS API Documentation
|
1806
1962
|
#
|
@@ -1825,11 +1981,17 @@ module Aws::PaymentCryptography
|
|
1825
1981
|
#
|
1826
1982
|
# **Related operations:**
|
1827
1983
|
#
|
1828
|
-
# * DeleteKey
|
1984
|
+
# * [DeleteKey][1]
|
1985
|
+
#
|
1986
|
+
# * [StartKeyUsage][2]
|
1987
|
+
#
|
1988
|
+
# * [StopKeyUsage][3]
|
1989
|
+
#
|
1829
1990
|
#
|
1830
|
-
# * StartKeyUsage
|
1831
1991
|
#
|
1832
|
-
#
|
1992
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
1993
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StartKeyUsage.html
|
1994
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StopKeyUsage.html
|
1833
1995
|
#
|
1834
1996
|
# @option params [required, String] :key_identifier
|
1835
1997
|
# The `KeyARN` of the key to be restored within Amazon Web Services
|
@@ -1847,30 +2009,30 @@ module Aws::PaymentCryptography
|
|
1847
2009
|
#
|
1848
2010
|
# @example Response structure
|
1849
2011
|
#
|
1850
|
-
# resp.key.create_timestamp #=> Time
|
1851
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1852
|
-
# resp.key.delete_timestamp #=> Time
|
1853
|
-
# resp.key.enabled #=> Boolean
|
1854
|
-
# resp.key.exportable #=> Boolean
|
1855
2012
|
# resp.key.key_arn #=> String
|
1856
|
-
# resp.key.key_attributes.
|
2013
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1857
2014
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1858
|
-
# resp.key.key_attributes.
|
1859
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2015
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1860
2016
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
2017
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
2018
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
2019
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1861
2020
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1862
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1863
2021
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1864
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1865
2022
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1866
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1867
|
-
# resp.key.key_attributes.
|
2023
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2024
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1868
2025
|
# resp.key.key_check_value #=> String
|
1869
2026
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1870
|
-
# resp.key.
|
2027
|
+
# resp.key.enabled #=> Boolean
|
2028
|
+
# resp.key.exportable #=> Boolean
|
1871
2029
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
2030
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
2031
|
+
# resp.key.create_timestamp #=> Time
|
1872
2032
|
# resp.key.usage_start_timestamp #=> Time
|
1873
2033
|
# resp.key.usage_stop_timestamp #=> Time
|
2034
|
+
# resp.key.delete_pending_timestamp #=> Time
|
2035
|
+
# resp.key.delete_timestamp #=> Time
|
1874
2036
|
#
|
1875
2037
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/RestoreKey AWS API Documentation
|
1876
2038
|
#
|
@@ -1890,10 +2052,14 @@ module Aws::PaymentCryptography
|
|
1890
2052
|
#
|
1891
2053
|
# **Related operations:**
|
1892
2054
|
#
|
1893
|
-
# * StopKeyUsage
|
2055
|
+
# * [StopKeyUsage][1]
|
1894
2056
|
#
|
1895
2057
|
# ^
|
1896
2058
|
#
|
2059
|
+
#
|
2060
|
+
#
|
2061
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StopKeyUsage.html
|
2062
|
+
#
|
1897
2063
|
# @option params [required, String] :key_identifier
|
1898
2064
|
# The `KeyArn` of the key.
|
1899
2065
|
#
|
@@ -1909,30 +2075,30 @@ module Aws::PaymentCryptography
|
|
1909
2075
|
#
|
1910
2076
|
# @example Response structure
|
1911
2077
|
#
|
1912
|
-
# resp.key.create_timestamp #=> Time
|
1913
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1914
|
-
# resp.key.delete_timestamp #=> Time
|
1915
|
-
# resp.key.enabled #=> Boolean
|
1916
|
-
# resp.key.exportable #=> Boolean
|
1917
2078
|
# resp.key.key_arn #=> String
|
1918
|
-
# resp.key.key_attributes.
|
2079
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1919
2080
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1920
|
-
# resp.key.key_attributes.
|
1921
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2081
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1922
2082
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
2083
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
2084
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
2085
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1923
2086
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1924
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1925
2087
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1926
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1927
2088
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1928
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1929
|
-
# resp.key.key_attributes.
|
2089
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2090
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1930
2091
|
# resp.key.key_check_value #=> String
|
1931
2092
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1932
|
-
# resp.key.
|
2093
|
+
# resp.key.enabled #=> Boolean
|
2094
|
+
# resp.key.exportable #=> Boolean
|
1933
2095
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
2096
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
2097
|
+
# resp.key.create_timestamp #=> Time
|
1934
2098
|
# resp.key.usage_start_timestamp #=> Time
|
1935
2099
|
# resp.key.usage_stop_timestamp #=> Time
|
2100
|
+
# resp.key.delete_pending_timestamp #=> Time
|
2101
|
+
# resp.key.delete_timestamp #=> Time
|
1936
2102
|
#
|
1937
2103
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/StartKeyUsage AWS API Documentation
|
1938
2104
|
#
|
@@ -1946,17 +2112,23 @@ module Aws::PaymentCryptography
|
|
1946
2112
|
# Disables an Amazon Web Services Payment Cryptography key, which makes
|
1947
2113
|
# it inactive within Amazon Web Services Payment Cryptography.
|
1948
2114
|
#
|
1949
|
-
# You can use this operation instead of DeleteKey to deactivate a
|
1950
|
-
# You can enable the key in the future by calling
|
2115
|
+
# You can use this operation instead of [DeleteKey][1] to deactivate a
|
2116
|
+
# key. You can enable the key in the future by calling
|
2117
|
+
# [StartKeyUsage][2].
|
1951
2118
|
#
|
1952
2119
|
# **Cross-account use:** This operation can't be used across different
|
1953
2120
|
# Amazon Web Services accounts.
|
1954
2121
|
#
|
1955
2122
|
# **Related operations:**
|
1956
2123
|
#
|
1957
|
-
# * DeleteKey
|
2124
|
+
# * [DeleteKey][1]
|
2125
|
+
#
|
2126
|
+
# * [StartKeyUsage][2]
|
2127
|
+
#
|
1958
2128
|
#
|
1959
|
-
#
|
2129
|
+
#
|
2130
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
2131
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StartKeyUsage.html
|
1960
2132
|
#
|
1961
2133
|
# @option params [required, String] :key_identifier
|
1962
2134
|
# The `KeyArn` of the key.
|
@@ -1973,30 +2145,30 @@ module Aws::PaymentCryptography
|
|
1973
2145
|
#
|
1974
2146
|
# @example Response structure
|
1975
2147
|
#
|
1976
|
-
# resp.key.create_timestamp #=> Time
|
1977
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1978
|
-
# resp.key.delete_timestamp #=> Time
|
1979
|
-
# resp.key.enabled #=> Boolean
|
1980
|
-
# resp.key.exportable #=> Boolean
|
1981
2148
|
# resp.key.key_arn #=> String
|
1982
|
-
# resp.key.key_attributes.
|
2149
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1983
2150
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1984
|
-
# resp.key.key_attributes.
|
1985
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2151
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1986
2152
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
2153
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
2154
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
2155
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1987
2156
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1988
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1989
2157
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1990
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1991
2158
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1992
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1993
|
-
# resp.key.key_attributes.
|
2159
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2160
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1994
2161
|
# resp.key.key_check_value #=> String
|
1995
2162
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1996
|
-
# resp.key.
|
2163
|
+
# resp.key.enabled #=> Boolean
|
2164
|
+
# resp.key.exportable #=> Boolean
|
1997
2165
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
2166
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
2167
|
+
# resp.key.create_timestamp #=> Time
|
1998
2168
|
# resp.key.usage_start_timestamp #=> Time
|
1999
2169
|
# resp.key.usage_stop_timestamp #=> Time
|
2170
|
+
# resp.key.delete_pending_timestamp #=> Time
|
2171
|
+
# resp.key.delete_timestamp #=> Time
|
2000
2172
|
#
|
2001
2173
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/StopKeyUsage AWS API Documentation
|
2002
2174
|
#
|
@@ -2019,16 +2191,22 @@ module Aws::PaymentCryptography
|
|
2019
2191
|
# To add a tag, specify a new tag key and a tag value. To edit a tag,
|
2020
2192
|
# specify an existing tag key and a new tag value. You can also add tags
|
2021
2193
|
# to an Amazon Web Services Payment Cryptography key when you create it
|
2022
|
-
# with CreateKey.
|
2194
|
+
# with [CreateKey][1].
|
2023
2195
|
#
|
2024
2196
|
# **Cross-account use:** This operation can't be used across different
|
2025
2197
|
# Amazon Web Services accounts.
|
2026
2198
|
#
|
2027
2199
|
# **Related operations:**
|
2028
2200
|
#
|
2029
|
-
# * ListTagsForResource
|
2201
|
+
# * [ListTagsForResource][2]
|
2202
|
+
#
|
2203
|
+
# * [UntagResource][3]
|
2204
|
+
#
|
2205
|
+
#
|
2030
2206
|
#
|
2031
|
-
#
|
2207
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
2208
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListTagsForResource.html
|
2209
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UntagResource.html
|
2032
2210
|
#
|
2033
2211
|
# @option params [required, String] :resource_arn
|
2034
2212
|
# The `KeyARN` of the key whose tags are being updated.
|
@@ -2045,13 +2223,17 @@ module Aws::PaymentCryptography
|
|
2045
2223
|
# field. This field may be displayed in plaintext in CloudTrail logs and
|
2046
2224
|
# other output.
|
2047
2225
|
#
|
2048
|
-
# To use this parameter, you must have TagResource permission in an
|
2049
|
-
# policy.
|
2226
|
+
# To use this parameter, you must have [TagResource][1] permission in an
|
2227
|
+
# IAM policy.
|
2050
2228
|
#
|
2051
2229
|
# Don't include personal, confidential or sensitive information in this
|
2052
2230
|
# field. This field may be displayed in plaintext in CloudTrail logs and
|
2053
2231
|
# other output.
|
2054
2232
|
#
|
2233
|
+
#
|
2234
|
+
#
|
2235
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
2236
|
+
#
|
2055
2237
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2056
2238
|
#
|
2057
2239
|
# @example Request syntax with placeholder values
|
@@ -2087,9 +2269,14 @@ module Aws::PaymentCryptography
|
|
2087
2269
|
#
|
2088
2270
|
# **Related operations:**
|
2089
2271
|
#
|
2090
|
-
# * ListTagsForResource
|
2272
|
+
# * [ListTagsForResource][1]
|
2273
|
+
#
|
2274
|
+
# * [TagResource][2]
|
2091
2275
|
#
|
2092
|
-
#
|
2276
|
+
#
|
2277
|
+
#
|
2278
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListTagsForResource.html
|
2279
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
2093
2280
|
#
|
2094
2281
|
# @option params [required, String] :resource_arn
|
2095
2282
|
# The `KeyARN` of the key whose tags are being removed.
|
@@ -2100,7 +2287,11 @@ module Aws::PaymentCryptography
|
|
2100
2287
|
# If the Amazon Web Services Payment Cryptography key doesn't have the
|
2101
2288
|
# specified tag key, Amazon Web Services Payment Cryptography doesn't
|
2102
2289
|
# throw an exception or return a response. To confirm that the operation
|
2103
|
-
# succeeded, use the ListTagsForResource operation.
|
2290
|
+
# succeeded, use the [ListTagsForResource][1] operation.
|
2291
|
+
#
|
2292
|
+
#
|
2293
|
+
#
|
2294
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListTagsForResource.html
|
2104
2295
|
#
|
2105
2296
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2106
2297
|
#
|
@@ -2132,13 +2323,20 @@ module Aws::PaymentCryptography
|
|
2132
2323
|
#
|
2133
2324
|
# **Related operations:**
|
2134
2325
|
#
|
2135
|
-
# * CreateAlias
|
2326
|
+
# * [CreateAlias][1]
|
2327
|
+
#
|
2328
|
+
# * [DeleteAlias][2]
|
2329
|
+
#
|
2330
|
+
# * [GetAlias][3]
|
2331
|
+
#
|
2332
|
+
# * [ListAliases][4]
|
2136
2333
|
#
|
2137
|
-
# * DeleteAlias
|
2138
2334
|
#
|
2139
|
-
# * GetAlias
|
2140
2335
|
#
|
2141
|
-
#
|
2336
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html
|
2337
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
2338
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html
|
2339
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html
|
2142
2340
|
#
|
2143
2341
|
# @option params [required, String] :alias_name
|
2144
2342
|
# The alias whose associated key is changing.
|
@@ -2185,7 +2383,7 @@ module Aws::PaymentCryptography
|
|
2185
2383
|
params: params,
|
2186
2384
|
config: config)
|
2187
2385
|
context[:gem_name] = 'aws-sdk-paymentcryptography'
|
2188
|
-
context[:gem_version] = '1.
|
2386
|
+
context[:gem_version] = '1.12.0'
|
2189
2387
|
Seahorse::Client::Request.new(handlers, context)
|
2190
2388
|
end
|
2191
2389
|
|