aws-sdk-paymentcryptography 1.9.0 → 1.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-paymentcryptography/client.rb +120 -38
- data/lib/aws-sdk-paymentcryptography/client_api.rb +20 -0
- data/lib/aws-sdk-paymentcryptography/types.rb +94 -7
- data/lib/aws-sdk-paymentcryptography.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c6a0e84f6b6cc4d1218749035c30c2c2b35902f0e761ab3f4ff9462e9aca82f5
|
|
4
|
+
data.tar.gz: a8ab6e055e99a67e605a5dc2a2b9d52b8dea6feaac755612e01cf98f2dc54c45
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 63a06d2b60f98c5393d555c8c4fae533990dc932cad3d7edea6bb342535ef31c7c33439e6018bbb3929b52f35f029410408cdba20c2919dba0ac87501b0b7c40
|
|
7
|
+
data.tar.gz: c4ddc6baf34492df16d76be8f3df87d68ceb2bde55a5750dec0bc0977459f63c73a0a5bdabb637641334389064ea889d8255bb6d80b147d402a0b6ae58287d4c
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.10.0 (2024-01-16)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Provide an additional option for key exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and ExportKey operations. Added new key usage (type) TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane operations with ISO9797 Algorithm 1 MAC calculations.
|
|
8
|
+
|
|
4
9
|
1.9.0 (2023-12-06)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.10.0
|
|
@@ -580,7 +580,7 @@ module Aws::PaymentCryptography
|
|
|
580
580
|
# verify: false,
|
|
581
581
|
# wrap: false,
|
|
582
582
|
# },
|
|
583
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
|
583
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
|
584
584
|
# },
|
|
585
585
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
586
586
|
# tags: [
|
|
@@ -610,7 +610,7 @@ module Aws::PaymentCryptography
|
|
|
610
610
|
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
|
611
611
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
|
612
612
|
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
|
613
|
-
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
613
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
614
614
|
# resp.key.key_check_value #=> String
|
|
615
615
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
|
616
616
|
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
|
@@ -738,7 +738,7 @@ module Aws::PaymentCryptography
|
|
|
738
738
|
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
|
739
739
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
|
740
740
|
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
|
741
|
-
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
741
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
742
742
|
# resp.key.key_check_value #=> String
|
|
743
743
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
|
744
744
|
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
|
@@ -768,17 +768,20 @@ module Aws::PaymentCryptography
|
|
|
768
768
|
# For symmetric key exchange, Amazon Web Services Payment Cryptography
|
|
769
769
|
# uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And
|
|
770
770
|
# for asymmetric key exchange, Amazon Web Services Payment Cryptography
|
|
771
|
-
# supports ANSI X9 TR-34 norm
|
|
772
|
-
#
|
|
773
|
-
#
|
|
774
|
-
#
|
|
775
|
-
#
|
|
776
|
-
# within Amazon Web Services
|
|
771
|
+
# supports ANSI X9 TR-34 norm and RSA wrap and unwrap key exchange
|
|
772
|
+
# mechanism. Asymmetric key exchange methods are typically used to
|
|
773
|
+
# establish bi-directional trust between the two parties exhanging keys
|
|
774
|
+
# and are used for initial key exchange such as Key Encryption Key
|
|
775
|
+
# (KEK). After which you can export working keys using symmetric method
|
|
776
|
+
# to perform various cryptographic operations within Amazon Web Services
|
|
777
|
+
# Payment Cryptography.
|
|
777
778
|
#
|
|
778
779
|
# The TR-34 norm is intended for exchanging 3DES keys only and keys are
|
|
779
780
|
# imported in a WrappedKeyBlock format. Key attributes (such as
|
|
780
781
|
# KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained
|
|
781
|
-
# within the key block.
|
|
782
|
+
# within the key block. With RSA wrap and unwrap, you can exchange both
|
|
783
|
+
# 3DES and AES-128 keys. The keys are imported in a WrappedKeyCryptogram
|
|
784
|
+
# format and you will need to specify the key attributes during import.
|
|
782
785
|
#
|
|
783
786
|
# You can also use `ExportKey` functionality to generate and export an
|
|
784
787
|
# IPEK (Initial Pin Encryption Key) from Amazon Web Services Payment
|
|
@@ -788,7 +791,7 @@ module Aws::PaymentCryptography
|
|
|
788
791
|
# within Amazon Web Services Payment Cryptography and has to be
|
|
789
792
|
# re-generated each time during export.
|
|
790
793
|
#
|
|
791
|
-
# **To export KEK or IPEK using TR-34**
|
|
794
|
+
# **To export initial keys (KEK) or IPEK using TR-34**
|
|
792
795
|
#
|
|
793
796
|
# Using this operation, you can export initial key using TR-34
|
|
794
797
|
# asymmetric key exchange. You can only export KEK generated within
|
|
@@ -846,7 +849,33 @@ module Aws::PaymentCryptography
|
|
|
846
849
|
# When this operation is successful, Amazon Web Services Payment
|
|
847
850
|
# Cryptography returns the KEK or IPEK as a TR-34 WrappedKeyBlock.
|
|
848
851
|
#
|
|
849
|
-
# **To export
|
|
852
|
+
# **To export initial keys (KEK) or IPEK using RSA Wrap and Unwrap**
|
|
853
|
+
#
|
|
854
|
+
# Using this operation, you can export initial key using asymmetric RSA
|
|
855
|
+
# wrap and unwrap key exchange method. To initiate export, generate an
|
|
856
|
+
# asymmetric key pair on the receiving HSM and obtain the public key
|
|
857
|
+
# certificate in PEM format (base64 encoded) for the purpose of wrapping
|
|
858
|
+
# and the root certifiate chain. Import the root certificate into Amazon
|
|
859
|
+
# Web Services Payment Cryptography by calling ImportKey for
|
|
860
|
+
# `RootCertificatePublicKey`.
|
|
861
|
+
#
|
|
862
|
+
# Next call `ExportKey` and set the following parameters:
|
|
863
|
+
#
|
|
864
|
+
# * `CertificateAuthorityPublicKeyIdentifier`: The `KeyARN` of the
|
|
865
|
+
# certificate chain that signed wrapping key certificate.
|
|
866
|
+
#
|
|
867
|
+
# * `KeyMaterial`: Set to `KeyCryptogram`.
|
|
868
|
+
#
|
|
869
|
+
# * `WrappingKeyCertificate`: The public key certificate in PEM format
|
|
870
|
+
# (base64 encoded) obtained by the receiving HSM and signed by the
|
|
871
|
+
# root certificate (CertificateAuthorityPublicKeyIdentifier) imported
|
|
872
|
+
# into Amazon Web Services Payment Cryptography. The receiving HSM
|
|
873
|
+
# uses its private key component to unwrap the WrappedKeyCryptogram.
|
|
874
|
+
#
|
|
875
|
+
# When this operation is successful, Amazon Web Services Payment
|
|
876
|
+
# Cryptography returns the WrappedKeyCryptogram.
|
|
877
|
+
#
|
|
878
|
+
# **To export working keys or IPEK using TR-31**
|
|
850
879
|
#
|
|
851
880
|
# Using this operation, you can export working keys or IPEK using TR-31
|
|
852
881
|
# symmetric key exchange. In TR-31, you must use an initial key such as
|
|
@@ -864,7 +893,8 @@ module Aws::PaymentCryptography
|
|
|
864
893
|
# * `KeyMaterial`: Use `Tr31KeyBlock` parameters.
|
|
865
894
|
#
|
|
866
895
|
# When this operation is successful, Amazon Web Services Payment
|
|
867
|
-
# Cryptography returns the
|
|
896
|
+
# Cryptography returns the working key or IPEK as a TR-31
|
|
897
|
+
# WrappedKeyBlock.
|
|
868
898
|
#
|
|
869
899
|
# **Cross-account use:** This operation can't be used across different
|
|
870
900
|
# Amazon Web Services accounts.
|
|
@@ -905,6 +935,11 @@ module Aws::PaymentCryptography
|
|
|
905
935
|
# },
|
|
906
936
|
# export_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
907
937
|
# key_material: { # required
|
|
938
|
+
# key_cryptogram: {
|
|
939
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
940
|
+
# wrapping_key_certificate: "CertificateType", # required
|
|
941
|
+
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
|
942
|
+
# },
|
|
908
943
|
# tr_31_key_block: {
|
|
909
944
|
# wrapping_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
910
945
|
# },
|
|
@@ -1025,7 +1060,7 @@ module Aws::PaymentCryptography
|
|
|
1025
1060
|
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
|
1026
1061
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
|
1027
1062
|
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
|
1028
|
-
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1063
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1029
1064
|
# resp.key.key_check_value #=> String
|
|
1030
1065
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
|
1031
1066
|
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
|
@@ -1082,7 +1117,7 @@ module Aws::PaymentCryptography
|
|
|
1082
1117
|
# @example Request syntax with placeholder values
|
|
1083
1118
|
#
|
|
1084
1119
|
# resp = client.get_parameters_for_export({
|
|
1085
|
-
# key_material_type: "TR34_KEY_BLOCK", # required, accepts TR34_KEY_BLOCK, TR31_KEY_BLOCK, ROOT_PUBLIC_KEY_CERTIFICATE, TRUSTED_PUBLIC_KEY_CERTIFICATE
|
|
1120
|
+
# key_material_type: "TR34_KEY_BLOCK", # required, accepts TR34_KEY_BLOCK, TR31_KEY_BLOCK, ROOT_PUBLIC_KEY_CERTIFICATE, TRUSTED_PUBLIC_KEY_CERTIFICATE, KEY_CRYPTOGRAM
|
|
1086
1121
|
# signing_key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
|
1087
1122
|
# })
|
|
1088
1123
|
#
|
|
@@ -1104,7 +1139,9 @@ module Aws::PaymentCryptography
|
|
|
1104
1139
|
end
|
|
1105
1140
|
|
|
1106
1141
|
# Gets the import token and the wrapping key certificate in PEM format
|
|
1107
|
-
# (base64 encoded) to initiate a TR-34 WrappedKeyBlock
|
|
1142
|
+
# (base64 encoded) to initiate a TR-34 WrappedKeyBlock or a RSA
|
|
1143
|
+
# WrappedKeyCryptogram import into Amazon Web Services Payment
|
|
1144
|
+
# Cryptography.
|
|
1108
1145
|
#
|
|
1109
1146
|
# The wrapping key certificate wraps the key under import. The import
|
|
1110
1147
|
# token and wrapping key certificate must be in place and operational
|
|
@@ -1123,7 +1160,8 @@ module Aws::PaymentCryptography
|
|
|
1123
1160
|
#
|
|
1124
1161
|
# @option params [required, String] :key_material_type
|
|
1125
1162
|
# The method to use for key material import. Import token is only
|
|
1126
|
-
# required for TR-34 WrappedKeyBlock (`TR34_KEY_BLOCK`)
|
|
1163
|
+
# required for TR-34 WrappedKeyBlock (`TR34_KEY_BLOCK`) and RSA
|
|
1164
|
+
# WrappedKeyCryptogram (`KEY_CRYPTOGRAM`).
|
|
1127
1165
|
#
|
|
1128
1166
|
# Import token is not required for TR-31, root public key cerificate or
|
|
1129
1167
|
# trusted public key certificate.
|
|
@@ -1132,8 +1170,10 @@ module Aws::PaymentCryptography
|
|
|
1132
1170
|
# The wrapping key algorithm to generate a wrapping key certificate.
|
|
1133
1171
|
# This certificate wraps the key under import.
|
|
1134
1172
|
#
|
|
1135
|
-
# At this time, `RSA_2048
|
|
1136
|
-
#
|
|
1173
|
+
# At this time, `RSA_2048` is the allowed algorithm for TR-34
|
|
1174
|
+
# WrappedKeyBlock import. Additionally, `RSA_2048`, `RSA_3072`,
|
|
1175
|
+
# `RSA_4096` are the allowed algorithms for RSA WrappedKeyCryptogram
|
|
1176
|
+
# import.
|
|
1137
1177
|
#
|
|
1138
1178
|
# @return [Types::GetParametersForImportOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1139
1179
|
#
|
|
@@ -1146,7 +1186,7 @@ module Aws::PaymentCryptography
|
|
|
1146
1186
|
# @example Request syntax with placeholder values
|
|
1147
1187
|
#
|
|
1148
1188
|
# resp = client.get_parameters_for_import({
|
|
1149
|
-
# key_material_type: "TR34_KEY_BLOCK", # required, accepts TR34_KEY_BLOCK, TR31_KEY_BLOCK, ROOT_PUBLIC_KEY_CERTIFICATE, TRUSTED_PUBLIC_KEY_CERTIFICATE
|
|
1189
|
+
# key_material_type: "TR34_KEY_BLOCK", # required, accepts TR34_KEY_BLOCK, TR31_KEY_BLOCK, ROOT_PUBLIC_KEY_CERTIFICATE, TRUSTED_PUBLIC_KEY_CERTIFICATE, KEY_CRYPTOGRAM
|
|
1150
1190
|
# wrapping_key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
|
1151
1191
|
# })
|
|
1152
1192
|
#
|
|
@@ -1219,18 +1259,20 @@ module Aws::PaymentCryptography
|
|
|
1219
1259
|
# For symmetric key exchange, Amazon Web Services Payment Cryptography
|
|
1220
1260
|
# uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And
|
|
1221
1261
|
# for asymmetric key exchange, Amazon Web Services Payment Cryptography
|
|
1222
|
-
# supports ANSI X9 TR-34 norm
|
|
1223
|
-
#
|
|
1224
|
-
#
|
|
1225
|
-
#
|
|
1226
|
-
#
|
|
1227
|
-
#
|
|
1228
|
-
# Cryptography.
|
|
1262
|
+
# supports ANSI X9 TR-34 norm and RSA wrap and unwrap key exchange
|
|
1263
|
+
# mechanisms. Asymmetric key exchange methods are typically used to
|
|
1264
|
+
# establish bi-directional trust between the two parties exhanging keys
|
|
1265
|
+
# and are used for initial key exchange such as Key Encryption Key (KEK)
|
|
1266
|
+
# or Zone Master Key (ZMK). After which you can import working keys
|
|
1267
|
+
# using symmetric method to perform various cryptographic operations
|
|
1268
|
+
# within Amazon Web Services Payment Cryptography.
|
|
1229
1269
|
#
|
|
1230
1270
|
# The TR-34 norm is intended for exchanging 3DES keys only and keys are
|
|
1231
1271
|
# imported in a WrappedKeyBlock format. Key attributes (such as
|
|
1232
1272
|
# KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained
|
|
1233
|
-
# within the key block.
|
|
1273
|
+
# within the key block. With RSA wrap and unwrap, you can exchange both
|
|
1274
|
+
# 3DES and AES-128 keys. The keys are imported in a WrappedKeyCryptogram
|
|
1275
|
+
# format and you will need to specify the key attributes during import.
|
|
1234
1276
|
#
|
|
1235
1277
|
# You can also import a *root public key certificate*, used to sign
|
|
1236
1278
|
# other public key certificates, or a *trusted public key certificate*
|
|
@@ -1281,7 +1323,7 @@ module Aws::PaymentCryptography
|
|
|
1281
1323
|
# * `PublicKeyCertificate`: The trusted public key certificate in PEM
|
|
1282
1324
|
# format (base64 encoded) under import.
|
|
1283
1325
|
#
|
|
1284
|
-
# **To import KEK or ZMK using TR-34**
|
|
1326
|
+
# **To import initial keys (KEK or ZMK or similar) using TR-34**
|
|
1285
1327
|
#
|
|
1286
1328
|
# Using this operation, you can import initial key using TR-34
|
|
1287
1329
|
# asymmetric key exchange. In TR-34 terminology, the sending party of
|
|
@@ -1327,7 +1369,25 @@ module Aws::PaymentCryptography
|
|
|
1327
1369
|
# certificate (CertificateAuthorityPublicKeyIdentifier) imported in
|
|
1328
1370
|
# Amazon Web Services Payment Cryptography.
|
|
1329
1371
|
#
|
|
1330
|
-
# **To import
|
|
1372
|
+
# **To import initial keys (KEK or ZMK or similar) using RSA Wrap and
|
|
1373
|
+
# Unwrap**
|
|
1374
|
+
#
|
|
1375
|
+
# Using this operation, you can import initial key using asymmetric RSA
|
|
1376
|
+
# wrap and unwrap key exchange method. To initiate import, call
|
|
1377
|
+
# GetParametersForImport with `KeyMaterial` set to `KEY_CRYPTOGRAM` to
|
|
1378
|
+
# generate an import token. This operation also generates an encryption
|
|
1379
|
+
# keypair for the purpose of key import, signs the key and returns back
|
|
1380
|
+
# the wrapping key certificate in PEM format (base64 encoded) and its
|
|
1381
|
+
# root certificate chain. The import token and associated KRD wrapping
|
|
1382
|
+
# certificate expires after 7 days.
|
|
1383
|
+
#
|
|
1384
|
+
# You must trust and install the wrapping certificate and its
|
|
1385
|
+
# certificate chain on the sending HSM and use it to wrap the key under
|
|
1386
|
+
# export for WrappedKeyCryptogram generation. Next call `ImportKey` with
|
|
1387
|
+
# `KeyMaterial` set to `KEY_CRYPTOGRAM` and provide the `ImportToken`
|
|
1388
|
+
# and `KeyAttributes` for the key under import.
|
|
1389
|
+
#
|
|
1390
|
+
# **To import working keys using TR-31**
|
|
1331
1391
|
#
|
|
1332
1392
|
# Amazon Web Services Payment Cryptography uses TR-31 symmetric key
|
|
1333
1393
|
# exchange norm to import working keys. A KEK must be established within
|
|
@@ -1410,6 +1470,28 @@ module Aws::PaymentCryptography
|
|
|
1410
1470
|
# enabled: false,
|
|
1411
1471
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1412
1472
|
# key_material: { # required
|
|
1473
|
+
# key_cryptogram: {
|
|
1474
|
+
# exportable: false, # required
|
|
1475
|
+
# import_token: "ImportTokenId", # required
|
|
1476
|
+
# key_attributes: { # required
|
|
1477
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
|
1478
|
+
# key_class: "SYMMETRIC_KEY", # required, accepts SYMMETRIC_KEY, ASYMMETRIC_KEY_PAIR, PRIVATE_KEY, PUBLIC_KEY
|
|
1479
|
+
# key_modes_of_use: { # required
|
|
1480
|
+
# decrypt: false,
|
|
1481
|
+
# derive_key: false,
|
|
1482
|
+
# encrypt: false,
|
|
1483
|
+
# generate: false,
|
|
1484
|
+
# no_restrictions: false,
|
|
1485
|
+
# sign: false,
|
|
1486
|
+
# unwrap: false,
|
|
1487
|
+
# verify: false,
|
|
1488
|
+
# wrap: false,
|
|
1489
|
+
# },
|
|
1490
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
|
1491
|
+
# },
|
|
1492
|
+
# wrapped_key_cryptogram: "WrappedKeyCryptogram", # required
|
|
1493
|
+
# wrapping_spec: "RSA_OAEP_SHA_256", # accepts RSA_OAEP_SHA_256, RSA_OAEP_SHA_512
|
|
1494
|
+
# },
|
|
1413
1495
|
# root_certificate_public_key: {
|
|
1414
1496
|
# key_attributes: { # required
|
|
1415
1497
|
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, RSA_2048, RSA_3072, RSA_4096
|
|
@@ -1425,7 +1507,7 @@ module Aws::PaymentCryptography
|
|
|
1425
1507
|
# verify: false,
|
|
1426
1508
|
# wrap: false,
|
|
1427
1509
|
# },
|
|
1428
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
|
1510
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
|
1429
1511
|
# },
|
|
1430
1512
|
# public_key_certificate: "CertificateType", # required
|
|
1431
1513
|
# },
|
|
@@ -1457,7 +1539,7 @@ module Aws::PaymentCryptography
|
|
|
1457
1539
|
# verify: false,
|
|
1458
1540
|
# wrap: false,
|
|
1459
1541
|
# },
|
|
1460
|
-
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
|
1542
|
+
# key_usage: "TR31_B0_BASE_DERIVATION_KEY", # required, accepts TR31_B0_BASE_DERIVATION_KEY, TR31_C0_CARD_VERIFICATION_KEY, TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY, TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION, TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS, TR31_E1_EMV_MKEY_CONFIDENTIALITY, TR31_E2_EMV_MKEY_INTEGRITY, TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS, TR31_E5_EMV_MKEY_CARD_PERSONALIZATION, TR31_E6_EMV_MKEY_OTHER, TR31_K0_KEY_ENCRYPTION_KEY, TR31_K1_KEY_BLOCK_PROTECTION_KEY, TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT, TR31_M3_ISO_9797_3_MAC_KEY, TR31_M1_ISO_9797_1_MAC_KEY, TR31_M6_ISO_9797_5_CMAC_KEY, TR31_M7_HMAC_KEY, TR31_P0_PIN_ENCRYPTION_KEY, TR31_P1_PIN_GENERATION_KEY, TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE, TR31_V1_IBM3624_PIN_VERIFICATION_KEY, TR31_V2_VISA_PIN_VERIFICATION_KEY, TR31_K2_TR34_ASYMMETRIC_KEY
|
|
1461
1543
|
# },
|
|
1462
1544
|
# public_key_certificate: "CertificateType", # required
|
|
1463
1545
|
# },
|
|
@@ -1489,7 +1571,7 @@ module Aws::PaymentCryptography
|
|
|
1489
1571
|
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
|
1490
1572
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
|
1491
1573
|
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
|
1492
|
-
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1574
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1493
1575
|
# resp.key.key_check_value #=> String
|
|
1494
1576
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
|
1495
1577
|
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
|
@@ -1649,7 +1731,7 @@ module Aws::PaymentCryptography
|
|
|
1649
1731
|
# resp.keys[0].key_attributes.key_modes_of_use.unwrap #=> Boolean
|
|
1650
1732
|
# resp.keys[0].key_attributes.key_modes_of_use.verify #=> Boolean
|
|
1651
1733
|
# resp.keys[0].key_attributes.key_modes_of_use.wrap #=> Boolean
|
|
1652
|
-
# resp.keys[0].key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1734
|
+
# resp.keys[0].key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1653
1735
|
# resp.keys[0].key_check_value #=> String
|
|
1654
1736
|
# resp.keys[0].key_state #=> String, one of "CREATE_IN_PROGRESS", "CREATE_COMPLETE", "DELETE_PENDING", "DELETE_COMPLETE"
|
|
1655
1737
|
# resp.next_token #=> String
|
|
@@ -1782,7 +1864,7 @@ module Aws::PaymentCryptography
|
|
|
1782
1864
|
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
|
1783
1865
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
|
1784
1866
|
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
|
1785
|
-
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1867
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1786
1868
|
# resp.key.key_check_value #=> String
|
|
1787
1869
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
|
1788
1870
|
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
|
@@ -1844,7 +1926,7 @@ module Aws::PaymentCryptography
|
|
|
1844
1926
|
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
|
1845
1927
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
|
1846
1928
|
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
|
1847
|
-
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1929
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1848
1930
|
# resp.key.key_check_value #=> String
|
|
1849
1931
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
|
1850
1932
|
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
|
@@ -1908,7 +1990,7 @@ module Aws::PaymentCryptography
|
|
|
1908
1990
|
# resp.key.key_attributes.key_modes_of_use.unwrap #=> Boolean
|
|
1909
1991
|
# resp.key.key_attributes.key_modes_of_use.verify #=> Boolean
|
|
1910
1992
|
# resp.key.key_attributes.key_modes_of_use.wrap #=> Boolean
|
|
1911
|
-
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1993
|
+
# resp.key.key_attributes.key_usage #=> String, one of "TR31_B0_BASE_DERIVATION_KEY", "TR31_C0_CARD_VERIFICATION_KEY", "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY", "TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION", "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS", "TR31_E1_EMV_MKEY_CONFIDENTIALITY", "TR31_E2_EMV_MKEY_INTEGRITY", "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS", "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION", "TR31_E6_EMV_MKEY_OTHER", "TR31_K0_KEY_ENCRYPTION_KEY", "TR31_K1_KEY_BLOCK_PROTECTION_KEY", "TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT", "TR31_M3_ISO_9797_3_MAC_KEY", "TR31_M1_ISO_9797_1_MAC_KEY", "TR31_M6_ISO_9797_5_CMAC_KEY", "TR31_M7_HMAC_KEY", "TR31_P0_PIN_ENCRYPTION_KEY", "TR31_P1_PIN_GENERATION_KEY", "TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE", "TR31_V1_IBM3624_PIN_VERIFICATION_KEY", "TR31_V2_VISA_PIN_VERIFICATION_KEY", "TR31_K2_TR34_ASYMMETRIC_KEY"
|
|
1912
1994
|
# resp.key.key_check_value #=> String
|
|
1913
1995
|
# resp.key.key_check_value_algorithm #=> String, one of "CMAC", "ANSI_X9_24"
|
|
1914
1996
|
# resp.key.key_origin #=> String, one of "EXTERNAL", "AWS_PAYMENT_CRYPTOGRAPHY"
|
|
@@ -2103,7 +2185,7 @@ module Aws::PaymentCryptography
|
|
|
2103
2185
|
params: params,
|
|
2104
2186
|
config: config)
|
|
2105
2187
|
context[:gem_name] = 'aws-sdk-paymentcryptography'
|
|
2106
|
-
context[:gem_version] = '1.
|
|
2188
|
+
context[:gem_version] = '1.10.0'
|
|
2107
2189
|
Seahorse::Client::Request.new(handlers, context)
|
|
2108
2190
|
end
|
|
2109
2191
|
|
|
@@ -31,6 +31,7 @@ module Aws::PaymentCryptography
|
|
|
31
31
|
DeleteKeyOutput = Shapes::StructureShape.new(name: 'DeleteKeyOutput')
|
|
32
32
|
ExportAttributes = Shapes::StructureShape.new(name: 'ExportAttributes')
|
|
33
33
|
ExportDukptInitialKey = Shapes::StructureShape.new(name: 'ExportDukptInitialKey')
|
|
34
|
+
ExportKeyCryptogram = Shapes::StructureShape.new(name: 'ExportKeyCryptogram')
|
|
34
35
|
ExportKeyInput = Shapes::StructureShape.new(name: 'ExportKeyInput')
|
|
35
36
|
ExportKeyMaterial = Shapes::UnionShape.new(name: 'ExportKeyMaterial')
|
|
36
37
|
ExportKeyOutput = Shapes::StructureShape.new(name: 'ExportKeyOutput')
|
|
@@ -49,6 +50,7 @@ module Aws::PaymentCryptography
|
|
|
49
50
|
GetPublicKeyCertificateOutput = Shapes::StructureShape.new(name: 'GetPublicKeyCertificateOutput')
|
|
50
51
|
HexLength16 = Shapes::StringShape.new(name: 'HexLength16')
|
|
51
52
|
HexLength20Or24 = Shapes::StringShape.new(name: 'HexLength20Or24')
|
|
53
|
+
ImportKeyCryptogram = Shapes::StructureShape.new(name: 'ImportKeyCryptogram')
|
|
52
54
|
ImportKeyInput = Shapes::StructureShape.new(name: 'ImportKeyInput')
|
|
53
55
|
ImportKeyMaterial = Shapes::UnionShape.new(name: 'ImportKeyMaterial')
|
|
54
56
|
ImportKeyOutput = Shapes::StructureShape.new(name: 'ImportKeyOutput')
|
|
@@ -112,7 +114,9 @@ module Aws::PaymentCryptography
|
|
|
112
114
|
UpdateAliasOutput = Shapes::StructureShape.new(name: 'UpdateAliasOutput')
|
|
113
115
|
ValidationException = Shapes::StructureShape.new(name: 'ValidationException')
|
|
114
116
|
WrappedKey = Shapes::StructureShape.new(name: 'WrappedKey')
|
|
117
|
+
WrappedKeyCryptogram = Shapes::StringShape.new(name: 'WrappedKeyCryptogram')
|
|
115
118
|
WrappedKeyMaterialFormat = Shapes::StringShape.new(name: 'WrappedKeyMaterialFormat')
|
|
119
|
+
WrappingKeySpec = Shapes::StringShape.new(name: 'WrappingKeySpec')
|
|
116
120
|
|
|
117
121
|
AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "Message"))
|
|
118
122
|
AccessDeniedException.struct_class = Types::AccessDeniedException
|
|
@@ -162,14 +166,21 @@ module Aws::PaymentCryptography
|
|
|
162
166
|
ExportDukptInitialKey.add_member(:key_serial_number, Shapes::ShapeRef.new(shape: HexLength20Or24, required: true, location_name: "KeySerialNumber"))
|
|
163
167
|
ExportDukptInitialKey.struct_class = Types::ExportDukptInitialKey
|
|
164
168
|
|
|
169
|
+
ExportKeyCryptogram.add_member(:certificate_authority_public_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "CertificateAuthorityPublicKeyIdentifier"))
|
|
170
|
+
ExportKeyCryptogram.add_member(:wrapping_key_certificate, Shapes::ShapeRef.new(shape: CertificateType, required: true, location_name: "WrappingKeyCertificate"))
|
|
171
|
+
ExportKeyCryptogram.add_member(:wrapping_spec, Shapes::ShapeRef.new(shape: WrappingKeySpec, location_name: "WrappingSpec"))
|
|
172
|
+
ExportKeyCryptogram.struct_class = Types::ExportKeyCryptogram
|
|
173
|
+
|
|
165
174
|
ExportKeyInput.add_member(:export_attributes, Shapes::ShapeRef.new(shape: ExportAttributes, location_name: "ExportAttributes"))
|
|
166
175
|
ExportKeyInput.add_member(:export_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "ExportKeyIdentifier"))
|
|
167
176
|
ExportKeyInput.add_member(:key_material, Shapes::ShapeRef.new(shape: ExportKeyMaterial, required: true, location_name: "KeyMaterial"))
|
|
168
177
|
ExportKeyInput.struct_class = Types::ExportKeyInput
|
|
169
178
|
|
|
179
|
+
ExportKeyMaterial.add_member(:key_cryptogram, Shapes::ShapeRef.new(shape: ExportKeyCryptogram, location_name: "KeyCryptogram"))
|
|
170
180
|
ExportKeyMaterial.add_member(:tr_31_key_block, Shapes::ShapeRef.new(shape: ExportTr31KeyBlock, location_name: "Tr31KeyBlock"))
|
|
171
181
|
ExportKeyMaterial.add_member(:tr_34_key_block, Shapes::ShapeRef.new(shape: ExportTr34KeyBlock, location_name: "Tr34KeyBlock"))
|
|
172
182
|
ExportKeyMaterial.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
|
|
183
|
+
ExportKeyMaterial.add_member_subclass(:key_cryptogram, Types::ExportKeyMaterial::KeyCryptogram)
|
|
173
184
|
ExportKeyMaterial.add_member_subclass(:tr_31_key_block, Types::ExportKeyMaterial::Tr31KeyBlock)
|
|
174
185
|
ExportKeyMaterial.add_member_subclass(:tr_34_key_block, Types::ExportKeyMaterial::Tr34KeyBlock)
|
|
175
186
|
ExportKeyMaterial.add_member_subclass(:unknown, Types::ExportKeyMaterial::Unknown)
|
|
@@ -229,17 +240,26 @@ module Aws::PaymentCryptography
|
|
|
229
240
|
GetPublicKeyCertificateOutput.add_member(:key_certificate_chain, Shapes::ShapeRef.new(shape: CertificateType, required: true, location_name: "KeyCertificateChain"))
|
|
230
241
|
GetPublicKeyCertificateOutput.struct_class = Types::GetPublicKeyCertificateOutput
|
|
231
242
|
|
|
243
|
+
ImportKeyCryptogram.add_member(:exportable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "Exportable"))
|
|
244
|
+
ImportKeyCryptogram.add_member(:import_token, Shapes::ShapeRef.new(shape: ImportTokenId, required: true, location_name: "ImportToken"))
|
|
245
|
+
ImportKeyCryptogram.add_member(:key_attributes, Shapes::ShapeRef.new(shape: KeyAttributes, required: true, location_name: "KeyAttributes"))
|
|
246
|
+
ImportKeyCryptogram.add_member(:wrapped_key_cryptogram, Shapes::ShapeRef.new(shape: WrappedKeyCryptogram, required: true, location_name: "WrappedKeyCryptogram"))
|
|
247
|
+
ImportKeyCryptogram.add_member(:wrapping_spec, Shapes::ShapeRef.new(shape: WrappingKeySpec, location_name: "WrappingSpec"))
|
|
248
|
+
ImportKeyCryptogram.struct_class = Types::ImportKeyCryptogram
|
|
249
|
+
|
|
232
250
|
ImportKeyInput.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "Enabled"))
|
|
233
251
|
ImportKeyInput.add_member(:key_check_value_algorithm, Shapes::ShapeRef.new(shape: KeyCheckValueAlgorithm, location_name: "KeyCheckValueAlgorithm"))
|
|
234
252
|
ImportKeyInput.add_member(:key_material, Shapes::ShapeRef.new(shape: ImportKeyMaterial, required: true, location_name: "KeyMaterial"))
|
|
235
253
|
ImportKeyInput.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
|
|
236
254
|
ImportKeyInput.struct_class = Types::ImportKeyInput
|
|
237
255
|
|
|
256
|
+
ImportKeyMaterial.add_member(:key_cryptogram, Shapes::ShapeRef.new(shape: ImportKeyCryptogram, location_name: "KeyCryptogram"))
|
|
238
257
|
ImportKeyMaterial.add_member(:root_certificate_public_key, Shapes::ShapeRef.new(shape: RootCertificatePublicKey, location_name: "RootCertificatePublicKey"))
|
|
239
258
|
ImportKeyMaterial.add_member(:tr_31_key_block, Shapes::ShapeRef.new(shape: ImportTr31KeyBlock, location_name: "Tr31KeyBlock"))
|
|
240
259
|
ImportKeyMaterial.add_member(:tr_34_key_block, Shapes::ShapeRef.new(shape: ImportTr34KeyBlock, location_name: "Tr34KeyBlock"))
|
|
241
260
|
ImportKeyMaterial.add_member(:trusted_certificate_public_key, Shapes::ShapeRef.new(shape: TrustedCertificatePublicKey, location_name: "TrustedCertificatePublicKey"))
|
|
242
261
|
ImportKeyMaterial.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
|
|
262
|
+
ImportKeyMaterial.add_member_subclass(:key_cryptogram, Types::ImportKeyMaterial::KeyCryptogram)
|
|
243
263
|
ImportKeyMaterial.add_member_subclass(:root_certificate_public_key, Types::ImportKeyMaterial::RootCertificatePublicKey)
|
|
244
264
|
ImportKeyMaterial.add_member_subclass(:tr_31_key_block, Types::ImportKeyMaterial::Tr31KeyBlock)
|
|
245
265
|
ImportKeyMaterial.add_member_subclass(:tr_34_key_block, Types::ImportKeyMaterial::Tr34KeyBlock)
|
|
@@ -264,6 +264,34 @@ module Aws::PaymentCryptography
|
|
|
264
264
|
include Aws::Structure
|
|
265
265
|
end
|
|
266
266
|
|
|
267
|
+
# Parameter information for key material export using asymmetric RSA
|
|
268
|
+
# wrap and unwrap key exchange method.
|
|
269
|
+
#
|
|
270
|
+
# @!attribute [rw] certificate_authority_public_key_identifier
|
|
271
|
+
# The `KeyARN` of the certificate chain that signs the wrapping key
|
|
272
|
+
# certificate during RSA wrap and unwrap key export.
|
|
273
|
+
# @return [String]
|
|
274
|
+
#
|
|
275
|
+
# @!attribute [rw] wrapping_key_certificate
|
|
276
|
+
# The wrapping key certificate in PEM format (base64 encoded). Amazon
|
|
277
|
+
# Web Services Payment Cryptography uses this certificate to wrap the
|
|
278
|
+
# key under export.
|
|
279
|
+
# @return [String]
|
|
280
|
+
#
|
|
281
|
+
# @!attribute [rw] wrapping_spec
|
|
282
|
+
# The wrapping spec for the key under export.
|
|
283
|
+
# @return [String]
|
|
284
|
+
#
|
|
285
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ExportKeyCryptogram AWS API Documentation
|
|
286
|
+
#
|
|
287
|
+
class ExportKeyCryptogram < Struct.new(
|
|
288
|
+
:certificate_authority_public_key_identifier,
|
|
289
|
+
:wrapping_key_certificate,
|
|
290
|
+
:wrapping_spec)
|
|
291
|
+
SENSITIVE = [:wrapping_key_certificate]
|
|
292
|
+
include Aws::Structure
|
|
293
|
+
end
|
|
294
|
+
|
|
267
295
|
# @!attribute [rw] export_attributes
|
|
268
296
|
# The attributes for IPEK generation during export.
|
|
269
297
|
# @return [Types::ExportAttributes]
|
|
@@ -289,10 +317,16 @@ module Aws::PaymentCryptography
|
|
|
289
317
|
end
|
|
290
318
|
|
|
291
319
|
# Parameter information for key material export from Amazon Web Services
|
|
292
|
-
# Payment Cryptography using TR-31 or TR-34
|
|
320
|
+
# Payment Cryptography using TR-31 or TR-34 or RSA wrap and unwrap key
|
|
321
|
+
# exchange method.
|
|
293
322
|
#
|
|
294
323
|
# @note ExportKeyMaterial is a union - when making an API calls you must set exactly one of the members.
|
|
295
324
|
#
|
|
325
|
+
# @!attribute [rw] key_cryptogram
|
|
326
|
+
# Parameter information for key material export using asymmetric RSA
|
|
327
|
+
# wrap and unwrap key exchange method
|
|
328
|
+
# @return [Types::ExportKeyCryptogram]
|
|
329
|
+
#
|
|
296
330
|
# @!attribute [rw] tr_31_key_block
|
|
297
331
|
# Parameter information for key material export using symmetric TR-31
|
|
298
332
|
# key exchange method.
|
|
@@ -306,6 +340,7 @@ module Aws::PaymentCryptography
|
|
|
306
340
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ExportKeyMaterial AWS API Documentation
|
|
307
341
|
#
|
|
308
342
|
class ExportKeyMaterial < Struct.new(
|
|
343
|
+
:key_cryptogram,
|
|
309
344
|
:tr_31_key_block,
|
|
310
345
|
:tr_34_key_block,
|
|
311
346
|
:unknown)
|
|
@@ -313,6 +348,7 @@ module Aws::PaymentCryptography
|
|
|
313
348
|
include Aws::Structure
|
|
314
349
|
include Aws::Structure::Union
|
|
315
350
|
|
|
351
|
+
class KeyCryptogram < ExportKeyMaterial; end
|
|
316
352
|
class Tr31KeyBlock < ExportKeyMaterial; end
|
|
317
353
|
class Tr34KeyBlock < ExportKeyMaterial; end
|
|
318
354
|
class Unknown < ExportKeyMaterial; end
|
|
@@ -320,7 +356,7 @@ module Aws::PaymentCryptography
|
|
|
320
356
|
|
|
321
357
|
# @!attribute [rw] wrapped_key
|
|
322
358
|
# The key material under export as a TR-34 WrappedKeyBlock or a TR-31
|
|
323
|
-
# WrappedKeyBlock.
|
|
359
|
+
# WrappedKeyBlock. or a RSA WrappedKeyCryptogram.
|
|
324
360
|
# @return [Types::WrappedKey]
|
|
325
361
|
#
|
|
326
362
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ExportKeyOutput AWS API Documentation
|
|
@@ -506,7 +542,8 @@ module Aws::PaymentCryptography
|
|
|
506
542
|
|
|
507
543
|
# @!attribute [rw] key_material_type
|
|
508
544
|
# The method to use for key material import. Import token is only
|
|
509
|
-
# required for TR-34 WrappedKeyBlock (`TR34_KEY_BLOCK`)
|
|
545
|
+
# required for TR-34 WrappedKeyBlock (`TR34_KEY_BLOCK`) and RSA
|
|
546
|
+
# WrappedKeyCryptogram (`KEY_CRYPTOGRAM`).
|
|
510
547
|
#
|
|
511
548
|
# Import token is not required for TR-31, root public key cerificate
|
|
512
549
|
# or trusted public key certificate.
|
|
@@ -516,8 +553,10 @@ module Aws::PaymentCryptography
|
|
|
516
553
|
# The wrapping key algorithm to generate a wrapping key certificate.
|
|
517
554
|
# This certificate wraps the key under import.
|
|
518
555
|
#
|
|
519
|
-
# At this time, `RSA_2048
|
|
520
|
-
#
|
|
556
|
+
# At this time, `RSA_2048` is the allowed algorithm for TR-34
|
|
557
|
+
# WrappedKeyBlock import. Additionally, `RSA_2048`, `RSA_3072`,
|
|
558
|
+
# `RSA_4096` are the allowed algorithms for RSA WrappedKeyCryptogram
|
|
559
|
+
# import.
|
|
521
560
|
# @return [String]
|
|
522
561
|
#
|
|
523
562
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForImportInput AWS API Documentation
|
|
@@ -542,7 +581,7 @@ module Aws::PaymentCryptography
|
|
|
542
581
|
#
|
|
543
582
|
# @!attribute [rw] wrapping_key_algorithm
|
|
544
583
|
# The algorithm of the wrapping key for use within TR-34
|
|
545
|
-
# WrappedKeyBlock.
|
|
584
|
+
# WrappedKeyBlock or RSA WrappedKeyCryptogram.
|
|
546
585
|
# @return [String]
|
|
547
586
|
#
|
|
548
587
|
# @!attribute [rw] wrapping_key_certificate
|
|
@@ -602,6 +641,46 @@ module Aws::PaymentCryptography
|
|
|
602
641
|
include Aws::Structure
|
|
603
642
|
end
|
|
604
643
|
|
|
644
|
+
# Parameter information for key material import using asymmetric RSA
|
|
645
|
+
# wrap and unwrap key exchange method.
|
|
646
|
+
#
|
|
647
|
+
# @!attribute [rw] exportable
|
|
648
|
+
# Specifies whether the key is exportable from the service.
|
|
649
|
+
# @return [Boolean]
|
|
650
|
+
#
|
|
651
|
+
# @!attribute [rw] import_token
|
|
652
|
+
# The import token that initiates key import using the asymmetric RSA
|
|
653
|
+
# wrap and unwrap key exchange method into AWS Payment Cryptography.
|
|
654
|
+
# It expires after 7 days. You can use the same import token to import
|
|
655
|
+
# multiple keys to the same service account.
|
|
656
|
+
# @return [String]
|
|
657
|
+
#
|
|
658
|
+
# @!attribute [rw] key_attributes
|
|
659
|
+
# The role of the key, the algorithm it supports, and the
|
|
660
|
+
# cryptographic operations allowed with the key. This data is
|
|
661
|
+
# immutable after the key is created.
|
|
662
|
+
# @return [Types::KeyAttributes]
|
|
663
|
+
#
|
|
664
|
+
# @!attribute [rw] wrapped_key_cryptogram
|
|
665
|
+
# The RSA wrapped key cryptogram under import.
|
|
666
|
+
# @return [String]
|
|
667
|
+
#
|
|
668
|
+
# @!attribute [rw] wrapping_spec
|
|
669
|
+
# The wrapping spec for the wrapped key cryptogram.
|
|
670
|
+
# @return [String]
|
|
671
|
+
#
|
|
672
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ImportKeyCryptogram AWS API Documentation
|
|
673
|
+
#
|
|
674
|
+
class ImportKeyCryptogram < Struct.new(
|
|
675
|
+
:exportable,
|
|
676
|
+
:import_token,
|
|
677
|
+
:key_attributes,
|
|
678
|
+
:wrapped_key_cryptogram,
|
|
679
|
+
:wrapping_spec)
|
|
680
|
+
SENSITIVE = []
|
|
681
|
+
include Aws::Structure
|
|
682
|
+
end
|
|
683
|
+
|
|
605
684
|
# @!attribute [rw] enabled
|
|
606
685
|
# Specifies whether import key is enabled.
|
|
607
686
|
# @return [Boolean]
|
|
@@ -660,10 +739,16 @@ module Aws::PaymentCryptography
|
|
|
660
739
|
end
|
|
661
740
|
|
|
662
741
|
# Parameter information for key material import into Amazon Web Services
|
|
663
|
-
# Payment Cryptography using TR-31 or TR-34
|
|
742
|
+
# Payment Cryptography using TR-31 or TR-34 or RSA wrap and unwrap key
|
|
743
|
+
# exchange method.
|
|
664
744
|
#
|
|
665
745
|
# @note ImportKeyMaterial is a union - when making an API calls you must set exactly one of the members.
|
|
666
746
|
#
|
|
747
|
+
# @!attribute [rw] key_cryptogram
|
|
748
|
+
# Parameter information for key material import using asymmetric RSA
|
|
749
|
+
# wrap and unwrap key exchange method.
|
|
750
|
+
# @return [Types::ImportKeyCryptogram]
|
|
751
|
+
#
|
|
667
752
|
# @!attribute [rw] root_certificate_public_key
|
|
668
753
|
# Parameter information for root public key certificate import.
|
|
669
754
|
# @return [Types::RootCertificatePublicKey]
|
|
@@ -685,6 +770,7 @@ module Aws::PaymentCryptography
|
|
|
685
770
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ImportKeyMaterial AWS API Documentation
|
|
686
771
|
#
|
|
687
772
|
class ImportKeyMaterial < Struct.new(
|
|
773
|
+
:key_cryptogram,
|
|
688
774
|
:root_certificate_public_key,
|
|
689
775
|
:tr_31_key_block,
|
|
690
776
|
:tr_34_key_block,
|
|
@@ -694,6 +780,7 @@ module Aws::PaymentCryptography
|
|
|
694
780
|
include Aws::Structure
|
|
695
781
|
include Aws::Structure::Union
|
|
696
782
|
|
|
783
|
+
class KeyCryptogram < ImportKeyMaterial; end
|
|
697
784
|
class RootCertificatePublicKey < ImportKeyMaterial; end
|
|
698
785
|
class Tr31KeyBlock < ImportKeyMaterial; end
|
|
699
786
|
class Tr34KeyBlock < ImportKeyMaterial; end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-paymentcryptography
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.10.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-01-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|
|
@@ -72,7 +72,7 @@ licenses:
|
|
|
72
72
|
metadata:
|
|
73
73
|
source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-paymentcryptography
|
|
74
74
|
changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-paymentcryptography/CHANGELOG.md
|
|
75
|
-
post_install_message:
|
|
75
|
+
post_install_message:
|
|
76
76
|
rdoc_options: []
|
|
77
77
|
require_paths:
|
|
78
78
|
- lib
|
|
@@ -87,8 +87,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
87
87
|
- !ruby/object:Gem::Version
|
|
88
88
|
version: '0'
|
|
89
89
|
requirements: []
|
|
90
|
-
rubygems_version: 3.
|
|
91
|
-
signing_key:
|
|
90
|
+
rubygems_version: 3.4.10
|
|
91
|
+
signing_key:
|
|
92
92
|
specification_version: 4
|
|
93
93
|
summary: AWS SDK for Ruby - Payment Cryptography Control Plane
|
|
94
94
|
test_files: []
|