aws-sdk-paymentcryptography 1.10.0 → 1.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-paymentcryptography/client.rb +574 -376
- data/lib/aws-sdk-paymentcryptography/client_api.rb +67 -50
- data/lib/aws-sdk-paymentcryptography/plugins/endpoints.rb +1 -0
- data/lib/aws-sdk-paymentcryptography/types.rb +380 -288
- data/lib/aws-sdk-paymentcryptography/waiters.rb +15 -0
- data/lib/aws-sdk-paymentcryptography.rb +2 -1
- data/sig/client.rbs +465 -0
- data/sig/errors.rbs +40 -0
- data/sig/resource.rbs +80 -0
- data/sig/types.rbs +467 -0
- data/sig/waiters.rbs +13 -0
- metadata +10 -4
@@ -22,6 +22,7 @@ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
|
|
22
22
|
require 'aws-sdk-core/plugins/response_paging.rb'
|
23
23
|
require 'aws-sdk-core/plugins/stub_responses.rb'
|
24
24
|
require 'aws-sdk-core/plugins/idempotency_token.rb'
|
25
|
+
require 'aws-sdk-core/plugins/invocation_id.rb'
|
25
26
|
require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
26
27
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
27
28
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
@@ -72,6 +73,7 @@ module Aws::PaymentCryptography
|
|
72
73
|
add_plugin(Aws::Plugins::ResponsePaging)
|
73
74
|
add_plugin(Aws::Plugins::StubResponses)
|
74
75
|
add_plugin(Aws::Plugins::IdempotencyToken)
|
76
|
+
add_plugin(Aws::Plugins::InvocationId)
|
75
77
|
add_plugin(Aws::Plugins::JsonvalueConverter)
|
76
78
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
77
79
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
@@ -196,10 +198,17 @@ module Aws::PaymentCryptography
|
|
196
198
|
# When set to 'true' the request body will not be compressed
|
197
199
|
# for supported operations.
|
198
200
|
#
|
199
|
-
# @option options [String] :endpoint
|
200
|
-
#
|
201
|
-
#
|
202
|
-
#
|
201
|
+
# @option options [String, URI::HTTPS, URI::HTTP] :endpoint
|
202
|
+
# Normally you should not configure the `:endpoint` option
|
203
|
+
# directly. This is normally constructed from the `:region`
|
204
|
+
# option. Configuring `:endpoint` is normally reserved for
|
205
|
+
# connecting to test or custom endpoints. The endpoint should
|
206
|
+
# be a URI formatted like:
|
207
|
+
#
|
208
|
+
# 'http://example.com'
|
209
|
+
# 'https://example.com'
|
210
|
+
# 'http://example.com:123'
|
211
|
+
#
|
203
212
|
#
|
204
213
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
205
214
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -347,50 +356,65 @@ module Aws::PaymentCryptography
|
|
347
356
|
# @option options [Aws::PaymentCryptography::EndpointProvider] :endpoint_provider
|
348
357
|
# The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::PaymentCryptography::EndpointParameters`
|
349
358
|
#
|
350
|
-
# @option options [
|
351
|
-
#
|
352
|
-
#
|
353
|
-
#
|
354
|
-
#
|
355
|
-
#
|
356
|
-
#
|
357
|
-
#
|
358
|
-
#
|
359
|
-
#
|
360
|
-
#
|
361
|
-
# @option options [Float] :
|
362
|
-
#
|
363
|
-
#
|
364
|
-
#
|
365
|
-
#
|
366
|
-
#
|
367
|
-
#
|
368
|
-
#
|
369
|
-
#
|
370
|
-
#
|
371
|
-
#
|
372
|
-
#
|
373
|
-
#
|
374
|
-
#
|
375
|
-
#
|
376
|
-
#
|
377
|
-
#
|
359
|
+
# @option options [Float] :http_continue_timeout (1)
|
360
|
+
# The number of seconds to wait for a 100-continue response before sending the
|
361
|
+
# request body. This option has no effect unless the request has "Expect"
|
362
|
+
# header set to "100-continue". Defaults to `nil` which disables this
|
363
|
+
# behaviour. This value can safely be set per request on the session.
|
364
|
+
#
|
365
|
+
# @option options [Float] :http_idle_timeout (5)
|
366
|
+
# The number of seconds a connection is allowed to sit idle before it
|
367
|
+
# is considered stale. Stale connections are closed and removed from the
|
368
|
+
# pool before making a request.
|
369
|
+
#
|
370
|
+
# @option options [Float] :http_open_timeout (15)
|
371
|
+
# The default number of seconds to wait for response data.
|
372
|
+
# This value can safely be set per-request on the session.
|
373
|
+
#
|
374
|
+
# @option options [URI::HTTP,String] :http_proxy
|
375
|
+
# A proxy to send requests through. Formatted like 'http://proxy.com:123'.
|
376
|
+
#
|
377
|
+
# @option options [Float] :http_read_timeout (60)
|
378
|
+
# The default number of seconds to wait for response data.
|
379
|
+
# This value can safely be set per-request on the session.
|
380
|
+
#
|
381
|
+
# @option options [Boolean] :http_wire_trace (false)
|
382
|
+
# When `true`, HTTP debug output will be sent to the `:logger`.
|
383
|
+
#
|
384
|
+
# @option options [Proc] :on_chunk_received
|
385
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
386
|
+
# of the response body is received. It provides three arguments: the chunk,
|
387
|
+
# the number of bytes received, and the total number of
|
388
|
+
# bytes in the response (or nil if the server did not send a `content-length`).
|
389
|
+
#
|
390
|
+
# @option options [Proc] :on_chunk_sent
|
391
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
392
|
+
# of the request body is sent. It provides three arguments: the chunk,
|
393
|
+
# the number of bytes read from the body, and the total number of
|
394
|
+
# bytes in the body.
|
395
|
+
#
|
396
|
+
# @option options [Boolean] :raise_response_errors (true)
|
397
|
+
# When `true`, response errors are raised.
|
398
|
+
#
|
399
|
+
# @option options [String] :ssl_ca_bundle
|
400
|
+
# Full path to the SSL certificate authority bundle file that should be used when
|
401
|
+
# verifying peer certificates. If you do not pass `:ssl_ca_bundle` or
|
402
|
+
# `:ssl_ca_directory` the the system default will be used if available.
|
403
|
+
#
|
404
|
+
# @option options [String] :ssl_ca_directory
|
405
|
+
# Full path of the directory that contains the unbundled SSL certificate
|
406
|
+
# authority files for verifying peer certificates. If you do
|
407
|
+
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the system
|
408
|
+
# default will be used if available.
|
378
409
|
#
|
379
|
-
# @option options [
|
380
|
-
#
|
381
|
-
# connection.
|
410
|
+
# @option options [String] :ssl_ca_store
|
411
|
+
# Sets the X509::Store to verify peer certificate.
|
382
412
|
#
|
383
|
-
# @option options [
|
384
|
-
#
|
385
|
-
# verifying peer certificates. If you do not pass
|
386
|
-
# `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
|
387
|
-
# will be used if available.
|
413
|
+
# @option options [Float] :ssl_timeout
|
414
|
+
# Sets the SSL timeout in seconds
|
388
415
|
#
|
389
|
-
# @option options [
|
390
|
-
#
|
391
|
-
# authority files for verifying peer certificates. If you do
|
392
|
-
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
|
393
|
-
# system default will be used if available.
|
416
|
+
# @option options [Boolean] :ssl_verify_peer (true)
|
417
|
+
# When `true`, SSL peer certificates are verified when establishing a connection.
|
394
418
|
#
|
395
419
|
def initialize(*args)
|
396
420
|
super
|
@@ -410,28 +434,32 @@ module Aws::PaymentCryptography
|
|
410
434
|
# Services Region, but you can create another alias with the same name
|
411
435
|
# in a different Amazon Web Services Region.
|
412
436
|
#
|
413
|
-
# To change the key that's associated with the alias, call
|
414
|
-
# To delete the alias, call DeleteAlias. These
|
415
|
-
# the underlying key. To get the alias that you
|
416
|
-
# ListAliases.
|
437
|
+
# To change the key that's associated with the alias, call
|
438
|
+
# [UpdateAlias][3]. To delete the alias, call [DeleteAlias][4]. These
|
439
|
+
# operations don't affect the underlying key. To get the alias that you
|
440
|
+
# created, call [ListAliases][5].
|
417
441
|
#
|
418
442
|
# **Cross-account use**: This operation can't be used across different
|
419
443
|
# Amazon Web Services accounts.
|
420
444
|
#
|
421
445
|
# **Related operations:**
|
422
446
|
#
|
423
|
-
# * DeleteAlias
|
447
|
+
# * [DeleteAlias][4]
|
424
448
|
#
|
425
|
-
# * GetAlias
|
449
|
+
# * [GetAlias][6]
|
426
450
|
#
|
427
|
-
# * ListAliases
|
451
|
+
# * [ListAliases][5]
|
428
452
|
#
|
429
|
-
# * UpdateAlias
|
453
|
+
# * [UpdateAlias][3]
|
430
454
|
#
|
431
455
|
#
|
432
456
|
#
|
433
457
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_EncryptData.html
|
434
458
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/DataAPIReference/API_DecryptData.html
|
459
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html
|
460
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
461
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html
|
462
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html
|
435
463
|
#
|
436
464
|
# @option params [required, String] :alias_name
|
437
465
|
# A friendly name that you can use to refer to a key. An alias must
|
@@ -503,23 +531,18 @@ module Aws::PaymentCryptography
|
|
503
531
|
#
|
504
532
|
# **Related operations:**
|
505
533
|
#
|
506
|
-
# * DeleteKey
|
534
|
+
# * [DeleteKey][2]
|
507
535
|
#
|
508
|
-
# * GetKey
|
536
|
+
# * [GetKey][3]
|
509
537
|
#
|
510
|
-
# * ListKeys
|
538
|
+
# * [ListKeys][4]
|
511
539
|
#
|
512
540
|
#
|
513
541
|
#
|
514
542
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
515
|
-
#
|
516
|
-
#
|
517
|
-
#
|
518
|
-
# activated for use within the service. If the key is not enabled, then
|
519
|
-
# it is created but not activated. The default value is enabled.
|
520
|
-
#
|
521
|
-
# @option params [required, Boolean] :exportable
|
522
|
-
# Specifies whether the key is exportable from the service.
|
543
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
544
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetKey.html
|
545
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListKeys.html
|
523
546
|
#
|
524
547
|
# @option params [required, Types::KeyAttributes] :key_attributes
|
525
548
|
# The role of the key, the algorithm it supports, and the cryptographic
|
@@ -537,11 +560,19 @@ module Aws::PaymentCryptography
|
|
537
560
|
# using a CMAC algorithm where the input data is 16 bytes of zero and
|
538
561
|
# retaining the 3 highest order bytes of the encrypted result.
|
539
562
|
#
|
563
|
+
# @option params [required, Boolean] :exportable
|
564
|
+
# Specifies whether the key is exportable from the service.
|
565
|
+
#
|
566
|
+
# @option params [Boolean] :enabled
|
567
|
+
# Specifies whether to enable the key. If the key is enabled, it is
|
568
|
+
# activated for use within the service. If the key is not enabled, then
|
569
|
+
# it is created but not activated. The default value is enabled.
|
570
|
+
#
|
540
571
|
# @option params [Array<Types::Tag>] :tags
|
541
572
|
# Assigns one or more tags to the Amazon Web Services Payment
|
542
573
|
# Cryptography key. Use this parameter to tag a key when it is created.
|
543
574
|
# To tag an existing Amazon Web Services Payment Cryptography key, use
|
544
|
-
# the TagResource operation.
|
575
|
+
# the [TagResource][1] operation.
|
545
576
|
#
|
546
577
|
# Each tag consists of a tag key and a tag value. Both the tag key and
|
547
578
|
# the tag value are required, but the tag value can be an empty (null)
|
@@ -557,6 +588,10 @@ module Aws::PaymentCryptography
|
|
557
588
|
#
|
558
589
|
# </note>
|
559
590
|
#
|
591
|
+
#
|
592
|
+
#
|
593
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
594
|
+
#
|
560
595
|
# @return [Types::CreateKeyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
561
596
|
#
|
562
597
|
# * {Types::CreateKeyOutput#key #key} => Types::Key
|
@@ -564,25 +599,25 @@ module Aws::PaymentCryptography
|
|
564
599
|
# @example Request syntax with placeholder values
|
565
600
|
#
|
566
601
|
# resp = client.create_key({
|
567
|
-
# enabled: false,
|
568
|
-
# exportable: false, # required
|
569
602
|
# key_attributes: { # required
|
570
|
-
#
|
603
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
571
604
|
# key_class: "SYMMETRIC_KEY", # required, accepts SYMMETRIC_KEY, ASYMMETRIC_KEY_PAIR, PRIVATE_KEY, PUBLIC_KEY
|
605
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
572
606
|
# key_modes_of_use: { # required
|
573
|
-
# decrypt: false,
|
574
|
-
# derive_key: false,
|
575
607
|
# encrypt: false,
|
608
|
+
# decrypt: false,
|
609
|
+
# wrap: false,
|
610
|
+
# unwrap: false,
|
576
611
|
# generate: false,
|
577
|
-
# no_restrictions: false,
|
578
612
|
# sign: false,
|
579
|
-
# unwrap: false,
|
580
613
|
# verify: false,
|
581
|
-
#
|
614
|
+
# derive_key: false,
|
615
|
+
# no_restrictions: false,
|
582
616
|
# },
|
583
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
584
617
|
# },
|
585
618
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
619
|
+
# exportable: false, # required
|
620
|
+
# enabled: false,
|
586
621
|
# tags: [
|
587
622
|
# {
|
588
623
|
# key: "TagKey", # required
|
@@ -593,30 +628,30 @@ module Aws::PaymentCryptography
|
|
593
628
|
#
|
594
629
|
# @example Response structure
|
595
630
|
#
|
596
|
-
# resp.key.create_timestamp #=> Time
|
597
|
-
# resp.key.delete_pending_timestamp #=> Time
|
598
|
-
# resp.key.delete_timestamp #=> Time
|
599
|
-
# resp.key.enabled #=> Boolean
|
600
|
-
# resp.key.exportable #=> Boolean
|
601
631
|
# resp.key.key_arn #=> String
|
602
|
-
# resp.key.key_attributes.
|
632
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
603
633
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
604
|
-
# resp.key.key_attributes.
|
605
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
634
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
606
635
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
636
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
637
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
638
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
607
639
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
608
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
609
640
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
610
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
611
641
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
612
|
-
# resp.key.key_attributes.key_modes_of_use.
|
613
|
-
# resp.key.key_attributes.
|
642
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
643
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
614
644
|
# resp.key.key_check_value #=> String
|
615
645
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
616
|
-
# resp.key.
|
646
|
+
# resp.key.enabled #=> Boolean
|
647
|
+
# resp.key.exportable #=> Boolean
|
617
648
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
649
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
650
|
+
# resp.key.create_timestamp #=> Time
|
618
651
|
# resp.key.usage_start_timestamp #=> Time
|
619
652
|
# resp.key.usage_stop_timestamp #=> Time
|
653
|
+
# resp.key.delete_pending_timestamp #=> Time
|
654
|
+
# resp.key.delete_timestamp #=> Time
|
620
655
|
#
|
621
656
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/CreateKey AWS API Documentation
|
622
657
|
#
|
@@ -630,23 +665,31 @@ module Aws::PaymentCryptography
|
|
630
665
|
# Deletes the alias, but doesn't affect the underlying key.
|
631
666
|
#
|
632
667
|
# Each key can have multiple aliases. To get the aliases of all keys,
|
633
|
-
# use the
|
634
|
-
# DeleteAlias to delete the current alias and then use
|
635
|
-
# create a new alias. To associate an existing alias
|
636
|
-
# key, call UpdateAlias.
|
668
|
+
# use the [UpdateAlias][1] operation. To change the alias of a key,
|
669
|
+
# first use [DeleteAlias][2] to delete the current alias and then use
|
670
|
+
# [CreateAlias][3] to create a new alias. To associate an existing alias
|
671
|
+
# with a different key, call [UpdateAlias][1].
|
637
672
|
#
|
638
673
|
# **Cross-account use:** This operation can't be used across different
|
639
674
|
# Amazon Web Services accounts.
|
640
675
|
#
|
641
676
|
# **Related operations:**
|
642
677
|
#
|
643
|
-
# * CreateAlias
|
678
|
+
# * [CreateAlias][3]
|
679
|
+
#
|
680
|
+
# * [GetAlias][4]
|
681
|
+
#
|
682
|
+
# * [ListAliases][5]
|
644
683
|
#
|
645
|
-
# *
|
684
|
+
# * [UpdateAlias][1]
|
646
685
|
#
|
647
|
-
# * ListAliases
|
648
686
|
#
|
649
|
-
#
|
687
|
+
#
|
688
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html
|
689
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
690
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html
|
691
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html
|
692
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html
|
650
693
|
#
|
651
694
|
# @option params [required, String] :alias_name
|
652
695
|
# A friendly name that you can use to refer Amazon Web Services Payment
|
@@ -689,25 +732,31 @@ module Aws::PaymentCryptography
|
|
689
732
|
# You should delete a key only when you are sure that you don't need to
|
690
733
|
# use it anymore and no other parties are utilizing this key. If you
|
691
734
|
# aren't sure, consider deactivating it instead by calling
|
692
|
-
# StopKeyUsage.
|
735
|
+
# [StopKeyUsage][1].
|
693
736
|
#
|
694
737
|
# **Cross-account use:** This operation can't be used across different
|
695
738
|
# Amazon Web Services accounts.
|
696
739
|
#
|
697
740
|
# **Related operations:**
|
698
741
|
#
|
699
|
-
# * RestoreKey
|
742
|
+
# * [RestoreKey][2]
|
700
743
|
#
|
701
|
-
# * StartKeyUsage
|
744
|
+
# * [StartKeyUsage][3]
|
745
|
+
#
|
746
|
+
# * [StopKeyUsage][1]
|
702
747
|
#
|
703
|
-
# * StopKeyUsage
|
704
748
|
#
|
705
|
-
#
|
706
|
-
#
|
749
|
+
#
|
750
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StopKeyUsage.html
|
751
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_RestoreKey.html
|
752
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StartKeyUsage.html
|
707
753
|
#
|
708
754
|
# @option params [required, String] :key_identifier
|
709
755
|
# The `KeyARN` of the key that is scheduled for deletion.
|
710
756
|
#
|
757
|
+
# @option params [Integer] :delete_key_in_days
|
758
|
+
# The waiting period for key deletion. The default value is seven days.
|
759
|
+
#
|
711
760
|
# @return [Types::DeleteKeyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
712
761
|
#
|
713
762
|
# * {Types::DeleteKeyOutput#key #key} => Types::Key
|
@@ -715,36 +764,36 @@ module Aws::PaymentCryptography
|
|
715
764
|
# @example Request syntax with placeholder values
|
716
765
|
#
|
717
766
|
# resp = client.delete_key({
|
718
|
-
# delete_key_in_days: 1,
|
719
767
|
# key_identifier: "KeyArnOrKeyAliasType", # required
|
768
|
+
# delete_key_in_days: 1,
|
720
769
|
# })
|
721
770
|
#
|
722
771
|
# @example Response structure
|
723
772
|
#
|
724
|
-
# resp.key.create_timestamp #=> Time
|
725
|
-
# resp.key.delete_pending_timestamp #=> Time
|
726
|
-
# resp.key.delete_timestamp #=> Time
|
727
|
-
# resp.key.enabled #=> Boolean
|
728
|
-
# resp.key.exportable #=> Boolean
|
729
773
|
# resp.key.key_arn #=> String
|
730
|
-
# resp.key.key_attributes.
|
774
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
731
775
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
732
|
-
# resp.key.key_attributes.
|
733
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
776
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
734
777
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
778
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
779
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
780
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
735
781
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
736
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
737
782
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
738
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
739
783
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
740
|
-
# resp.key.key_attributes.key_modes_of_use.
|
741
|
-
# resp.key.key_attributes.
|
784
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
785
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
742
786
|
# resp.key.key_check_value #=> String
|
743
787
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
744
|
-
# resp.key.
|
788
|
+
# resp.key.enabled #=> Boolean
|
789
|
+
# resp.key.exportable #=> Boolean
|
745
790
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
791
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
792
|
+
# resp.key.create_timestamp #=> Time
|
746
793
|
# resp.key.usage_start_timestamp #=> Time
|
747
794
|
# resp.key.usage_stop_timestamp #=> Time
|
795
|
+
# resp.key.delete_pending_timestamp #=> Time
|
796
|
+
# resp.key.delete_timestamp #=> Time
|
748
797
|
#
|
749
798
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DeleteKey AWS API Documentation
|
750
799
|
#
|
@@ -791,6 +840,25 @@ module Aws::PaymentCryptography
|
|
791
840
|
# within Amazon Web Services Payment Cryptography and has to be
|
792
841
|
# re-generated each time during export.
|
793
842
|
#
|
843
|
+
# For key exchange using TR-31 or TR-34 key blocks, you can also export
|
844
|
+
# optional blocks within the key block header which contain additional
|
845
|
+
# attribute information about the key. The `KeyVersion` within
|
846
|
+
# `KeyBlockHeaders` indicates the version of the key within the key
|
847
|
+
# block. Furthermore, `KeyExportability` within `KeyBlockHeaders` can be
|
848
|
+
# used to further restrict exportability of the key after export from
|
849
|
+
# Amazon Web Services Payment Cryptography.
|
850
|
+
#
|
851
|
+
# The `OptionalBlocks` contain the additional data related to the key.
|
852
|
+
# For information on data type that can be included within optional
|
853
|
+
# blocks, refer to [ASC X9.143-2022][1].
|
854
|
+
#
|
855
|
+
# <note markdown="1"> Data included in key block headers is signed but transmitted in clear
|
856
|
+
# text. Sensitive or confidential information should not be included in
|
857
|
+
# optional blocks. Refer to ASC X9.143-2022 standard for information on
|
858
|
+
# allowed data type.
|
859
|
+
#
|
860
|
+
# </note>
|
861
|
+
#
|
794
862
|
# **To export initial keys (KEK) or IPEK using TR-34**
|
795
863
|
#
|
796
864
|
# Using this operation, you can export initial key using TR-34
|
@@ -803,26 +871,26 @@ module Aws::PaymentCryptography
|
|
803
871
|
# the key.
|
804
872
|
#
|
805
873
|
# To initiate TR-34 key export, the KRD must obtain an export token by
|
806
|
-
# calling GetParametersForExport. This operation also generates a
|
807
|
-
# pair for the purpose of key export, signs the key and returns back
|
808
|
-
# signing public key certificate (also known as KDH signing
|
809
|
-
# and root certificate chain. The KDH uses the private key
|
810
|
-
# the export payload and the signing public key certificate
|
811
|
-
# to KRD to verify the signature. The KRD can import the
|
812
|
-
# certificate into its Hardware Security Module (HSM), as required.
|
813
|
-
# export token and the associated KDH signing certificate expires
|
814
|
-
# 7 days.
|
874
|
+
# calling [GetParametersForExport][2]. This operation also generates a
|
875
|
+
# key pair for the purpose of key export, signs the key and returns back
|
876
|
+
# the signing public key certificate (also known as KDH signing
|
877
|
+
# certificate) and root certificate chain. The KDH uses the private key
|
878
|
+
# to sign the the export payload and the signing public key certificate
|
879
|
+
# is provided to KRD to verify the signature. The KRD can import the
|
880
|
+
# root certificate into its Hardware Security Module (HSM), as required.
|
881
|
+
# The export token and the associated KDH signing certificate expires
|
882
|
+
# after 7 days.
|
815
883
|
#
|
816
884
|
# Next the KRD generates a key pair for the the purpose of encrypting
|
817
885
|
# the KDH key and provides the public key cerificate (also known as KRD
|
818
886
|
# wrapping certificate) back to KDH. The KRD will also import the root
|
819
887
|
# cerificate chain into Amazon Web Services Payment Cryptography by
|
820
|
-
# calling ImportKey for `RootCertificatePublicKey`. The KDH, Amazon
|
821
|
-
# Services Payment Cryptography, will use the KRD wrapping
|
822
|
-
# encrypt (wrap) the key under export and signs it with
|
823
|
-
# key to generate a TR-34 WrappedKeyBlock. For more
|
824
|
-
# key export, see section [Exporting symmetric
|
825
|
-
# Web Services Payment Cryptography User Guide*.
|
888
|
+
# calling [ImportKey][3] for `RootCertificatePublicKey`. The KDH, Amazon
|
889
|
+
# Web Services Payment Cryptography, will use the KRD wrapping
|
890
|
+
# cerificate to encrypt (wrap) the key under export and signs it with
|
891
|
+
# signing private key to generate a TR-34 WrappedKeyBlock. For more
|
892
|
+
# information on TR-34 key export, see section [Exporting symmetric
|
893
|
+
# keys][4] in the *Amazon Web Services Payment Cryptography User Guide*.
|
826
894
|
#
|
827
895
|
# Set the following parameters:
|
828
896
|
#
|
@@ -837,7 +905,8 @@ module Aws::PaymentCryptography
|
|
837
905
|
# * `CertificateAuthorityPublicKeyIdentifier`: The `KeyARN` of the
|
838
906
|
# certificate chain that signed the KRD wrapping key certificate.
|
839
907
|
#
|
840
|
-
# * `ExportToken`: Obtained from KDH by calling
|
908
|
+
# * `ExportToken`: Obtained from KDH by calling
|
909
|
+
# [GetParametersForImport][5].
|
841
910
|
#
|
842
911
|
# * `WrappingKeyCertificate`: The public key certificate in PEM format
|
843
912
|
# (base64 encoded) of the KRD wrapping key Amazon Web Services Payment
|
@@ -856,7 +925,7 @@ module Aws::PaymentCryptography
|
|
856
925
|
# asymmetric key pair on the receiving HSM and obtain the public key
|
857
926
|
# certificate in PEM format (base64 encoded) for the purpose of wrapping
|
858
927
|
# and the root certifiate chain. Import the root certificate into Amazon
|
859
|
-
# Web Services Payment Cryptography by calling ImportKey for
|
928
|
+
# Web Services Payment Cryptography by calling [ImportKey][3] for
|
860
929
|
# `RootCertificatePublicKey`.
|
861
930
|
#
|
862
931
|
# Next call `ExportKey` and set the following parameters:
|
@@ -880,7 +949,7 @@ module Aws::PaymentCryptography
|
|
880
949
|
# Using this operation, you can export working keys or IPEK using TR-31
|
881
950
|
# symmetric key exchange. In TR-31, you must use an initial key such as
|
882
951
|
# KEK to encrypt or wrap the key under export. To establish a KEK, you
|
883
|
-
# can use CreateKey or ImportKey.
|
952
|
+
# can use [CreateKey][6] or [ImportKey][3].
|
884
953
|
#
|
885
954
|
# Set the following parameters:
|
886
955
|
#
|
@@ -901,24 +970,29 @@ module Aws::PaymentCryptography
|
|
901
970
|
#
|
902
971
|
# **Related operations:**
|
903
972
|
#
|
904
|
-
# * GetParametersForExport
|
973
|
+
# * [GetParametersForExport][2]
|
905
974
|
#
|
906
|
-
# * ImportKey
|
975
|
+
# * [ImportKey][3]
|
907
976
|
#
|
908
977
|
#
|
909
978
|
#
|
910
|
-
# [1]: https://
|
979
|
+
# [1]: https://webstore.ansi.org/standards/ascx9/ansix91432022
|
980
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForExport.html
|
981
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
982
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-export.html
|
983
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForImport.html
|
984
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
911
985
|
#
|
912
|
-
# @option params [Types::
|
913
|
-
# The
|
986
|
+
# @option params [required, Types::ExportKeyMaterial] :key_material
|
987
|
+
# The key block format type, for example, TR-34 or TR-31, to use during
|
988
|
+
# key material export.
|
914
989
|
#
|
915
990
|
# @option params [required, String] :export_key_identifier
|
916
991
|
# The `KeyARN` of the key under export from Amazon Web Services Payment
|
917
992
|
# Cryptography.
|
918
993
|
#
|
919
|
-
# @option params [
|
920
|
-
# The
|
921
|
-
# key material export.
|
994
|
+
# @option params [Types::ExportAttributes] :export_attributes
|
995
|
+
# The attributes for IPEK generation during export.
|
922
996
|
#
|
923
997
|
# @return [Types::ExportKeyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
924
998
|
#
|
@@ -927,39 +1001,75 @@ module Aws::PaymentCryptography
|
|
927
1001
|
# @example Request syntax with placeholder values
|
928
1002
|
#
|
929
1003
|
# resp = client.export_key({
|
930
|
-
# export_attributes: {
|
931
|
-
# export_dukpt_initial_key: {
|
932
|
-
# key_serial_number: "HexLength20Or24", # required
|
933
|
-
# },
|
934
|
-
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
935
|
-
# },
|
936
|
-
# export_key_identifier: "KeyArnOrKeyAliasType", # required
|
937
1004
|
# key_material: { # required
|
938
|
-
# key_cryptogram: {
|
939
|
-
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
940
|
-
# wrapping_key_certificate: "CertificateType", # required
|
941
|
-
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
942
|
-
# },
|
943
1005
|
# tr_31_key_block: {
|
944
1006
|
# wrapping_key_identifier: "KeyArnOrKeyAliasType", # required
|
1007
|
+
# key_block_headers: {
|
1008
|
+
# key_modes_of_use: {
|
1009
|
+
# encrypt: false,
|
1010
|
+
# decrypt: false,
|
1011
|
+
# wrap: false,
|
1012
|
+
# unwrap: false,
|
1013
|
+
# generate: false,
|
1014
|
+
# sign: false,
|
1015
|
+
# verify: false,
|
1016
|
+
# derive_key: false,
|
1017
|
+
# no_restrictions: false,
|
1018
|
+
# },
|
1019
|
+
# key_exportability: "EXPORTABLE", # accepts EXPORTABLE, NON_EXPORTABLE, SENSITIVE
|
1020
|
+
# key_version: "KeyVersion",
|
1021
|
+
# optional_blocks: {
|
1022
|
+
# "OptionalBlockId" => "OptionalBlockValue",
|
1023
|
+
# },
|
1024
|
+
# },
|
945
1025
|
# },
|
946
1026
|
# tr_34_key_block: {
|
947
1027
|
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1028
|
+
# wrapping_key_certificate: "CertificateType", # required
|
948
1029
|
# export_token: "ExportTokenId", # required
|
949
1030
|
# key_block_format: "X9_TR34_2012", # required, accepts X9_TR34_2012
|
950
1031
|
# random_nonce: "HexLength16",
|
1032
|
+
# key_block_headers: {
|
1033
|
+
# key_modes_of_use: {
|
1034
|
+
# encrypt: false,
|
1035
|
+
# decrypt: false,
|
1036
|
+
# wrap: false,
|
1037
|
+
# unwrap: false,
|
1038
|
+
# generate: false,
|
1039
|
+
# sign: false,
|
1040
|
+
# verify: false,
|
1041
|
+
# derive_key: false,
|
1042
|
+
# no_restrictions: false,
|
1043
|
+
# },
|
1044
|
+
# key_exportability: "EXPORTABLE", # accepts EXPORTABLE, NON_EXPORTABLE, SENSITIVE
|
1045
|
+
# key_version: "KeyVersion",
|
1046
|
+
# optional_blocks: {
|
1047
|
+
# "OptionalBlockId" => "OptionalBlockValue",
|
1048
|
+
# },
|
1049
|
+
# },
|
1050
|
+
# },
|
1051
|
+
# key_cryptogram: {
|
1052
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
951
1053
|
# wrapping_key_certificate: "CertificateType", # required
|
1054
|
+
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
1055
|
+
# },
|
1056
|
+
# },
|
1057
|
+
# export_key_identifier: "KeyArnOrKeyAliasType", # required
|
1058
|
+
# export_attributes: {
|
1059
|
+
# export_dukpt_initial_key: {
|
1060
|
+
# key_serial_number: "HexLength20Or24", # required
|
952
1061
|
# },
|
1062
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
953
1063
|
# },
|
954
1064
|
# })
|
955
1065
|
#
|
956
1066
|
# @example Response structure
|
957
1067
|
#
|
1068
|
+
# resp.wrapped_key.wrapping_key_arn #=> String
|
1069
|
+
# resp.wrapped_key.wrapped_key_material_format #=> String, one of "KEY_CRYPTOGRAM", "TR31_KEY_BLOCK", "TR34_KEY_BLOCK"
|
1070
|
+
# resp.wrapped_key.key_material #=> String
|
958
1071
|
# resp.wrapped_key.key_check_value #=> String
|
959
1072
|
# resp.wrapped_key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
960
|
-
# resp.wrapped_key.key_material #=> String
|
961
|
-
# resp.wrapped_key.wrapped_key_material_format #=> String, one of "KEY_CRYPTOGRAM", "TR31_KEY_BLOCK", "TR34_KEY_BLOCK"
|
962
|
-
# resp.wrapped_key.wrapping_key_arn #=> String
|
963
1073
|
#
|
964
1074
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ExportKey AWS API Documentation
|
965
1075
|
#
|
@@ -978,13 +1088,20 @@ module Aws::PaymentCryptography
|
|
978
1088
|
#
|
979
1089
|
# **Related operations:**
|
980
1090
|
#
|
981
|
-
# * CreateAlias
|
1091
|
+
# * [CreateAlias][1]
|
1092
|
+
#
|
1093
|
+
# * [DeleteAlias][2]
|
1094
|
+
#
|
1095
|
+
# * [ListAliases][3]
|
982
1096
|
#
|
983
|
-
# *
|
1097
|
+
# * [UpdateAlias][4]
|
984
1098
|
#
|
985
|
-
# * ListAliases
|
986
1099
|
#
|
987
|
-
#
|
1100
|
+
#
|
1101
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html
|
1102
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
1103
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html
|
1104
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html
|
988
1105
|
#
|
989
1106
|
# @option params [required, String] :alias_name
|
990
1107
|
# The alias of the Amazon Web Services Payment Cryptography key.
|
@@ -1022,11 +1139,17 @@ module Aws::PaymentCryptography
|
|
1022
1139
|
#
|
1023
1140
|
# **Related operations:**
|
1024
1141
|
#
|
1025
|
-
# * CreateKey
|
1142
|
+
# * [CreateKey][1]
|
1143
|
+
#
|
1144
|
+
# * [DeleteKey][2]
|
1145
|
+
#
|
1146
|
+
# * [ListKeys][3]
|
1147
|
+
#
|
1026
1148
|
#
|
1027
|
-
# * DeleteKey
|
1028
1149
|
#
|
1029
|
-
#
|
1150
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
1151
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
1152
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListKeys.html
|
1030
1153
|
#
|
1031
1154
|
# @option params [required, String] :key_identifier
|
1032
1155
|
# The `KeyARN` of the Amazon Web Services Payment Cryptography key.
|
@@ -1043,30 +1166,30 @@ module Aws::PaymentCryptography
|
|
1043
1166
|
#
|
1044
1167
|
# @example Response structure
|
1045
1168
|
#
|
1046
|
-
# resp.key.create_timestamp #=> Time
|
1047
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1048
|
-
# resp.key.delete_timestamp #=> Time
|
1049
|
-
# resp.key.enabled #=> Boolean
|
1050
|
-
# resp.key.exportable #=> Boolean
|
1051
1169
|
# resp.key.key_arn #=> String
|
1052
|
-
# resp.key.key_attributes.
|
1170
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1053
1171
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1054
|
-
# resp.key.key_attributes.
|
1055
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1172
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1056
1173
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
1174
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
1175
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
1176
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1057
1177
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1058
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1059
1178
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1060
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1061
1179
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1062
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1063
|
-
# resp.key.key_attributes.
|
1180
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1181
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1064
1182
|
# resp.key.key_check_value #=> String
|
1065
1183
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1066
|
-
# resp.key.
|
1184
|
+
# resp.key.enabled #=> Boolean
|
1185
|
+
# resp.key.exportable #=> Boolean
|
1067
1186
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
1187
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
1188
|
+
# resp.key.create_timestamp #=> Time
|
1068
1189
|
# resp.key.usage_start_timestamp #=> Time
|
1069
1190
|
# resp.key.usage_stop_timestamp #=> Time
|
1191
|
+
# resp.key.delete_pending_timestamp #=> Time
|
1192
|
+
# resp.key.delete_timestamp #=> Time
|
1070
1193
|
#
|
1071
1194
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetKey AWS API Documentation
|
1072
1195
|
#
|
@@ -1082,18 +1205,23 @@ module Aws::PaymentCryptography
|
|
1082
1205
|
#
|
1083
1206
|
# The signing key certificate signs the wrapped key under export within
|
1084
1207
|
# the TR-34 key payload. The export token and signing key certificate
|
1085
|
-
# must be in place and operational before calling ExportKey. The
|
1086
|
-
# token expires in 7 days. You can use the same export token to
|
1087
|
-
# multiple keys from your service account.
|
1208
|
+
# must be in place and operational before calling [ExportKey][1]. The
|
1209
|
+
# export token expires in 7 days. You can use the same export token to
|
1210
|
+
# export multiple keys from your service account.
|
1088
1211
|
#
|
1089
1212
|
# **Cross-account use:** This operation can't be used across different
|
1090
1213
|
# Amazon Web Services accounts.
|
1091
1214
|
#
|
1092
1215
|
# **Related operations:**
|
1093
1216
|
#
|
1094
|
-
# * ExportKey
|
1217
|
+
# * [ExportKey][1]
|
1218
|
+
#
|
1219
|
+
# * [GetParametersForImport][2]
|
1220
|
+
#
|
1095
1221
|
#
|
1096
|
-
#
|
1222
|
+
#
|
1223
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ExportKey.html
|
1224
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForImport.html
|
1097
1225
|
#
|
1098
1226
|
# @option params [required, String] :key_material_type
|
1099
1227
|
# The key block format type (for example, TR-34 or TR-31) to use during
|
@@ -1108,11 +1236,11 @@ module Aws::PaymentCryptography
|
|
1108
1236
|
#
|
1109
1237
|
# @return [Types::GetParametersForExportOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1110
1238
|
#
|
1111
|
-
# * {Types::GetParametersForExportOutput#export_token #export_token} => String
|
1112
|
-
# * {Types::GetParametersForExportOutput#parameters_valid_until_timestamp #parameters_valid_until_timestamp} => Time
|
1113
|
-
# * {Types::GetParametersForExportOutput#signing_key_algorithm #signing_key_algorithm} => String
|
1114
1239
|
# * {Types::GetParametersForExportOutput#signing_key_certificate #signing_key_certificate} => String
|
1115
1240
|
# * {Types::GetParametersForExportOutput#signing_key_certificate_chain #signing_key_certificate_chain} => String
|
1241
|
+
# * {Types::GetParametersForExportOutput#signing_key_algorithm #signing_key_algorithm} => String
|
1242
|
+
# * {Types::GetParametersForExportOutput#export_token #export_token} => String
|
1243
|
+
# * {Types::GetParametersForExportOutput#parameters_valid_until_timestamp #parameters_valid_until_timestamp} => Time
|
1116
1244
|
#
|
1117
1245
|
# @example Request syntax with placeholder values
|
1118
1246
|
#
|
@@ -1123,11 +1251,11 @@ module Aws::PaymentCryptography
|
|
1123
1251
|
#
|
1124
1252
|
# @example Response structure
|
1125
1253
|
#
|
1126
|
-
# resp.export_token #=> String
|
1127
|
-
# resp.parameters_valid_until_timestamp #=> Time
|
1128
|
-
# resp.signing_key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1129
1254
|
# resp.signing_key_certificate #=> String
|
1130
1255
|
# resp.signing_key_certificate_chain #=> String
|
1256
|
+
# resp.signing_key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1257
|
+
# resp.export_token #=> String
|
1258
|
+
# resp.parameters_valid_until_timestamp #=> Time
|
1131
1259
|
#
|
1132
1260
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForExport AWS API Documentation
|
1133
1261
|
#
|
@@ -1145,18 +1273,23 @@ module Aws::PaymentCryptography
|
|
1145
1273
|
#
|
1146
1274
|
# The wrapping key certificate wraps the key under import. The import
|
1147
1275
|
# token and wrapping key certificate must be in place and operational
|
1148
|
-
# before calling ImportKey. The import token expires in 7 days. You
|
1149
|
-
# use the same import token to import multiple keys into your
|
1150
|
-
# account.
|
1276
|
+
# before calling [ImportKey][1]. The import token expires in 7 days. You
|
1277
|
+
# can use the same import token to import multiple keys into your
|
1278
|
+
# service account.
|
1151
1279
|
#
|
1152
1280
|
# **Cross-account use:** This operation can't be used across different
|
1153
1281
|
# Amazon Web Services accounts.
|
1154
1282
|
#
|
1155
1283
|
# **Related operations:**
|
1156
1284
|
#
|
1157
|
-
# * GetParametersForExport
|
1285
|
+
# * [GetParametersForExport][2]
|
1286
|
+
#
|
1287
|
+
# * [ImportKey][1]
|
1288
|
+
#
|
1289
|
+
#
|
1158
1290
|
#
|
1159
|
-
#
|
1291
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
1292
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForExport.html
|
1160
1293
|
#
|
1161
1294
|
# @option params [required, String] :key_material_type
|
1162
1295
|
# The method to use for key material import. Import token is only
|
@@ -1177,11 +1310,11 @@ module Aws::PaymentCryptography
|
|
1177
1310
|
#
|
1178
1311
|
# @return [Types::GetParametersForImportOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1179
1312
|
#
|
1180
|
-
# * {Types::GetParametersForImportOutput#import_token #import_token} => String
|
1181
|
-
# * {Types::GetParametersForImportOutput#parameters_valid_until_timestamp #parameters_valid_until_timestamp} => Time
|
1182
|
-
# * {Types::GetParametersForImportOutput#wrapping_key_algorithm #wrapping_key_algorithm} => String
|
1183
1313
|
# * {Types::GetParametersForImportOutput#wrapping_key_certificate #wrapping_key_certificate} => String
|
1184
1314
|
# * {Types::GetParametersForImportOutput#wrapping_key_certificate_chain #wrapping_key_certificate_chain} => String
|
1315
|
+
# * {Types::GetParametersForImportOutput#wrapping_key_algorithm #wrapping_key_algorithm} => String
|
1316
|
+
# * {Types::GetParametersForImportOutput#import_token #import_token} => String
|
1317
|
+
# * {Types::GetParametersForImportOutput#parameters_valid_until_timestamp #parameters_valid_until_timestamp} => Time
|
1185
1318
|
#
|
1186
1319
|
# @example Request syntax with placeholder values
|
1187
1320
|
#
|
@@ -1192,11 +1325,11 @@ module Aws::PaymentCryptography
|
|
1192
1325
|
#
|
1193
1326
|
# @example Response structure
|
1194
1327
|
#
|
1195
|
-
# resp.import_token #=> String
|
1196
|
-
# resp.parameters_valid_until_timestamp #=> Time
|
1197
|
-
# resp.wrapping_key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1198
1328
|
# resp.wrapping_key_certificate #=> String
|
1199
1329
|
# resp.wrapping_key_certificate_chain #=> String
|
1330
|
+
# resp.wrapping_key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1331
|
+
# resp.import_token #=> String
|
1332
|
+
# resp.parameters_valid_until_timestamp #=> Time
|
1200
1333
|
#
|
1201
1334
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForImport AWS API Documentation
|
1202
1335
|
#
|
@@ -1333,13 +1466,13 @@ module Aws::PaymentCryptography
|
|
1333
1466
|
# Amazon Web Services Payment Cryptography who receives the key.
|
1334
1467
|
#
|
1335
1468
|
# To initiate TR-34 key import, the KDH must obtain an import token by
|
1336
|
-
# calling GetParametersForImport. This operation generates an
|
1337
|
-
# keypair for the purpose of key import, signs the key and
|
1338
|
-
# the wrapping key certificate (also known as KRD wrapping
|
1339
|
-
# and the root certificate chain. The KDH must trust and
|
1340
|
-
# wrapping certificate on its HSM and use it to encrypt
|
1341
|
-
# key during TR-34 WrappedKeyBlock generation. The import
|
1342
|
-
# associated KRD wrapping certificate expires after 7 days.
|
1469
|
+
# calling [GetParametersForImport][1]. This operation generates an
|
1470
|
+
# encryption keypair for the purpose of key import, signs the key and
|
1471
|
+
# returns back the wrapping key certificate (also known as KRD wrapping
|
1472
|
+
# certificate) and the root certificate chain. The KDH must trust and
|
1473
|
+
# install the KRD wrapping certificate on its HSM and use it to encrypt
|
1474
|
+
# (wrap) the KDH key during TR-34 WrappedKeyBlock generation. The import
|
1475
|
+
# token and associated KRD wrapping certificate expires after 7 days.
|
1343
1476
|
#
|
1344
1477
|
# Next the KDH generates a key pair for the purpose of signing the
|
1345
1478
|
# encrypted KDH key and provides the public certificate of the signing
|
@@ -1347,7 +1480,7 @@ module Aws::PaymentCryptography
|
|
1347
1480
|
# need to import the root certificate chain of the KDH signing
|
1348
1481
|
# certificate by calling `ImportKey` for `RootCertificatePublicKey`. For
|
1349
1482
|
# more information on TR-34 key import, see section [Importing symmetric
|
1350
|
-
# keys][
|
1483
|
+
# keys][2] in the *Amazon Web Services Payment Cryptography User Guide*.
|
1351
1484
|
#
|
1352
1485
|
# Set the following parameters:
|
1353
1486
|
#
|
@@ -1356,7 +1489,8 @@ module Aws::PaymentCryptography
|
|
1356
1489
|
# * `CertificateAuthorityPublicKeyIdentifier`: The `KeyARN` of the
|
1357
1490
|
# certificate chain that signed the KDH signing key certificate.
|
1358
1491
|
#
|
1359
|
-
# * `ImportToken`: Obtained from KRD by calling
|
1492
|
+
# * `ImportToken`: Obtained from KRD by calling
|
1493
|
+
# [GetParametersForImport][1].
|
1360
1494
|
#
|
1361
1495
|
# * `WrappedKeyBlock`: The TR-34 wrapped key material from KDH. It
|
1362
1496
|
# contains the KDH key under import, wrapped with KRD wrapping
|
@@ -1374,12 +1508,12 @@ module Aws::PaymentCryptography
|
|
1374
1508
|
#
|
1375
1509
|
# Using this operation, you can import initial key using asymmetric RSA
|
1376
1510
|
# wrap and unwrap key exchange method. To initiate import, call
|
1377
|
-
# GetParametersForImport with `KeyMaterial` set to `KEY_CRYPTOGRAM`
|
1378
|
-
# generate an import token. This operation also generates an
|
1379
|
-
# keypair for the purpose of key import, signs the key and
|
1380
|
-
# the wrapping key certificate in PEM format (base64
|
1381
|
-
# root certificate chain. The import token and
|
1382
|
-
# certificate expires after 7 days.
|
1511
|
+
# [GetParametersForImport][1] with `KeyMaterial` set to `KEY_CRYPTOGRAM`
|
1512
|
+
# to generate an import token. This operation also generates an
|
1513
|
+
# encryption keypair for the purpose of key import, signs the key and
|
1514
|
+
# returns back the wrapping key certificate in PEM format (base64
|
1515
|
+
# encoded) and its root certificate chain. The import token and
|
1516
|
+
# associated KRD wrapping certificate expires after 7 days.
|
1383
1517
|
#
|
1384
1518
|
# You must trust and install the wrapping certificate and its
|
1385
1519
|
# certificate chain on the sending HSM and use it to wrap the key under
|
@@ -1392,8 +1526,8 @@ module Aws::PaymentCryptography
|
|
1392
1526
|
# Amazon Web Services Payment Cryptography uses TR-31 symmetric key
|
1393
1527
|
# exchange norm to import working keys. A KEK must be established within
|
1394
1528
|
# Amazon Web Services Payment Cryptography by using TR-34 key import or
|
1395
|
-
# by using CreateKey. To initiate a TR-31 key import, set the
|
1396
|
-
# parameters:
|
1529
|
+
# by using [CreateKey][3]. To initiate a TR-31 key import, set the
|
1530
|
+
# following parameters:
|
1397
1531
|
#
|
1398
1532
|
# * `KeyMaterial`: Use `Tr31KeyBlock` parameters.
|
1399
1533
|
#
|
@@ -1411,16 +1545,20 @@ module Aws::PaymentCryptography
|
|
1411
1545
|
#
|
1412
1546
|
# **Related operations:**
|
1413
1547
|
#
|
1414
|
-
# * ExportKey
|
1548
|
+
# * [ExportKey][4]
|
1415
1549
|
#
|
1416
|
-
# * GetParametersForImport
|
1550
|
+
# * [GetParametersForImport][1]
|
1417
1551
|
#
|
1418
1552
|
#
|
1419
1553
|
#
|
1420
|
-
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/
|
1554
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetParametersForImport.html
|
1555
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-import.html
|
1556
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
1557
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ExportKey.html
|
1421
1558
|
#
|
1422
|
-
# @option params [
|
1423
|
-
#
|
1559
|
+
# @option params [required, Types::ImportKeyMaterial] :key_material
|
1560
|
+
# The key or public key certificate type to use during key material
|
1561
|
+
# import, for example TR-34 or RootCertificatePublicKey.
|
1424
1562
|
#
|
1425
1563
|
# @option params [String] :key_check_value_algorithm
|
1426
1564
|
# The algorithm that Amazon Web Services Payment Cryptography uses to
|
@@ -1433,15 +1571,14 @@ module Aws::PaymentCryptography
|
|
1433
1571
|
# using a CMAC algorithm where the input data is 16 bytes of zero and
|
1434
1572
|
# retaining the 3 highest order bytes of the encrypted result.
|
1435
1573
|
#
|
1436
|
-
# @option params [
|
1437
|
-
#
|
1438
|
-
#
|
1439
|
-
#
|
1574
|
+
# @option params [Boolean] :enabled
|
1575
|
+
# Specifies whether import key is enabled.
|
1576
|
+
#
|
1440
1577
|
# @option params [Array<Types::Tag>] :tags
|
1441
1578
|
# Assigns one or more tags to the Amazon Web Services Payment
|
1442
1579
|
# Cryptography key. Use this parameter to tag a key when it is imported.
|
1443
1580
|
# To tag an existing Amazon Web Services Payment Cryptography key, use
|
1444
|
-
# the TagResource operation.
|
1581
|
+
# the [TagResource][1] operation.
|
1445
1582
|
#
|
1446
1583
|
# Each tag consists of a tag key and a tag value. Both the tag key and
|
1447
1584
|
# the tag value are required, but the tag value can be an empty (null)
|
@@ -1460,6 +1597,10 @@ module Aws::PaymentCryptography
|
|
1460
1597
|
#
|
1461
1598
|
# </note>
|
1462
1599
|
#
|
1600
|
+
#
|
1601
|
+
#
|
1602
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
1603
|
+
#
|
1463
1604
|
# @return [Types::ImportKeyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1464
1605
|
#
|
1465
1606
|
# * {Types::ImportKeyOutput#key #key} => Types::Key
|
@@ -1467,83 +1608,83 @@ module Aws::PaymentCryptography
|
|
1467
1608
|
# @example Request syntax with placeholder values
|
1468
1609
|
#
|
1469
1610
|
# resp = client.import_key({
|
1470
|
-
# enabled: false,
|
1471
|
-
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
1472
1611
|
# key_material: { # required
|
1473
|
-
#
|
1474
|
-
# exportable: false, # required
|
1475
|
-
# import_token: "ImportTokenId", # required
|
1612
|
+
# root_certificate_public_key: {
|
1476
1613
|
# key_attributes: { # required
|
1477
|
-
#
|
1614
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1478
1615
|
# key_class: "SYMMETRIC_KEY", # required, accepts SYMMETRIC_KEY, ASYMMETRIC_KEY_PAIR, PRIVATE_KEY, PUBLIC_KEY
|
1616
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
1479
1617
|
# key_modes_of_use: { # required
|
1480
|
-
# decrypt: false,
|
1481
|
-
# derive_key: false,
|
1482
1618
|
# encrypt: false,
|
1619
|
+
# decrypt: false,
|
1620
|
+
# wrap: false,
|
1621
|
+
# unwrap: false,
|
1483
1622
|
# generate: false,
|
1484
|
-
# no_restrictions: false,
|
1485
1623
|
# sign: false,
|
1486
|
-
# unwrap: false,
|
1487
1624
|
# verify: false,
|
1488
|
-
#
|
1625
|
+
# derive_key: false,
|
1626
|
+
# no_restrictions: false,
|
1489
1627
|
# },
|
1490
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1491
1628
|
# },
|
1492
|
-
#
|
1493
|
-
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
1629
|
+
# public_key_certificate: "CertificateType", # required
|
1494
1630
|
# },
|
1495
|
-
#
|
1631
|
+
# trusted_certificate_public_key: {
|
1496
1632
|
# key_attributes: { # required
|
1497
|
-
#
|
1633
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1498
1634
|
# key_class: "SYMMETRIC_KEY", # required, accepts SYMMETRIC_KEY, ASYMMETRIC_KEY_PAIR, PRIVATE_KEY, PUBLIC_KEY
|
1635
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
1499
1636
|
# key_modes_of_use: { # required
|
1500
|
-
# decrypt: false,
|
1501
|
-
# derive_key: false,
|
1502
1637
|
# encrypt: false,
|
1638
|
+
# decrypt: false,
|
1639
|
+
# wrap: false,
|
1640
|
+
# unwrap: false,
|
1503
1641
|
# generate: false,
|
1504
|
-
# no_restrictions: false,
|
1505
1642
|
# sign: false,
|
1506
|
-
# unwrap: false,
|
1507
1643
|
# verify: false,
|
1508
|
-
#
|
1644
|
+
# derive_key: false,
|
1645
|
+
# no_restrictions: false,
|
1509
1646
|
# },
|
1510
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1511
1647
|
# },
|
1512
1648
|
# public_key_certificate: "CertificateType", # required
|
1649
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1513
1650
|
# },
|
1514
1651
|
# tr_31_key_block: {
|
1515
|
-
# wrapped_key_block: "Tr31WrappedKeyBlock", # required
|
1516
1652
|
# wrapping_key_identifier: "KeyArnOrKeyAliasType", # required
|
1653
|
+
# wrapped_key_block: "Tr31WrappedKeyBlock", # required
|
1517
1654
|
# },
|
1518
1655
|
# tr_34_key_block: {
|
1519
1656
|
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1657
|
+
# signing_key_certificate: "CertificateType", # required
|
1520
1658
|
# import_token: "ImportTokenId", # required
|
1659
|
+
# wrapped_key_block: "Tr34WrappedKeyBlock", # required
|
1521
1660
|
# key_block_format: "X9_TR34_2012", # required, accepts X9_TR34_2012
|
1522
1661
|
# random_nonce: "HexLength16",
|
1523
|
-
# signing_key_certificate: "CertificateType", # required
|
1524
|
-
# wrapped_key_block: "Tr34WrappedKeyBlock", # required
|
1525
1662
|
# },
|
1526
|
-
#
|
1527
|
-
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1663
|
+
# key_cryptogram: {
|
1528
1664
|
# key_attributes: { # required
|
1529
|
-
#
|
1665
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1530
1666
|
# key_class: "SYMMETRIC_KEY", # required, accepts SYMMETRIC_KEY, ASYMMETRIC_KEY_PAIR, PRIVATE_KEY, PUBLIC_KEY
|
1667
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
1531
1668
|
# key_modes_of_use: { # required
|
1532
|
-
# decrypt: false,
|
1533
|
-
# derive_key: false,
|
1534
1669
|
# encrypt: false,
|
1670
|
+
# decrypt: false,
|
1671
|
+
# wrap: false,
|
1672
|
+
# unwrap: false,
|
1535
1673
|
# generate: false,
|
1536
|
-
# no_restrictions: false,
|
1537
1674
|
# sign: false,
|
1538
|
-
# unwrap: false,
|
1539
1675
|
# verify: false,
|
1540
|
-
#
|
1676
|
+
# derive_key: false,
|
1677
|
+
# no_restrictions: false,
|
1541
1678
|
# },
|
1542
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
1543
1679
|
# },
|
1544
|
-
#
|
1680
|
+
# exportable: false, # required
|
1681
|
+
# wrapped_key_cryptogram: "WrappedKeyCryptogram", # required
|
1682
|
+
# import_token: "ImportTokenId", # required
|
1683
|
+
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
1545
1684
|
# },
|
1546
1685
|
# },
|
1686
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
1687
|
+
# enabled: false,
|
1547
1688
|
# tags: [
|
1548
1689
|
# {
|
1549
1690
|
# key: "TagKey", # required
|
@@ -1554,30 +1695,30 @@ module Aws::PaymentCryptography
|
|
1554
1695
|
#
|
1555
1696
|
# @example Response structure
|
1556
1697
|
#
|
1557
|
-
# resp.key.create_timestamp #=> Time
|
1558
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1559
|
-
# resp.key.delete_timestamp #=> Time
|
1560
|
-
# resp.key.enabled #=> Boolean
|
1561
|
-
# resp.key.exportable #=> Boolean
|
1562
1698
|
# resp.key.key_arn #=> String
|
1563
|
-
# resp.key.key_attributes.
|
1699
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1564
1700
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1565
|
-
# resp.key.key_attributes.
|
1566
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1701
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1567
1702
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
1703
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
1704
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
1705
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1568
1706
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1569
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1570
1707
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1571
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1572
1708
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1573
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1574
|
-
# resp.key.key_attributes.
|
1709
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1710
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1575
1711
|
# resp.key.key_check_value #=> String
|
1576
1712
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1577
|
-
# resp.key.
|
1713
|
+
# resp.key.enabled #=> Boolean
|
1714
|
+
# resp.key.exportable #=> Boolean
|
1578
1715
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
1716
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
1717
|
+
# resp.key.create_timestamp #=> Time
|
1579
1718
|
# resp.key.usage_start_timestamp #=> Time
|
1580
1719
|
# resp.key.usage_stop_timestamp #=> Time
|
1720
|
+
# resp.key.delete_pending_timestamp #=> Time
|
1721
|
+
# resp.key.delete_timestamp #=> Time
|
1581
1722
|
#
|
1582
1723
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ImportKey AWS API Documentation
|
1583
1724
|
#
|
@@ -1605,17 +1746,26 @@ module Aws::PaymentCryptography
|
|
1605
1746
|
#
|
1606
1747
|
# **Related operations:**
|
1607
1748
|
#
|
1608
|
-
# * CreateAlias
|
1749
|
+
# * [CreateAlias][2]
|
1609
1750
|
#
|
1610
|
-
# * DeleteAlias
|
1751
|
+
# * [DeleteAlias][3]
|
1611
1752
|
#
|
1612
|
-
# * GetAlias
|
1753
|
+
# * [GetAlias][4]
|
1613
1754
|
#
|
1614
|
-
# * UpdateAlias
|
1755
|
+
# * [UpdateAlias][5]
|
1615
1756
|
#
|
1616
1757
|
#
|
1617
1758
|
#
|
1618
1759
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-managealias.html
|
1760
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html
|
1761
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
1762
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html
|
1763
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UpdateAlias.html
|
1764
|
+
#
|
1765
|
+
# @option params [String] :next_token
|
1766
|
+
# Use this parameter in a subsequent request after you receive a
|
1767
|
+
# response with truncated results. Set it to the value of `NextToken`
|
1768
|
+
# from the truncated response you just received.
|
1619
1769
|
#
|
1620
1770
|
# @option params [Integer] :max_results
|
1621
1771
|
# Use this parameter to specify the maximum number of items to return.
|
@@ -1626,11 +1776,6 @@ module Aws::PaymentCryptography
|
|
1626
1776
|
# This value is optional. If you include a value, it must be between 1
|
1627
1777
|
# and 100, inclusive. If you do not include a value, it defaults to 50.
|
1628
1778
|
#
|
1629
|
-
# @option params [String] :next_token
|
1630
|
-
# Use this parameter in a subsequent request after you receive a
|
1631
|
-
# response with truncated results. Set it to the value of `NextToken`
|
1632
|
-
# from the truncated response you just received.
|
1633
|
-
#
|
1634
1779
|
# @return [Types::ListAliasesOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1635
1780
|
#
|
1636
1781
|
# * {Types::ListAliasesOutput#aliases #aliases} => Array<Types::Alias>
|
@@ -1641,8 +1786,8 @@ module Aws::PaymentCryptography
|
|
1641
1786
|
# @example Request syntax with placeholder values
|
1642
1787
|
#
|
1643
1788
|
# resp = client.list_aliases({
|
1644
|
-
# max_results: 1,
|
1645
1789
|
# next_token: "NextToken",
|
1790
|
+
# max_results: 1,
|
1646
1791
|
# })
|
1647
1792
|
#
|
1648
1793
|
# @example Response structure
|
@@ -1676,15 +1821,26 @@ module Aws::PaymentCryptography
|
|
1676
1821
|
#
|
1677
1822
|
# **Related operations:**
|
1678
1823
|
#
|
1679
|
-
# * CreateKey
|
1824
|
+
# * [CreateKey][1]
|
1680
1825
|
#
|
1681
|
-
# * DeleteKey
|
1826
|
+
# * [DeleteKey][2]
|
1682
1827
|
#
|
1683
|
-
# * GetKey
|
1828
|
+
# * [GetKey][3]
|
1829
|
+
#
|
1830
|
+
#
|
1831
|
+
#
|
1832
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
1833
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
1834
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetKey.html
|
1684
1835
|
#
|
1685
1836
|
# @option params [String] :key_state
|
1686
1837
|
# The key state of the keys you want to list.
|
1687
1838
|
#
|
1839
|
+
# @option params [String] :next_token
|
1840
|
+
# Use this parameter in a subsequent request after you receive a
|
1841
|
+
# response with truncated results. Set it to the value of `NextToken`
|
1842
|
+
# from the truncated response you just received.
|
1843
|
+
#
|
1688
1844
|
# @option params [Integer] :max_results
|
1689
1845
|
# Use this parameter to specify the maximum number of items to return.
|
1690
1846
|
# When this value is present, Amazon Web Services Payment Cryptography
|
@@ -1694,11 +1850,6 @@ module Aws::PaymentCryptography
|
|
1694
1850
|
# This value is optional. If you include a value, it must be between 1
|
1695
1851
|
# and 100, inclusive. If you do not include a value, it defaults to 50.
|
1696
1852
|
#
|
1697
|
-
# @option params [String] :next_token
|
1698
|
-
# Use this parameter in a subsequent request after you receive a
|
1699
|
-
# response with truncated results. Set it to the value of `NextToken`
|
1700
|
-
# from the truncated response you just received.
|
1701
|
-
#
|
1702
1853
|
# @return [Types::ListKeysOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1703
1854
|
#
|
1704
1855
|
# * {Types::ListKeysOutput#keys #keys} => Array<Types::KeySummary>
|
@@ -1710,30 +1861,30 @@ module Aws::PaymentCryptography
|
|
1710
1861
|
#
|
1711
1862
|
# resp = client.list_keys({
|
1712
1863
|
# key_state: "CREATE_IN_PROGRESS", # accepts CREATE_IN_PROGRESS, CREATE_COMPLETE, DELETE_PENDING, DELETE_COMPLETE
|
1713
|
-
# max_results: 1,
|
1714
1864
|
# next_token: "NextToken",
|
1865
|
+
# max_results: 1,
|
1715
1866
|
# })
|
1716
1867
|
#
|
1717
1868
|
# @example Response structure
|
1718
1869
|
#
|
1719
1870
|
# resp.keys #=> Array
|
1720
|
-
# resp.keys[0].enabled #=> Boolean
|
1721
|
-
# resp.keys[0].exportable #=> Boolean
|
1722
1871
|
# resp.keys[0].key_arn #=> String
|
1723
|
-
# resp.keys[0].
|
1872
|
+
# resp.keys[0].key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
1873
|
+
# resp.keys[0].key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1724
1874
|
# resp.keys[0].key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1725
|
-
# resp.keys[0].key_attributes.
|
1726
|
-
# resp.keys[0].key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1875
|
+
# resp.keys[0].key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1727
1876
|
# resp.keys[0].key_attributes.key_modes_of_use.encrypt #=> Boolean
|
1877
|
+
# resp.keys[0].key_attributes.key_modes_of_use.decrypt #=> Boolean
|
1878
|
+
# resp.keys[0].key_attributes.key_modes_of_use.wrap #=> Boolean
|
1879
|
+
# resp.keys[0].key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1728
1880
|
# resp.keys[0].key_attributes.key_modes_of_use.generate #=> Boolean
|
1729
|
-
# resp.keys[0].key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1730
1881
|
# resp.keys[0].key_attributes.key_modes_of_use.sign #=> Boolean
|
1731
|
-
# resp.keys[0].key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1732
1882
|
# resp.keys[0].key_attributes.key_modes_of_use.verify #=> Boolean
|
1733
|
-
# resp.keys[0].key_attributes.key_modes_of_use.
|
1734
|
-
# resp.keys[0].key_attributes.
|
1883
|
+
# resp.keys[0].key_attributes.key_modes_of_use.derive_key #=> Boolean
|
1884
|
+
# resp.keys[0].key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1735
1885
|
# resp.keys[0].key_check_value #=> String
|
1736
|
-
# resp.keys[0].
|
1886
|
+
# resp.keys[0].exportable #=> Boolean
|
1887
|
+
# resp.keys[0].enabled #=> Boolean
|
1737
1888
|
# resp.next_token #=> String
|
1738
1889
|
#
|
1739
1890
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListKeys AWS API Documentation
|
@@ -1759,9 +1910,22 @@ module Aws::PaymentCryptography
|
|
1759
1910
|
#
|
1760
1911
|
# **Related operations:**
|
1761
1912
|
#
|
1762
|
-
# * TagResource
|
1913
|
+
# * [TagResource][1]
|
1914
|
+
#
|
1915
|
+
# * [UntagResource][2]
|
1916
|
+
#
|
1763
1917
|
#
|
1764
|
-
#
|
1918
|
+
#
|
1919
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
1920
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UntagResource.html
|
1921
|
+
#
|
1922
|
+
# @option params [required, String] :resource_arn
|
1923
|
+
# The `KeyARN` of the key whose tags you are getting.
|
1924
|
+
#
|
1925
|
+
# @option params [String] :next_token
|
1926
|
+
# Use this parameter in a subsequent request after you receive a
|
1927
|
+
# response with truncated results. Set it to the value of `NextToken`
|
1928
|
+
# from the truncated response you just received.
|
1765
1929
|
#
|
1766
1930
|
# @option params [Integer] :max_results
|
1767
1931
|
# Use this parameter to specify the maximum number of items to return.
|
@@ -1772,35 +1936,27 @@ module Aws::PaymentCryptography
|
|
1772
1936
|
# This value is optional. If you include a value, it must be between 1
|
1773
1937
|
# and 100, inclusive. If you do not include a value, it defaults to 50.
|
1774
1938
|
#
|
1775
|
-
# @option params [String] :next_token
|
1776
|
-
# Use this parameter in a subsequent request after you receive a
|
1777
|
-
# response with truncated results. Set it to the value of `NextToken`
|
1778
|
-
# from the truncated response you just received.
|
1779
|
-
#
|
1780
|
-
# @option params [required, String] :resource_arn
|
1781
|
-
# The `KeyARN` of the key whose tags you are getting.
|
1782
|
-
#
|
1783
1939
|
# @return [Types::ListTagsForResourceOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1784
1940
|
#
|
1785
|
-
# * {Types::ListTagsForResourceOutput#next_token #next_token} => String
|
1786
1941
|
# * {Types::ListTagsForResourceOutput#tags #tags} => Array<Types::Tag>
|
1942
|
+
# * {Types::ListTagsForResourceOutput#next_token #next_token} => String
|
1787
1943
|
#
|
1788
1944
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1789
1945
|
#
|
1790
1946
|
# @example Request syntax with placeholder values
|
1791
1947
|
#
|
1792
1948
|
# resp = client.list_tags_for_resource({
|
1793
|
-
# max_results: 1,
|
1794
|
-
# next_token: "NextToken",
|
1795
1949
|
# resource_arn: "ResourceArn", # required
|
1950
|
+
# next_token: "NextToken",
|
1951
|
+
# max_results: 1,
|
1796
1952
|
# })
|
1797
1953
|
#
|
1798
1954
|
# @example Response structure
|
1799
1955
|
#
|
1800
|
-
# resp.next_token #=> String
|
1801
1956
|
# resp.tags #=> Array
|
1802
1957
|
# resp.tags[0].key #=> String
|
1803
1958
|
# resp.tags[0].value #=> String
|
1959
|
+
# resp.next_token #=> String
|
1804
1960
|
#
|
1805
1961
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ListTagsForResource AWS API Documentation
|
1806
1962
|
#
|
@@ -1825,11 +1981,17 @@ module Aws::PaymentCryptography
|
|
1825
1981
|
#
|
1826
1982
|
# **Related operations:**
|
1827
1983
|
#
|
1828
|
-
# * DeleteKey
|
1984
|
+
# * [DeleteKey][1]
|
1985
|
+
#
|
1986
|
+
# * [StartKeyUsage][2]
|
1987
|
+
#
|
1988
|
+
# * [StopKeyUsage][3]
|
1989
|
+
#
|
1829
1990
|
#
|
1830
|
-
# * StartKeyUsage
|
1831
1991
|
#
|
1832
|
-
#
|
1992
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
1993
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StartKeyUsage.html
|
1994
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StopKeyUsage.html
|
1833
1995
|
#
|
1834
1996
|
# @option params [required, String] :key_identifier
|
1835
1997
|
# The `KeyARN` of the key to be restored within Amazon Web Services
|
@@ -1847,30 +2009,30 @@ module Aws::PaymentCryptography
|
|
1847
2009
|
#
|
1848
2010
|
# @example Response structure
|
1849
2011
|
#
|
1850
|
-
# resp.key.create_timestamp #=> Time
|
1851
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1852
|
-
# resp.key.delete_timestamp #=> Time
|
1853
|
-
# resp.key.enabled #=> Boolean
|
1854
|
-
# resp.key.exportable #=> Boolean
|
1855
2012
|
# resp.key.key_arn #=> String
|
1856
|
-
# resp.key.key_attributes.
|
2013
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1857
2014
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1858
|
-
# resp.key.key_attributes.
|
1859
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2015
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1860
2016
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
2017
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
2018
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
2019
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1861
2020
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1862
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1863
2021
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1864
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1865
2022
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1866
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1867
|
-
# resp.key.key_attributes.
|
2023
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2024
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1868
2025
|
# resp.key.key_check_value #=> String
|
1869
2026
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1870
|
-
# resp.key.
|
2027
|
+
# resp.key.enabled #=> Boolean
|
2028
|
+
# resp.key.exportable #=> Boolean
|
1871
2029
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
2030
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
2031
|
+
# resp.key.create_timestamp #=> Time
|
1872
2032
|
# resp.key.usage_start_timestamp #=> Time
|
1873
2033
|
# resp.key.usage_stop_timestamp #=> Time
|
2034
|
+
# resp.key.delete_pending_timestamp #=> Time
|
2035
|
+
# resp.key.delete_timestamp #=> Time
|
1874
2036
|
#
|
1875
2037
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/RestoreKey AWS API Documentation
|
1876
2038
|
#
|
@@ -1890,10 +2052,14 @@ module Aws::PaymentCryptography
|
|
1890
2052
|
#
|
1891
2053
|
# **Related operations:**
|
1892
2054
|
#
|
1893
|
-
# * StopKeyUsage
|
2055
|
+
# * [StopKeyUsage][1]
|
1894
2056
|
#
|
1895
2057
|
# ^
|
1896
2058
|
#
|
2059
|
+
#
|
2060
|
+
#
|
2061
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StopKeyUsage.html
|
2062
|
+
#
|
1897
2063
|
# @option params [required, String] :key_identifier
|
1898
2064
|
# The `KeyArn` of the key.
|
1899
2065
|
#
|
@@ -1909,30 +2075,30 @@ module Aws::PaymentCryptography
|
|
1909
2075
|
#
|
1910
2076
|
# @example Response structure
|
1911
2077
|
#
|
1912
|
-
# resp.key.create_timestamp #=> Time
|
1913
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1914
|
-
# resp.key.delete_timestamp #=> Time
|
1915
|
-
# resp.key.enabled #=> Boolean
|
1916
|
-
# resp.key.exportable #=> Boolean
|
1917
2078
|
# resp.key.key_arn #=> String
|
1918
|
-
# resp.key.key_attributes.
|
2079
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1919
2080
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1920
|
-
# resp.key.key_attributes.
|
1921
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2081
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1922
2082
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
2083
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
2084
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
2085
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1923
2086
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1924
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1925
2087
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1926
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1927
2088
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1928
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1929
|
-
# resp.key.key_attributes.
|
2089
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2090
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1930
2091
|
# resp.key.key_check_value #=> String
|
1931
2092
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1932
|
-
# resp.key.
|
2093
|
+
# resp.key.enabled #=> Boolean
|
2094
|
+
# resp.key.exportable #=> Boolean
|
1933
2095
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
2096
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
2097
|
+
# resp.key.create_timestamp #=> Time
|
1934
2098
|
# resp.key.usage_start_timestamp #=> Time
|
1935
2099
|
# resp.key.usage_stop_timestamp #=> Time
|
2100
|
+
# resp.key.delete_pending_timestamp #=> Time
|
2101
|
+
# resp.key.delete_timestamp #=> Time
|
1936
2102
|
#
|
1937
2103
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/StartKeyUsage AWS API Documentation
|
1938
2104
|
#
|
@@ -1946,17 +2112,23 @@ module Aws::PaymentCryptography
|
|
1946
2112
|
# Disables an Amazon Web Services Payment Cryptography key, which makes
|
1947
2113
|
# it inactive within Amazon Web Services Payment Cryptography.
|
1948
2114
|
#
|
1949
|
-
# You can use this operation instead of DeleteKey to deactivate a
|
1950
|
-
# You can enable the key in the future by calling
|
2115
|
+
# You can use this operation instead of [DeleteKey][1] to deactivate a
|
2116
|
+
# key. You can enable the key in the future by calling
|
2117
|
+
# [StartKeyUsage][2].
|
1951
2118
|
#
|
1952
2119
|
# **Cross-account use:** This operation can't be used across different
|
1953
2120
|
# Amazon Web Services accounts.
|
1954
2121
|
#
|
1955
2122
|
# **Related operations:**
|
1956
2123
|
#
|
1957
|
-
# * DeleteKey
|
2124
|
+
# * [DeleteKey][1]
|
2125
|
+
#
|
2126
|
+
# * [StartKeyUsage][2]
|
2127
|
+
#
|
1958
2128
|
#
|
1959
|
-
#
|
2129
|
+
#
|
2130
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteKey.html
|
2131
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_StartKeyUsage.html
|
1960
2132
|
#
|
1961
2133
|
# @option params [required, String] :key_identifier
|
1962
2134
|
# The `KeyArn` of the key.
|
@@ -1973,30 +2145,30 @@ module Aws::PaymentCryptography
|
|
1973
2145
|
#
|
1974
2146
|
# @example Response structure
|
1975
2147
|
#
|
1976
|
-
# resp.key.create_timestamp #=> Time
|
1977
|
-
# resp.key.delete_pending_timestamp #=> Time
|
1978
|
-
# resp.key.delete_timestamp #=> Time
|
1979
|
-
# resp.key.enabled #=> Boolean
|
1980
|
-
# resp.key.exportable #=> Boolean
|
1981
2148
|
# resp.key.key_arn #=> String
|
1982
|
-
# resp.key.key_attributes.
|
2149
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
1983
2150
|
# resp.key.key_attributes.key_class #=> String, one of "SYMMETRIC_KEY", "ASYMMETRIC_KEY_PAIR", "PRIVATE_KEY", "PUBLIC_KEY"
|
1984
|
-
# resp.key.key_attributes.
|
1985
|
-
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2151
|
+
# resp.key.key_attributes.key_algorithm #=> String, one of "TDES_2KEY", "TDES_3KEY", "AES_128", "AES_192", "AES_256", "RSA_2048", "RSA_3072", "RSA_4096"
|
1986
2152
|
# resp.key.key_attributes.key_modes_of_use.encrypt #=> Boolean
|
2153
|
+
# resp.key.key_attributes.key_modes_of_use.decrypt #=> Boolean
|
2154
|
+
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
2155
|
+
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1987
2156
|
# resp.key.key_attributes.key_modes_of_use.generate #=> Boolean
|
1988
|
-
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1989
2157
|
# resp.key.key_attributes.key_modes_of_use.sign #=> Boolean
|
1990
|
-
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
1991
2158
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
1992
|
-
# resp.key.key_attributes.key_modes_of_use.
|
1993
|
-
# resp.key.key_attributes.
|
2159
|
+
# resp.key.key_attributes.key_modes_of_use.derive_key #=> Boolean
|
2160
|
+
# resp.key.key_attributes.key_modes_of_use.no_restrictions #=> Boolean
|
1994
2161
|
# resp.key.key_check_value #=> String
|
1995
2162
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
1996
|
-
# resp.key.
|
2163
|
+
# resp.key.enabled #=> Boolean
|
2164
|
+
# resp.key.exportable #=> Boolean
|
1997
2165
|
# resp.key.key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
2166
|
+
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
2167
|
+
# resp.key.create_timestamp #=> Time
|
1998
2168
|
# resp.key.usage_start_timestamp #=> Time
|
1999
2169
|
# resp.key.usage_stop_timestamp #=> Time
|
2170
|
+
# resp.key.delete_pending_timestamp #=> Time
|
2171
|
+
# resp.key.delete_timestamp #=> Time
|
2000
2172
|
#
|
2001
2173
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/StopKeyUsage AWS API Documentation
|
2002
2174
|
#
|
@@ -2019,16 +2191,22 @@ module Aws::PaymentCryptography
|
|
2019
2191
|
# To add a tag, specify a new tag key and a tag value. To edit a tag,
|
2020
2192
|
# specify an existing tag key and a new tag value. You can also add tags
|
2021
2193
|
# to an Amazon Web Services Payment Cryptography key when you create it
|
2022
|
-
# with CreateKey.
|
2194
|
+
# with [CreateKey][1].
|
2023
2195
|
#
|
2024
2196
|
# **Cross-account use:** This operation can't be used across different
|
2025
2197
|
# Amazon Web Services accounts.
|
2026
2198
|
#
|
2027
2199
|
# **Related operations:**
|
2028
2200
|
#
|
2029
|
-
# * ListTagsForResource
|
2201
|
+
# * [ListTagsForResource][2]
|
2202
|
+
#
|
2203
|
+
# * [UntagResource][3]
|
2204
|
+
#
|
2205
|
+
#
|
2030
2206
|
#
|
2031
|
-
#
|
2207
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
2208
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListTagsForResource.html
|
2209
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_UntagResource.html
|
2032
2210
|
#
|
2033
2211
|
# @option params [required, String] :resource_arn
|
2034
2212
|
# The `KeyARN` of the key whose tags are being updated.
|
@@ -2045,13 +2223,17 @@ module Aws::PaymentCryptography
|
|
2045
2223
|
# field. This field may be displayed in plaintext in CloudTrail logs and
|
2046
2224
|
# other output.
|
2047
2225
|
#
|
2048
|
-
# To use this parameter, you must have TagResource permission in an
|
2049
|
-
# policy.
|
2226
|
+
# To use this parameter, you must have [TagResource][1] permission in an
|
2227
|
+
# IAM policy.
|
2050
2228
|
#
|
2051
2229
|
# Don't include personal, confidential or sensitive information in this
|
2052
2230
|
# field. This field may be displayed in plaintext in CloudTrail logs and
|
2053
2231
|
# other output.
|
2054
2232
|
#
|
2233
|
+
#
|
2234
|
+
#
|
2235
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
2236
|
+
#
|
2055
2237
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2056
2238
|
#
|
2057
2239
|
# @example Request syntax with placeholder values
|
@@ -2087,9 +2269,14 @@ module Aws::PaymentCryptography
|
|
2087
2269
|
#
|
2088
2270
|
# **Related operations:**
|
2089
2271
|
#
|
2090
|
-
# * ListTagsForResource
|
2272
|
+
# * [ListTagsForResource][1]
|
2273
|
+
#
|
2274
|
+
# * [TagResource][2]
|
2091
2275
|
#
|
2092
|
-
#
|
2276
|
+
#
|
2277
|
+
#
|
2278
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListTagsForResource.html
|
2279
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html
|
2093
2280
|
#
|
2094
2281
|
# @option params [required, String] :resource_arn
|
2095
2282
|
# The `KeyARN` of the key whose tags are being removed.
|
@@ -2100,7 +2287,11 @@ module Aws::PaymentCryptography
|
|
2100
2287
|
# If the Amazon Web Services Payment Cryptography key doesn't have the
|
2101
2288
|
# specified tag key, Amazon Web Services Payment Cryptography doesn't
|
2102
2289
|
# throw an exception or return a response. To confirm that the operation
|
2103
|
-
# succeeded, use the ListTagsForResource operation.
|
2290
|
+
# succeeded, use the [ListTagsForResource][1] operation.
|
2291
|
+
#
|
2292
|
+
#
|
2293
|
+
#
|
2294
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListTagsForResource.html
|
2104
2295
|
#
|
2105
2296
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2106
2297
|
#
|
@@ -2132,13 +2323,20 @@ module Aws::PaymentCryptography
|
|
2132
2323
|
#
|
2133
2324
|
# **Related operations:**
|
2134
2325
|
#
|
2135
|
-
# * CreateAlias
|
2326
|
+
# * [CreateAlias][1]
|
2327
|
+
#
|
2328
|
+
# * [DeleteAlias][2]
|
2329
|
+
#
|
2330
|
+
# * [GetAlias][3]
|
2331
|
+
#
|
2332
|
+
# * [ListAliases][4]
|
2136
2333
|
#
|
2137
|
-
# * DeleteAlias
|
2138
2334
|
#
|
2139
|
-
# * GetAlias
|
2140
2335
|
#
|
2141
|
-
#
|
2336
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateAlias.html
|
2337
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_DeleteAlias.html
|
2338
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetAlias.html
|
2339
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ListAliases.html
|
2142
2340
|
#
|
2143
2341
|
# @option params [required, String] :alias_name
|
2144
2342
|
# The alias whose associated key is changing.
|
@@ -2185,7 +2383,7 @@ module Aws::PaymentCryptography
|
|
2185
2383
|
params: params,
|
2186
2384
|
config: config)
|
2187
2385
|
context[:gem_name] = 'aws-sdk-paymentcryptography'
|
2188
|
-
context[:gem_version] = '1.
|
2386
|
+
context[:gem_version] = '1.12.0'
|
2189
2387
|
Seahorse::Client::Request.new(handlers, context)
|
2190
2388
|
end
|
2191
2389
|
|