aws-sdk-paymentcryptographydata 1.26.0 → 1.28.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-paymentcryptographydata/client.rb +164 -32
- data/lib/aws-sdk-paymentcryptographydata/client_api.rb +18 -0
- data/lib/aws-sdk-paymentcryptographydata/types.rb +75 -7
- data/lib/aws-sdk-paymentcryptographydata.rb +1 -1
- data/sig/client.rbs +86 -8
- data/sig/resource.rbs +2 -0
- data/sig/types.rbs +17 -2
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5d46d00f77474eae1d7932db3c338c473d4294dff1bcdfed5450c9d3e66f0edd
|
|
4
|
+
data.tar.gz: ea3214aa2295fafc2025c3dac191aa864545e4dfa1e0deab80760554be926e61
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fb3827cc4c9a01eb13f3953c86943c8d710f06137181b7e5917690255b3b6cff555ca809499fa7df51b40344cf22353b7ab22c782f6db3ad1c06b12abb68d176
|
|
7
|
+
data.tar.gz: 78ccd6e6f9feefacc3a8f3bd759e2f8ac783ea10791d7981255482685dcab16465333ed43aa866df039cf5463ea6acc528fcd771327481ab5fcf1e0afd567a96
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.28.0 (2025-01-15)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
8
|
+
|
|
9
|
+
1.27.0 (2024-10-23)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Add ECDH support on PIN operations.
|
|
13
|
+
|
|
4
14
|
1.26.0 (2024-10-21)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.28.0
|
|
@@ -257,11 +257,34 @@ module Aws::PaymentCryptographyData
|
|
|
257
257
|
# Used when loading credentials from the shared credentials file
|
|
258
258
|
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
|
259
259
|
#
|
|
260
|
+
# @option options [String] :request_checksum_calculation ("when_supported")
|
|
261
|
+
# Determines when a checksum will be calculated for request payloads. Values are:
|
|
262
|
+
#
|
|
263
|
+
# * `when_supported` - (default) When set, a checksum will be
|
|
264
|
+
# calculated for all request payloads of operations modeled with the
|
|
265
|
+
# `httpChecksum` trait where `requestChecksumRequired` is `true` and/or a
|
|
266
|
+
# `requestAlgorithmMember` is modeled.
|
|
267
|
+
# * `when_required` - When set, a checksum will only be calculated for
|
|
268
|
+
# request payloads of operations modeled with the `httpChecksum` trait where
|
|
269
|
+
# `requestChecksumRequired` is `true` or where a `requestAlgorithmMember`
|
|
270
|
+
# is modeled and supplied.
|
|
271
|
+
#
|
|
260
272
|
# @option options [Integer] :request_min_compression_size_bytes (10240)
|
|
261
273
|
# The minimum size in bytes that triggers compression for request
|
|
262
274
|
# bodies. The value must be non-negative integer value between 0
|
|
263
275
|
# and 10485780 bytes inclusive.
|
|
264
276
|
#
|
|
277
|
+
# @option options [String] :response_checksum_validation ("when_supported")
|
|
278
|
+
# Determines when checksum validation will be performed on response payloads. Values are:
|
|
279
|
+
#
|
|
280
|
+
# * `when_supported` - (default) When set, checksum validation is performed on all
|
|
281
|
+
# response payloads of operations modeled with the `httpChecksum` trait where
|
|
282
|
+
# `responseAlgorithms` is modeled, except when no modeled checksum algorithms
|
|
283
|
+
# are supported.
|
|
284
|
+
# * `when_required` - When set, checksum validation is not performed on
|
|
285
|
+
# response payloads of operations unless the checksum algorithm is supported and
|
|
286
|
+
# the `requestValidationModeMember` member is set to `ENABLED`.
|
|
287
|
+
#
|
|
265
288
|
# @option options [Proc] :retry_backoff
|
|
266
289
|
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
|
267
290
|
# This option is only used in the `legacy` retry mode.
|
|
@@ -566,6 +589,14 @@ module Aws::PaymentCryptographyData
|
|
|
566
589
|
# wrapped_key: {
|
|
567
590
|
# wrapped_key_material: { # required
|
|
568
591
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
592
|
+
# diffie_hellman_symmetric_key: {
|
|
593
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
594
|
+
# public_key_certificate: "CertificateType", # required
|
|
595
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
596
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
597
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
598
|
+
# shared_information: "SharedInformation", # required
|
|
599
|
+
# },
|
|
569
600
|
# },
|
|
570
601
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
571
602
|
# },
|
|
@@ -726,6 +757,14 @@ module Aws::PaymentCryptographyData
|
|
|
726
757
|
# wrapped_key: {
|
|
727
758
|
# wrapped_key_material: { # required
|
|
728
759
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
760
|
+
# diffie_hellman_symmetric_key: {
|
|
761
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
762
|
+
# public_key_certificate: "CertificateType", # required
|
|
763
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
764
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
765
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
766
|
+
# shared_information: "SharedInformation", # required
|
|
767
|
+
# },
|
|
729
768
|
# },
|
|
730
769
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
731
770
|
# },
|
|
@@ -1148,9 +1187,18 @@ module Aws::PaymentCryptographyData
|
|
|
1148
1187
|
# Cryptography. This operation uses a separate Pin Verification Key
|
|
1149
1188
|
# (PVK) for VISA PVV generation.
|
|
1150
1189
|
#
|
|
1190
|
+
# Using ECDH key exchange, you can receive cardholder selectable PINs
|
|
1191
|
+
# into Amazon Web Services Payment Cryptography. The ECDH derived key
|
|
1192
|
+
# protects the incoming PIN block. You can also use it for reveal PIN,
|
|
1193
|
+
# wherein the generated PIN block is protected by the ECDH derived key
|
|
1194
|
+
# before transmission from Amazon Web Services Payment Cryptography. For
|
|
1195
|
+
# more information on establishing ECDH derived keys, see the
|
|
1196
|
+
# [Generating keys][2] in the *Amazon Web Services Payment Cryptography
|
|
1197
|
+
# User Guide*.
|
|
1198
|
+
#
|
|
1151
1199
|
# For information about valid keys for this operation, see
|
|
1152
|
-
# [Understanding key attributes][
|
|
1153
|
-
# operations][
|
|
1200
|
+
# [Understanding key attributes][3] and [Key types for specific data
|
|
1201
|
+
# operations][4] in the *Amazon Web Services Payment Cryptography User
|
|
1154
1202
|
# Guide*.
|
|
1155
1203
|
#
|
|
1156
1204
|
# **Cross-account use**: This operation can't be used across different
|
|
@@ -1167,8 +1215,9 @@ module Aws::PaymentCryptographyData
|
|
|
1167
1215
|
#
|
|
1168
1216
|
#
|
|
1169
1217
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/generate-pin-data.html
|
|
1170
|
-
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys
|
|
1171
|
-
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
|
1218
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/create-keys.html
|
|
1219
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1220
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1172
1221
|
#
|
|
1173
1222
|
# @option params [required, String] :generation_key_identifier
|
|
1174
1223
|
# The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
|
|
@@ -1176,7 +1225,8 @@ module Aws::PaymentCryptographyData
|
|
|
1176
1225
|
#
|
|
1177
1226
|
# @option params [required, String] :encryption_key_identifier
|
|
1178
1227
|
# The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
|
|
1179
|
-
# uses to encrypt the PIN Block.
|
|
1228
|
+
# uses to encrypt the PIN Block. For ECDH, it is the `keyARN` of the
|
|
1229
|
+
# asymmetric ECC key.
|
|
1180
1230
|
#
|
|
1181
1231
|
# @option params [required, Types::PinGenerationAttributes] :generation_attributes
|
|
1182
1232
|
# The attributes and values to use for PIN, PVV, or PIN Offset
|
|
@@ -1202,6 +1252,10 @@ module Aws::PaymentCryptographyData
|
|
|
1202
1252
|
# The `ISO_Format_3` PIN block format is the same as `ISO_Format_0`
|
|
1203
1253
|
# except that the fill digits are random values from 10 to 15.
|
|
1204
1254
|
#
|
|
1255
|
+
# @option params [Types::WrappedKey] :encryption_wrapped_key
|
|
1256
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
|
1257
|
+
# exchange.
|
|
1258
|
+
#
|
|
1205
1259
|
# @return [Types::GeneratePinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1206
1260
|
#
|
|
1207
1261
|
# * {Types::GeneratePinDataOutput#generation_key_arn #generation_key_arn} => String
|
|
@@ -1249,7 +1303,21 @@ module Aws::PaymentCryptographyData
|
|
|
1249
1303
|
# },
|
|
1250
1304
|
# pin_data_length: 1,
|
|
1251
1305
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
1252
|
-
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
|
|
1306
|
+
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3, ISO_FORMAT_4
|
|
1307
|
+
# encryption_wrapped_key: {
|
|
1308
|
+
# wrapped_key_material: { # required
|
|
1309
|
+
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1310
|
+
# diffie_hellman_symmetric_key: {
|
|
1311
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1312
|
+
# public_key_certificate: "CertificateType", # required
|
|
1313
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1314
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1315
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1316
|
+
# shared_information: "SharedInformation", # required
|
|
1317
|
+
# },
|
|
1318
|
+
# },
|
|
1319
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1320
|
+
# },
|
|
1253
1321
|
# })
|
|
1254
1322
|
#
|
|
1255
1323
|
# @example Response structure
|
|
@@ -1397,12 +1465,28 @@ module Aws::PaymentCryptographyData
|
|
|
1397
1465
|
# incoming_wrapped_key: {
|
|
1398
1466
|
# wrapped_key_material: { # required
|
|
1399
1467
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1468
|
+
# diffie_hellman_symmetric_key: {
|
|
1469
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1470
|
+
# public_key_certificate: "CertificateType", # required
|
|
1471
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1472
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1473
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1474
|
+
# shared_information: "SharedInformation", # required
|
|
1475
|
+
# },
|
|
1400
1476
|
# },
|
|
1401
1477
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1402
1478
|
# },
|
|
1403
1479
|
# outgoing_wrapped_key: {
|
|
1404
1480
|
# wrapped_key_material: { # required
|
|
1405
1481
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1482
|
+
# diffie_hellman_symmetric_key: {
|
|
1483
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1484
|
+
# public_key_certificate: "CertificateType", # required
|
|
1485
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1486
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1487
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1488
|
+
# shared_information: "SharedInformation", # required
|
|
1489
|
+
# },
|
|
1406
1490
|
# },
|
|
1407
1491
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1408
1492
|
# },
|
|
@@ -1427,24 +1511,36 @@ module Aws::PaymentCryptographyData
|
|
|
1427
1511
|
# For more information, see [Translate PIN data][1] in the *Amazon Web
|
|
1428
1512
|
# Services Payment Cryptography User Guide*.
|
|
1429
1513
|
#
|
|
1430
|
-
# PIN block translation involves changing
|
|
1431
|
-
#
|
|
1432
|
-
#
|
|
1433
|
-
# Web Services Payment Cryptography
|
|
1434
|
-
# can be from PEK (Pin
|
|
1435
|
-
#
|
|
1436
|
-
#
|
|
1437
|
-
#
|
|
1514
|
+
# PIN block translation involves changing a PIN block from one
|
|
1515
|
+
# encryption key to another and optionally change its format. PIN block
|
|
1516
|
+
# translation occurs entirely within the HSM boundary and PIN data never
|
|
1517
|
+
# enters or leaves Amazon Web Services Payment Cryptography in clear
|
|
1518
|
+
# text. The encryption key transformation can be from PEK (Pin
|
|
1519
|
+
# Encryption Key) to BDK (Base Derivation Key) for DUKPT or from BDK for
|
|
1520
|
+
# DUKPT to PEK.
|
|
1521
|
+
#
|
|
1522
|
+
# Amazon Web Services Payment Cryptography also supports use of dynamic
|
|
1523
|
+
# keys and ECDH (Elliptic Curve Diffie-Hellman) based key exchange for
|
|
1524
|
+
# this operation.
|
|
1525
|
+
#
|
|
1526
|
+
# Dynamic keys allow you to pass a PEK as a TR-31 WrappedKeyBlock. They
|
|
1527
|
+
# can be used when key material is frequently rotated, such as during
|
|
1528
|
+
# every card transaction, and there is need to avoid importing
|
|
1529
|
+
# short-lived keys into Amazon Web Services Payment Cryptography. To
|
|
1530
|
+
# translate PIN block using dynamic keys, the `keyARN` is the Key
|
|
1531
|
+
# Encryption Key (KEK) of the TR-31 wrapped PEK. The incoming wrapped
|
|
1532
|
+
# key shall have a key purpose of P0 with a mode of use of B or D. For
|
|
1533
|
+
# more information, see [Using Dynamic Keys][2] in the *Amazon Web
|
|
1534
|
+
# Services Payment Cryptography User Guide*.
|
|
1438
1535
|
#
|
|
1439
|
-
#
|
|
1440
|
-
#
|
|
1441
|
-
#
|
|
1442
|
-
#
|
|
1443
|
-
#
|
|
1444
|
-
#
|
|
1445
|
-
#
|
|
1446
|
-
#
|
|
1447
|
-
# Keys][2] in the *Amazon Web Services Payment Cryptography User Guide*.
|
|
1536
|
+
# Using ECDH key exchange, you can receive cardholder selectable PINs
|
|
1537
|
+
# into Amazon Web Services Payment Cryptography. The ECDH derived key
|
|
1538
|
+
# protects the incoming PIN block, which is translated to a PEK
|
|
1539
|
+
# encrypted PIN block for use within the service. You can also use ECDH
|
|
1540
|
+
# for reveal PIN, wherein the service translates the PIN block from PEK
|
|
1541
|
+
# to a ECDH derived encryption key. For more information on establishing
|
|
1542
|
+
# ECDH derived keys, see the [Generating keys][3] in the *Amazon Web
|
|
1543
|
+
# Services Payment Cryptography User Guide*.
|
|
1448
1544
|
#
|
|
1449
1545
|
# The allowed combinations of PIN block format translations are guided
|
|
1450
1546
|
# by PCI. It is important to note that not all encrypted PIN block
|
|
@@ -1454,8 +1550,8 @@ module Aws::PaymentCryptographyData
|
|
|
1454
1550
|
# not require a PAN for generation.
|
|
1455
1551
|
#
|
|
1456
1552
|
# For information about valid keys for this operation, see
|
|
1457
|
-
# [Understanding key attributes][
|
|
1458
|
-
# operations][
|
|
1553
|
+
# [Understanding key attributes][4] and [Key types for specific data
|
|
1554
|
+
# operations][5] in the *Amazon Web Services Payment Cryptography User
|
|
1459
1555
|
# Guide*.
|
|
1460
1556
|
#
|
|
1461
1557
|
# <note markdown="1"> Amazon Web Services Payment Cryptography currently supports ISO PIN
|
|
@@ -1477,21 +1573,23 @@ module Aws::PaymentCryptographyData
|
|
|
1477
1573
|
#
|
|
1478
1574
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/translate-pin-data.html
|
|
1479
1575
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/use-cases-acquirers-dynamickeys.html
|
|
1480
|
-
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys
|
|
1481
|
-
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
|
1576
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/create-keys.html
|
|
1577
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1578
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1482
1579
|
#
|
|
1483
1580
|
# @option params [required, String] :incoming_key_identifier
|
|
1484
1581
|
# The `keyARN` of the encryption key under which incoming PIN block data
|
|
1485
1582
|
# is encrypted. This key type can be PEK or BDK.
|
|
1486
1583
|
#
|
|
1487
|
-
#
|
|
1488
|
-
#
|
|
1489
|
-
# identifier used to perform the operation.
|
|
1584
|
+
# For dynamic keys, it is the `keyARN` of KEK of the TR-31 wrapped PEK.
|
|
1585
|
+
# For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
|
1490
1586
|
#
|
|
1491
1587
|
# @option params [required, String] :outgoing_key_identifier
|
|
1492
1588
|
# The `keyARN` of the encryption key for encrypting outgoing PIN block
|
|
1493
1589
|
# data. This key type can be PEK or BDK.
|
|
1494
1590
|
#
|
|
1591
|
+
# For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
|
1592
|
+
#
|
|
1495
1593
|
# @option params [required, Types::TranslationIsoFormats] :incoming_translation_attributes
|
|
1496
1594
|
# The format of the incoming PIN block data for translation within
|
|
1497
1595
|
# Amazon Web Services Payment Cryptography.
|
|
@@ -1571,12 +1669,28 @@ module Aws::PaymentCryptographyData
|
|
|
1571
1669
|
# incoming_wrapped_key: {
|
|
1572
1670
|
# wrapped_key_material: { # required
|
|
1573
1671
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1672
|
+
# diffie_hellman_symmetric_key: {
|
|
1673
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1674
|
+
# public_key_certificate: "CertificateType", # required
|
|
1675
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1676
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1677
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1678
|
+
# shared_information: "SharedInformation", # required
|
|
1679
|
+
# },
|
|
1574
1680
|
# },
|
|
1575
1681
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1576
1682
|
# },
|
|
1577
1683
|
# outgoing_wrapped_key: {
|
|
1578
1684
|
# wrapped_key_material: { # required
|
|
1579
1685
|
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
1686
|
+
# diffie_hellman_symmetric_key: {
|
|
1687
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
1688
|
+
# public_key_certificate: "CertificateType", # required
|
|
1689
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
1690
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
1691
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
1692
|
+
# shared_information: "SharedInformation", # required
|
|
1693
|
+
# },
|
|
1580
1694
|
# },
|
|
1581
1695
|
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
1582
1696
|
# },
|
|
@@ -2022,6 +2136,10 @@ module Aws::PaymentCryptographyData
|
|
|
2022
2136
|
# @option params [Types::DukptAttributes] :dukpt_attributes
|
|
2023
2137
|
# The attributes and values for the DUKPT encrypted PIN block data.
|
|
2024
2138
|
#
|
|
2139
|
+
# @option params [Types::WrappedKey] :encryption_wrapped_key
|
|
2140
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
|
2141
|
+
# exchange.
|
|
2142
|
+
#
|
|
2025
2143
|
# @return [Types::VerifyPinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2026
2144
|
#
|
|
2027
2145
|
# * {Types::VerifyPinDataOutput#verification_key_arn #verification_key_arn} => String
|
|
@@ -2048,12 +2166,26 @@ module Aws::PaymentCryptographyData
|
|
|
2048
2166
|
# },
|
|
2049
2167
|
# encrypted_pin_block: "EncryptedPinBlockType", # required
|
|
2050
2168
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
2051
|
-
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3
|
|
2169
|
+
# pin_block_format: "ISO_FORMAT_0", # required, accepts ISO_FORMAT_0, ISO_FORMAT_3, ISO_FORMAT_4
|
|
2052
2170
|
# pin_data_length: 1,
|
|
2053
2171
|
# dukpt_attributes: {
|
|
2054
2172
|
# key_serial_number: "HexLengthBetween10And24", # required
|
|
2055
2173
|
# dukpt_derivation_type: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
2056
2174
|
# },
|
|
2175
|
+
# encryption_wrapped_key: {
|
|
2176
|
+
# wrapped_key_material: { # required
|
|
2177
|
+
# tr_31_key_block: "Tr31WrappedKeyBlock",
|
|
2178
|
+
# diffie_hellman_symmetric_key: {
|
|
2179
|
+
# certificate_authority_public_key_identifier: "KeyArnOrKeyAliasType", # required
|
|
2180
|
+
# public_key_certificate: "CertificateType", # required
|
|
2181
|
+
# key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256
|
|
2182
|
+
# key_derivation_function: "NIST_SP800", # required, accepts NIST_SP800, ANSI_X963
|
|
2183
|
+
# key_derivation_hash_algorithm: "SHA_256", # required, accepts SHA_256, SHA_384, SHA_512
|
|
2184
|
+
# shared_information: "SharedInformation", # required
|
|
2185
|
+
# },
|
|
2186
|
+
# },
|
|
2187
|
+
# key_check_value_algorithm: "CMAC", # accepts CMAC, ANSI_X9_24
|
|
2188
|
+
# },
|
|
2057
2189
|
# })
|
|
2058
2190
|
#
|
|
2059
2191
|
# @example Response structure
|
|
@@ -2090,7 +2222,7 @@ module Aws::PaymentCryptographyData
|
|
|
2090
2222
|
tracer: tracer
|
|
2091
2223
|
)
|
|
2092
2224
|
context[:gem_name] = 'aws-sdk-paymentcryptographydata'
|
|
2093
|
-
context[:gem_version] = '1.
|
|
2225
|
+
context[:gem_version] = '1.28.0'
|
|
2094
2226
|
Seahorse::Client::Request.new(handlers, context)
|
|
2095
2227
|
end
|
|
2096
2228
|
|
|
@@ -28,6 +28,7 @@ module Aws::PaymentCryptographyData
|
|
|
28
28
|
CardVerificationAttributes = Shapes::UnionShape.new(name: 'CardVerificationAttributes')
|
|
29
29
|
CardVerificationValue1 = Shapes::StructureShape.new(name: 'CardVerificationValue1')
|
|
30
30
|
CardVerificationValue2 = Shapes::StructureShape.new(name: 'CardVerificationValue2')
|
|
31
|
+
CertificateType = Shapes::StringShape.new(name: 'CertificateType')
|
|
31
32
|
CipherTextType = Shapes::StringShape.new(name: 'CipherTextType')
|
|
32
33
|
CommandMessageDataType = Shapes::StringShape.new(name: 'CommandMessageDataType')
|
|
33
34
|
CryptogramAuthResponse = Shapes::UnionShape.new(name: 'CryptogramAuthResponse')
|
|
@@ -47,6 +48,7 @@ module Aws::PaymentCryptographyData
|
|
|
47
48
|
DukptKeyVariant = Shapes::StringShape.new(name: 'DukptKeyVariant')
|
|
48
49
|
DynamicCardVerificationCode = Shapes::StructureShape.new(name: 'DynamicCardVerificationCode')
|
|
49
50
|
DynamicCardVerificationValue = Shapes::StructureShape.new(name: 'DynamicCardVerificationValue')
|
|
51
|
+
EcdhDerivationAttributes = Shapes::StructureShape.new(name: 'EcdhDerivationAttributes')
|
|
50
52
|
Emv2000Attributes = Shapes::StructureShape.new(name: 'Emv2000Attributes')
|
|
51
53
|
EmvCommonAttributes = Shapes::StructureShape.new(name: 'EmvCommonAttributes')
|
|
52
54
|
EmvEncryptionAttributes = Shapes::StructureShape.new(name: 'EmvEncryptionAttributes')
|
|
@@ -87,6 +89,8 @@ module Aws::PaymentCryptographyData
|
|
|
87
89
|
KeyArnOrKeyAliasType = Shapes::StringShape.new(name: 'KeyArnOrKeyAliasType')
|
|
88
90
|
KeyCheckValue = Shapes::StringShape.new(name: 'KeyCheckValue')
|
|
89
91
|
KeyCheckValueAlgorithm = Shapes::StringShape.new(name: 'KeyCheckValueAlgorithm')
|
|
92
|
+
KeyDerivationFunction = Shapes::StringShape.new(name: 'KeyDerivationFunction')
|
|
93
|
+
KeyDerivationHashAlgorithm = Shapes::StringShape.new(name: 'KeyDerivationHashAlgorithm')
|
|
90
94
|
MacAlgorithm = Shapes::StringShape.new(name: 'MacAlgorithm')
|
|
91
95
|
MacAlgorithmDukpt = Shapes::StructureShape.new(name: 'MacAlgorithmDukpt')
|
|
92
96
|
MacAlgorithmEmv = Shapes::StructureShape.new(name: 'MacAlgorithmEmv')
|
|
@@ -127,8 +131,10 @@ module Aws::PaymentCryptographyData
|
|
|
127
131
|
SessionKeyEmvCommon = Shapes::StructureShape.new(name: 'SessionKeyEmvCommon')
|
|
128
132
|
SessionKeyMastercard = Shapes::StructureShape.new(name: 'SessionKeyMastercard')
|
|
129
133
|
SessionKeyVisa = Shapes::StructureShape.new(name: 'SessionKeyVisa')
|
|
134
|
+
SharedInformation = Shapes::StringShape.new(name: 'SharedInformation')
|
|
130
135
|
String = Shapes::StringShape.new(name: 'String')
|
|
131
136
|
SymmetricEncryptionAttributes = Shapes::StructureShape.new(name: 'SymmetricEncryptionAttributes')
|
|
137
|
+
SymmetricKeyAlgorithm = Shapes::StringShape.new(name: 'SymmetricKeyAlgorithm')
|
|
132
138
|
ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
|
|
133
139
|
Tr31WrappedKeyBlock = Shapes::StringShape.new(name: 'Tr31WrappedKeyBlock')
|
|
134
140
|
TrackDataType = Shapes::StringShape.new(name: 'TrackDataType')
|
|
@@ -309,6 +315,14 @@ module Aws::PaymentCryptographyData
|
|
|
309
315
|
DynamicCardVerificationValue.add_member(:application_transaction_counter, Shapes::ShapeRef.new(shape: HexLengthBetween2And4, required: true, location_name: "ApplicationTransactionCounter"))
|
|
310
316
|
DynamicCardVerificationValue.struct_class = Types::DynamicCardVerificationValue
|
|
311
317
|
|
|
318
|
+
EcdhDerivationAttributes.add_member(:certificate_authority_public_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "CertificateAuthorityPublicKeyIdentifier"))
|
|
319
|
+
EcdhDerivationAttributes.add_member(:public_key_certificate, Shapes::ShapeRef.new(shape: CertificateType, required: true, location_name: "PublicKeyCertificate"))
|
|
320
|
+
EcdhDerivationAttributes.add_member(:key_algorithm, Shapes::ShapeRef.new(shape: SymmetricKeyAlgorithm, required: true, location_name: "KeyAlgorithm"))
|
|
321
|
+
EcdhDerivationAttributes.add_member(:key_derivation_function, Shapes::ShapeRef.new(shape: KeyDerivationFunction, required: true, location_name: "KeyDerivationFunction"))
|
|
322
|
+
EcdhDerivationAttributes.add_member(:key_derivation_hash_algorithm, Shapes::ShapeRef.new(shape: KeyDerivationHashAlgorithm, required: true, location_name: "KeyDerivationHashAlgorithm"))
|
|
323
|
+
EcdhDerivationAttributes.add_member(:shared_information, Shapes::ShapeRef.new(shape: SharedInformation, required: true, location_name: "SharedInformation"))
|
|
324
|
+
EcdhDerivationAttributes.struct_class = Types::EcdhDerivationAttributes
|
|
325
|
+
|
|
312
326
|
Emv2000Attributes.add_member(:major_key_derivation_mode, Shapes::ShapeRef.new(shape: MajorKeyDerivationMode, required: true, location_name: "MajorKeyDerivationMode"))
|
|
313
327
|
Emv2000Attributes.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: PrimaryAccountNumberType, required: true, location_name: "PrimaryAccountNumber"))
|
|
314
328
|
Emv2000Attributes.add_member(:pan_sequence_number, Shapes::ShapeRef.new(shape: NumberLengthEquals2, required: true, location_name: "PanSequenceNumber"))
|
|
@@ -403,6 +417,7 @@ module Aws::PaymentCryptographyData
|
|
|
403
417
|
GeneratePinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"))
|
|
404
418
|
GeneratePinDataInput.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: PrimaryAccountNumberType, required: true, location_name: "PrimaryAccountNumber"))
|
|
405
419
|
GeneratePinDataInput.add_member(:pin_block_format, Shapes::ShapeRef.new(shape: PinBlockFormatForPinData, required: true, location_name: "PinBlockFormat"))
|
|
420
|
+
GeneratePinDataInput.add_member(:encryption_wrapped_key, Shapes::ShapeRef.new(shape: WrappedKey, location_name: "EncryptionWrappedKey"))
|
|
406
421
|
GeneratePinDataInput.struct_class = Types::GeneratePinDataInput
|
|
407
422
|
|
|
408
423
|
GeneratePinDataOutput.add_member(:generation_key_arn, Shapes::ShapeRef.new(shape: KeyArn, required: true, location_name: "GenerationKeyArn"))
|
|
@@ -676,6 +691,7 @@ module Aws::PaymentCryptographyData
|
|
|
676
691
|
VerifyPinDataInput.add_member(:pin_block_format, Shapes::ShapeRef.new(shape: PinBlockFormatForPinData, required: true, location_name: "PinBlockFormat"))
|
|
677
692
|
VerifyPinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"))
|
|
678
693
|
VerifyPinDataInput.add_member(:dukpt_attributes, Shapes::ShapeRef.new(shape: DukptAttributes, location_name: "DukptAttributes"))
|
|
694
|
+
VerifyPinDataInput.add_member(:encryption_wrapped_key, Shapes::ShapeRef.new(shape: WrappedKey, location_name: "EncryptionWrappedKey"))
|
|
679
695
|
VerifyPinDataInput.struct_class = Types::VerifyPinDataInput
|
|
680
696
|
|
|
681
697
|
VerifyPinDataOutput.add_member(:verification_key_arn, Shapes::ShapeRef.new(shape: KeyArn, required: true, location_name: "VerificationKeyArn"))
|
|
@@ -714,8 +730,10 @@ module Aws::PaymentCryptographyData
|
|
|
714
730
|
WrappedKey.struct_class = Types::WrappedKey
|
|
715
731
|
|
|
716
732
|
WrappedKeyMaterial.add_member(:tr_31_key_block, Shapes::ShapeRef.new(shape: Tr31WrappedKeyBlock, location_name: "Tr31KeyBlock"))
|
|
733
|
+
WrappedKeyMaterial.add_member(:diffie_hellman_symmetric_key, Shapes::ShapeRef.new(shape: EcdhDerivationAttributes, location_name: "DiffieHellmanSymmetricKey"))
|
|
717
734
|
WrappedKeyMaterial.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
|
|
718
735
|
WrappedKeyMaterial.add_member_subclass(:tr_31_key_block, Types::WrappedKeyMaterial::Tr31KeyBlock)
|
|
736
|
+
WrappedKeyMaterial.add_member_subclass(:diffie_hellman_symmetric_key, Types::WrappedKeyMaterial::DiffieHellmanSymmetricKey)
|
|
719
737
|
WrappedKeyMaterial.add_member_subclass(:unknown, Types::WrappedKeyMaterial::Unknown)
|
|
720
738
|
WrappedKeyMaterial.struct_class = Types::WrappedKeyMaterial
|
|
721
739
|
|
|
@@ -714,6 +714,53 @@ module Aws::PaymentCryptographyData
|
|
|
714
714
|
include Aws::Structure
|
|
715
715
|
end
|
|
716
716
|
|
|
717
|
+
# Parameters required to establish ECDH based key exchange.
|
|
718
|
+
#
|
|
719
|
+
# @!attribute [rw] certificate_authority_public_key_identifier
|
|
720
|
+
# The `keyArn` of the certificate that signed the client's
|
|
721
|
+
# `PublicKeyCertificate`.
|
|
722
|
+
# @return [String]
|
|
723
|
+
#
|
|
724
|
+
# @!attribute [rw] public_key_certificate
|
|
725
|
+
# The client's public key certificate in PEM format (base64 encoded)
|
|
726
|
+
# to use for ECDH key derivation.
|
|
727
|
+
# @return [String]
|
|
728
|
+
#
|
|
729
|
+
# @!attribute [rw] key_algorithm
|
|
730
|
+
# The key algorithm of the derived ECDH key.
|
|
731
|
+
# @return [String]
|
|
732
|
+
#
|
|
733
|
+
# @!attribute [rw] key_derivation_function
|
|
734
|
+
# The key derivation function to use for deriving a key using ECDH.
|
|
735
|
+
# @return [String]
|
|
736
|
+
#
|
|
737
|
+
# @!attribute [rw] key_derivation_hash_algorithm
|
|
738
|
+
# The hash type to use for deriving a key using ECDH.
|
|
739
|
+
# @return [String]
|
|
740
|
+
#
|
|
741
|
+
# @!attribute [rw] shared_information
|
|
742
|
+
# A byte string containing information that binds the ECDH derived key
|
|
743
|
+
# to the two parties involved or to the context of the key.
|
|
744
|
+
#
|
|
745
|
+
# It may include details like identities of the two parties deriving
|
|
746
|
+
# the key, context of the operation, session IDs, and optionally a
|
|
747
|
+
# nonce. It must not contain zero bytes, and re-using shared
|
|
748
|
+
# information for multiple ECDH key derivations is not recommended.
|
|
749
|
+
# @return [String]
|
|
750
|
+
#
|
|
751
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/EcdhDerivationAttributes AWS API Documentation
|
|
752
|
+
#
|
|
753
|
+
class EcdhDerivationAttributes < Struct.new(
|
|
754
|
+
:certificate_authority_public_key_identifier,
|
|
755
|
+
:public_key_certificate,
|
|
756
|
+
:key_algorithm,
|
|
757
|
+
:key_derivation_function,
|
|
758
|
+
:key_derivation_hash_algorithm,
|
|
759
|
+
:shared_information)
|
|
760
|
+
SENSITIVE = [:public_key_certificate]
|
|
761
|
+
include Aws::Structure
|
|
762
|
+
end
|
|
763
|
+
|
|
717
764
|
# Parameters to derive the confidentiality and integrity keys for a
|
|
718
765
|
# payment card using EMV2000 deruv.
|
|
719
766
|
#
|
|
@@ -1200,7 +1247,8 @@ module Aws::PaymentCryptographyData
|
|
|
1200
1247
|
#
|
|
1201
1248
|
# @!attribute [rw] encryption_key_identifier
|
|
1202
1249
|
# The `keyARN` of the PEK that Amazon Web Services Payment
|
|
1203
|
-
# Cryptography uses to encrypt the PIN Block.
|
|
1250
|
+
# Cryptography uses to encrypt the PIN Block. For ECDH, it is the
|
|
1251
|
+
# `keyARN` of the asymmetric ECC key.
|
|
1204
1252
|
# @return [String]
|
|
1205
1253
|
#
|
|
1206
1254
|
# @!attribute [rw] generation_attributes
|
|
@@ -1231,6 +1279,11 @@ module Aws::PaymentCryptographyData
|
|
|
1231
1279
|
# except that the fill digits are random values from 10 to 15.
|
|
1232
1280
|
# @return [String]
|
|
1233
1281
|
#
|
|
1282
|
+
# @!attribute [rw] encryption_wrapped_key
|
|
1283
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
|
1284
|
+
# exchange.
|
|
1285
|
+
# @return [Types::WrappedKey]
|
|
1286
|
+
#
|
|
1234
1287
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/GeneratePinDataInput AWS API Documentation
|
|
1235
1288
|
#
|
|
1236
1289
|
class GeneratePinDataInput < Struct.new(
|
|
@@ -1239,7 +1292,8 @@ module Aws::PaymentCryptographyData
|
|
|
1239
1292
|
:generation_attributes,
|
|
1240
1293
|
:pin_data_length,
|
|
1241
1294
|
:primary_account_number,
|
|
1242
|
-
:pin_block_format
|
|
1295
|
+
:pin_block_format,
|
|
1296
|
+
:encryption_wrapped_key)
|
|
1243
1297
|
SENSITIVE = [:primary_account_number]
|
|
1244
1298
|
include Aws::Structure
|
|
1245
1299
|
end
|
|
@@ -1260,7 +1314,8 @@ module Aws::PaymentCryptographyData
|
|
|
1260
1314
|
#
|
|
1261
1315
|
# @!attribute [rw] encryption_key_arn
|
|
1262
1316
|
# The `keyARN` of the PEK that Amazon Web Services Payment
|
|
1263
|
-
# Cryptography uses for encrypted pin block generation.
|
|
1317
|
+
# Cryptography uses for encrypted pin block generation. For ECDH, it
|
|
1318
|
+
# is the `keyARN` of the asymmetric ECC key.
|
|
1264
1319
|
# @return [String]
|
|
1265
1320
|
#
|
|
1266
1321
|
# @!attribute [rw] encryption_key_check_value
|
|
@@ -2110,14 +2165,15 @@ module Aws::PaymentCryptographyData
|
|
|
2110
2165
|
# The `keyARN` of the encryption key under which incoming PIN block
|
|
2111
2166
|
# data is encrypted. This key type can be PEK or BDK.
|
|
2112
2167
|
#
|
|
2113
|
-
#
|
|
2114
|
-
#
|
|
2115
|
-
# the key identifier used to perform the operation.
|
|
2168
|
+
# For dynamic keys, it is the `keyARN` of KEK of the TR-31 wrapped
|
|
2169
|
+
# PEK. For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
|
2116
2170
|
# @return [String]
|
|
2117
2171
|
#
|
|
2118
2172
|
# @!attribute [rw] outgoing_key_identifier
|
|
2119
2173
|
# The `keyARN` of the encryption key for encrypting outgoing PIN block
|
|
2120
2174
|
# data. This key type can be PEK or BDK.
|
|
2175
|
+
#
|
|
2176
|
+
# For ECDH, it is the `keyARN` of the asymmetric ECC key.
|
|
2121
2177
|
# @return [String]
|
|
2122
2178
|
#
|
|
2123
2179
|
# @!attribute [rw] incoming_translation_attributes
|
|
@@ -2557,6 +2613,11 @@ module Aws::PaymentCryptographyData
|
|
|
2557
2613
|
# The attributes and values for the DUKPT encrypted PIN block data.
|
|
2558
2614
|
# @return [Types::DukptAttributes]
|
|
2559
2615
|
#
|
|
2616
|
+
# @!attribute [rw] encryption_wrapped_key
|
|
2617
|
+
# Parameter information of a WrappedKeyBlock for encryption key
|
|
2618
|
+
# exchange.
|
|
2619
|
+
# @return [Types::WrappedKey]
|
|
2620
|
+
#
|
|
2560
2621
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyPinDataInput AWS API Documentation
|
|
2561
2622
|
#
|
|
2562
2623
|
class VerifyPinDataInput < Struct.new(
|
|
@@ -2567,7 +2628,8 @@ module Aws::PaymentCryptographyData
|
|
|
2567
2628
|
:primary_account_number,
|
|
2568
2629
|
:pin_block_format,
|
|
2569
2630
|
:pin_data_length,
|
|
2570
|
-
:dukpt_attributes
|
|
2631
|
+
:dukpt_attributes,
|
|
2632
|
+
:encryption_wrapped_key)
|
|
2571
2633
|
SENSITIVE = [:encrypted_pin_block, :primary_account_number]
|
|
2572
2634
|
include Aws::Structure
|
|
2573
2635
|
end
|
|
@@ -2782,16 +2844,22 @@ module Aws::PaymentCryptographyData
|
|
|
2782
2844
|
# The TR-31 wrapped key block.
|
|
2783
2845
|
# @return [String]
|
|
2784
2846
|
#
|
|
2847
|
+
# @!attribute [rw] diffie_hellman_symmetric_key
|
|
2848
|
+
# The parameter information for deriving a ECDH shared key.
|
|
2849
|
+
# @return [Types::EcdhDerivationAttributes]
|
|
2850
|
+
#
|
|
2785
2851
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/WrappedKeyMaterial AWS API Documentation
|
|
2786
2852
|
#
|
|
2787
2853
|
class WrappedKeyMaterial < Struct.new(
|
|
2788
2854
|
:tr_31_key_block,
|
|
2855
|
+
:diffie_hellman_symmetric_key,
|
|
2789
2856
|
:unknown)
|
|
2790
2857
|
SENSITIVE = [:tr_31_key_block]
|
|
2791
2858
|
include Aws::Structure
|
|
2792
2859
|
include Aws::Structure::Union
|
|
2793
2860
|
|
|
2794
2861
|
class Tr31KeyBlock < WrappedKeyMaterial; end
|
|
2862
|
+
class DiffieHellmanSymmetricKey < WrappedKeyMaterial; end
|
|
2795
2863
|
class Unknown < WrappedKeyMaterial; end
|
|
2796
2864
|
end
|
|
2797
2865
|
|
data/sig/client.rbs
CHANGED
|
@@ -39,7 +39,9 @@ module Aws
|
|
|
39
39
|
?logger: untyped,
|
|
40
40
|
?max_attempts: Integer,
|
|
41
41
|
?profile: String,
|
|
42
|
+
?request_checksum_calculation: String,
|
|
42
43
|
?request_min_compression_size_bytes: Integer,
|
|
44
|
+
?response_checksum_validation: String,
|
|
43
45
|
?retry_backoff: Proc,
|
|
44
46
|
?retry_base_delay: Float,
|
|
45
47
|
?retry_jitter: (:none | :equal | :full | ^(Integer) -> Integer),
|
|
@@ -112,7 +114,15 @@ module Aws
|
|
|
112
114
|
},
|
|
113
115
|
?wrapped_key: {
|
|
114
116
|
wrapped_key_material: {
|
|
115
|
-
tr_31_key_block: ::String
|
|
117
|
+
tr_31_key_block: ::String?,
|
|
118
|
+
diffie_hellman_symmetric_key: {
|
|
119
|
+
certificate_authority_public_key_identifier: ::String,
|
|
120
|
+
public_key_certificate: ::String,
|
|
121
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
122
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
123
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
124
|
+
shared_information: ::String
|
|
125
|
+
}?
|
|
116
126
|
},
|
|
117
127
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
118
128
|
}
|
|
@@ -156,7 +166,15 @@ module Aws
|
|
|
156
166
|
},
|
|
157
167
|
?wrapped_key: {
|
|
158
168
|
wrapped_key_material: {
|
|
159
|
-
tr_31_key_block: ::String
|
|
169
|
+
tr_31_key_block: ::String?,
|
|
170
|
+
diffie_hellman_symmetric_key: {
|
|
171
|
+
certificate_authority_public_key_identifier: ::String,
|
|
172
|
+
public_key_certificate: ::String,
|
|
173
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
174
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
175
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
176
|
+
shared_information: ::String
|
|
177
|
+
}?
|
|
160
178
|
},
|
|
161
179
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
162
180
|
}
|
|
@@ -366,7 +384,21 @@ module Aws
|
|
|
366
384
|
},
|
|
367
385
|
?pin_data_length: ::Integer,
|
|
368
386
|
primary_account_number: ::String,
|
|
369
|
-
pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3")
|
|
387
|
+
pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3" | "ISO_FORMAT_4"),
|
|
388
|
+
?encryption_wrapped_key: {
|
|
389
|
+
wrapped_key_material: {
|
|
390
|
+
tr_31_key_block: ::String?,
|
|
391
|
+
diffie_hellman_symmetric_key: {
|
|
392
|
+
certificate_authority_public_key_identifier: ::String,
|
|
393
|
+
public_key_certificate: ::String,
|
|
394
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
395
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
396
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
397
|
+
shared_information: ::String
|
|
398
|
+
}?
|
|
399
|
+
},
|
|
400
|
+
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
401
|
+
}
|
|
370
402
|
) -> _GeneratePinDataResponseSuccess
|
|
371
403
|
| (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GeneratePinDataResponseSuccess
|
|
372
404
|
|
|
@@ -411,13 +443,29 @@ module Aws
|
|
|
411
443
|
},
|
|
412
444
|
?incoming_wrapped_key: {
|
|
413
445
|
wrapped_key_material: {
|
|
414
|
-
tr_31_key_block: ::String
|
|
446
|
+
tr_31_key_block: ::String?,
|
|
447
|
+
diffie_hellman_symmetric_key: {
|
|
448
|
+
certificate_authority_public_key_identifier: ::String,
|
|
449
|
+
public_key_certificate: ::String,
|
|
450
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
451
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
452
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
453
|
+
shared_information: ::String
|
|
454
|
+
}?
|
|
415
455
|
},
|
|
416
456
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
417
457
|
},
|
|
418
458
|
?outgoing_wrapped_key: {
|
|
419
459
|
wrapped_key_material: {
|
|
420
|
-
tr_31_key_block: ::String
|
|
460
|
+
tr_31_key_block: ::String?,
|
|
461
|
+
diffie_hellman_symmetric_key: {
|
|
462
|
+
certificate_authority_public_key_identifier: ::String,
|
|
463
|
+
public_key_certificate: ::String,
|
|
464
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
465
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
466
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
467
|
+
shared_information: ::String
|
|
468
|
+
}?
|
|
421
469
|
},
|
|
422
470
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
423
471
|
}
|
|
@@ -473,13 +521,29 @@ module Aws
|
|
|
473
521
|
},
|
|
474
522
|
?incoming_wrapped_key: {
|
|
475
523
|
wrapped_key_material: {
|
|
476
|
-
tr_31_key_block: ::String
|
|
524
|
+
tr_31_key_block: ::String?,
|
|
525
|
+
diffie_hellman_symmetric_key: {
|
|
526
|
+
certificate_authority_public_key_identifier: ::String,
|
|
527
|
+
public_key_certificate: ::String,
|
|
528
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
529
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
530
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
531
|
+
shared_information: ::String
|
|
532
|
+
}?
|
|
477
533
|
},
|
|
478
534
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
479
535
|
},
|
|
480
536
|
?outgoing_wrapped_key: {
|
|
481
537
|
wrapped_key_material: {
|
|
482
|
-
tr_31_key_block: ::String
|
|
538
|
+
tr_31_key_block: ::String?,
|
|
539
|
+
diffie_hellman_symmetric_key: {
|
|
540
|
+
certificate_authority_public_key_identifier: ::String,
|
|
541
|
+
public_key_certificate: ::String,
|
|
542
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
543
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
544
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
545
|
+
shared_information: ::String
|
|
546
|
+
}?
|
|
483
547
|
},
|
|
484
548
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
485
549
|
}
|
|
@@ -654,11 +718,25 @@ module Aws
|
|
|
654
718
|
},
|
|
655
719
|
encrypted_pin_block: ::String,
|
|
656
720
|
primary_account_number: ::String,
|
|
657
|
-
pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3"),
|
|
721
|
+
pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3" | "ISO_FORMAT_4"),
|
|
658
722
|
?pin_data_length: ::Integer,
|
|
659
723
|
?dukpt_attributes: {
|
|
660
724
|
key_serial_number: ::String,
|
|
661
725
|
dukpt_derivation_type: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256")
|
|
726
|
+
},
|
|
727
|
+
?encryption_wrapped_key: {
|
|
728
|
+
wrapped_key_material: {
|
|
729
|
+
tr_31_key_block: ::String?,
|
|
730
|
+
diffie_hellman_symmetric_key: {
|
|
731
|
+
certificate_authority_public_key_identifier: ::String,
|
|
732
|
+
public_key_certificate: ::String,
|
|
733
|
+
key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256"),
|
|
734
|
+
key_derivation_function: ("NIST_SP800" | "ANSI_X963"),
|
|
735
|
+
key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512"),
|
|
736
|
+
shared_information: ::String
|
|
737
|
+
}?
|
|
738
|
+
},
|
|
739
|
+
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24")?
|
|
662
740
|
}
|
|
663
741
|
) -> _VerifyPinDataResponseSuccess
|
|
664
742
|
| (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _VerifyPinDataResponseSuccess
|
data/sig/resource.rbs
CHANGED
|
@@ -39,7 +39,9 @@ module Aws
|
|
|
39
39
|
?logger: untyped,
|
|
40
40
|
?max_attempts: Integer,
|
|
41
41
|
?profile: String,
|
|
42
|
+
?request_checksum_calculation: String,
|
|
42
43
|
?request_min_compression_size_bytes: Integer,
|
|
44
|
+
?response_checksum_validation: String,
|
|
43
45
|
?retry_backoff: Proc,
|
|
44
46
|
?retry_base_delay: Float,
|
|
45
47
|
?retry_jitter: (:none | :equal | :full | ^(Integer) -> Integer),
|
data/sig/types.rbs
CHANGED
|
@@ -232,6 +232,16 @@ module Aws::PaymentCryptographyData
|
|
|
232
232
|
SENSITIVE: [:card_expiry_date, :service_code]
|
|
233
233
|
end
|
|
234
234
|
|
|
235
|
+
class EcdhDerivationAttributes
|
|
236
|
+
attr_accessor certificate_authority_public_key_identifier: ::String
|
|
237
|
+
attr_accessor public_key_certificate: ::String
|
|
238
|
+
attr_accessor key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256")
|
|
239
|
+
attr_accessor key_derivation_function: ("NIST_SP800" | "ANSI_X963")
|
|
240
|
+
attr_accessor key_derivation_hash_algorithm: ("SHA_256" | "SHA_384" | "SHA_512")
|
|
241
|
+
attr_accessor shared_information: ::String
|
|
242
|
+
SENSITIVE: [:public_key_certificate]
|
|
243
|
+
end
|
|
244
|
+
|
|
235
245
|
class Emv2000Attributes
|
|
236
246
|
attr_accessor major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B")
|
|
237
247
|
attr_accessor primary_account_number: ::String
|
|
@@ -356,7 +366,8 @@ module Aws::PaymentCryptographyData
|
|
|
356
366
|
attr_accessor generation_attributes: Types::PinGenerationAttributes
|
|
357
367
|
attr_accessor pin_data_length: ::Integer
|
|
358
368
|
attr_accessor primary_account_number: ::String
|
|
359
|
-
attr_accessor pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3")
|
|
369
|
+
attr_accessor pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3" | "ISO_FORMAT_4")
|
|
370
|
+
attr_accessor encryption_wrapped_key: Types::WrappedKey
|
|
360
371
|
SENSITIVE: [:primary_account_number]
|
|
361
372
|
end
|
|
362
373
|
|
|
@@ -752,9 +763,10 @@ module Aws::PaymentCryptographyData
|
|
|
752
763
|
attr_accessor verification_attributes: Types::PinVerificationAttributes
|
|
753
764
|
attr_accessor encrypted_pin_block: ::String
|
|
754
765
|
attr_accessor primary_account_number: ::String
|
|
755
|
-
attr_accessor pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3")
|
|
766
|
+
attr_accessor pin_block_format: ("ISO_FORMAT_0" | "ISO_FORMAT_3" | "ISO_FORMAT_4")
|
|
756
767
|
attr_accessor pin_data_length: ::Integer
|
|
757
768
|
attr_accessor dukpt_attributes: Types::DukptAttributes
|
|
769
|
+
attr_accessor encryption_wrapped_key: Types::WrappedKey
|
|
758
770
|
SENSITIVE: [:encrypted_pin_block, :primary_account_number]
|
|
759
771
|
end
|
|
760
772
|
|
|
@@ -809,11 +821,14 @@ module Aws::PaymentCryptographyData
|
|
|
809
821
|
|
|
810
822
|
class WrappedKeyMaterial
|
|
811
823
|
attr_accessor tr_31_key_block: ::String
|
|
824
|
+
attr_accessor diffie_hellman_symmetric_key: Types::EcdhDerivationAttributes
|
|
812
825
|
attr_accessor unknown: untyped
|
|
813
826
|
SENSITIVE: [:tr_31_key_block]
|
|
814
827
|
|
|
815
828
|
class Tr31KeyBlock < WrappedKeyMaterial
|
|
816
829
|
end
|
|
830
|
+
class DiffieHellmanSymmetricKey < WrappedKeyMaterial
|
|
831
|
+
end
|
|
817
832
|
class Unknown < WrappedKeyMaterial
|
|
818
833
|
end
|
|
819
834
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-paymentcryptographydata
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.28.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-01-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|
|
@@ -19,7 +19,7 @@ dependencies:
|
|
|
19
19
|
version: '3'
|
|
20
20
|
- - ">="
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: 3.
|
|
22
|
+
version: 3.216.0
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -29,7 +29,7 @@ dependencies:
|
|
|
29
29
|
version: '3'
|
|
30
30
|
- - ">="
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: 3.
|
|
32
|
+
version: 3.216.0
|
|
33
33
|
- !ruby/object:Gem::Dependency
|
|
34
34
|
name: aws-sigv4
|
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|