aws-sdk-paymentcryptographydata 1.26.0 → 1.28.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-paymentcryptographydata/client.rb +164 -32
- data/lib/aws-sdk-paymentcryptographydata/client_api.rb +18 -0
- data/lib/aws-sdk-paymentcryptographydata/types.rb +75 -7
- data/lib/aws-sdk-paymentcryptographydata.rb +1 -1
- data/sig/client.rbs +86 -8
- data/sig/resource.rbs +2 -0
- data/sig/types.rbs +17 -2
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5d46d00f77474eae1d7932db3c338c473d4294dff1bcdfed5450c9d3e66f0edd
|
|
4
|
+
data.tar.gz: ea3214aa2295fafc2025c3dac191aa864545e4dfa1e0deab80760554be926e61
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fb3827cc4c9a01eb13f3953c86943c8d710f06137181b7e5917690255b3b6cff555ca809499fa7df51b40344cf22353b7ab22c782f6db3ad1c06b12abb68d176
|
|
7
|
+
data.tar.gz: 78ccd6e6f9feefacc3a8f3bd759e2f8ac783ea10791d7981255482685dcab16465333ed43aa866df039cf5463ea6acc528fcd771327481ab5fcf1e0afd567a96
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.28.0 (2025-01-15)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
8
|
+
|
|
9
|
+
1.27.0 (2024-10-23)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Add ECDH support on PIN operations.
|
|
13
|
+
|
|
4
14
|
1.26.0 (2024-10-21)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.28.0
|
|
@@ -257,11 +257,34 @@ module Aws::PaymentCryptographyData
|
|
|
257
257
|
# Used when loading credentials from the shared credentials file
|
|
258
258
|
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
|
259
259
|
#
|
|
260
|
+
# @option options [String] :request_checksum_calculation ("when_supported")
|
|
261
|
+
# Determines when a checksum will be calculated for request payloads. Values are:
|
|
262
|
+
#
|
|
263
|
+
# * `when_supported` - (default) When set, a checksum will be
|
|
264
|
+
# calculated for all request payloads of operations modeled with the
|
|
265
|
+
# `httpChecksum` trait where `requestChecksumRequired` is `true` and/or a
|
|
266
|
+
# `requestAlgorithmMember` is modeled.
|
|
267
|
+
# * `when_required` - When set, a checksum will only be calculated for
|
|
268
|
+
# request payloads of operations modeled with the `httpChecksum` trait where
|
|
269
|
+
# `requestChecksumRequired` is `true` or where a `requestAlgorithmMember`
|
|
270
|
+
# is modeled and supplied.
|
|
271
|
+
#
|
|
260
272
|
# @option options [Integer] :request_min_compression_size_bytes (10240)
|
|
261
273
|
# The minimum size in bytes that triggers compression for request
|
|
262
274
|
# bodies. The value must be non-negative integer value between 0
|
|
263
275
|
# and 10485780 bytes inclusive.
|
|
264
276
|
#
|
|
277
|
+
# @option options [String] :response_checksum_validation ("when_supported")
|
|
278
|
+
# Determines when checksum validation will be performed on response payloads. Values are:
|
|
279
|
+
#
|
|
280
|
+
# * `when_supported` - (default) When set, checksum validation is performed on all
|
|
281
|
+
# response payloads of operations modeled with the `httpChecksum` trait where
|
|
282
|
+
# `responseAlgorithms` is modeled, except when no modeled checksum algorithms
|
|
283
|
+
# are supported.
|
|
284
|
+
# * `when_required` - When set, checksum validation is not performed on
|
|
285
|
+
# response payloads of operations unless the checksum algorithm is supported and
|
|
286
|
+
# the `requestValidationModeMember` member is set to `ENABLED`.
|
|
287
|
+
#
|
|
265
288
|
# @option options [Proc] :retry_backoff
|
|
266
289
|
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
|
267
290
|
# This option is only used in the `legacy` retry mode.
|
|
@@ -566,6 +589,14 @@ module Aws::PaymentCryptographyData
|
|
|
566
589
|
# wrapped_key: {
|
|
567
590
|
# wrapped_key_material: { # required
|
|
568
591
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
592
|
+
# diffie_hellman_symmetric_key: {
|
|
593
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
594
|
+
# public_key_certificate: "CertificateType", # required
|
|
595
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
596
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
597
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
598
|
+
# shared_information: "SharedInformation", # required
|
|
599
|
+
# },
|
|
569
600
|
# },
|
|
570
601
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
571
602
|
# },
|
|
@@ -726,6 +757,14 @@ module Aws::PaymentCryptographyData
|
|
|
726
757
|
# wrapped_key: {
|
|
727
758
|
# wrapped_key_material: { # required
|
|
728
759
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
760
|
+
# diffie_hellman_symmetric_key: {
|
|
761
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
762
|
+
# public_key_certificate: "CertificateType", # required
|
|
763
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
764
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
765
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
766
|
+
# shared_information: "SharedInformation", # required
|
|
767
|
+
# },
|
|
729
768
|
# },
|
|
730
769
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
731
770
|
# },
|
|
@@ -1148,9 +1187,18 @@ module Aws::PaymentCryptographyData
|
|
|
1148
1187
|
# Cryptography. This operation uses a separate Pin Verification Key
|
|
1149
1188
|
# (PVK) for VISA PVV generation.
|
|
1150
1189
|
#
|
|
1190
|
+
# Using ECDH key exchange, you can receive cardholder selectable PINs
|
|
1191
|
+
# into Amazon Web Services Payment Cryptography. The ECDH derived key
|
|
1192
|
+
# protects the incoming PIN block. You can also use it for reveal PIN,
|
|
1193
|
+
# wherein the generated PIN block is protected by the ECDH derived key
|
|
1194
|
+
# before transmission from Amazon Web Services Payment Cryptography. For
|
|
1195
|
+
# more information on establishing ECDH derived keys, see the
|
|
1196
|
+
# [Generating keys][2] in the *Amazon Web Services Payment Cryptography
|
|
1197
|
+
# User Guide*.
|
|
1198
|
+
#
|
|
1151
1199
|
# For information about valid keys for this operation, see
|
|
1152
|
-
# [Understanding key attributes][
|
|
1153
|
-
# operations][
|
|
1200
|
+
# [Understanding key attributes][3] and [Key types for specific data
|
|
1201
|
+
# operations][4] in the *Amazon Web Services Payment Cryptography User
|
|
1154
1202
|
# Guide*.
|
|
1155
1203
|
#
|
|
1156
1204
|
# **Cross-account use**: This operation can't be used across different
|
|
@@ -1167,8 +1215,9 @@ module Aws::PaymentCryptographyData
|
|
|
1167
1215
|
#
|
|
1168
1216
|
#
|
|
1169
1217
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/generate-pin-data.html
|
|
1170
|
-
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys
|
|
1171
|
-
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
|
1218
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/create-keys.html
|
|
1219
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1220
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1172
1221
|
#
|
|
1173
1222
|
# @option params [required, String] :generation_key_identifier
|
|
1174
1223
|
# The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
|
|
@@ -1176,7 +1225,8 @@ module Aws::PaymentCryptographyData
|
|
|
1176
1225
|
#
|
|
1177
1226
|
# @option params [required, String] :encryption_key_identifier
|
|
1178
1227
|
# The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
|
|
1179
|
-
# uses to encrypt the PIN Block.
|
|
1228
|
+
# uses to encrypt the PIN Block. For ECDH, it is the `keyARN` of the
|
|
1229
|
+
# asymmetric ECC key.
|
|
1180
1230
|
#
|
|
1181
1231
|
# @option params [required, Types::PinGenerationAttributes] :generation_attributes
|
|
1182
1232
|
# The attributes and values to use for PIN, PVV, or PIN Offset
|
|
@@ -1202,6 +1252,10 @@ module Aws::PaymentCryptographyData
|
|
|
1202
1252
|
# The `ISO_Format_3` PIN block format is the same as `ISO_Format_0`
|
|
1203
1253
|
# except that the fill digits are random values from 10 to 15.
|
|
1204
1254
|
#
|
|
1255
|
+
# @option params [Types::WrappedKey] :encryption_wrapped_key
|
|
1256
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
|
1257
|
+
# exchange.
|
|
1258
|
+
#
|
|
1205
1259
|
# @return [Types::GeneratePinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1206
1260
|
#
|
|
1207
1261
|
# * {Types::GeneratePinDataOutput#generation_key_arn #generation_key_arn} => String
|
|
@@ -1249,7 +1303,21 @@ module Aws::PaymentCryptographyData
|
|
|
1249
1303
|
# },
|
|
1250
1304
|
# pin_data_length: 1,
|
|
1251
1305
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
1252
|
-
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
|
|
1306
|
+
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3, ISO_FORMAT_4
|
|
1307
|
+
# encryption_wrapped_key: {
|
|
1308
|
+
# wrapped_key_material: { # required
|
|
1309
|
+
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1310
|
+
# diffie_hellman_symmetric_key: {
|
|
1311
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1312
|
+
# public_key_certificate: "CertificateType", # required
|
|
1313
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1314
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1315
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1316
|
+
# shared_information: "SharedInformation", # required
|
|
1317
|
+
# },
|
|
1318
|
+
# },
|
|
1319
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1320
|
+
# },
|
|
1253
1321
|
# })
|
|
1254
1322
|
#
|
|
1255
1323
|
# @example Response structure
|
|
@@ -1397,12 +1465,28 @@ module Aws::PaymentCryptographyData
|
|
|
1397
1465
|
# incoming_wrapped_key: {
|
|
1398
1466
|
# wrapped_key_material: { # required
|
|
1399
1467
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1468
|
+
# diffie_hellman_symmetric_key: {
|
|
1469
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1470
|
+
# public_key_certificate: "CertificateType", # required
|
|
1471
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1472
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1473
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1474
|
+
# shared_information: "SharedInformation", # required
|
|
1475
|
+
# },
|
|
1400
1476
|
# },
|
|
1401
1477
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1402
1478
|
# },
|
|
1403
1479
|
# outgoing_wrapped_key: {
|
|
1404
1480
|
# wrapped_key_material: { # required
|
|
1405
1481
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1482
|
+
# diffie_hellman_symmetric_key: {
|
|
1483
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1484
|
+
# public_key_certificate: "CertificateType", # required
|
|
1485
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1486
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1487
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1488
|
+
# shared_information: "SharedInformation", # required
|
|
1489
|
+
# },
|
|
1406
1490
|
# },
|
|
1407
1491
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1408
1492
|
# },
|
|
@@ -1427,24 +1511,36 @@ module Aws::PaymentCryptographyData
|
|
|
1427
1511
|
# For more information, see [Translate PIN data][1] in the *Amazon Web
|
|
1428
1512
|
# Services Payment Cryptography User Guide*.
|
|
1429
1513
|
#
|
|
1430
|
-
# PIN block translation involves changing
|
|
1431
|
-
#
|
|
1432
|
-
#
|
|
1433
|
-
# Web Services Payment Cryptography
|
|
1434
|
-
# can be from PEK (Pin
|
|
1435
|
-
#
|
|
1436
|
-
#
|
|
1437
|
-
#
|
|
1514
|
+
# PIN block translation involves changing a PIN block from one
|
|
1515
|
+
# encryption key to another and optionally change its format. PIN block
|
|
1516
|
+
# translation occurs entirely within the HSM boundary and PIN data never
|
|
1517
|
+
# enters or leaves Amazon Web Services Payment Cryptography in clear
|
|
1518
|
+
# text. The encryption key transformation can be from PEK (Pin
|
|
1519
|
+
# Encryption Key) to BDK (Base Derivation Key) for DUKPT or from BDK for
|
|
1520
|
+
# DUKPT to PEK.
|
|
1521
|
+
#
|
|
1522
|
+
# Amazon Web Services Payment Cryptography also supports use of dynamic
|
|
1523
|
+
# keys and ECDH (Elliptic Curve Diffie-Hellman) based key exchange for
|
|
1524
|
+
# this operation.
|
|
1525
|
+
#
|
|
1526
|
+
# Dynamic keys allow you to pass a PEK as a TR-31 WrappedKeyBlock. They
|
|
1527
|
+
# can be used when key material is frequently rotated, such as during
|
|
1528
|
+
# every card transaction, and there is need to avoid importing
|
|
1529
|
+
# short-lived keys into Amazon Web Services Payment Cryptography. To
|
|
1530
|
+
# translate PIN block using dynamic keys, the `keyARN` is the Key
|
|
1531
|
+
# Encryption Key (KEK) of the TR-31 wrapped PEK. The incoming wrapped
|
|
1532
|
+
# key shall have a key purpose of P0 with a mode of use of B or D. For
|
|
1533
|
+
# more information, see [Using Dynamic Keys][2] in the *Amazon Web
|
|
1534
|
+
# Services Payment Cryptography User Guide*.
|
|
1438
1535
|
#
|
|
1439
|
-
#
|
|
1440
|
-
#
|
|
1441
|
-
#
|
|
1442
|
-
#
|
|
1443
|
-
#
|
|
1444
|
-
#
|
|
1445
|
-
#
|
|
1446
|
-
#
|
|
1447
|
-
# Keys][2] in the *Amazon Web Services Payment Cryptography User Guide*.
|
|
1536
|
+
# Using ECDH key exchange, you can receive cardholder selectable PINs
|
|
1537
|
+
# into Amazon Web Services Payment Cryptography. The ECDH derived key
|
|
1538
|
+
# protects the incoming PIN block, which is translated to a PEK
|
|
1539
|
+
# encrypted PIN block for use within the service. You can also use ECDH
|
|
1540
|
+
# for reveal PIN, wherein the service translates the PIN block from PEK
|
|
1541
|
+
# to a ECDH derived encryption key. For more information on establishing
|
|
1542
|
+
# ECDH derived keys, see the [Generating keys][3] in the *Amazon Web
|
|
1543
|
+
# Services Payment Cryptography User Guide*.
|
|
1448
1544
|
#
|
|
1449
1545
|
# The allowed combinations of PIN block format translations are guided
|
|
1450
1546
|
# by PCI. It is important to note that not all encrypted PIN block
|
|
@@ -1454,8 +1550,8 @@ module Aws::PaymentCryptographyData
|
|
|
1454
1550
|
# not require a PAN for generation.
|
|
1455
1551
|
#
|
|
1456
1552
|
# For information about valid keys for this operation, see
|
|
1457
|
-
# [Understanding key attributes][
|
|
1458
|
-
# operations][
|
|
1553
|
+
# [Understanding key attributes][4] and [Key types for specific data
|
|
1554
|
+
# operations][5] in the *Amazon Web Services Payment Cryptography User
|
|
1459
1555
|
# Guide*.
|
|
1460
1556
|
#
|
|
1461
1557
|
# <note markdown="1"> Amazon Web Services Payment Cryptography currently supports ISO PIN
|
|
@@ -1477,21 +1573,23 @@ module Aws::PaymentCryptographyData
|
|
|
1477
1573
|
#
|
|
1478
1574
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/translate-pin-data.html
|
|
1479
1575
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/use-cases-acquirers-dynamickeys.html
|
|
1480
|
-
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys
|
|
1481
|
-
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
|
1576
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/create-keys.html
|
|
1577
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1578
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1482
1579
|
#
|
|
1483
1580
|
# @option params [required, String] :incoming_key_identifier
|
|
1484
1581
|
# The `keyARN` of the encryption key under which incoming PIN block data
|
|
1485
1582
|
# is encrypted. This key type can be PEK or BDK.
|
|
1486
1583
|
#
|
|
1487
|
-
#
|
|
1488
|
-
#
|
|
1489
|
-
# identifier used to perform the operation.
|
|
1584
|
+
# For dynamic keys, it is the `keyARN` of KEK of the TR-31 wrapped PEK.
|
|
1585
|
+
# For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
|
1490
1586
|
#
|
|
1491
1587
|
# @option params [required, String] :outgoing_key_identifier
|
|
1492
1588
|
# The `keyARN` of the encryption key for encrypting outgoing PIN block
|
|
1493
1589
|
# data. This key type can be PEK or BDK.
|
|
1494
1590
|
#
|
|
1591
|
+
# For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
|
1592
|
+
#
|
|
1495
1593
|
# @option params [required, Types::TranslationIsoFormats] :incoming_translation_attributes
|
|
1496
1594
|
# The format of the incoming PIN block data for translation within
|
|
1497
1595
|
# Amazon Web Services Payment Cryptography.
|
|
@@ -1571,12 +1669,28 @@ module Aws::PaymentCryptographyData
|
|
|
1571
1669
|
# incoming_wrapped_key: {
|
|
1572
1670
|
# wrapped_key_material: { # required
|
|
1573
1671
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1672
|
+
# diffie_hellman_symmetric_key: {
|
|
1673
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1674
|
+
# public_key_certificate: "CertificateType", # required
|
|
1675
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1676
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1677
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1678
|
+
# shared_information: "SharedInformation", # required
|
|
1679
|
+
# },
|
|
1574
1680
|
# },
|
|
1575
1681
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1576
1682
|
# },
|
|
1577
1683
|
# outgoing_wrapped_key: {
|
|
1578
1684
|
# wrapped_key_material: { # required
|
|
1579
1685
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1686
|
+
# diffie_hellman_symmetric_key: {
|
|
1687
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1688
|
+
# public_key_certificate: "CertificateType", # required
|
|
1689
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1690
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1691
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1692
|
+
# shared_information: "SharedInformation", # required
|
|
1693
|
+
# },
|
|
1580
1694
|
# },
|
|
1581
1695
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1582
1696
|
# },
|
|
@@ -2022,6 +2136,10 @@ module Aws::PaymentCryptographyData
|
|
|
2022
2136
|
# @option params [Types::DukptAttributes] :dukpt_attributes
|
|
2023
2137
|
# The attributes and values for the DUKPT encrypted PIN block data.
|
|
2024
2138
|
#
|
|
2139
|
+
# @option params [Types::WrappedKey] :encryption_wrapped_key
|
|
2140
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
|
2141
|
+
# exchange.
|
|
2142
|
+
#
|
|
2025
2143
|
# @return [Types::VerifyPinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2026
2144
|
#
|
|
2027
2145
|
# * {Types::VerifyPinDataOutput#verification_key_arn #verification_key_arn} => String
|
|
@@ -2048,12 +2166,26 @@ module Aws::PaymentCryptographyData
|
|
|
2048
2166
|
# },
|
|
2049
2167
|
# encrypted_pin_block: "EncryptedPinBlockType", # required
|
|
2050
2168
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
2051
|
-
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
|
|
2169
|
+
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3, ISO_FORMAT_4
|
|
2052
2170
|
# pin_data_length: 1,
|
|
2053
2171
|
# dukpt_attributes: {
|
|
2054
2172
|
# key_serial_number: "HexLengthBetween10And24", # required
|
|
2055
2173
|
# dukpt_derivation_type: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
2056
2174
|
# },
|
|
2175
|
+
# encryption_wrapped_key: {
|
|
2176
|
+
# wrapped_key_material: { # required
|
|
2177
|
+
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
2178
|
+
# diffie_hellman_symmetric_key: {
|
|
2179
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
2180
|
+
# public_key_certificate: "CertificateType", # required
|
|
2181
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
2182
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
2183
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
2184
|
+
# shared_information: "SharedInformation", # required
|
|
2185
|
+
# },
|
|
2186
|
+
# },
|
|
2187
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
2188
|
+
# },
|
|
2057
2189
|
# })
|
|
2058
2190
|
#
|
|
2059
2191
|
# @example Response structure
|
|
@@ -2090,7 +2222,7 @@ module Aws::PaymentCryptographyData
|
|
|
2090
2222
|
tracer: tracer
|
|
2091
2223
|
)
|
|
2092
2224
|
context[:gem_name] = 'aws-sdk-paymentcryptographydata'
|
|
2093
|
-
context[:gem_version] = '1.
|
|
2225
|
+
context[:gem_version] = '1.28.0'
|
|
2094
2226
|
Seahorse::Client::Request.new(handlers, context)
|
|
2095
2227
|
end
|
|
2096
2228
|
|
|
@@ -28,6 +28,7 @@ module Aws::PaymentCryptographyData
|
|
|
28
28
|
CardVerificationAttributes = Shapes::UnionShape.new(name: 'CardVerificationAttributes')
|
|
29
29
|
CardVerificationValue1 = Shapes::StructureShape.new(name: 'CardVerificationValue1')
|
|
30
30
|
CardVerificationValue2 = Shapes::StructureShape.new(name: 'CardVerificationValue2')
|
|
31
|
+
CertificateType = Shapes::StringShape.new(name: 'CertificateType')
|
|
31
32
|
CipherTextType = Shapes::StringShape.new(name: 'CipherTextType')
|
|
32
33
|
CommandMessageDataType = Shapes::StringShape.new(name: 'CommandMessageDataType')
|
|
33
34
|
CryptogramAuthResponse = Shapes::UnionShape.new(name: 'CryptogramAuthResponse')
|
|
@@ -47,6 +48,7 @@ module Aws::PaymentCryptographyData
|
|
|
47
48
|
DukptKeyVariant = Shapes::StringShape.new(name: 'DukptKeyVariant')
|
|
48
49
|
DynamicCardVerificationCode = Shapes::StructureShape.new(name: 'DynamicCardVerificationCode')
|
|
49
50
|
DynamicCardVerificationValue = Shapes::StructureShape.new(name: 'DynamicCardVerificationValue')
|
|
51
|
+
EcdhDerivationAttributes = Shapes::StructureShape.new(name: 'EcdhDerivationAttributes')
|
|
50
52
|
Emv2000Attributes = Shapes::StructureShape.new(name: 'Emv2000Attributes')
|
|
51
53
|
EmvCommonAttributes = Shapes::StructureShape.new(name: 'EmvCommonAttributes')
|
|
52
54
|
EmvEncryptionAttributes = Shapes::StructureShape.new(name: 'EmvEncryptionAttributes')
|
|
@@ -87,6 +89,8 @@ module Aws::PaymentCryptographyData
|
|
|
87
89
|
KeyArnOrKeyAliasType = Shapes::StringShape.new(name: 'KeyArnOrKeyAliasType')
|
|
88
90
|
KeyCheckValue = Shapes::StringShape.new(name: 'KeyCheckValue')
|
|
89
91
|
KeyCheckValueAlgorithm = Shapes::StringShape.new(name: 'KeyCheckValueAlgorithm')
|
|
92
|
+
KeyDerivationFunction = Shapes::StringShape.new(name: 'KeyDerivationFunction')
|
|
93
|
+
KeyDerivationHashAlgorithm = Shapes::StringShape.new(name: 'KeyDerivationHashAlgorithm')
|
|
90
94
|
MacAlgorithm = Shapes::StringShape.new(name: 'MacAlgorithm')
|
|
91
95
|
MacAlgorithmDukpt = Shapes::StructureShape.new(name: 'MacAlgorithmDukpt')
|
|
92
96
|
MacAlgorithmEmv = Shapes::StructureShape.new(name: 'MacAlgorithmEmv')
|
|
@@ -127,8 +131,10 @@ module Aws::PaymentCryptographyData
|
|
|
127
131
|
SessionKeyEmvCommon = Shapes::StructureShape.new(name: 'SessionKeyEmvCommon')
|
|
128
132
|
SessionKeyMastercard = Shapes::StructureShape.new(name: 'SessionKeyMastercard')
|
|
129
133
|
SessionKeyVisa = Shapes::StructureShape.new(name: 'SessionKeyVisa')
|
|
134
|
+
SharedInformation = Shapes::StringShape.new(name: 'SharedInformation')
|
|
130
135
|
String = Shapes::StringShape.new(name: 'String')
|
|
131
136
|
SymmetricEncryptionAttributes = Shapes::StructureShape.new(name: 'SymmetricEncryptionAttributes')
|
|
137
|
+
SymmetricKeyAlgorithm = Shapes::StringShape.new(name: 'SymmetricKeyAlgorithm')
|
|
132
138
|
ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
|
|
133
139
|
Tr31WrappedKeyBlock = Shapes::StringShape.new(name: 'Tr31WrappedKeyBlock')
|
|
134
140
|
TrackDataType = Shapes::StringShape.new(name: 'TrackDataType')
|
|
@@ -309,6 +315,14 @@ module Aws::PaymentCryptographyData
|
|
|
309
315
|
DynamicCardVerificationValue.add_member(:application_transaction_counter, Shapes::ShapeRef.new(shape: HexLengthBetween2And4, required: true, location_name: "ApplicationTransactionCounter"))
|
|
310
316
|
DynamicCardVerificationValue.struct_class = Types::DynamicCardVerificationValue
|
|
311
317
|
|
|
318
|
+
EcdhDerivationAttributes.add_member(:certificate_authority_public_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "CertificateAuthorityPublicKeyIdentifier"))
|
|
319
|
+
EcdhDerivationAttributes.add_member(:public_key_certificate, Shapes::ShapeRef.new(shape: CertificateType, required: true, location_name: "PublicKeyCertificate"))
|
|
320
|
+
EcdhDerivationAttributes.add_member(:key_algorithm, Shapes::ShapeRef.new(shape: SymmetricKeyAlgorithm, required: true, location_name: "KeyAlgorithm"))
|
|
321
|
+
EcdhDerivationAttributes.add_member(:key_derivation_function, Shapes::ShapeRef.new(shape: KeyDerivationFunction, required: true, location_name: "KeyDerivationFunction"))
|
|
322
|
+
EcdhDerivationAttributes.add_member(:key_derivation_hash_algorithm, Shapes::ShapeRef.new(shape: KeyDerivationHashAlgorithm, required: true, location_name: "KeyDerivationHashAlgorithm"))
|
|
323
|
+
EcdhDerivationAttributes.add_member(:shared_information, Shapes::ShapeRef.new(shape: SharedInformation, required: true, location_name: "SharedInformation"))
|
|
324
|
+
EcdhDerivationAttributes.struct_class = Types::EcdhDerivationAttributes
|
|
325
|
+
|
|
312
326
|
Emv2000Attributes.add_member(:major_key_derivation_mode, Shapes::ShapeRef.new(shape: MajorKeyDerivationMode, required: true, location_name: "MajorKeyDerivationMode"))
|
|
313
327
|
Emv2000Attributes.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: PrimaryAccountNumberType, required: true, location_name: "PrimaryAccountNumber"))
|
|
314
328
|
Emv2000Attributes.add_member(:pan_sequence_number, Shapes::ShapeRef.new(shape: NumberLengthEquals2, required: true, location_name: "PanSequenceNumber"))
|
|
@@ -403,6 +417,7 @@ module Aws::PaymentCryptographyData
|
|
|
403
417
|
GeneratePinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"))
|
|
404
418
|
GeneratePinDataInput.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: PrimaryAccountNumberType, required: true, location_name: "PrimaryAccountNumber"))
|
|
405
419
|
GeneratePinDataInput.add_member(:pin_block_format, Shapes::ShapeRef.new(shape: PinBlockFormatForPinData, required: true, location_name: "PinBlockFormat"))
|
|
420
|
+
GeneratePinDataInput.add_member(:encryption_wrapped_key, Shapes::ShapeRef.new(shape: WrappedKey, location_name: "EncryptionWrappedKey"))
|
|
406
421
|
GeneratePinDataInput.struct_class = Types::GeneratePinDataInput
|
|
407
422
|
|
|
408
423
|
GeneratePinDataOutput.add_member(:generation_key_arn, Shapes::ShapeRef.new(shape: KeyArn, required: true, location_name: "GenerationKeyArn"))
|
|
@@ -676,6 +691,7 @@ module Aws::PaymentCryptographyData
|
|
|
676
691
|
VerifyPinDataInput.add_member(:pin_block_format, Shapes::ShapeRef.new(shape: PinBlockFormatForPinData, required: true, location_name: "PinBlockFormat"))
|
|
677
692
|
VerifyPinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"))
|
|
678
693
|
VerifyPinDataInput.add_member(:dukpt_attributes, Shapes::ShapeRef.new(shape: DukptAttributes, location_name: "DukptAttributes"))
|
|
694
|
+
VerifyPinDataInput.add_member(:encryption_wrapped_key, Shapes::ShapeRef.new(shape: WrappedKey, location_name: "EncryptionWrappedKey"))
|
|
679
695
|
VerifyPinDataInput.struct_class = Types::VerifyPinDataInput
|
|
680
696
|
|
|
681
697
|
VerifyPinDataOutput.add_member(:verification_key_arn, Shapes::ShapeRef.new(shape: KeyArn, required: true, location_name: "VerificationKeyArn"))
|
|
@@ -714,8 +730,10 @@ module Aws::PaymentCryptographyData
|
|
|
714
730
|
WrappedKey.struct_class = Types::WrappedKey
|
|
715
731
|
|
|
716
732
|
WrappedKeyMaterial.add_member(:tr_31_key_block, Shapes::ShapeRef.new(shape: Tr31WrappedKeyBlock, location_name: "Tr31KeyBlock"))
|
|
733
|
+
WrappedKeyMaterial.add_member(:diffie_hellman_symmetric_key, Shapes::ShapeRef.new(shape: EcdhDerivationAttributes, location_name: "DiffieHellmanSymmetricKey"))
|
|
717
734
|
WrappedKeyMaterial.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
|
|
718
735
|
WrappedKeyMaterial.add_member_subclass(:tr_31_key_block, Types::WrappedKeyMaterial::Tr31KeyBlock)
|
|
736
|
+
WrappedKeyMaterial.add_member_subclass(:diffie_hellman_symmetric_key, Types::WrappedKeyMaterial::DiffieHellmanSymmetricKey)
|
|
719
737
|
WrappedKeyMaterial.add_member_subclass(:unknown, Types::WrappedKeyMaterial::Unknown)
|
|
720
738
|
WrappedKeyMaterial.struct_class = Types::WrappedKeyMaterial
|
|
721
739
|
|
|
@@ -714,6 +714,53 @@ module Aws::PaymentCryptographyData
|
|
|
714
714
|
include Aws::Structure
|
|
715
715
|
end
|
|
716
716
|
|
|
717
|
+
# Parameters required to establish ECDH based key exchange.
|
|
718
|
+
#
|
|
719
|
+
# @!attribute [rw] certificate_authority_public_key_identifier
|
|
720
|
+
# The `keyArn` of the certificate that signed the client's
|
|
721
|
+
# `PublicKeyCertificate`.
|
|
722
|
+
# @return [String]
|
|
723
|
+
#
|
|
724
|
+
# @!attribute [rw] public_key_certificate
|
|
725
|
+
# The client's public key certificate in PEM format (base64 encoded)
|
|
726
|
+
# to use for ECDH key derivation.
|
|
727
|
+
# @return [String]
|
|
728
|
+
#
|
|
729
|
+
# @!attribute [rw] key_algorithm
|
|
730
|
+
# The key algorithm of the derived ECDH key.
|
|
731
|
+
# @return [String]
|
|
732
|
+
#
|
|
733
|
+
# @!attribute [rw] key_derivation_function
|
|
734
|
+
# The key derivation function to use for deriving a key using ECDH.
|
|
735
|
+
# @return [String]
|
|
736
|
+
#
|
|
737
|
+
# @!attribute [rw] key_derivation_hash_algorithm
|
|
738
|
+
# The hash type to use for deriving a key using ECDH.
|
|
739
|
+
# @return [String]
|
|
740
|
+
#
|
|
741
|
+
# @!attribute [rw] shared_information
|
|
742
|
+
# A byte string containing information that binds the ECDH derived key
|
|
743
|
+
# to the two parties involved or to the context of the key.
|
|
744
|
+
#
|
|
745
|
+
# It may include details like identities of the two parties deriving
|
|
746
|
+
# the key, context of the operation, session IDs, and optionally a
|
|
747
|
+
# nonce. It must not contain zero bytes, and re-using shared
|
|
748
|
+
# information for multiple ECDH key derivations is not recommended.
|
|
749
|
+
# @return [String]
|
|
750
|
+
#
|
|
751
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/EcdhDerivationAttributes AWS API Documentation
|
|
752
|
+
#
|
|
753
|
+
class EcdhDerivationAttributes < Struct.new(
|
|
754
|
+
:certificate_authority_public_key_identifier,
|
|
755
|
+
:public_key_certificate,
|
|
756
|
+
:key_algorithm,
|
|
757
|
+
:key_derivation_function,
|
|
758
|
+
:key_derivation_hash_algorithm,
|
|
759
|
+
:shared_information)
|
|
760
|
+
SENSITIVE = [:public_key_certificate]
|
|
761
|
+
include Aws::Structure
|
|
762
|
+
end
|
|
763
|
+
|
|
717
764
|
# Parameters to derive the confidentiality and integrity keys for a
|
|
718
765
|
# payment card using EMV2000 deruv.
|
|
719
766
|
#
|
|
@@ -1200,7 +1247,8 @@ module Aws::PaymentCryptographyData
|
|
|
1200
1247
|
#
|
|
1201
1248
|
# @!attribute [rw] encryption_key_identifier
|
|
1202
1249
|
# The `keyARN` of the PEK that Amazon Web Services Payment
|
|
1203
|
-
# Cryptography uses to encrypt the PIN Block.
|
|
1250
|
+
# Cryptography uses to encrypt the PIN Block. For ECDH, it is the
|
|
1251
|
+
# `keyARN` of the asymmetric ECC key.
|
|
1204
1252
|
# @return [String]
|
|
1205
1253
|
#
|
|
1206
1254
|
# @!attribute [rw] generation_attributes
|
|
@@ -1231,6 +1279,11 @@ module Aws::PaymentCryptographyData
|
|
|
1231
1279
|
# except that the fill digits are random values from 10 to 15.
|
|
1232
1280
|
# @return [String]
|
|
1233
1281
|
#
|
|
1282
|
+
# @!attribute [rw] encryption_wrapped_key
|
|
1283
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
|
1284
|
+
# exchange.
|
|
1285
|
+
# @return [Types::WrappedKey]
|
|
1286
|
+
#
|
|
1234
1287
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/GeneratePinDataInput AWS API Documentation
|
|
1235
1288
|
#
|
|
1236
1289
|
class GeneratePinDataInput < Struct.new(
|
|
@@ -1239,7 +1292,8 @@ module Aws::PaymentCryptographyData
|
|
|
1239
1292
|
:generation_attributes,
|
|
1240
1293
|
:pin_data_length,
|
|
1241
1294
|
:primary_account_number,
|
|
1242
|
-
:pin_block_format
|
|
1295
|
+
:pin_block_format,
|
|
1296
|
+
:encryption_wrapped_key)
|
|
1243
1297
|
SENSITIVE = [:primary_account_number]
|
|
1244
1298
|
include Aws::Structure
|
|
1245
1299
|
end
|
|
@@ -1260,7 +1314,8 @@ module Aws::PaymentCryptographyData
|
|
|
1260
1314
|
#
|
|
1261
1315
|
# @!attribute [rw] encryption_key_arn
|
|
1262
1316
|
# The `keyARN` of the PEK that Amazon Web Services Payment
|
|
1263
|
-
# Cryptography uses for encrypted pin block generation.
|
|
1317
|
+
# Cryptography uses for encrypted pin block generation. For ECDH, it
|
|
1318
|
+
# is the `keyARN` of the asymmetric ECC key.
|
|
1264
1319
|
# @return [String]
|
|
1265
1320
|
#
|
|
1266
1321
|
# @!attribute [rw] encryption_key_check_value
|
|
@@ -2110,14 +2165,15 @@ module Aws::PaymentCryptographyData
|
|
|
2110
2165
|
# The `keyARN` of the encryption key under which incoming PIN block
|
|
2111
2166
|
# data is encrypted. This key type can be PEK or BDK.
|
|
2112
2167
|
#
|
|
2113
|
-
#
|
|
2114
|
-
#
|
|
2115
|
-
# the key identifier used to perform the operation.
|
|
2168
|
+
# For dynamic keys, it is the `keyARN` of KEK of the TR-31 wrapped
|
|
2169
|
+
# PEK. For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
|
2116
2170
|
# @return [String]
|
|
2117
2171
|
#
|
|
2118
2172
|
# @!attribute [rw] outgoing_key_identifier
|
|
2119
2173
|
# The `keyARN` of the encryption key for encrypting outgoing PIN block
|
|
2120
2174
|
# data. This key type can be PEK or BDK.
|
|
2175
|
+
#
|
|
2176
|
+
# For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
|
2121
2177
|
# @return [String]
|
|
2122
2178
|
#
|
|
2123
2179
|
# @!attribute [rw] incoming_translation_attributes
|
|
@@ -2557,6 +2613,11 @@ module Aws::PaymentCryptographyData
|
|
|
2557
2613
|
# The attributes and values for the DUKPT encrypted PIN block data.
|
|
2558
2614
|
# @return [Types::DukptAttributes]
|
|
2559
2615
|
#
|
|
2616
|
+
# @!attribute [rw] encryption_wrapped_key
|
|
2617
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
|
2618
|
+
# exchange.
|
|
2619
|
+
# @return [Types::WrappedKey]
|
|
2620
|
+
#
|
|
2560
2621
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyPinDataInput AWS API Documentation
|
|
2561
2622
|
#
|
|
2562
2623
|
class VerifyPinDataInput < Struct.new(
|
|
@@ -2567,7 +2628,8 @@ module Aws::PaymentCryptographyData
|
|
|
2567
2628
|
:primary_account_number,
|
|
2568
2629
|
:pin_block_format,
|
|
2569
2630
|
:pin_data_length,
|
|
2570
|
-
:dukpt_attributes
|
|
2631
|
+
:dukpt_attributes,
|
|
2632
|
+
:encryption_wrapped_key)
|
|
2571
2633
|
SENSITIVE = [:encrypted_pin_block, :primary_account_number]
|
|
2572
2634
|
include Aws::Structure
|
|
2573
2635
|
end
|
|
@@ -2782,16 +2844,22 @@ module Aws::PaymentCryptographyData
|
|
|
2782
2844
|
# The TR-31 wrapped key block.
|
|
2783
2845
|
# @return [String]
|
|
2784
2846
|
#
|
|
2847
|
+
# @!attribute [rw] diffie_hellman_symmetric_key
|
|
2848
|
+
# The parameter information for deriving a ECDH shared key.
|
|
2849
|
+
# @return [Types::EcdhDerivationAttributes]
|
|
2850
|
+
#
|
|
2785
2851
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/WrappedKeyMaterial AWS API Documentation
|
|
2786
2852
|
#
|
|
2787
2853
|
class WrappedKeyMaterial < Struct.new(
|
|
2788
2854
|
:tr_31_key_block,
|
|
2855
|
+
:diffie_hellman_symmetric_key,
|
|
2789
2856
|
:unknown)
|
|
2790
2857
|
SENSITIVE = [:tr_31_key_block]
|
|
2791
2858
|
include Aws::Structure
|
|
2792
2859
|
include Aws::Structure::Union
|
|
2793
2860
|
|
|
2794
2861
|
class Tr31KeyBlock < WrappedKeyMaterial; end
|
|
2862
|
+
class DiffieHellmanSymmetricKey < WrappedKeyMaterial; end
|
|
2795
2863
|
class Unknown < WrappedKeyMaterial; end
|
|
2796
2864
|
end
|
|
2797
2865
|
|
data/sig/client.rbs
CHANGED
|
@@ -39,7 +39,9 @@ module Aws
|
|
|
39
39
|
?logger: untyped,
|
|
40
40
|
?max_attempts: Integer,
|
|
41
41
|
?profile: String,
|
|
42
|
+
?request_checksum_calculation: String,
|
|
42
43
|
?request_min_compression_size_bytes: Integer,
|
|
44
|
+
?response_checksum_validation: String,
|
|
43
45
|
?retry_backoff: Proc,
|
|
44
46
|
?retry_base_delay: Float,
|
|
45
47
|
?retry_jitter: (:none | :equal | :full | ^(Integer) -> Integer),
|
|
@@ -112,7 +114,15 @@ module Aws
|
|
|
112
114
|
},
|
|
113
115
|
?wrapped_key: {
|
|
114
116
|
wrapped_key_material: {
|
|
115
|
-
tr_31_key_block: ::String
|
|
117
|
+
tr_31_key_block: ::String?,
|
|
118
|
+
diffie_hellman_symmetric_key: {
|
|
119
|
+
certificate_authority_public_key_identifier: ::String,
|
|
120
|
+
public_key_certificate: ::String,
|
|
121
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
122
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
123
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
124
|
+
shared_information: ::String
|
|
125
|
+
}?
|
|
116
126
|
},
|
|
117
127
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
118
128
|
}
|
|
@@ -156,7 +166,15 @@ module Aws
|
|
|
156
166
|
},
|
|
157
167
|
?wrapped_key: {
|
|
158
168
|
wrapped_key_material: {
|
|
159
|
-
tr_31_key_block: ::String
|
|
169
|
+
tr_31_key_block: ::String?,
|
|
170
|
+
diffie_hellman_symmetric_key: {
|
|
171
|
+
certificate_authority_public_key_identifier: ::String,
|
|
172
|
+
public_key_certificate: ::String,
|
|
173
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
174
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
175
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
176
|
+
shared_information: ::String
|
|
177
|
+
}?
|
|
160
178
|
},
|
|
161
179
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
162
180
|
}
|
|
@@ -366,7 +384,21 @@ module Aws
|
|
|
366
384
|
},
|
|
367
385
|
?pin_data_length: ::Integer,
|
|
368
386
|
primary_account_number: ::String,
|
|
369
|
-
pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3")
|
|
387
|
+
pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3" | "ISO_FORMAT_4"),
|
|
388
|
+
?encryption_wrapped_key: {
|
|
389
|
+
wrapped_key_material: {
|
|
390
|
+
tr_31_key_block: ::String?,
|
|
391
|
+
diffie_hellman_symmetric_key: {
|
|
392
|
+
certificate_authority_public_key_identifier: ::String,
|
|
393
|
+
public_key_certificate: ::String,
|
|
394
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
395
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
396
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
397
|
+
shared_information: ::String
|
|
398
|
+
}?
|
|
399
|
+
},
|
|
400
|
+
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
401
|
+
}
|
|
370
402
|
) -> _GeneratePinDataResponseSuccess
|
|
371
403
|
| (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GeneratePinDataResponseSuccess
|
|
372
404
|
|
|
@@ -411,13 +443,29 @@ module Aws
|
|
|
411
443
|
},
|
|
412
444
|
?incoming_wrapped_key: {
|
|
413
445
|
wrapped_key_material: {
|
|
414
|
-
tr_31_key_block: ::String
|
|
446
|
+
tr_31_key_block: ::String?,
|
|
447
|
+
diffie_hellman_symmetric_key: {
|
|
448
|
+
certificate_authority_public_key_identifier: ::String,
|
|
449
|
+
public_key_certificate: ::String,
|
|
450
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
451
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
452
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
453
|
+
shared_information: ::String
|
|
454
|
+
}?
|
|
415
455
|
},
|
|
416
456
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
417
457
|
},
|
|
418
458
|
?outgoing_wrapped_key: {
|
|
419
459
|
wrapped_key_material: {
|
|
420
|
-
tr_31_key_block: ::String
|
|
460
|
+
tr_31_key_block: ::String?,
|
|
461
|
+
diffie_hellman_symmetric_key: {
|
|
462
|
+
certificate_authority_public_key_identifier: ::String,
|
|
463
|
+
public_key_certificate: ::String,
|
|
464
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
465
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
466
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
467
|
+
shared_information: ::String
|
|
468
|
+
}?
|
|
421
469
|
},
|
|
422
470
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
423
471
|
}
|
|
@@ -473,13 +521,29 @@ module Aws
|
|
|
473
521
|
},
|
|
474
522
|
?incoming_wrapped_key: {
|
|
475
523
|
wrapped_key_material: {
|
|
476
|
-
tr_31_key_block: ::String
|
|
524
|
+
tr_31_key_block: ::String?,
|
|
525
|
+
diffie_hellman_symmetric_key: {
|
|
526
|
+
certificate_authority_public_key_identifier: ::String,
|
|
527
|
+
public_key_certificate: ::String,
|
|
528
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
529
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
530
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
531
|
+
shared_information: ::String
|
|
532
|
+
}?
|
|
477
533
|
},
|
|
478
534
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
479
535
|
},
|
|
480
536
|
?outgoing_wrapped_key: {
|
|
481
537
|
wrapped_key_material: {
|
|
482
|
-
tr_31_key_block: ::String
|
|
538
|
+
tr_31_key_block: ::String?,
|
|
539
|
+
diffie_hellman_symmetric_key: {
|
|
540
|
+
certificate_authority_public_key_identifier: ::String,
|
|
541
|
+
public_key_certificate: ::String,
|
|
542
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
543
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
544
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
545
|
+
shared_information: ::String
|
|
546
|
+
}?
|
|
483
547
|
},
|
|
484
548
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
485
549
|
}
|
|
@@ -654,11 +718,25 @@ module Aws
|
|
|
654
718
|
},
|
|
655
719
|
encrypted_pin_block: ::String,
|
|
656
720
|
primary_account_number: ::String,
|
|
657
|
-
pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3"),
|
|
721
|
+
pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3" | "ISO_FORMAT_4"),
|
|
658
722
|
?pin_data_length: ::Integer,
|
|
659
723
|
?dukpt_attributes: {
|
|
660
724
|
key_serial_number: ::String,
|
|
661
725
|
dukpt_derivation_type: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256")
|
|
726
|
+
},
|
|
727
|
+
?encryption_wrapped_key: {
|
|
728
|
+
wrapped_key_material: {
|
|
729
|
+
tr_31_key_block: ::String?,
|
|
730
|
+
diffie_hellman_symmetric_key: {
|
|
731
|
+
certificate_authority_public_key_identifier: ::String,
|
|
732
|
+
public_key_certificate: ::String,
|
|
733
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
734
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
735
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
736
|
+
shared_information: ::String
|
|
737
|
+
}?
|
|
738
|
+
},
|
|
739
|
+
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
662
740
|
}
|
|
663
741
|
) -> _VerifyPinDataResponseSuccess
|
|
664
742
|
| (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _VerifyPinDataResponseSuccess
|
data/sig/resource.rbs
CHANGED
|
@@ -39,7 +39,9 @@ module Aws
|
|
|
39
39
|
?logger: untyped,
|
|
40
40
|
?max_attempts: Integer,
|
|
41
41
|
?profile: String,
|
|
42
|
+
?request_checksum_calculation: String,
|
|
42
43
|
?request_min_compression_size_bytes: Integer,
|
|
44
|
+
?response_checksum_validation: String,
|
|
43
45
|
?retry_backoff: Proc,
|
|
44
46
|
?retry_base_delay: Float,
|
|
45
47
|
?retry_jitter: (:none | :equal | :full | ^(Integer) -> Integer),
|
data/sig/types.rbs
CHANGED
|
@@ -232,6 +232,16 @@ module Aws::PaymentCryptographyData
|
|
|
232
232
|
SENSITIVE: [:card_expiry_date, :service_code]
|
|
233
233
|
end
|
|
234
234
|
|
|
235
|
+
class EcdhDerivationAttributes
|
|
236
|
+
attr_accessor certificate_authority_public_key_identifier: ::String
|
|
237
|
+
attr_accessor public_key_certificate: ::String
|
|
238
|
+
attr_accessor key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256")
|
|
239
|
+
attr_accessor key_derivation_function: ("NIST_SP800" | "ANSI_X963")
|
|
240
|
+
attr_accessor key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512")
|
|
241
|
+
attr_accessor shared_information: ::String
|
|
242
|
+
SENSITIVE: [:public_key_certificate]
|
|
243
|
+
end
|
|
244
|
+
|
|
235
245
|
class Emv2000Attributes
|
|
236
246
|
attr_accessor major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B")
|
|
237
247
|
attr_accessor primary_account_number: ::String
|
|
@@ -356,7 +366,8 @@ module Aws::PaymentCryptographyData
|
|
|
356
366
|
attr_accessor generation_attributes: Types::PinGenerationAttributes
|
|
357
367
|
attr_accessor pin_data_length: ::Integer
|
|
358
368
|
attr_accessor primary_account_number: ::String
|
|
359
|
-
attr_accessor pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3")
|
|
369
|
+
attr_accessor pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3" | "ISO_FORMAT_4")
|
|
370
|
+
attr_accessor encryption_wrapped_key: Types::WrappedKey
|
|
360
371
|
SENSITIVE: [:primary_account_number]
|
|
361
372
|
end
|
|
362
373
|
|
|
@@ -752,9 +763,10 @@ module Aws::PaymentCryptographyData
|
|
|
752
763
|
attr_accessor verification_attributes: Types::PinVerificationAttributes
|
|
753
764
|
attr_accessor encrypted_pin_block: ::String
|
|
754
765
|
attr_accessor primary_account_number: ::String
|
|
755
|
-
attr_accessor pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3")
|
|
766
|
+
attr_accessor pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3" | "ISO_FORMAT_4")
|
|
756
767
|
attr_accessor pin_data_length: ::Integer
|
|
757
768
|
attr_accessor dukpt_attributes: Types::DukptAttributes
|
|
769
|
+
attr_accessor encryption_wrapped_key: Types::WrappedKey
|
|
758
770
|
SENSITIVE: [:encrypted_pin_block, :primary_account_number]
|
|
759
771
|
end
|
|
760
772
|
|
|
@@ -809,11 +821,14 @@ module Aws::PaymentCryptographyData
|
|
|
809
821
|
|
|
810
822
|
class WrappedKeyMaterial
|
|
811
823
|
attr_accessor tr_31_key_block: ::String
|
|
824
|
+
attr_accessor diffie_hellman_symmetric_key: Types::EcdhDerivationAttributes
|
|
812
825
|
attr_accessor unknown: untyped
|
|
813
826
|
SENSITIVE: [:tr_31_key_block]
|
|
814
827
|
|
|
815
828
|
class Tr31KeyBlock < WrappedKeyMaterial
|
|
816
829
|
end
|
|
830
|
+
class DiffieHellmanSymmetricKey < WrappedKeyMaterial
|
|
831
|
+
end
|
|
817
832
|
class Unknown < WrappedKeyMaterial
|
|
818
833
|
end
|
|
819
834
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-paymentcryptographydata
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.28.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-01-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|
|
@@ -19,7 +19,7 @@ dependencies:
|
|
|
19
19
|
version: '3'
|
|
20
20
|
- - ">="
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: 3.
|
|
22
|
+
version: 3.216.0
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -29,7 +29,7 @@ dependencies:
|
|
|
29
29
|
version: '3'
|
|
30
30
|
- - ">="
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: 3.
|
|
32
|
+
version: 3.216.0
|
|
33
33
|
- !ruby/object:Gem::Dependency
|
|
34
34
|
name: aws-sigv4
|
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|