aws-sdk-paymentcryptographydata 1.14.0 → 1.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -466,15 +466,23 @@ module Aws::PaymentCryptographyData
466
466
  # [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
467
467
  # [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
468
468
  #
469
+ # @option params [required, String] :key_identifier
470
+ # The `keyARN` of the encryption key that Amazon Web Services Payment
471
+ # Cryptography uses for ciphertext decryption.
472
+ #
473
+ # When a WrappedKeyBlock is provided, this value will be the identifier
474
+ # to the key wrapping key. Otherwise, it is the key identifier used to
475
+ # perform the operation.
476
+ #
469
477
  # @option params [required, String] :cipher_text
470
478
  # The ciphertext to decrypt.
471
479
  #
472
480
  # @option params [required, Types::EncryptionDecryptionAttributes] :decryption_attributes
473
481
  # The encryption key type and attributes for ciphertext decryption.
474
482
  #
475
- # @option params [required, String] :key_identifier
476
- # The `keyARN` of the encryption key that Amazon Web Services Payment
477
- # Cryptography uses for ciphertext decryption.
483
+ # @option params [Types::WrappedKey] :wrapped_key
484
+ # The WrappedKeyBlock containing the encryption key for ciphertext
485
+ # decryption.
478
486
  #
479
487
  # @return [Types::DecryptDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
480
488
  #
@@ -485,33 +493,39 @@ module Aws::PaymentCryptographyData
485
493
  # @example Request syntax with placeholder values
486
494
  #
487
495
  # resp = client.decrypt_data({
496
+ # key_identifier: "KeyArnOrKeyAliasType", # required
488
497
  # cipher_text: "HexEvenLengthBetween16And4096", # required
489
498
  # decryption_attributes: { # required
499
+ # symmetric: {
500
+ # mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
501
+ # initialization_vector: "HexLength16Or32",
502
+ # padding_type: "PKCS1", # accepts PKCS1, OAEP_SHA1, OAEP_SHA256, OAEP_SHA512
503
+ # },
490
504
  # asymmetric: {
491
505
  # padding_type: "PKCS1", # accepts PKCS1, OAEP_SHA1, OAEP_SHA256, OAEP_SHA512
492
506
  # },
493
507
  # dukpt: {
508
+ # key_serial_number: "HexLengthBetween10And24", # required
509
+ # mode: "ECB", # accepts ECB, CBC
494
510
  # dukpt_key_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
495
511
  # dukpt_key_variant: "BIDIRECTIONAL", # accepts BIDIRECTIONAL, REQUEST, RESPONSE
496
512
  # initialization_vector: "HexLength16Or32",
497
- # key_serial_number: "HexLengthBetween10And24", # required
498
- # mode: "ECB", # accepts ECB, CBC
499
513
  # },
500
514
  # emv: {
501
- # initialization_vector: "HexLength16Or32",
502
515
  # major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
503
- # mode: "ECB", # accepts ECB, CBC
504
- # pan_sequence_number: "HexLengthEquals2", # required
505
516
  # primary_account_number: "NumberLengthBetween12And19", # required
517
+ # pan_sequence_number: "NumberLengthEquals2", # required
506
518
  # session_derivation_data: "HexLengthEquals16", # required
507
- # },
508
- # symmetric: {
519
+ # mode: "ECB", # accepts ECB, CBC
509
520
  # initialization_vector: "HexLength16Or32",
510
- # mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
511
- # padding_type: "PKCS1", # accepts PKCS1, OAEP_SHA1, OAEP_SHA256, OAEP_SHA512
512
521
  # },
513
522
  # },
514
- # key_identifier: "KeyArnOrKeyAliasType", # required
523
+ # wrapped_key: {
524
+ # wrapped_key_material: { # required
525
+ # tr_31_key_block: "Tr31WrappedKeyBlock",
526
+ # },
527
+ # key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
528
+ # },
515
529
  # })
516
530
  #
517
531
  # @example Response structure
@@ -586,13 +600,14 @@ module Aws::PaymentCryptographyData
586
600
  # [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
587
601
  # [6]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html
588
602
  #
589
- # @option params [required, Types::EncryptionDecryptionAttributes] :encryption_attributes
590
- # The encryption key type and attributes for plaintext encryption.
591
- #
592
603
  # @option params [required, String] :key_identifier
593
604
  # The `keyARN` of the encryption key that Amazon Web Services Payment
594
605
  # Cryptography uses for plaintext encryption.
595
606
  #
607
+ # When a WrappedKeyBlock is provided, this value will be the identifier
608
+ # to the key wrapping key. Otherwise, it is the key identifier used to
609
+ # perform the operation.
610
+ #
596
611
  # @option params [required, String] :plain_text
597
612
  # The plaintext to be encrypted.
598
613
  #
@@ -608,49 +623,62 @@ module Aws::PaymentCryptographyData
608
623
  #
609
624
  # [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/encrypt-data.html
610
625
  #
626
+ # @option params [required, Types::EncryptionDecryptionAttributes] :encryption_attributes
627
+ # The encryption key type and attributes for plaintext encryption.
628
+ #
629
+ # @option params [Types::WrappedKey] :wrapped_key
630
+ # The WrappedKeyBlock containing the encryption key for plaintext
631
+ # encryption.
632
+ #
611
633
  # @return [Types::EncryptDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
612
634
  #
613
- # * {Types::EncryptDataOutput#cipher_text #cipher_text} => String
614
635
  # * {Types::EncryptDataOutput#key_arn #key_arn} => String
615
636
  # * {Types::EncryptDataOutput#key_check_value #key_check_value} => String
637
+ # * {Types::EncryptDataOutput#cipher_text #cipher_text} => String
616
638
  #
617
639
  # @example Request syntax with placeholder values
618
640
  #
619
641
  # resp = client.encrypt_data({
642
+ # key_identifier: "KeyArnOrKeyAliasType", # required
643
+ # plain_text: "HexEvenLengthBetween16And4064", # required
620
644
  # encryption_attributes: { # required
645
+ # symmetric: {
646
+ # mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
647
+ # initialization_vector: "HexLength16Or32",
648
+ # padding_type: "PKCS1", # accepts PKCS1, OAEP_SHA1, OAEP_SHA256, OAEP_SHA512
649
+ # },
621
650
  # asymmetric: {
622
651
  # padding_type: "PKCS1", # accepts PKCS1, OAEP_SHA1, OAEP_SHA256, OAEP_SHA512
623
652
  # },
624
653
  # dukpt: {
654
+ # key_serial_number: "HexLengthBetween10And24", # required
655
+ # mode: "ECB", # accepts ECB, CBC
625
656
  # dukpt_key_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
626
657
  # dukpt_key_variant: "BIDIRECTIONAL", # accepts BIDIRECTIONAL, REQUEST, RESPONSE
627
658
  # initialization_vector: "HexLength16Or32",
628
- # key_serial_number: "HexLengthBetween10And24", # required
629
- # mode: "ECB", # accepts ECB, CBC
630
659
  # },
631
660
  # emv: {
632
- # initialization_vector: "HexLength16Or32",
633
661
  # major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
634
- # mode: "ECB", # accepts ECB, CBC
635
- # pan_sequence_number: "HexLengthEquals2", # required
636
662
  # primary_account_number: "NumberLengthBetween12And19", # required
663
+ # pan_sequence_number: "NumberLengthEquals2", # required
637
664
  # session_derivation_data: "HexLengthEquals16", # required
638
- # },
639
- # symmetric: {
665
+ # mode: "ECB", # accepts ECB, CBC
640
666
  # initialization_vector: "HexLength16Or32",
641
- # mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
642
- # padding_type: "PKCS1", # accepts PKCS1, OAEP_SHA1, OAEP_SHA256, OAEP_SHA512
643
667
  # },
644
668
  # },
645
- # key_identifier: "KeyArnOrKeyAliasType", # required
646
- # plain_text: "HexEvenLengthBetween16And4064", # required
669
+ # wrapped_key: {
670
+ # wrapped_key_material: { # required
671
+ # tr_31_key_block: "Tr31WrappedKeyBlock",
672
+ # },
673
+ # key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
674
+ # },
647
675
  # })
648
676
  #
649
677
  # @example Response structure
650
678
  #
651
- # resp.cipher_text #=> String
652
679
  # resp.key_arn #=> String
653
680
  # resp.key_check_value #=> String
681
+ # resp.cipher_text #=> String
654
682
  #
655
683
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/EncryptData AWS API Documentation
656
684
  #
@@ -699,10 +727,6 @@ module Aws::PaymentCryptographyData
699
727
  # [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
700
728
  # [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
701
729
  #
702
- # @option params [required, Types::CardGenerationAttributes] :generation_attributes
703
- # The algorithm for generating CVV or CSC values for the card within
704
- # Amazon Web Services Payment Cryptography.
705
- #
706
730
  # @option params [required, String] :key_identifier
707
731
  # The `keyARN` of the CVK encryption key that Amazon Web Services
708
732
  # Payment Cryptography uses to generate card data.
@@ -712,6 +736,10 @@ module Aws::PaymentCryptographyData
712
736
  # credit or debit card that associates the card with a specific account
713
737
  # holder.
714
738
  #
739
+ # @option params [required, Types::CardGenerationAttributes] :generation_attributes
740
+ # The algorithm for generating CVV or CSC values for the card within
741
+ # Amazon Web Services Payment Cryptography.
742
+ #
715
743
  # @option params [Integer] :validation_data_length
716
744
  # The length of the CVV or CSC to be generated. The default value is 3.
717
745
  #
@@ -724,6 +752,8 @@ module Aws::PaymentCryptographyData
724
752
  # @example Request syntax with placeholder values
725
753
  #
726
754
  # resp = client.generate_card_validation_data({
755
+ # key_identifier: "KeyArnOrKeyAliasType", # required
756
+ # primary_account_number: "NumberLengthBetween12And19", # required
727
757
  # generation_attributes: { # required
728
758
  # amex_card_security_code_version_1: {
729
759
  # card_expiry_date: "NumberLengthEquals4", # required
@@ -732,11 +762,6 @@ module Aws::PaymentCryptographyData
732
762
  # card_expiry_date: "NumberLengthEquals4", # required
733
763
  # service_code: "NumberLengthEquals3", # required
734
764
  # },
735
- # card_holder_verification_value: {
736
- # application_transaction_counter: "HexLengthBetween2And4", # required
737
- # pan_sequence_number: "HexLengthEquals2", # required
738
- # unpredictable_number: "HexLengthBetween2And8", # required
739
- # },
740
765
  # card_verification_value_1: {
741
766
  # card_expiry_date: "NumberLengthEquals4", # required
742
767
  # service_code: "NumberLengthEquals3", # required
@@ -744,21 +769,24 @@ module Aws::PaymentCryptographyData
744
769
  # card_verification_value_2: {
745
770
  # card_expiry_date: "NumberLengthEquals4", # required
746
771
  # },
772
+ # card_holder_verification_value: {
773
+ # unpredictable_number: "HexLengthBetween2And8", # required
774
+ # pan_sequence_number: "NumberLengthEquals2", # required
775
+ # application_transaction_counter: "HexLengthBetween2And4", # required
776
+ # },
747
777
  # dynamic_card_verification_code: {
778
+ # unpredictable_number: "HexLengthBetween2And8", # required
779
+ # pan_sequence_number: "NumberLengthEquals2", # required
748
780
  # application_transaction_counter: "HexLengthBetween2And4", # required
749
- # pan_sequence_number: "HexLengthEquals2", # required
750
781
  # track_data: "HexLengthBetween2And160", # required
751
- # unpredictable_number: "HexLengthBetween2And8", # required
752
782
  # },
753
783
  # dynamic_card_verification_value: {
754
- # application_transaction_counter: "HexLengthBetween2And4", # required
784
+ # pan_sequence_number: "NumberLengthEquals2", # required
755
785
  # card_expiry_date: "NumberLengthEquals4", # required
756
- # pan_sequence_number: "HexLengthEquals2", # required
757
786
  # service_code: "NumberLengthEquals3", # required
787
+ # application_transaction_counter: "HexLengthBetween2And4", # required
758
788
  # },
759
789
  # },
760
- # key_identifier: "KeyArnOrKeyAliasType", # required
761
- # primary_account_number: "NumberLengthBetween12And19", # required
762
790
  # validation_data_length: 1,
763
791
  # })
764
792
  #
@@ -813,20 +841,20 @@ module Aws::PaymentCryptographyData
813
841
  # [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
814
842
  # [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
815
843
  #
816
- # @option params [required, Types::MacAttributes] :generation_attributes
817
- # The attributes and data values to use for MAC generation within Amazon
818
- # Web Services Payment Cryptography.
819
- #
820
844
  # @option params [required, String] :key_identifier
821
845
  # The `keyARN` of the MAC generation encryption key.
822
846
  #
823
- # @option params [Integer] :mac_length
824
- # The length of a MAC under generation.
825
- #
826
847
  # @option params [required, String] :message_data
827
848
  # The data for which a MAC is under generation. This value must be
828
849
  # hexBinary.
829
850
  #
851
+ # @option params [required, Types::MacAttributes] :generation_attributes
852
+ # The attributes and data values to use for MAC generation within Amazon
853
+ # Web Services Payment Cryptography.
854
+ #
855
+ # @option params [Integer] :mac_length
856
+ # The length of a MAC under generation.
857
+ #
830
858
  # @return [Types::GenerateMacOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
831
859
  #
832
860
  # * {Types::GenerateMacOutput#key_arn #key_arn} => String
@@ -836,37 +864,37 @@ module Aws::PaymentCryptographyData
836
864
  # @example Request syntax with placeholder values
837
865
  #
838
866
  # resp = client.generate_mac({
867
+ # key_identifier: "KeyArnOrKeyAliasType", # required
868
+ # message_data: "HexEvenLengthBetween2And4096", # required
839
869
  # generation_attributes: { # required
840
870
  # algorithm: "ISO9797_ALGORITHM1", # accepts ISO9797_ALGORITHM1, ISO9797_ALGORITHM3, CMAC, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512
841
- # dukpt_cmac: {
842
- # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
843
- # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
844
- # key_serial_number: "HexLengthBetween10And24", # required
845
- # },
846
- # dukpt_iso_9797_algorithm_1: {
847
- # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
848
- # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
849
- # key_serial_number: "HexLengthBetween10And24", # required
850
- # },
851
- # dukpt_iso_9797_algorithm_3: {
852
- # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
853
- # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
854
- # key_serial_number: "HexLengthBetween10And24", # required
855
- # },
856
871
  # emv_mac: {
857
872
  # major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
858
- # pan_sequence_number: "HexLengthEquals2", # required
859
873
  # primary_account_number: "NumberLengthBetween12And19", # required
874
+ # pan_sequence_number: "NumberLengthEquals2", # required
860
875
  # session_key_derivation_mode: "EMV_COMMON_SESSION_KEY", # required, accepts EMV_COMMON_SESSION_KEY, EMV2000, AMEX, MASTERCARD_SESSION_KEY, VISA
861
876
  # session_key_derivation_value: { # required
862
877
  # application_cryptogram: "HexLengthEquals16",
863
878
  # application_transaction_counter: "HexLengthBetween2And4",
864
879
  # },
865
880
  # },
881
+ # dukpt_iso_9797_algorithm_1: {
882
+ # key_serial_number: "HexLengthBetween10And24", # required
883
+ # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
884
+ # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
885
+ # },
886
+ # dukpt_iso_9797_algorithm_3: {
887
+ # key_serial_number: "HexLengthBetween10And24", # required
888
+ # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
889
+ # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
890
+ # },
891
+ # dukpt_cmac: {
892
+ # key_serial_number: "HexLengthBetween10And24", # required
893
+ # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
894
+ # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
895
+ # },
866
896
  # },
867
- # key_identifier: "KeyArnOrKeyAliasType", # required
868
897
  # mac_length: 1,
869
- # message_data: "HexEvenLengthBetween2And4096", # required
870
898
  # })
871
899
  #
872
900
  # @example Response structure
@@ -918,6 +946,10 @@ module Aws::PaymentCryptographyData
918
946
  # [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
919
947
  # [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
920
948
  #
949
+ # @option params [required, String] :generation_key_identifier
950
+ # The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
951
+ # uses for pin data generation.
952
+ #
921
953
  # @option params [required, String] :encryption_key_identifier
922
954
  # The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
923
955
  # uses to encrypt the PIN Block.
@@ -926,9 +958,13 @@ module Aws::PaymentCryptographyData
926
958
  # The attributes and values to use for PIN, PVV, or PIN Offset
927
959
  # generation.
928
960
  #
929
- # @option params [required, String] :generation_key_identifier
930
- # The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
931
- # uses for pin data generation.
961
+ # @option params [Integer] :pin_data_length
962
+ # The length of PIN under generation.
963
+ #
964
+ # @option params [required, String] :primary_account_number
965
+ # The Primary Account Number (PAN), a unique identifier for a payment
966
+ # credit or debit card that associates the card with a specific account
967
+ # holder.
932
968
  #
933
969
  # @option params [required, String] :pin_block_format
934
970
  # The PIN encoding format for pin data generation as specified in ISO
@@ -942,71 +978,63 @@ module Aws::PaymentCryptographyData
942
978
  # The `ISO_Format_3` PIN block format is the same as `ISO_Format_0`
943
979
  # except that the fill digits are random values from 10 to 15.
944
980
  #
945
- # @option params [Integer] :pin_data_length
946
- # The length of PIN under generation.
947
- #
948
- # @option params [required, String] :primary_account_number
949
- # The Primary Account Number (PAN), a unique identifier for a payment
950
- # credit or debit card that associates the card with a specific account
951
- # holder.
952
- #
953
981
  # @return [Types::GeneratePinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
954
982
  #
955
- # * {Types::GeneratePinDataOutput#encrypted_pin_block #encrypted_pin_block} => String
956
- # * {Types::GeneratePinDataOutput#encryption_key_arn #encryption_key_arn} => String
957
- # * {Types::GeneratePinDataOutput#encryption_key_check_value #encryption_key_check_value} => String
958
983
  # * {Types::GeneratePinDataOutput#generation_key_arn #generation_key_arn} => String
959
984
  # * {Types::GeneratePinDataOutput#generation_key_check_value #generation_key_check_value} => String
985
+ # * {Types::GeneratePinDataOutput#encryption_key_arn #encryption_key_arn} => String
986
+ # * {Types::GeneratePinDataOutput#encryption_key_check_value #encryption_key_check_value} => String
987
+ # * {Types::GeneratePinDataOutput#encrypted_pin_block #encrypted_pin_block} => String
960
988
  # * {Types::GeneratePinDataOutput#pin_data #pin_data} => Types::PinData
961
989
  #
962
990
  # @example Request syntax with placeholder values
963
991
  #
964
992
  # resp = client.generate_pin_data({
993
+ # generation_key_identifier: "KeyArnOrKeyAliasType", # required
965
994
  # encryption_key_identifier: "KeyArnOrKeyAliasType", # required
966
995
  # generation_attributes: { # required
967
- # ibm_3624_natural_pin: {
968
- # decimalization_table: "NumberLengthEquals16", # required
969
- # pin_validation_data: "NumberLengthBetween4And16", # required
970
- # pin_validation_data_pad_character: "HexLengthEquals1", # required
996
+ # visa_pin: {
997
+ # pin_verification_key_index: 1, # required
971
998
  # },
972
- # ibm_3624_pin_from_offset: {
973
- # decimalization_table: "NumberLengthEquals16", # required
974
- # pin_offset: "NumberLengthBetween4And12", # required
975
- # pin_validation_data: "NumberLengthBetween4And16", # required
976
- # pin_validation_data_pad_character: "HexLengthEquals1", # required
999
+ # visa_pin_verification_value: {
1000
+ # encrypted_pin_block: "HexLengthBetween16And32", # required
1001
+ # pin_verification_key_index: 1, # required
977
1002
  # },
978
1003
  # ibm_3624_pin_offset: {
979
- # decimalization_table: "NumberLengthEquals16", # required
980
1004
  # encrypted_pin_block: "HexLengthBetween16And32", # required
1005
+ # decimalization_table: "NumberLengthEquals16", # required
1006
+ # pin_validation_data_pad_character: "HexLengthEquals1", # required
981
1007
  # pin_validation_data: "NumberLengthBetween4And16", # required
1008
+ # },
1009
+ # ibm_3624_natural_pin: {
1010
+ # decimalization_table: "NumberLengthEquals16", # required
982
1011
  # pin_validation_data_pad_character: "HexLengthEquals1", # required
1012
+ # pin_validation_data: "NumberLengthBetween4And16", # required
983
1013
  # },
984
1014
  # ibm_3624_random_pin: {
985
1015
  # decimalization_table: "NumberLengthEquals16", # required
986
- # pin_validation_data: "NumberLengthBetween4And16", # required
987
1016
  # pin_validation_data_pad_character: "HexLengthEquals1", # required
1017
+ # pin_validation_data: "NumberLengthBetween4And16", # required
988
1018
  # },
989
- # visa_pin: {
990
- # pin_verification_key_index: 1, # required
991
- # },
992
- # visa_pin_verification_value: {
993
- # encrypted_pin_block: "HexLengthBetween16And32", # required
994
- # pin_verification_key_index: 1, # required
1019
+ # ibm_3624_pin_from_offset: {
1020
+ # decimalization_table: "NumberLengthEquals16", # required
1021
+ # pin_validation_data_pad_character: "HexLengthEquals1", # required
1022
+ # pin_validation_data: "NumberLengthBetween4And16", # required
1023
+ # pin_offset: "NumberLengthBetween4And12", # required
995
1024
  # },
996
1025
  # },
997
- # generation_key_identifier: "KeyArnOrKeyAliasType", # required
998
- # pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
999
1026
  # pin_data_length: 1,
1000
1027
  # primary_account_number: "NumberLengthBetween12And19", # required
1028
+ # pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
1001
1029
  # })
1002
1030
  #
1003
1031
  # @example Response structure
1004
1032
  #
1005
- # resp.encrypted_pin_block #=> String
1006
- # resp.encryption_key_arn #=> String
1007
- # resp.encryption_key_check_value #=> String
1008
1033
  # resp.generation_key_arn #=> String
1009
1034
  # resp.generation_key_check_value #=> String
1035
+ # resp.encryption_key_arn #=> String
1036
+ # resp.encryption_key_check_value #=> String
1037
+ # resp.encrypted_pin_block #=> String
1010
1038
  # resp.pin_data.pin_offset #=> String
1011
1039
  # resp.pin_data.verification_value #=> String
1012
1040
  #
@@ -1019,24 +1047,19 @@ module Aws::PaymentCryptographyData
1019
1047
  req.send_request(options)
1020
1048
  end
1021
1049
 
1022
- # Re-encrypt ciphertext using DUKPT, Symmetric and Asymmetric Data
1023
- # Encryption Keys.
1050
+ # Re-encrypt ciphertext using DUKPT or Symmetric data encryption keys.
1024
1051
  #
1025
1052
  # You can either generate an encryption key within Amazon Web Services
1026
1053
  # Payment Cryptography by calling [CreateKey][1] or import your own
1027
1054
  # encryption key by calling [ImportKey][2]. The `KeyArn` for use with
1028
1055
  # this operation must be in a compatible key state with `KeyModesOfUse`
1029
- # set to `Encrypt`. In asymmetric encryption, ciphertext is encrypted
1030
- # using public component (imported by calling [ImportKey][2]) of the
1031
- # asymmetric key pair created outside of Amazon Web Services Payment
1032
- # Cryptography.
1056
+ # set to `Encrypt`.
1033
1057
  #
1034
1058
  # For symmetric and DUKPT encryption, Amazon Web Services Payment
1035
- # Cryptography supports `TDES` and `AES` algorithms. For asymmetric
1036
- # encryption, Amazon Web Services Payment Cryptography supports `RSA`.
1037
- # To encrypt using DUKPT, a DUKPT key must already exist within your
1038
- # account with `KeyModesOfUse` set to `DeriveKey` or a new DUKPT can be
1039
- # generated by calling [CreateKey][1].
1059
+ # Cryptography supports `TDES` and `AES` algorithms. To encrypt using
1060
+ # DUKPT, a DUKPT key must already exist within your account with
1061
+ # `KeyModesOfUse` set to `DeriveKey` or a new DUKPT can be generated by
1062
+ # calling [CreateKey][1].
1040
1063
  #
1041
1064
  # For information about valid keys for this operation, see
1042
1065
  # [Understanding key attributes][3] and [Key types for specific data
@@ -1064,6 +1087,17 @@ module Aws::PaymentCryptographyData
1064
1087
  # [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
1065
1088
  # [5]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html
1066
1089
  #
1090
+ # @option params [required, String] :incoming_key_identifier
1091
+ # The `keyARN` of the encryption key of incoming ciphertext data.
1092
+ #
1093
+ # When a WrappedKeyBlock is provided, this value will be the identifier
1094
+ # to the key wrapping key. Otherwise, it is the key identifier used to
1095
+ # perform the operation.
1096
+ #
1097
+ # @option params [required, String] :outgoing_key_identifier
1098
+ # The `keyARN` of the encryption key of outgoing ciphertext data after
1099
+ # encryption by Amazon Web Services Payment Cryptography.
1100
+ #
1067
1101
  # @option params [required, String] :cipher_text
1068
1102
  # Ciphertext to be encrypted. The minimum allowed length is 16 bytes and
1069
1103
  # maximum allowed length is 4096 bytes.
@@ -1071,64 +1105,78 @@ module Aws::PaymentCryptographyData
1071
1105
  # @option params [required, Types::ReEncryptionAttributes] :incoming_encryption_attributes
1072
1106
  # The attributes and values for incoming ciphertext.
1073
1107
  #
1074
- # @option params [required, String] :incoming_key_identifier
1075
- # The `keyARN` of the encryption key of incoming ciphertext data.
1076
- #
1077
1108
  # @option params [required, Types::ReEncryptionAttributes] :outgoing_encryption_attributes
1078
1109
  # The attributes and values for outgoing ciphertext data after
1079
1110
  # encryption by Amazon Web Services Payment Cryptography.
1080
1111
  #
1081
- # @option params [required, String] :outgoing_key_identifier
1082
- # The `keyARN` of the encryption key of outgoing ciphertext data after
1083
- # encryption by Amazon Web Services Payment Cryptography.
1112
+ # @option params [Types::WrappedKey] :incoming_wrapped_key
1113
+ # The WrappedKeyBlock containing the encryption key of incoming
1114
+ # ciphertext data.
1115
+ #
1116
+ # @option params [Types::WrappedKey] :outgoing_wrapped_key
1117
+ # The WrappedKeyBlock containing the encryption key of outgoing
1118
+ # ciphertext data after encryption by Amazon Web Services Payment
1119
+ # Cryptography.
1084
1120
  #
1085
1121
  # @return [Types::ReEncryptDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1086
1122
  #
1087
- # * {Types::ReEncryptDataOutput#cipher_text #cipher_text} => String
1088
1123
  # * {Types::ReEncryptDataOutput#key_arn #key_arn} => String
1089
1124
  # * {Types::ReEncryptDataOutput#key_check_value #key_check_value} => String
1125
+ # * {Types::ReEncryptDataOutput#cipher_text #cipher_text} => String
1090
1126
  #
1091
1127
  # @example Request syntax with placeholder values
1092
1128
  #
1093
1129
  # resp = client.re_encrypt_data({
1130
+ # incoming_key_identifier: "KeyArnOrKeyAliasType", # required
1131
+ # outgoing_key_identifier: "KeyArnOrKeyAliasType", # required
1094
1132
  # cipher_text: "HexEvenLengthBetween16And4096", # required
1095
1133
  # incoming_encryption_attributes: { # required
1134
+ # symmetric: {
1135
+ # mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
1136
+ # initialization_vector: "HexLength16Or32",
1137
+ # padding_type: "PKCS1", # accepts PKCS1, OAEP_SHA1, OAEP_SHA256, OAEP_SHA512
1138
+ # },
1096
1139
  # dukpt: {
1140
+ # key_serial_number: "HexLengthBetween10And24", # required
1141
+ # mode: "ECB", # accepts ECB, CBC
1097
1142
  # dukpt_key_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1098
1143
  # dukpt_key_variant: "BIDIRECTIONAL", # accepts BIDIRECTIONAL, REQUEST, RESPONSE
1099
1144
  # initialization_vector: "HexLength16Or32",
1100
- # key_serial_number: "HexLengthBetween10And24", # required
1101
- # mode: "ECB", # accepts ECB, CBC
1102
1145
  # },
1146
+ # },
1147
+ # outgoing_encryption_attributes: { # required
1103
1148
  # symmetric: {
1104
- # initialization_vector: "HexLength16Or32",
1105
1149
  # mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
1150
+ # initialization_vector: "HexLength16Or32",
1106
1151
  # padding_type: "PKCS1", # accepts PKCS1, OAEP_SHA1, OAEP_SHA256, OAEP_SHA512
1107
1152
  # },
1108
- # },
1109
- # incoming_key_identifier: "KeyArnOrKeyAliasType", # required
1110
- # outgoing_encryption_attributes: { # required
1111
1153
  # dukpt: {
1154
+ # key_serial_number: "HexLengthBetween10And24", # required
1155
+ # mode: "ECB", # accepts ECB, CBC
1112
1156
  # dukpt_key_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1113
1157
  # dukpt_key_variant: "BIDIRECTIONAL", # accepts BIDIRECTIONAL, REQUEST, RESPONSE
1114
1158
  # initialization_vector: "HexLength16Or32",
1115
- # key_serial_number: "HexLengthBetween10And24", # required
1116
- # mode: "ECB", # accepts ECB, CBC
1117
1159
  # },
1118
- # symmetric: {
1119
- # initialization_vector: "HexLength16Or32",
1120
- # mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
1121
- # padding_type: "PKCS1", # accepts PKCS1, OAEP_SHA1, OAEP_SHA256, OAEP_SHA512
1160
+ # },
1161
+ # incoming_wrapped_key: {
1162
+ # wrapped_key_material: { # required
1163
+ # tr_31_key_block: "Tr31WrappedKeyBlock",
1122
1164
  # },
1165
+ # key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
1166
+ # },
1167
+ # outgoing_wrapped_key: {
1168
+ # wrapped_key_material: { # required
1169
+ # tr_31_key_block: "Tr31WrappedKeyBlock",
1170
+ # },
1171
+ # key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
1123
1172
  # },
1124
- # outgoing_key_identifier: "KeyArnOrKeyAliasType", # required
1125
1173
  # })
1126
1174
  #
1127
1175
  # @example Response structure
1128
1176
  #
1129
- # resp.cipher_text #=> String
1130
1177
  # resp.key_arn #=> String
1131
1178
  # resp.key_check_value #=> String
1179
+ # resp.cipher_text #=> String
1132
1180
  #
1133
1181
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/ReEncryptData AWS API Documentation
1134
1182
  #
@@ -1185,50 +1233,57 @@ module Aws::PaymentCryptographyData
1185
1233
  # [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
1186
1234
  # [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
1187
1235
  #
1188
- # @option params [required, String] :encrypted_pin_block
1189
- # The encrypted PIN block data that Amazon Web Services Payment
1190
- # Cryptography translates.
1191
- #
1192
- # @option params [Types::DukptDerivationAttributes] :incoming_dukpt_attributes
1193
- # The attributes and values to use for incoming DUKPT encryption key for
1194
- # PIN block translation.
1195
- #
1196
1236
  # @option params [required, String] :incoming_key_identifier
1197
1237
  # The `keyARN` of the encryption key under which incoming PIN block data
1198
1238
  # is encrypted. This key type can be PEK or BDK.
1199
1239
  #
1240
+ # When a WrappedKeyBlock is provided, this value will be the identifier
1241
+ # to the key wrapping key for PIN block. Otherwise, it is the key
1242
+ # identifier used to perform the operation.
1243
+ #
1244
+ # @option params [required, String] :outgoing_key_identifier
1245
+ # The `keyARN` of the encryption key for encrypting outgoing PIN block
1246
+ # data. This key type can be PEK or BDK.
1247
+ #
1200
1248
  # @option params [required, Types::TranslationIsoFormats] :incoming_translation_attributes
1201
1249
  # The format of the incoming PIN block data for translation within
1202
1250
  # Amazon Web Services Payment Cryptography.
1203
1251
  #
1252
+ # @option params [required, Types::TranslationIsoFormats] :outgoing_translation_attributes
1253
+ # The format of the outgoing PIN block data after translation by Amazon
1254
+ # Web Services Payment Cryptography.
1255
+ #
1256
+ # @option params [required, String] :encrypted_pin_block
1257
+ # The encrypted PIN block data that Amazon Web Services Payment
1258
+ # Cryptography translates.
1259
+ #
1260
+ # @option params [Types::DukptDerivationAttributes] :incoming_dukpt_attributes
1261
+ # The attributes and values to use for incoming DUKPT encryption key for
1262
+ # PIN block translation.
1263
+ #
1204
1264
  # @option params [Types::DukptDerivationAttributes] :outgoing_dukpt_attributes
1205
1265
  # The attributes and values to use for outgoing DUKPT encryption key
1206
1266
  # after PIN block translation.
1207
1267
  #
1208
- # @option params [required, String] :outgoing_key_identifier
1209
- # The `keyARN` of the encryption key for encrypting outgoing PIN block
1210
- # data. This key type can be PEK or BDK.
1268
+ # @option params [Types::WrappedKey] :incoming_wrapped_key
1269
+ # The WrappedKeyBlock containing the encryption key under which incoming
1270
+ # PIN block data is encrypted.
1211
1271
  #
1212
- # @option params [required, Types::TranslationIsoFormats] :outgoing_translation_attributes
1213
- # The format of the outgoing PIN block data after translation by Amazon
1214
- # Web Services Payment Cryptography.
1272
+ # @option params [Types::WrappedKey] :outgoing_wrapped_key
1273
+ # The WrappedKeyBlock containing the encryption key for encrypting
1274
+ # outgoing PIN block data.
1215
1275
  #
1216
1276
  # @return [Types::TranslatePinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1217
1277
  #
1278
+ # * {Types::TranslatePinDataOutput#pin_block #pin_block} => String
1218
1279
  # * {Types::TranslatePinDataOutput#key_arn #key_arn} => String
1219
1280
  # * {Types::TranslatePinDataOutput#key_check_value #key_check_value} => String
1220
- # * {Types::TranslatePinDataOutput#pin_block #pin_block} => String
1221
1281
  #
1222
1282
  # @example Request syntax with placeholder values
1223
1283
  #
1224
1284
  # resp = client.translate_pin_data({
1225
- # encrypted_pin_block: "HexEvenLengthBetween16And32", # required
1226
- # incoming_dukpt_attributes: {
1227
- # dukpt_key_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1228
- # dukpt_key_variant: "BIDIRECTIONAL", # accepts BIDIRECTIONAL, REQUEST, RESPONSE
1229
- # key_serial_number: "HexLengthBetween10And24", # required
1230
- # },
1231
1285
  # incoming_key_identifier: "KeyArnOrKeyAliasType", # required
1286
+ # outgoing_key_identifier: "KeyArnOrKeyAliasType", # required
1232
1287
  # incoming_translation_attributes: { # required
1233
1288
  # iso_format_0: {
1234
1289
  # primary_account_number: "NumberLengthBetween12And19", # required
@@ -1242,12 +1297,6 @@ module Aws::PaymentCryptographyData
1242
1297
  # primary_account_number: "NumberLengthBetween12And19", # required
1243
1298
  # },
1244
1299
  # },
1245
- # outgoing_dukpt_attributes: {
1246
- # dukpt_key_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1247
- # dukpt_key_variant: "BIDIRECTIONAL", # accepts BIDIRECTIONAL, REQUEST, RESPONSE
1248
- # key_serial_number: "HexLengthBetween10And24", # required
1249
- # },
1250
- # outgoing_key_identifier: "KeyArnOrKeyAliasType", # required
1251
1300
  # outgoing_translation_attributes: { # required
1252
1301
  # iso_format_0: {
1253
1302
  # primary_account_number: "NumberLengthBetween12And19", # required
@@ -1261,13 +1310,36 @@ module Aws::PaymentCryptographyData
1261
1310
  # primary_account_number: "NumberLengthBetween12And19", # required
1262
1311
  # },
1263
1312
  # },
1313
+ # encrypted_pin_block: "HexEvenLengthBetween16And32", # required
1314
+ # incoming_dukpt_attributes: {
1315
+ # key_serial_number: "HexLengthBetween10And24", # required
1316
+ # dukpt_key_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1317
+ # dukpt_key_variant: "BIDIRECTIONAL", # accepts BIDIRECTIONAL, REQUEST, RESPONSE
1318
+ # },
1319
+ # outgoing_dukpt_attributes: {
1320
+ # key_serial_number: "HexLengthBetween10And24", # required
1321
+ # dukpt_key_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1322
+ # dukpt_key_variant: "BIDIRECTIONAL", # accepts BIDIRECTIONAL, REQUEST, RESPONSE
1323
+ # },
1324
+ # incoming_wrapped_key: {
1325
+ # wrapped_key_material: { # required
1326
+ # tr_31_key_block: "Tr31WrappedKeyBlock",
1327
+ # },
1328
+ # key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
1329
+ # },
1330
+ # outgoing_wrapped_key: {
1331
+ # wrapped_key_material: { # required
1332
+ # tr_31_key_block: "Tr31WrappedKeyBlock",
1333
+ # },
1334
+ # key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
1335
+ # },
1264
1336
  # })
1265
1337
  #
1266
1338
  # @example Response structure
1267
1339
  #
1340
+ # resp.pin_block #=> String
1268
1341
  # resp.key_arn #=> String
1269
1342
  # resp.key_check_value #=> String
1270
- # resp.pin_block #=> String
1271
1343
  #
1272
1344
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/TranslatePinData AWS API Documentation
1273
1345
  #
@@ -1317,20 +1389,20 @@ module Aws::PaymentCryptographyData
1317
1389
  # [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
1318
1390
  # [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
1319
1391
  #
1392
+ # @option params [required, String] :key_identifier
1393
+ # The `keyARN` of the major encryption key that Amazon Web Services
1394
+ # Payment Cryptography uses for ARQC verification.
1395
+ #
1396
+ # @option params [required, String] :transaction_data
1397
+ # The transaction data that Amazon Web Services Payment Cryptography
1398
+ # uses for ARQC verification. The same transaction is used for ARQC
1399
+ # generation outside of Amazon Web Services Payment Cryptography.
1400
+ #
1320
1401
  # @option params [required, String] :auth_request_cryptogram
1321
1402
  # The auth request cryptogram imported into Amazon Web Services Payment
1322
1403
  # Cryptography for ARQC verification using a major encryption key and
1323
1404
  # transaction data.
1324
1405
  #
1325
- # @option params [Types::CryptogramAuthResponse] :auth_response_attributes
1326
- # The attributes and values for auth request cryptogram verification.
1327
- # These parameters are required in case using ARPC Method 1 or Method 2
1328
- # for ARQC verification.
1329
- #
1330
- # @option params [required, String] :key_identifier
1331
- # The `keyARN` of the major encryption key that Amazon Web Services
1332
- # Payment Cryptography uses for ARQC verification.
1333
- #
1334
1406
  # @option params [required, String] :major_key_derivation_mode
1335
1407
  # The method to use when deriving the major encryption key for ARQC
1336
1408
  # verification within Amazon Web Services Payment Cryptography. The same
@@ -1343,66 +1415,66 @@ module Aws::PaymentCryptographyData
1343
1415
  # attributes were used for ARQC generation outside of Amazon Web
1344
1416
  # Services Payment Cryptography.
1345
1417
  #
1346
- # @option params [required, String] :transaction_data
1347
- # The transaction data that Amazon Web Services Payment Cryptography
1348
- # uses for ARQC verification. The same transaction is used for ARQC
1349
- # generation outside of Amazon Web Services Payment Cryptography.
1418
+ # @option params [Types::CryptogramAuthResponse] :auth_response_attributes
1419
+ # The attributes and values for auth request cryptogram verification.
1420
+ # These parameters are required in case using ARPC Method 1 or Method 2
1421
+ # for ARQC verification.
1350
1422
  #
1351
1423
  # @return [Types::VerifyAuthRequestCryptogramOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1352
1424
  #
1353
- # * {Types::VerifyAuthRequestCryptogramOutput#auth_response_value #auth_response_value} => String
1354
1425
  # * {Types::VerifyAuthRequestCryptogramOutput#key_arn #key_arn} => String
1355
1426
  # * {Types::VerifyAuthRequestCryptogramOutput#key_check_value #key_check_value} => String
1427
+ # * {Types::VerifyAuthRequestCryptogramOutput#auth_response_value #auth_response_value} => String
1356
1428
  #
1357
1429
  # @example Request syntax with placeholder values
1358
1430
  #
1359
1431
  # resp = client.verify_auth_request_cryptogram({
1360
- # auth_request_cryptogram: "HexLengthEquals16", # required
1361
- # auth_response_attributes: {
1362
- # arpc_method_1: {
1363
- # auth_response_code: "HexLengthEquals4", # required
1364
- # },
1365
- # arpc_method_2: {
1366
- # card_status_update: "HexLengthEquals8", # required
1367
- # proprietary_authentication_data: "HexLengthBetween1And16",
1368
- # },
1369
- # },
1370
1432
  # key_identifier: "KeyArnOrKeyAliasType", # required
1433
+ # transaction_data: "HexLengthBetween2And1024", # required
1434
+ # auth_request_cryptogram: "HexLengthEquals16", # required
1371
1435
  # major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
1372
1436
  # session_key_derivation_attributes: { # required
1373
- # amex: {
1374
- # pan_sequence_number: "HexLengthEquals2", # required
1437
+ # emv_common: {
1375
1438
  # primary_account_number: "NumberLengthBetween12And19", # required
1376
- # },
1377
- # emv_2000: {
1439
+ # pan_sequence_number: "NumberLengthEquals2", # required
1378
1440
  # application_transaction_counter: "HexLengthBetween2And4", # required
1379
- # pan_sequence_number: "HexLengthEquals2", # required
1380
- # primary_account_number: "NumberLengthBetween12And19", # required
1381
1441
  # },
1382
- # emv_common: {
1383
- # application_transaction_counter: "HexLengthBetween2And4", # required
1384
- # pan_sequence_number: "HexLengthEquals2", # required
1442
+ # mastercard: {
1385
1443
  # primary_account_number: "NumberLengthBetween12And19", # required
1444
+ # pan_sequence_number: "NumberLengthEquals2", # required
1445
+ # application_transaction_counter: "HexLengthBetween2And4", # required
1446
+ # unpredictable_number: "HexLengthBetween2And8", # required
1386
1447
  # },
1387
- # mastercard: {
1448
+ # emv_2000: {
1449
+ # primary_account_number: "NumberLengthBetween12And19", # required
1450
+ # pan_sequence_number: "NumberLengthEquals2", # required
1388
1451
  # application_transaction_counter: "HexLengthBetween2And4", # required
1389
- # pan_sequence_number: "HexLengthEquals2", # required
1452
+ # },
1453
+ # amex: {
1390
1454
  # primary_account_number: "NumberLengthBetween12And19", # required
1391
- # unpredictable_number: "HexLengthBetween2And8", # required
1455
+ # pan_sequence_number: "NumberLengthEquals2", # required
1392
1456
  # },
1393
1457
  # visa: {
1394
- # pan_sequence_number: "HexLengthEquals2", # required
1395
1458
  # primary_account_number: "NumberLengthBetween12And19", # required
1459
+ # pan_sequence_number: "NumberLengthEquals2", # required
1460
+ # },
1461
+ # },
1462
+ # auth_response_attributes: {
1463
+ # arpc_method_1: {
1464
+ # auth_response_code: "HexLengthEquals4", # required
1465
+ # },
1466
+ # arpc_method_2: {
1467
+ # card_status_update: "HexLengthEquals8", # required
1468
+ # proprietary_authentication_data: "HexLengthBetween1And16",
1396
1469
  # },
1397
1470
  # },
1398
- # transaction_data: "HexLengthBetween2And1024", # required
1399
1471
  # })
1400
1472
  #
1401
1473
  # @example Response structure
1402
1474
  #
1403
- # resp.auth_response_value #=> String
1404
1475
  # resp.key_arn #=> String
1405
1476
  # resp.key_check_value #=> String
1477
+ # resp.auth_response_value #=> String
1406
1478
  #
1407
1479
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyAuthRequestCryptogram AWS API Documentation
1408
1480
  #
@@ -1460,14 +1532,14 @@ module Aws::PaymentCryptographyData
1460
1532
  # credit or debit card that associates the card with a specific account
1461
1533
  # holder.
1462
1534
  #
1463
- # @option params [required, String] :validation_data
1464
- # The CVV or CSC value for use for card data verification within Amazon
1465
- # Web Services Payment Cryptography.
1466
- #
1467
1535
  # @option params [required, Types::CardVerificationAttributes] :verification_attributes
1468
1536
  # The algorithm to use for verification of card data within Amazon Web
1469
1537
  # Services Payment Cryptography.
1470
1538
  #
1539
+ # @option params [required, String] :validation_data
1540
+ # The CVV or CSC value for use for card data verification within Amazon
1541
+ # Web Services Payment Cryptography.
1542
+ #
1471
1543
  # @return [Types::VerifyCardValidationDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1472
1544
  #
1473
1545
  # * {Types::VerifyCardValidationDataOutput#key_arn #key_arn} => String
@@ -1478,7 +1550,6 @@ module Aws::PaymentCryptographyData
1478
1550
  # resp = client.verify_card_validation_data({
1479
1551
  # key_identifier: "KeyArnOrKeyAliasType", # required
1480
1552
  # primary_account_number: "NumberLengthBetween12And19", # required
1481
- # validation_data: "NumberLengthBetween3And5", # required
1482
1553
  # verification_attributes: { # required
1483
1554
  # amex_card_security_code_version_1: {
1484
1555
  # card_expiry_date: "NumberLengthEquals4", # required
@@ -1487,11 +1558,6 @@ module Aws::PaymentCryptographyData
1487
1558
  # card_expiry_date: "NumberLengthEquals4", # required
1488
1559
  # service_code: "NumberLengthEquals3", # required
1489
1560
  # },
1490
- # card_holder_verification_value: {
1491
- # application_transaction_counter: "HexLengthBetween2And4", # required
1492
- # pan_sequence_number: "HexLengthEquals2", # required
1493
- # unpredictable_number: "HexLengthBetween2And8", # required
1494
- # },
1495
1561
  # card_verification_value_1: {
1496
1562
  # card_expiry_date: "NumberLengthEquals4", # required
1497
1563
  # service_code: "NumberLengthEquals3", # required
@@ -1499,24 +1565,30 @@ module Aws::PaymentCryptographyData
1499
1565
  # card_verification_value_2: {
1500
1566
  # card_expiry_date: "NumberLengthEquals4", # required
1501
1567
  # },
1502
- # discover_dynamic_card_verification_code: {
1503
- # application_transaction_counter: "HexLengthBetween2And4", # required
1504
- # card_expiry_date: "NumberLengthEquals4", # required
1568
+ # card_holder_verification_value: {
1505
1569
  # unpredictable_number: "HexLengthBetween2And8", # required
1570
+ # pan_sequence_number: "NumberLengthEquals2", # required
1571
+ # application_transaction_counter: "HexLengthBetween2And4", # required
1506
1572
  # },
1507
1573
  # dynamic_card_verification_code: {
1574
+ # unpredictable_number: "HexLengthBetween2And8", # required
1575
+ # pan_sequence_number: "NumberLengthEquals2", # required
1508
1576
  # application_transaction_counter: "HexLengthBetween2And4", # required
1509
- # pan_sequence_number: "HexLengthEquals2", # required
1510
1577
  # track_data: "HexLengthBetween2And160", # required
1511
- # unpredictable_number: "HexLengthBetween2And8", # required
1512
1578
  # },
1513
1579
  # dynamic_card_verification_value: {
1514
- # application_transaction_counter: "HexLengthBetween2And4", # required
1580
+ # pan_sequence_number: "NumberLengthEquals2", # required
1515
1581
  # card_expiry_date: "NumberLengthEquals4", # required
1516
- # pan_sequence_number: "HexLengthEquals2", # required
1517
1582
  # service_code: "NumberLengthEquals3", # required
1583
+ # application_transaction_counter: "HexLengthBetween2And4", # required
1584
+ # },
1585
+ # discover_dynamic_card_verification_code: {
1586
+ # card_expiry_date: "NumberLengthEquals4", # required
1587
+ # unpredictable_number: "HexLengthBetween2And8", # required
1588
+ # application_transaction_counter: "HexLengthBetween2And4", # required
1518
1589
  # },
1519
1590
  # },
1591
+ # validation_data: "NumberLengthBetween3And5", # required
1520
1592
  # })
1521
1593
  #
1522
1594
  # @example Response structure
@@ -1565,20 +1637,20 @@ module Aws::PaymentCryptographyData
1565
1637
  # The `keyARN` of the encryption key that Amazon Web Services Payment
1566
1638
  # Cryptography uses to verify MAC data.
1567
1639
  #
1568
- # @option params [required, String] :mac
1569
- # The MAC being verified.
1570
- #
1571
- # @option params [Integer] :mac_length
1572
- # The length of the MAC.
1573
- #
1574
1640
  # @option params [required, String] :message_data
1575
1641
  # The data on for which MAC is under verification. This value must be
1576
1642
  # hexBinary.
1577
1643
  #
1644
+ # @option params [required, String] :mac
1645
+ # The MAC being verified.
1646
+ #
1578
1647
  # @option params [required, Types::MacAttributes] :verification_attributes
1579
1648
  # The attributes and data values to use for MAC verification within
1580
1649
  # Amazon Web Services Payment Cryptography.
1581
1650
  #
1651
+ # @option params [Integer] :mac_length
1652
+ # The length of the MAC.
1653
+ #
1582
1654
  # @return [Types::VerifyMacOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1583
1655
  #
1584
1656
  # * {Types::VerifyMacOutput#key_arn #key_arn} => String
@@ -1588,37 +1660,37 @@ module Aws::PaymentCryptographyData
1588
1660
  #
1589
1661
  # resp = client.verify_mac({
1590
1662
  # key_identifier: "KeyArnOrKeyAliasType", # required
1591
- # mac: "HexEvenLengthBetween4And128", # required
1592
- # mac_length: 1,
1593
1663
  # message_data: "HexEvenLengthBetween2And4096", # required
1664
+ # mac: "HexEvenLengthBetween4And128", # required
1594
1665
  # verification_attributes: { # required
1595
1666
  # algorithm: "ISO9797_ALGORITHM1", # accepts ISO9797_ALGORITHM1, ISO9797_ALGORITHM3, CMAC, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512
1596
- # dukpt_cmac: {
1597
- # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1598
- # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
1599
- # key_serial_number: "HexLengthBetween10And24", # required
1600
- # },
1601
- # dukpt_iso_9797_algorithm_1: {
1602
- # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1603
- # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
1604
- # key_serial_number: "HexLengthBetween10And24", # required
1605
- # },
1606
- # dukpt_iso_9797_algorithm_3: {
1607
- # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1608
- # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
1609
- # key_serial_number: "HexLengthBetween10And24", # required
1610
- # },
1611
1667
  # emv_mac: {
1612
1668
  # major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
1613
- # pan_sequence_number: "HexLengthEquals2", # required
1614
1669
  # primary_account_number: "NumberLengthBetween12And19", # required
1670
+ # pan_sequence_number: "NumberLengthEquals2", # required
1615
1671
  # session_key_derivation_mode: "EMV_COMMON_SESSION_KEY", # required, accepts EMV_COMMON_SESSION_KEY, EMV2000, AMEX, MASTERCARD_SESSION_KEY, VISA
1616
1672
  # session_key_derivation_value: { # required
1617
1673
  # application_cryptogram: "HexLengthEquals16",
1618
1674
  # application_transaction_counter: "HexLengthBetween2And4",
1619
1675
  # },
1620
1676
  # },
1677
+ # dukpt_iso_9797_algorithm_1: {
1678
+ # key_serial_number: "HexLengthBetween10And24", # required
1679
+ # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
1680
+ # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1681
+ # },
1682
+ # dukpt_iso_9797_algorithm_3: {
1683
+ # key_serial_number: "HexLengthBetween10And24", # required
1684
+ # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
1685
+ # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1686
+ # },
1687
+ # dukpt_cmac: {
1688
+ # key_serial_number: "HexLengthBetween10And24", # required
1689
+ # dukpt_key_variant: "BIDIRECTIONAL", # required, accepts BIDIRECTIONAL, REQUEST, RESPONSE
1690
+ # dukpt_derivation_type: "TDES_2KEY", # accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1691
+ # },
1621
1692
  # },
1693
+ # mac_length: 1,
1622
1694
  # })
1623
1695
  #
1624
1696
  # @example Response structure
@@ -1666,16 +1738,24 @@ module Aws::PaymentCryptographyData
1666
1738
  # [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
1667
1739
  # [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
1668
1740
  #
1669
- # @option params [Types::DukptAttributes] :dukpt_attributes
1670
- # The attributes and values for the DUKPT encrypted PIN block data.
1741
+ # @option params [required, String] :verification_key_identifier
1742
+ # The `keyARN` of the PIN verification key.
1743
+ #
1744
+ # @option params [required, String] :encryption_key_identifier
1745
+ # The `keyARN` of the encryption key under which the PIN block data is
1746
+ # encrypted. This key type can be PEK or BDK.
1747
+ #
1748
+ # @option params [required, Types::PinVerificationAttributes] :verification_attributes
1749
+ # The attributes and values for PIN data verification.
1671
1750
  #
1672
1751
  # @option params [required, String] :encrypted_pin_block
1673
1752
  # The encrypted PIN block data that Amazon Web Services Payment
1674
1753
  # Cryptography verifies.
1675
1754
  #
1676
- # @option params [required, String] :encryption_key_identifier
1677
- # The `keyARN` of the encryption key under which the PIN block data is
1678
- # encrypted. This key type can be PEK or BDK.
1755
+ # @option params [required, String] :primary_account_number
1756
+ # The Primary Account Number (PAN), a unique identifier for a payment
1757
+ # credit or debit card that associates the card with a specific account
1758
+ # holder.
1679
1759
  #
1680
1760
  # @option params [required, String] :pin_block_format
1681
1761
  # The PIN encoding format for pin data generation as specified in ISO
@@ -1692,57 +1772,49 @@ module Aws::PaymentCryptographyData
1692
1772
  # @option params [Integer] :pin_data_length
1693
1773
  # The length of PIN being verified.
1694
1774
  #
1695
- # @option params [required, String] :primary_account_number
1696
- # The Primary Account Number (PAN), a unique identifier for a payment
1697
- # credit or debit card that associates the card with a specific account
1698
- # holder.
1699
- #
1700
- # @option params [required, Types::PinVerificationAttributes] :verification_attributes
1701
- # The attributes and values for PIN data verification.
1702
- #
1703
- # @option params [required, String] :verification_key_identifier
1704
- # The `keyARN` of the PIN verification key.
1775
+ # @option params [Types::DukptAttributes] :dukpt_attributes
1776
+ # The attributes and values for the DUKPT encrypted PIN block data.
1705
1777
  #
1706
1778
  # @return [Types::VerifyPinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1707
1779
  #
1708
- # * {Types::VerifyPinDataOutput#encryption_key_arn #encryption_key_arn} => String
1709
- # * {Types::VerifyPinDataOutput#encryption_key_check_value #encryption_key_check_value} => String
1710
1780
  # * {Types::VerifyPinDataOutput#verification_key_arn #verification_key_arn} => String
1711
1781
  # * {Types::VerifyPinDataOutput#verification_key_check_value #verification_key_check_value} => String
1782
+ # * {Types::VerifyPinDataOutput#encryption_key_arn #encryption_key_arn} => String
1783
+ # * {Types::VerifyPinDataOutput#encryption_key_check_value #encryption_key_check_value} => String
1712
1784
  #
1713
1785
  # @example Request syntax with placeholder values
1714
1786
  #
1715
1787
  # resp = client.verify_pin_data({
1716
- # dukpt_attributes: {
1717
- # dukpt_derivation_type: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1718
- # key_serial_number: "HexLengthBetween10And24", # required
1719
- # },
1720
- # encrypted_pin_block: "HexLengthBetween16And32", # required
1788
+ # verification_key_identifier: "KeyArnOrKeyAliasType", # required
1721
1789
  # encryption_key_identifier: "KeyArnOrKeyAliasType", # required
1722
- # pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
1723
- # pin_data_length: 1,
1724
- # primary_account_number: "NumberLengthBetween12And19", # required
1725
1790
  # verification_attributes: { # required
1726
- # ibm_3624_pin: {
1727
- # decimalization_table: "NumberLengthEquals16", # required
1728
- # pin_offset: "NumberLengthBetween4And12", # required
1729
- # pin_validation_data: "NumberLengthBetween4And16", # required
1730
- # pin_validation_data_pad_character: "HexLengthEquals1", # required
1731
- # },
1732
1791
  # visa_pin: {
1733
1792
  # pin_verification_key_index: 1, # required
1734
1793
  # verification_value: "NumberLengthBetween4And12", # required
1735
1794
  # },
1795
+ # ibm_3624_pin: {
1796
+ # decimalization_table: "NumberLengthEquals16", # required
1797
+ # pin_validation_data_pad_character: "HexLengthEquals1", # required
1798
+ # pin_validation_data: "NumberLengthBetween4And16", # required
1799
+ # pin_offset: "NumberLengthBetween4And12", # required
1800
+ # },
1801
+ # },
1802
+ # encrypted_pin_block: "HexLengthBetween16And32", # required
1803
+ # primary_account_number: "NumberLengthBetween12And19", # required
1804
+ # pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
1805
+ # pin_data_length: 1,
1806
+ # dukpt_attributes: {
1807
+ # key_serial_number: "HexLengthBetween10And24", # required
1808
+ # dukpt_derivation_type: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
1736
1809
  # },
1737
- # verification_key_identifier: "KeyArnOrKeyAliasType", # required
1738
1810
  # })
1739
1811
  #
1740
1812
  # @example Response structure
1741
1813
  #
1742
- # resp.encryption_key_arn #=> String
1743
- # resp.encryption_key_check_value #=> String
1744
1814
  # resp.verification_key_arn #=> String
1745
1815
  # resp.verification_key_check_value #=> String
1816
+ # resp.encryption_key_arn #=> String
1817
+ # resp.encryption_key_check_value #=> String
1746
1818
  #
1747
1819
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyPinData AWS API Documentation
1748
1820
  #
@@ -1766,7 +1838,7 @@ module Aws::PaymentCryptographyData
1766
1838
  params: params,
1767
1839
  config: config)
1768
1840
  context[:gem_name] = 'aws-sdk-paymentcryptographydata'
1769
- context[:gem_version] = '1.14.0'
1841
+ context[:gem_version] = '1.16.0'
1770
1842
  Seahorse::Client::Request.new(handlers, context)
1771
1843
  end
1772
1844