aws-sdk-paymentcryptographydata 1.25.0 → 1.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-paymentcryptographydata/client.rb +376 -51
- data/lib/aws-sdk-paymentcryptographydata/client_api.rb +132 -4
- data/lib/aws-sdk-paymentcryptographydata/types.rb +498 -8
- data/lib/aws-sdk-paymentcryptographydata.rb +1 -1
- data/sig/client.rbs +152 -8
- data/sig/types.rbs +125 -2
- metadata +2 -2
@@ -452,8 +452,8 @@ module Aws::PaymentCryptographyData
|
|
452
452
|
# more information, see [Decrypt data][1] in the *Amazon Web Services
|
453
453
|
# Payment Cryptography User Guide*.
|
454
454
|
#
|
455
|
-
# You can use an
|
456
|
-
# Payment Cryptography, or you can import your own
|
455
|
+
# You can use an decryption key generated within Amazon Web Services
|
456
|
+
# Payment Cryptography, or you can import your own decryption key by
|
457
457
|
# calling [ImportKey][2]. For this operation, the key must have
|
458
458
|
# `KeyModesOfUse` set to `Decrypt`. In asymmetric decryption, Amazon Web
|
459
459
|
# Services Payment Cryptography decrypts the ciphertext using the
|
@@ -462,6 +462,17 @@ module Aws::PaymentCryptographyData
|
|
462
462
|
# can export the public component of the asymmetric key pair by calling
|
463
463
|
# [GetPublicCertificate][3].
|
464
464
|
#
|
465
|
+
# This operation also supports dynamic keys, allowing you to pass a
|
466
|
+
# dynamic decryption key as a TR-31 WrappedKeyBlock. This can be used
|
467
|
+
# when key material is frequently rotated, such as during every card
|
468
|
+
# transaction, and there is need to avoid importing short-lived keys
|
469
|
+
# into Amazon Web Services Payment Cryptography. To decrypt using
|
470
|
+
# dynamic keys, the `keyARN` is the Key Encryption Key (KEK) of the
|
471
|
+
# TR-31 wrapped decryption key material. The incoming wrapped key shall
|
472
|
+
# have a key purpose of D0 with a mode of use of B or D. For more
|
473
|
+
# information, see [Using Dynamic Keys][4] in the *Amazon Web Services
|
474
|
+
# Payment Cryptography User Guide*.
|
475
|
+
#
|
465
476
|
# For symmetric and DUKPT decryption, Amazon Web Services Payment
|
466
477
|
# Cryptography supports `TDES` and `AES` algorithms. For EMV decryption,
|
467
478
|
# Amazon Web Services Payment Cryptography supports `TDES` algorithms.
|
@@ -474,8 +485,8 @@ module Aws::PaymentCryptographyData
|
|
474
485
|
# size unless padding is enabled.
|
475
486
|
#
|
476
487
|
# For information about valid keys for this operation, see
|
477
|
-
# [Understanding key attributes][
|
478
|
-
# operations][
|
488
|
+
# [Understanding key attributes][5] and [Key types for specific data
|
489
|
+
# operations][6] in the *Amazon Web Services Payment Cryptography User
|
479
490
|
# Guide*.
|
480
491
|
#
|
481
492
|
# **Cross-account use**: This operation can't be used across different
|
@@ -494,8 +505,9 @@ module Aws::PaymentCryptographyData
|
|
494
505
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/decrypt-data.html
|
495
506
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
496
507
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html
|
497
|
-
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
498
|
-
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
508
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/use-cases-acquirers-dynamickeys.html
|
509
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
510
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
499
511
|
#
|
500
512
|
# @option params [required, String] :key_identifier
|
501
513
|
# The `keyARN` of the encryption key that Amazon Web Services Payment
|
@@ -554,6 +566,14 @@ module Aws::PaymentCryptographyData
|
|
554
566
|
# wrapped_key: {
|
555
567
|
# wrapped_key_material: { # required
|
556
568
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
569
|
+
# diffie_hellman_symmetric_key: {
|
570
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
571
|
+
# public_key_certificate: "CertificateType", # required
|
572
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
573
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
574
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
575
|
+
# shared_information: "SharedInformation", # required
|
576
|
+
# },
|
557
577
|
# },
|
558
578
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
559
579
|
# },
|
@@ -581,11 +601,24 @@ module Aws::PaymentCryptographyData
|
|
581
601
|
#
|
582
602
|
# You can generate an encryption key within Amazon Web Services Payment
|
583
603
|
# Cryptography by calling [CreateKey][2]. You can import your own
|
584
|
-
# encryption key by calling [ImportKey][3].
|
585
|
-
#
|
586
|
-
#
|
587
|
-
#
|
588
|
-
#
|
604
|
+
# encryption key by calling [ImportKey][3].
|
605
|
+
#
|
606
|
+
# For this operation, the key must have `KeyModesOfUse` set to
|
607
|
+
# `Encrypt`. In asymmetric encryption, plaintext is encrypted using
|
608
|
+
# public component. You can import the public component of an asymmetric
|
609
|
+
# key pair created outside Amazon Web Services Payment Cryptography by
|
610
|
+
# calling [ImportKey][3].
|
611
|
+
#
|
612
|
+
# This operation also supports dynamic keys, allowing you to pass a
|
613
|
+
# dynamic encryption key as a TR-31 WrappedKeyBlock. This can be used
|
614
|
+
# when key material is frequently rotated, such as during every card
|
615
|
+
# transaction, and there is need to avoid importing short-lived keys
|
616
|
+
# into Amazon Web Services Payment Cryptography. To encrypt using
|
617
|
+
# dynamic keys, the `keyARN` is the Key Encryption Key (KEK) of the
|
618
|
+
# TR-31 wrapped encryption key material. The incoming wrapped key shall
|
619
|
+
# have a key purpose of D0 with a mode of use of B or D. For more
|
620
|
+
# information, see [Using Dynamic Keys][4] in the *Amazon Web Services
|
621
|
+
# Payment Cryptography User Guide*.
|
589
622
|
#
|
590
623
|
# For symmetric and DUKPT encryption, Amazon Web Services Payment
|
591
624
|
# Cryptography supports `TDES` and `AES` algorithms. For EMV encryption,
|
@@ -605,8 +638,8 @@ module Aws::PaymentCryptographyData
|
|
605
638
|
# your account with `KeyModesOfUse` set to `DeriveKey`.
|
606
639
|
#
|
607
640
|
# For information about valid keys for this operation, see
|
608
|
-
# [Understanding key attributes][
|
609
|
-
# operations][
|
641
|
+
# [Understanding key attributes][5] and [Key types for specific data
|
642
|
+
# operations][6] in the *Amazon Web Services Payment Cryptography User
|
610
643
|
# Guide*.
|
611
644
|
#
|
612
645
|
# **Cross-account use**: This operation can't be used across different
|
@@ -616,7 +649,7 @@ module Aws::PaymentCryptographyData
|
|
616
649
|
#
|
617
650
|
# * DecryptData
|
618
651
|
#
|
619
|
-
# * [GetPublicCertificate][
|
652
|
+
# * [GetPublicCertificate][7]
|
620
653
|
#
|
621
654
|
# * [ImportKey][3]
|
622
655
|
#
|
@@ -627,9 +660,10 @@ module Aws::PaymentCryptographyData
|
|
627
660
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/encrypt-data.html
|
628
661
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
629
662
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
630
|
-
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
631
|
-
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
632
|
-
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/
|
663
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/use-cases-acquirers-dynamickeys.html
|
664
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
665
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
666
|
+
# [7]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html
|
633
667
|
#
|
634
668
|
# @option params [required, String] :key_identifier
|
635
669
|
# The `keyARN` of the encryption key that Amazon Web Services Payment
|
@@ -700,6 +734,14 @@ module Aws::PaymentCryptographyData
|
|
700
734
|
# wrapped_key: {
|
701
735
|
# wrapped_key_material: { # required
|
702
736
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
737
|
+
# diffie_hellman_symmetric_key: {
|
738
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
739
|
+
# public_key_certificate: "CertificateType", # required
|
740
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
741
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
742
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
743
|
+
# shared_information: "SharedInformation", # required
|
744
|
+
# },
|
703
745
|
# },
|
704
746
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
705
747
|
# },
|
@@ -906,7 +948,7 @@ module Aws::PaymentCryptographyData
|
|
906
948
|
# session_key_derivation_mode: "EMV_COMMON_SESSION_KEY", # required, accepts EMV_COMMON_SESSION_KEY, EMV2000, AMEX, MASTERCARD_SESSION_KEY, VISA
|
907
949
|
# session_key_derivation_value: { # required
|
908
950
|
# application_cryptogram: "ApplicationCryptogramType",
|
909
|
-
# application_transaction_counter: "
|
951
|
+
# application_transaction_counter: "HexLengthEquals4",
|
910
952
|
# },
|
911
953
|
# },
|
912
954
|
# dukpt_iso_9797_algorithm_1: {
|
@@ -943,6 +985,173 @@ module Aws::PaymentCryptographyData
|
|
943
985
|
req.send_request(options)
|
944
986
|
end
|
945
987
|
|
988
|
+
# Generates an issuer script mac for EMV payment cards that use offline
|
989
|
+
# PINs as the cardholder verification method (CVM).
|
990
|
+
#
|
991
|
+
# This operation generates an authenticated issuer script response by
|
992
|
+
# appending the incoming message data (APDU command) with the target
|
993
|
+
# encrypted PIN block in ISO2 format. The command structure and method
|
994
|
+
# to send the issuer script update to the card is not defined by this
|
995
|
+
# operation and is typically determined by the applicable payment card
|
996
|
+
# scheme.
|
997
|
+
#
|
998
|
+
# The primary inputs to this operation include the incoming new
|
999
|
+
# encrypted pinblock, PIN encryption key (PEK), issuer master key (IMK),
|
1000
|
+
# primary account number (PAN), and the payment card derivation method.
|
1001
|
+
#
|
1002
|
+
# The operation uses two issuer master keys - secure messaging for
|
1003
|
+
# confidentiality (IMK-SMC) and secure messaging for integrity
|
1004
|
+
# (IMK-SMI). The SMC key is used to internally derive a key to secure
|
1005
|
+
# the pin, while SMI key is used to internally derive a key to
|
1006
|
+
# authenticate the script reponse as per the [EMV 4.4 - Book 2 -
|
1007
|
+
# Security and Key Management][1] specification.
|
1008
|
+
#
|
1009
|
+
# This operation supports Amex, EMV2000, EMVCommon, Mastercard and Visa
|
1010
|
+
# derivation methods, each requiring specific input parameters. Users
|
1011
|
+
# must follow the specific derivation method and input parameters
|
1012
|
+
# defined by the respective payment card scheme.
|
1013
|
+
#
|
1014
|
+
# <note markdown="1"> Use GenerateMac operation when sending a script update to an EMV card
|
1015
|
+
# that does not involve PIN change. When assigning IAM permissions, it
|
1016
|
+
# is important to understand that EncryptData using EMV keys and
|
1017
|
+
# GenerateMac perform similar functions to this command.
|
1018
|
+
#
|
1019
|
+
# </note>
|
1020
|
+
#
|
1021
|
+
# **Cross-account use**: This operation can't be used across different
|
1022
|
+
# Amazon Web Services accounts.
|
1023
|
+
#
|
1024
|
+
# **Related operations:**
|
1025
|
+
#
|
1026
|
+
# * EncryptData
|
1027
|
+
#
|
1028
|
+
# * GenerateMac
|
1029
|
+
#
|
1030
|
+
#
|
1031
|
+
#
|
1032
|
+
# [1]: https://www.emvco.com/specifications/
|
1033
|
+
#
|
1034
|
+
# @option params [required, String] :new_pin_pek_identifier
|
1035
|
+
# The `keyARN` of the PEK protecting the incoming new encrypted PIN
|
1036
|
+
# block.
|
1037
|
+
#
|
1038
|
+
# @option params [required, String] :new_encrypted_pin_block
|
1039
|
+
# The incoming new encrypted PIN block data for offline pin change on an
|
1040
|
+
# EMV card.
|
1041
|
+
#
|
1042
|
+
# @option params [required, String] :pin_block_format
|
1043
|
+
# The PIN encoding format of the incoming new encrypted PIN block as
|
1044
|
+
# specified in ISO 9564.
|
1045
|
+
#
|
1046
|
+
# @option params [required, String] :secure_messaging_integrity_key_identifier
|
1047
|
+
# The `keyARN` of the issuer master key (IMK-SMI) used to authenticate
|
1048
|
+
# the issuer script response.
|
1049
|
+
#
|
1050
|
+
# @option params [required, String] :secure_messaging_confidentiality_key_identifier
|
1051
|
+
# The `keyARN` of the issuer master key (IMK-SMC) used to protect the
|
1052
|
+
# PIN block data in the issuer script response.
|
1053
|
+
#
|
1054
|
+
# @option params [required, String] :message_data
|
1055
|
+
# The message data is the APDU command from the card reader or terminal.
|
1056
|
+
# The target encrypted PIN block, after translation to ISO2 format, is
|
1057
|
+
# appended to this message data to generate an issuer script response.
|
1058
|
+
#
|
1059
|
+
# @option params [required, Types::DerivationMethodAttributes] :derivation_method_attributes
|
1060
|
+
# The attributes and data values to derive payment card specific
|
1061
|
+
# confidentiality and integrity keys.
|
1062
|
+
#
|
1063
|
+
# @return [Types::GenerateMacEmvPinChangeOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1064
|
+
#
|
1065
|
+
# * {Types::GenerateMacEmvPinChangeOutput#new_pin_pek_arn #new_pin_pek_arn} => String
|
1066
|
+
# * {Types::GenerateMacEmvPinChangeOutput#secure_messaging_integrity_key_arn #secure_messaging_integrity_key_arn} => String
|
1067
|
+
# * {Types::GenerateMacEmvPinChangeOutput#secure_messaging_confidentiality_key_arn #secure_messaging_confidentiality_key_arn} => String
|
1068
|
+
# * {Types::GenerateMacEmvPinChangeOutput#mac #mac} => String
|
1069
|
+
# * {Types::GenerateMacEmvPinChangeOutput#encrypted_pin_block #encrypted_pin_block} => String
|
1070
|
+
# * {Types::GenerateMacEmvPinChangeOutput#new_pin_pek_key_check_value #new_pin_pek_key_check_value} => String
|
1071
|
+
# * {Types::GenerateMacEmvPinChangeOutput#secure_messaging_integrity_key_check_value #secure_messaging_integrity_key_check_value} => String
|
1072
|
+
# * {Types::GenerateMacEmvPinChangeOutput#secure_messaging_confidentiality_key_check_value #secure_messaging_confidentiality_key_check_value} => String
|
1073
|
+
# * {Types::GenerateMacEmvPinChangeOutput#visa_amex_derivation_outputs #visa_amex_derivation_outputs} => Types::VisaAmexDerivationOutputs
|
1074
|
+
#
|
1075
|
+
# @example Request syntax with placeholder values
|
1076
|
+
#
|
1077
|
+
# resp = client.generate_mac_emv_pin_change({
|
1078
|
+
# new_pin_pek_identifier: "KeyArnOrKeyAliasType", # required
|
1079
|
+
# new_encrypted_pin_block: "PinBlockLengthEquals16", # required
|
1080
|
+
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_1, ISO_FORMAT_3
|
1081
|
+
# secure_messaging_integrity_key_identifier: "KeyArnOrKeyAliasType", # required
|
1082
|
+
# secure_messaging_confidentiality_key_identifier: "KeyArnOrKeyAliasType", # required
|
1083
|
+
# message_data: "CommandMessageDataType", # required
|
1084
|
+
# derivation_method_attributes: { # required
|
1085
|
+
# emv_common: {
|
1086
|
+
# major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
|
1087
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
1088
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
1089
|
+
# application_cryptogram: "ApplicationCryptogramType", # required
|
1090
|
+
# mode: "ECB", # required, accepts ECB, CBC
|
1091
|
+
# pin_block_padding_type: "NO_PADDING", # required, accepts NO_PADDING, ISO_IEC_7816_4
|
1092
|
+
# pin_block_length_position: "NONE", # required, accepts NONE, FRONT_OF_PIN_BLOCK
|
1093
|
+
# },
|
1094
|
+
# amex: {
|
1095
|
+
# major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
|
1096
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
1097
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
1098
|
+
# application_transaction_counter: "HexLengthEquals4", # required
|
1099
|
+
# authorization_request_key_identifier: "KeyArnOrKeyAliasType", # required
|
1100
|
+
# current_pin_attributes: {
|
1101
|
+
# current_pin_pek_identifier: "KeyArnOrKeyAliasType", # required
|
1102
|
+
# current_encrypted_pin_block: "PinBlockLengthEquals16", # required
|
1103
|
+
# },
|
1104
|
+
# },
|
1105
|
+
# visa: {
|
1106
|
+
# major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
|
1107
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
1108
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
1109
|
+
# application_transaction_counter: "HexLengthEquals4", # required
|
1110
|
+
# authorization_request_key_identifier: "KeyArnOrKeyAliasType", # required
|
1111
|
+
# current_pin_attributes: {
|
1112
|
+
# current_pin_pek_identifier: "KeyArnOrKeyAliasType", # required
|
1113
|
+
# current_encrypted_pin_block: "PinBlockLengthEquals16", # required
|
1114
|
+
# },
|
1115
|
+
# },
|
1116
|
+
# emv_2000: {
|
1117
|
+
# major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
|
1118
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
1119
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
1120
|
+
# application_transaction_counter: "HexLengthEquals4", # required
|
1121
|
+
# },
|
1122
|
+
# mastercard: {
|
1123
|
+
# major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
|
1124
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
1125
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
1126
|
+
# application_cryptogram: "ApplicationCryptogramType", # required
|
1127
|
+
# },
|
1128
|
+
# },
|
1129
|
+
# })
|
1130
|
+
#
|
1131
|
+
# @example Response structure
|
1132
|
+
#
|
1133
|
+
# resp.new_pin_pek_arn #=> String
|
1134
|
+
# resp.secure_messaging_integrity_key_arn #=> String
|
1135
|
+
# resp.secure_messaging_confidentiality_key_arn #=> String
|
1136
|
+
# resp.mac #=> String
|
1137
|
+
# resp.encrypted_pin_block #=> String
|
1138
|
+
# resp.new_pin_pek_key_check_value #=> String
|
1139
|
+
# resp.secure_messaging_integrity_key_check_value #=> String
|
1140
|
+
# resp.secure_messaging_confidentiality_key_check_value #=> String
|
1141
|
+
# resp.visa_amex_derivation_outputs.authorization_request_key_arn #=> String
|
1142
|
+
# resp.visa_amex_derivation_outputs.authorization_request_key_check_value #=> String
|
1143
|
+
# resp.visa_amex_derivation_outputs.current_pin_pek_arn #=> String
|
1144
|
+
# resp.visa_amex_derivation_outputs.current_pin_pek_key_check_value #=> String
|
1145
|
+
#
|
1146
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/GenerateMacEmvPinChange AWS API Documentation
|
1147
|
+
#
|
1148
|
+
# @overload generate_mac_emv_pin_change(params = {})
|
1149
|
+
# @param [Hash] params ({})
|
1150
|
+
def generate_mac_emv_pin_change(params = {}, options = {})
|
1151
|
+
req = build_request(:generate_mac_emv_pin_change, params)
|
1152
|
+
req.send_request(options)
|
1153
|
+
end
|
1154
|
+
|
946
1155
|
# Generates pin-related data such as PIN, PIN Verification Value (PVV),
|
947
1156
|
# PIN Block, and PIN Offset during new card issuance or reissuance. For
|
948
1157
|
# more information, see [Generate PIN data][1] in the *Amazon Web
|
@@ -955,9 +1164,18 @@ module Aws::PaymentCryptographyData
|
|
955
1164
|
# Cryptography. This operation uses a separate Pin Verification Key
|
956
1165
|
# (PVK) for VISA PVV generation.
|
957
1166
|
#
|
1167
|
+
# Using ECDH key exchange, you can receive cardholder selectable PINs
|
1168
|
+
# into Amazon Web Services Payment Cryptography. The ECDH derived key
|
1169
|
+
# protects the incoming PIN block. You can also use it for reveal PIN,
|
1170
|
+
# wherein the generated PIN block is protected by the ECDH derived key
|
1171
|
+
# before transmission from Amazon Web Services Payment Cryptography. For
|
1172
|
+
# more information on establishing ECDH derived keys, see the
|
1173
|
+
# [Generating keys][2] in the *Amazon Web Services Payment Cryptography
|
1174
|
+
# User Guide*.
|
1175
|
+
#
|
958
1176
|
# For information about valid keys for this operation, see
|
959
|
-
# [Understanding key attributes][
|
960
|
-
# operations][
|
1177
|
+
# [Understanding key attributes][3] and [Key types for specific data
|
1178
|
+
# operations][4] in the *Amazon Web Services Payment Cryptography User
|
961
1179
|
# Guide*.
|
962
1180
|
#
|
963
1181
|
# **Cross-account use**: This operation can't be used across different
|
@@ -974,8 +1192,9 @@ module Aws::PaymentCryptographyData
|
|
974
1192
|
#
|
975
1193
|
#
|
976
1194
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/generate-pin-data.html
|
977
|
-
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys
|
978
|
-
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
1195
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/create-keys.html
|
1196
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
1197
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
979
1198
|
#
|
980
1199
|
# @option params [required, String] :generation_key_identifier
|
981
1200
|
# The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
|
@@ -983,7 +1202,8 @@ module Aws::PaymentCryptographyData
|
|
983
1202
|
#
|
984
1203
|
# @option params [required, String] :encryption_key_identifier
|
985
1204
|
# The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
|
986
|
-
# uses to encrypt the PIN Block.
|
1205
|
+
# uses to encrypt the PIN Block. For ECDH, it is the `keyARN` of the
|
1206
|
+
# asymmetric ECC key.
|
987
1207
|
#
|
988
1208
|
# @option params [required, Types::PinGenerationAttributes] :generation_attributes
|
989
1209
|
# The attributes and values to use for PIN, PVV, or PIN Offset
|
@@ -1009,6 +1229,10 @@ module Aws::PaymentCryptographyData
|
|
1009
1229
|
# The `ISO_Format_3` PIN block format is the same as `ISO_Format_0`
|
1010
1230
|
# except that the fill digits are random values from 10 to 15.
|
1011
1231
|
#
|
1232
|
+
# @option params [Types::WrappedKey] :encryption_wrapped_key
|
1233
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
1234
|
+
# exchange.
|
1235
|
+
#
|
1012
1236
|
# @return [Types::GeneratePinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1013
1237
|
#
|
1014
1238
|
# * {Types::GeneratePinDataOutput#generation_key_arn #generation_key_arn} => String
|
@@ -1056,7 +1280,21 @@ module Aws::PaymentCryptographyData
|
|
1056
1280
|
# },
|
1057
1281
|
# pin_data_length: 1,
|
1058
1282
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
1059
|
-
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
|
1283
|
+
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3, ISO_FORMAT_4
|
1284
|
+
# encryption_wrapped_key: {
|
1285
|
+
# wrapped_key_material: { # required
|
1286
|
+
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
1287
|
+
# diffie_hellman_symmetric_key: {
|
1288
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1289
|
+
# public_key_certificate: "CertificateType", # required
|
1290
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
1291
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
1292
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
1293
|
+
# shared_information: "SharedInformation", # required
|
1294
|
+
# },
|
1295
|
+
# },
|
1296
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
1297
|
+
# },
|
1060
1298
|
# })
|
1061
1299
|
#
|
1062
1300
|
# @example Response structure
|
@@ -1086,6 +1324,17 @@ module Aws::PaymentCryptographyData
|
|
1086
1324
|
# this operation must be in a compatible key state with `KeyModesOfUse`
|
1087
1325
|
# set to `Encrypt`.
|
1088
1326
|
#
|
1327
|
+
# This operation also supports dynamic keys, allowing you to pass a
|
1328
|
+
# dynamic encryption key as a TR-31 WrappedKeyBlock. This can be used
|
1329
|
+
# when key material is frequently rotated, such as during every card
|
1330
|
+
# transaction, and there is need to avoid importing short-lived keys
|
1331
|
+
# into Amazon Web Services Payment Cryptography. To re-encrypt using
|
1332
|
+
# dynamic keys, the `keyARN` is the Key Encryption Key (KEK) of the
|
1333
|
+
# TR-31 wrapped encryption key material. The incoming wrapped key shall
|
1334
|
+
# have a key purpose of D0 with a mode of use of B or D. For more
|
1335
|
+
# information, see [Using Dynamic Keys][3] in the *Amazon Web Services
|
1336
|
+
# Payment Cryptography User Guide*.
|
1337
|
+
#
|
1089
1338
|
# For symmetric and DUKPT encryption, Amazon Web Services Payment
|
1090
1339
|
# Cryptography supports `TDES` and `AES` algorithms. To encrypt using
|
1091
1340
|
# DUKPT, a DUKPT key must already exist within your account with
|
@@ -1093,8 +1342,8 @@ module Aws::PaymentCryptographyData
|
|
1093
1342
|
# calling [CreateKey][1].
|
1094
1343
|
#
|
1095
1344
|
# For information about valid keys for this operation, see
|
1096
|
-
# [Understanding key attributes][
|
1097
|
-
# operations][
|
1345
|
+
# [Understanding key attributes][4] and [Key types for specific data
|
1346
|
+
# operations][5] in the *Amazon Web Services Payment Cryptography User
|
1098
1347
|
# Guide*.
|
1099
1348
|
#
|
1100
1349
|
# **Cross-account use**: This operation can't be used across different
|
@@ -1106,7 +1355,7 @@ module Aws::PaymentCryptographyData
|
|
1106
1355
|
#
|
1107
1356
|
# * EncryptData
|
1108
1357
|
#
|
1109
|
-
# * [GetPublicCertificate][
|
1358
|
+
# * [GetPublicCertificate][6]
|
1110
1359
|
#
|
1111
1360
|
# * [ImportKey][2]
|
1112
1361
|
#
|
@@ -1114,9 +1363,10 @@ module Aws::PaymentCryptographyData
|
|
1114
1363
|
#
|
1115
1364
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
1116
1365
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
1117
|
-
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
1118
|
-
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
1119
|
-
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/
|
1366
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/use-cases-acquirers-dynamickeys.html
|
1367
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
1368
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
1369
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html
|
1120
1370
|
#
|
1121
1371
|
# @option params [required, String] :incoming_key_identifier
|
1122
1372
|
# The `keyARN` of the encryption key of incoming ciphertext data.
|
@@ -1192,12 +1442,28 @@ module Aws::PaymentCryptographyData
|
|
1192
1442
|
# incoming_wrapped_key: {
|
1193
1443
|
# wrapped_key_material: { # required
|
1194
1444
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
1445
|
+
# diffie_hellman_symmetric_key: {
|
1446
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1447
|
+
# public_key_certificate: "CertificateType", # required
|
1448
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
1449
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
1450
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
1451
|
+
# shared_information: "SharedInformation", # required
|
1452
|
+
# },
|
1195
1453
|
# },
|
1196
1454
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
1197
1455
|
# },
|
1198
1456
|
# outgoing_wrapped_key: {
|
1199
1457
|
# wrapped_key_material: { # required
|
1200
1458
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
1459
|
+
# diffie_hellman_symmetric_key: {
|
1460
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1461
|
+
# public_key_certificate: "CertificateType", # required
|
1462
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
1463
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
1464
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
1465
|
+
# shared_information: "SharedInformation", # required
|
1466
|
+
# },
|
1201
1467
|
# },
|
1202
1468
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
1203
1469
|
# },
|
@@ -1222,14 +1488,36 @@ module Aws::PaymentCryptographyData
|
|
1222
1488
|
# For more information, see [Translate PIN data][1] in the *Amazon Web
|
1223
1489
|
# Services Payment Cryptography User Guide*.
|
1224
1490
|
#
|
1225
|
-
# PIN block translation involves changing
|
1226
|
-
#
|
1227
|
-
#
|
1228
|
-
# Web Services Payment Cryptography
|
1229
|
-
# can be from PEK (Pin
|
1230
|
-
#
|
1231
|
-
#
|
1232
|
-
#
|
1491
|
+
# PIN block translation involves changing a PIN block from one
|
1492
|
+
# encryption key to another and optionally change its format. PIN block
|
1493
|
+
# translation occurs entirely within the HSM boundary and PIN data never
|
1494
|
+
# enters or leaves Amazon Web Services Payment Cryptography in clear
|
1495
|
+
# text. The encryption key transformation can be from PEK (Pin
|
1496
|
+
# Encryption Key) to BDK (Base Derivation Key) for DUKPT or from BDK for
|
1497
|
+
# DUKPT to PEK.
|
1498
|
+
#
|
1499
|
+
# Amazon Web Services Payment Cryptography also supports use of dynamic
|
1500
|
+
# keys and ECDH (Elliptic Curve Diffie-Hellman) based key exchange for
|
1501
|
+
# this operation.
|
1502
|
+
#
|
1503
|
+
# Dynamic keys allow you to pass a PEK as a TR-31 WrappedKeyBlock. They
|
1504
|
+
# can be used when key material is frequently rotated, such as during
|
1505
|
+
# every card transaction, and there is need to avoid importing
|
1506
|
+
# short-lived keys into Amazon Web Services Payment Cryptography. To
|
1507
|
+
# translate PIN block using dynamic keys, the `keyARN` is the Key
|
1508
|
+
# Encryption Key (KEK) of the TR-31 wrapped PEK. The incoming wrapped
|
1509
|
+
# key shall have a key purpose of P0 with a mode of use of B or D. For
|
1510
|
+
# more information, see [Using Dynamic Keys][2] in the *Amazon Web
|
1511
|
+
# Services Payment Cryptography User Guide*.
|
1512
|
+
#
|
1513
|
+
# Using ECDH key exchange, you can receive cardholder selectable PINs
|
1514
|
+
# into Amazon Web Services Payment Cryptography. The ECDH derived key
|
1515
|
+
# protects the incoming PIN block, which is translated to a PEK
|
1516
|
+
# encrypted PIN block for use within the service. You can also use ECDH
|
1517
|
+
# for reveal PIN, wherein the service translates the PIN block from PEK
|
1518
|
+
# to a ECDH derived encryption key. For more information on establishing
|
1519
|
+
# ECDH derived keys, see the [Generating keys][3] in the *Amazon Web
|
1520
|
+
# Services Payment Cryptography User Guide*.
|
1233
1521
|
#
|
1234
1522
|
# The allowed combinations of PIN block format translations are guided
|
1235
1523
|
# by PCI. It is important to note that not all encrypted PIN block
|
@@ -1239,8 +1527,8 @@ module Aws::PaymentCryptographyData
|
|
1239
1527
|
# not require a PAN for generation.
|
1240
1528
|
#
|
1241
1529
|
# For information about valid keys for this operation, see
|
1242
|
-
# [Understanding key attributes][
|
1243
|
-
# operations][
|
1530
|
+
# [Understanding key attributes][4] and [Key types for specific data
|
1531
|
+
# operations][5] in the *Amazon Web Services Payment Cryptography User
|
1244
1532
|
# Guide*.
|
1245
1533
|
#
|
1246
1534
|
# <note markdown="1"> Amazon Web Services Payment Cryptography currently supports ISO PIN
|
@@ -1261,21 +1549,24 @@ module Aws::PaymentCryptographyData
|
|
1261
1549
|
#
|
1262
1550
|
#
|
1263
1551
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/translate-pin-data.html
|
1264
|
-
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
1265
|
-
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
1552
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/use-cases-acquirers-dynamickeys.html
|
1553
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/create-keys.html
|
1554
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
1555
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
1266
1556
|
#
|
1267
1557
|
# @option params [required, String] :incoming_key_identifier
|
1268
1558
|
# The `keyARN` of the encryption key under which incoming PIN block data
|
1269
1559
|
# is encrypted. This key type can be PEK or BDK.
|
1270
1560
|
#
|
1271
|
-
#
|
1272
|
-
#
|
1273
|
-
# identifier used to perform the operation.
|
1561
|
+
# For dynamic keys, it is the `keyARN` of KEK of the TR-31 wrapped PEK.
|
1562
|
+
# For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
1274
1563
|
#
|
1275
1564
|
# @option params [required, String] :outgoing_key_identifier
|
1276
1565
|
# The `keyARN` of the encryption key for encrypting outgoing PIN block
|
1277
1566
|
# data. This key type can be PEK or BDK.
|
1278
1567
|
#
|
1568
|
+
# For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
1569
|
+
#
|
1279
1570
|
# @option params [required, Types::TranslationIsoFormats] :incoming_translation_attributes
|
1280
1571
|
# The format of the incoming PIN block data for translation within
|
1281
1572
|
# Amazon Web Services Payment Cryptography.
|
@@ -1355,12 +1646,28 @@ module Aws::PaymentCryptographyData
|
|
1355
1646
|
# incoming_wrapped_key: {
|
1356
1647
|
# wrapped_key_material: { # required
|
1357
1648
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
1649
|
+
# diffie_hellman_symmetric_key: {
|
1650
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1651
|
+
# public_key_certificate: "CertificateType", # required
|
1652
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
1653
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
1654
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
1655
|
+
# shared_information: "SharedInformation", # required
|
1656
|
+
# },
|
1358
1657
|
# },
|
1359
1658
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
1360
1659
|
# },
|
1361
1660
|
# outgoing_wrapped_key: {
|
1362
1661
|
# wrapped_key_material: { # required
|
1363
1662
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
1663
|
+
# diffie_hellman_symmetric_key: {
|
1664
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
1665
|
+
# public_key_certificate: "CertificateType", # required
|
1666
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
1667
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
1668
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
1669
|
+
# shared_information: "SharedInformation", # required
|
1670
|
+
# },
|
1364
1671
|
# },
|
1365
1672
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
1366
1673
|
# },
|
@@ -1468,18 +1775,18 @@ module Aws::PaymentCryptographyData
|
|
1468
1775
|
# emv_common: {
|
1469
1776
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
1470
1777
|
# pan_sequence_number: "NumberLengthEquals2", # required
|
1471
|
-
# application_transaction_counter: "
|
1778
|
+
# application_transaction_counter: "HexLengthEquals4", # required
|
1472
1779
|
# },
|
1473
1780
|
# mastercard: {
|
1474
1781
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
1475
1782
|
# pan_sequence_number: "NumberLengthEquals2", # required
|
1476
|
-
# application_transaction_counter: "
|
1783
|
+
# application_transaction_counter: "HexLengthEquals4", # required
|
1477
1784
|
# unpredictable_number: "HexLengthBetween2And8", # required
|
1478
1785
|
# },
|
1479
1786
|
# emv_2000: {
|
1480
1787
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
1481
1788
|
# pan_sequence_number: "NumberLengthEquals2", # required
|
1482
|
-
# application_transaction_counter: "
|
1789
|
+
# application_transaction_counter: "HexLengthEquals4", # required
|
1483
1790
|
# },
|
1484
1791
|
# amex: {
|
1485
1792
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
@@ -1702,7 +2009,7 @@ module Aws::PaymentCryptographyData
|
|
1702
2009
|
# session_key_derivation_mode: "EMV_COMMON_SESSION_KEY", # required, accepts EMV_COMMON_SESSION_KEY, EMV2000, AMEX, MASTERCARD_SESSION_KEY, VISA
|
1703
2010
|
# session_key_derivation_value: { # required
|
1704
2011
|
# application_cryptogram: "ApplicationCryptogramType",
|
1705
|
-
# application_transaction_counter: "
|
2012
|
+
# application_transaction_counter: "HexLengthEquals4",
|
1706
2013
|
# },
|
1707
2014
|
# },
|
1708
2015
|
# dukpt_iso_9797_algorithm_1: {
|
@@ -1806,6 +2113,10 @@ module Aws::PaymentCryptographyData
|
|
1806
2113
|
# @option params [Types::DukptAttributes] :dukpt_attributes
|
1807
2114
|
# The attributes and values for the DUKPT encrypted PIN block data.
|
1808
2115
|
#
|
2116
|
+
# @option params [Types::WrappedKey] :encryption_wrapped_key
|
2117
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
2118
|
+
# exchange.
|
2119
|
+
#
|
1809
2120
|
# @return [Types::VerifyPinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1810
2121
|
#
|
1811
2122
|
# * {Types::VerifyPinDataOutput#verification_key_arn #verification_key_arn} => String
|
@@ -1832,12 +2143,26 @@ module Aws::PaymentCryptographyData
|
|
1832
2143
|
# },
|
1833
2144
|
# encrypted_pin_block: "EncryptedPinBlockType", # required
|
1834
2145
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
1835
|
-
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
|
2146
|
+
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3, ISO_FORMAT_4
|
1836
2147
|
# pin_data_length: 1,
|
1837
2148
|
# dukpt_attributes: {
|
1838
2149
|
# key_serial_number: "HexLengthBetween10And24", # required
|
1839
2150
|
# dukpt_derivation_type: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
1840
2151
|
# },
|
2152
|
+
# encryption_wrapped_key: {
|
2153
|
+
# wrapped_key_material: { # required
|
2154
|
+
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
2155
|
+
# diffie_hellman_symmetric_key: {
|
2156
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
2157
|
+
# public_key_certificate: "CertificateType", # required
|
2158
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
2159
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
2160
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
2161
|
+
# shared_information: "SharedInformation", # required
|
2162
|
+
# },
|
2163
|
+
# },
|
2164
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
2165
|
+
# },
|
1841
2166
|
# })
|
1842
2167
|
#
|
1843
2168
|
# @example Response structure
|
@@ -1874,7 +2199,7 @@ module Aws::PaymentCryptographyData
|
|
1874
2199
|
tracer: tracer
|
1875
2200
|
)
|
1876
2201
|
context[:gem_name] = 'aws-sdk-paymentcryptographydata'
|
1877
|
-
context[:gem_version] = '1.
|
2202
|
+
context[:gem_version] = '1.27.0'
|
1878
2203
|
Seahorse::Client::Request.new(handlers, context)
|
1879
2204
|
end
|
1880
2205
|
|