aws-sdk-paymentcryptographydata 1.51.0 → 1.52.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-paymentcryptographydata/client.rb +213 -60
- data/lib/aws-sdk-paymentcryptographydata/client_api.rb +32 -4
- data/lib/aws-sdk-paymentcryptographydata/types.rb +74 -4
- data/lib/aws-sdk-paymentcryptographydata.rb +1 -1
- data/sig/client.rbs +18 -27
- data/sig/params.rbs +27 -0
- data/sig/types.rbs +16 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0343d49090d4d82ab6d0b7318da2290656aeb94a21135383f31ebf2d21454deb
|
|
4
|
+
data.tar.gz: 9d65efe0e51cb2199015056c251c643195ce0cb50a00a72ed211ee4f11bc181d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 348f3f8b58fba125f2da3e9d161194cb4bf27cf8b43aab51f9e2fc0bbf272cc1c98709fda1a301dadbca3af583bc9d35c358772e69361cb40a53a49f877ce88d
|
|
7
|
+
data.tar.gz: 7acf33d8953a1efea010d30fa65069f834c1115c77a8eee606649ee102ea3f11d57e729671241e4d63706f062411779ff0da39f534d3d5982dd664e1320fb057
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.52.0
|
|
@@ -518,8 +518,9 @@ module Aws::PaymentCryptographyData
|
|
|
518
518
|
# operations][6] in the *Amazon Web Services Payment Cryptography User
|
|
519
519
|
# Guide*.
|
|
520
520
|
#
|
|
521
|
-
# **Cross-account use**: This operation
|
|
522
|
-
#
|
|
521
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
522
|
+
# the key has a resource-based policy that grants access. For more
|
|
523
|
+
# information, see [Resource-based policies][7].
|
|
523
524
|
#
|
|
524
525
|
# **Related operations:**
|
|
525
526
|
#
|
|
@@ -537,6 +538,7 @@ module Aws::PaymentCryptographyData
|
|
|
537
538
|
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/use-cases-acquirers-dynamickeys.html
|
|
538
539
|
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
539
540
|
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
541
|
+
# [7]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
540
542
|
#
|
|
541
543
|
# @option params [required, String] :key_identifier
|
|
542
544
|
# The `keyARN` of the encryption key that Amazon Web Services Payment
|
|
@@ -671,14 +673,15 @@ module Aws::PaymentCryptographyData
|
|
|
671
673
|
# operations][6] in the *Amazon Web Services Payment Cryptography User
|
|
672
674
|
# Guide*.
|
|
673
675
|
#
|
|
674
|
-
# **Cross-account use**: This operation
|
|
675
|
-
#
|
|
676
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
677
|
+
# the key has a resource-based policy that grants access. For more
|
|
678
|
+
# information, see [Resource-based policies][7].
|
|
676
679
|
#
|
|
677
680
|
# **Related operations:**
|
|
678
681
|
#
|
|
679
682
|
# * DecryptData
|
|
680
683
|
#
|
|
681
|
-
# * [GetPublicCertificate][
|
|
684
|
+
# * [GetPublicCertificate][8]
|
|
682
685
|
#
|
|
683
686
|
# * [ImportKey][3]
|
|
684
687
|
#
|
|
@@ -692,7 +695,8 @@ module Aws::PaymentCryptographyData
|
|
|
692
695
|
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/use-cases-acquirers-dynamickeys.html
|
|
693
696
|
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
694
697
|
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
695
|
-
# [7]: https://docs.aws.amazon.com/payment-cryptography/latest/
|
|
698
|
+
# [7]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
699
|
+
# [8]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html
|
|
696
700
|
#
|
|
697
701
|
# @option params [required, String] :key_identifier
|
|
698
702
|
# The `keyARN` of the encryption key that Amazon Web Services Payment
|
|
@@ -791,9 +795,9 @@ module Aws::PaymentCryptographyData
|
|
|
791
795
|
req.send_request(options)
|
|
792
796
|
end
|
|
793
797
|
|
|
794
|
-
#
|
|
795
|
-
#
|
|
796
|
-
# Standard 2805 (AS2805).
|
|
798
|
+
# Generates a `KekValidationRequest` or a `KekValidationResponse` for
|
|
799
|
+
# node-to-node initialization between payment processing nodes using
|
|
800
|
+
# [Australian Standard 2805 (AS2805)][1].
|
|
797
801
|
#
|
|
798
802
|
# During node-to-node initialization, both communicating nodes must
|
|
799
803
|
# validate that they possess the correct Key Encrypting Keys (KEKs)
|
|
@@ -802,38 +806,50 @@ module Aws::PaymentCryptographyData
|
|
|
802
806
|
# partner node. Each node uses its KEK to encrypt and decrypt session
|
|
803
807
|
# keys exchanged between the nodes. A KEK can be created or imported
|
|
804
808
|
# into Amazon Web Services Payment Cryptography using either the
|
|
805
|
-
# [CreateKey][
|
|
806
|
-
#
|
|
807
|
-
#
|
|
808
|
-
# `
|
|
809
|
-
#
|
|
810
|
-
#
|
|
811
|
-
#
|
|
812
|
-
#
|
|
813
|
-
#
|
|
809
|
+
# [CreateKey][2] or [ImportKey][3] operations.
|
|
810
|
+
#
|
|
811
|
+
# To use `GenerateAs2805KekValidation` to generate a KEK validation
|
|
812
|
+
# request, set `KekValidationType` to `KekValidationRequest`. This
|
|
813
|
+
# operation returns both `RandomKeySend` (KRs) and `RandomKeyReceive`
|
|
814
|
+
# (KRr) as response values. The partnering node receives the KRs, uses
|
|
815
|
+
# its KEKr to decrypt it, and generates a KRr which is an inverted value
|
|
816
|
+
# of KRs. The node receiving the KRr validates it against its own KRr
|
|
817
|
+
# generated during KEK validation request outside of Amazon Web Services
|
|
818
|
+
# Payment Cryptography.
|
|
819
|
+
#
|
|
820
|
+
# You can also use this operation to generate a KEK validation response,
|
|
821
|
+
# by setting `KekValidationType` to `KekValidationResponse` and
|
|
822
|
+
# providing the incoming KRs. This operation then calculates a KRr. To
|
|
823
|
+
# learn more about more about node-to-node initialization, see
|
|
824
|
+
# [Validation of KEK][4] in the *Amazon Web Services Payment
|
|
825
|
+
# Cryptography User Guide*.
|
|
814
826
|
#
|
|
815
827
|
# For information about valid keys for this operation, see
|
|
816
|
-
# [Understanding key attributes][
|
|
817
|
-
# operations][
|
|
828
|
+
# [Understanding key attributes][5] and [Key types for specific data
|
|
829
|
+
# operations][6] in the *Amazon Web Services Payment Cryptography User
|
|
818
830
|
# Guide*.
|
|
819
831
|
#
|
|
820
|
-
# **Cross-account use**: This operation
|
|
821
|
-
#
|
|
832
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
833
|
+
# the key has a resource-based policy that grants access. For more
|
|
834
|
+
# information, see [Resource-based policies][7].
|
|
822
835
|
#
|
|
823
836
|
#
|
|
824
837
|
#
|
|
825
|
-
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/
|
|
826
|
-
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/
|
|
827
|
-
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/
|
|
828
|
-
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/
|
|
838
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/as2805.html
|
|
839
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
|
840
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
|
841
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/as2805.kekvalidation.html
|
|
842
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
843
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
844
|
+
# [7]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
829
845
|
#
|
|
830
846
|
# @option params [required, String] :key_identifier
|
|
831
847
|
# The `keyARN` of sending KEK that Amazon Web Services Payment
|
|
832
848
|
# Cryptography uses for node-to-node initialization
|
|
833
849
|
#
|
|
834
850
|
# @option params [required, Types::As2805KekValidationType] :kek_validation_type
|
|
835
|
-
#
|
|
836
|
-
#
|
|
851
|
+
# Defines whether to generate a KEK validation request or KEK validation
|
|
852
|
+
# response for node-to-node initialization.
|
|
837
853
|
#
|
|
838
854
|
# @option params [required, String] :random_key_send_variant_mask
|
|
839
855
|
# The key variant to use for generating a random key for KEK validation
|
|
@@ -853,6 +869,7 @@ module Aws::PaymentCryptographyData
|
|
|
853
869
|
# kek_validation_type: { # required
|
|
854
870
|
# kek_validation_request: {
|
|
855
871
|
# derive_key_algorithm: "TDES_2KEY", # required, accepts TDES_2KEY, TDES_3KEY, AES_128, AES_192, AES_256, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512, HMAC_SHA224
|
|
872
|
+
# random_key_max_length: "BYTES_8", # accepts BYTES_8, BYTES_16, BYTES_24
|
|
856
873
|
# },
|
|
857
874
|
# kek_validation_response: {
|
|
858
875
|
# random_key_send: "As2805RandomKeyMaterial", # required
|
|
@@ -877,6 +894,120 @@ module Aws::PaymentCryptographyData
|
|
|
877
894
|
req.send_request(options)
|
|
878
895
|
end
|
|
879
896
|
|
|
897
|
+
# Generates an Authorization Request Cryptogram (ARQC) for an EMV chip
|
|
898
|
+
# payment card authorization. For more information, see [Generate auth
|
|
899
|
+
# request cryptogram][1] in the *Amazon Web Services Payment
|
|
900
|
+
# Cryptography User Guide*.
|
|
901
|
+
#
|
|
902
|
+
# ARQC generation uses an Issuer Master Key (IMK) for application
|
|
903
|
+
# cryptograms (TR31\_E0\_EMV\_MKEY\_APP\_CRYPTOGRAMS) to derive a
|
|
904
|
+
# session key, which is then used to generate the cryptogram from the
|
|
905
|
+
# provided transaction data (when applicable). To use this operation,
|
|
906
|
+
# you must first create or import an IMK-AC key by calling
|
|
907
|
+
# [CreateKey][2] or [ImportKey][3]. The `KeyModesOfUse` should be set to
|
|
908
|
+
# `DeriveKey` for the IMK-AC encryption key.
|
|
909
|
+
#
|
|
910
|
+
# This operation is intended for development and testing scenarios only.
|
|
911
|
+
# It is not recommended to use this operation as a substitute for
|
|
912
|
+
# card-based cryptogram generation in production payment flows.
|
|
913
|
+
#
|
|
914
|
+
# For information about valid keys for this operation, see
|
|
915
|
+
# [Understanding key attributes][4] and [Key types for specific data
|
|
916
|
+
# operations][5] in the *Amazon Web Services Payment Cryptography User
|
|
917
|
+
# Guide*.
|
|
918
|
+
#
|
|
919
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
920
|
+
# the key has a resource-based policy that grants access. For more
|
|
921
|
+
# information, see [Resource-based policies][6].
|
|
922
|
+
#
|
|
923
|
+
# **Related operations:**
|
|
924
|
+
#
|
|
925
|
+
# * VerifyAuthRequestCryptogram
|
|
926
|
+
#
|
|
927
|
+
# ^
|
|
928
|
+
#
|
|
929
|
+
#
|
|
930
|
+
#
|
|
931
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/data-operations.generateauthrequestcryptogram.html
|
|
932
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
|
933
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
|
934
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
935
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
936
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
937
|
+
#
|
|
938
|
+
# @option params [required, String] :key_identifier
|
|
939
|
+
# The `keyARN` of the IMK-AC (TR31\_E0\_EMV\_MKEY\_APP\_CRYPTOGRAMS)
|
|
940
|
+
# that Amazon Web Services Payment Cryptography uses to generate the
|
|
941
|
+
# ARQC.
|
|
942
|
+
#
|
|
943
|
+
# @option params [required, String] :transaction_data
|
|
944
|
+
# The transaction data that Amazon Web Services Payment Cryptography
|
|
945
|
+
# uses for ARQC generation. The same transaction data is used for ARQC
|
|
946
|
+
# verification by the issuer using VerifyAuthRequestCryptogram.
|
|
947
|
+
#
|
|
948
|
+
# @option params [required, String] :major_key_derivation_mode
|
|
949
|
+
# The method to use when deriving the major encryption key for ARQC
|
|
950
|
+
# generation within Amazon Web Services Payment Cryptography.
|
|
951
|
+
#
|
|
952
|
+
# @option params [required, Types::SessionKeyDerivation] :session_key_derivation_attributes
|
|
953
|
+
# The attributes and values to use for deriving a session key for ARQC
|
|
954
|
+
# generation within Amazon Web Services Payment Cryptography.
|
|
955
|
+
#
|
|
956
|
+
# @return [Types::GenerateAuthRequestCryptogramOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
957
|
+
#
|
|
958
|
+
# * {Types::GenerateAuthRequestCryptogramOutput#key_arn #key_arn} => String
|
|
959
|
+
# * {Types::GenerateAuthRequestCryptogramOutput#key_check_value #key_check_value} => String
|
|
960
|
+
# * {Types::GenerateAuthRequestCryptogramOutput#auth_request_cryptogram #auth_request_cryptogram} => String
|
|
961
|
+
#
|
|
962
|
+
# @example Request syntax with placeholder values
|
|
963
|
+
#
|
|
964
|
+
# resp = client.generate_auth_request_cryptogram({
|
|
965
|
+
# key_identifier: "KeyArnOrKeyAliasType", # required
|
|
966
|
+
# transaction_data: "TransactionDataType", # required
|
|
967
|
+
# major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
|
|
968
|
+
# session_key_derivation_attributes: { # required
|
|
969
|
+
# emv_common: {
|
|
970
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
971
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
|
972
|
+
# application_transaction_counter: "HexLengthEquals4", # required
|
|
973
|
+
# },
|
|
974
|
+
# mastercard: {
|
|
975
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
976
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
|
977
|
+
# application_transaction_counter: "HexLengthEquals4", # required
|
|
978
|
+
# unpredictable_number: "HexLengthEquals8", # required
|
|
979
|
+
# },
|
|
980
|
+
# emv_2000: {
|
|
981
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
982
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
|
983
|
+
# application_transaction_counter: "HexLengthEquals4", # required
|
|
984
|
+
# },
|
|
985
|
+
# amex: {
|
|
986
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
987
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
|
988
|
+
# },
|
|
989
|
+
# visa: {
|
|
990
|
+
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
991
|
+
# pan_sequence_number: "NumberLengthEquals2", # required
|
|
992
|
+
# },
|
|
993
|
+
# },
|
|
994
|
+
# })
|
|
995
|
+
#
|
|
996
|
+
# @example Response structure
|
|
997
|
+
#
|
|
998
|
+
# resp.key_arn #=> String
|
|
999
|
+
# resp.key_check_value #=> String
|
|
1000
|
+
# resp.auth_request_cryptogram #=> String
|
|
1001
|
+
#
|
|
1002
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/GenerateAuthRequestCryptogram AWS API Documentation
|
|
1003
|
+
#
|
|
1004
|
+
# @overload generate_auth_request_cryptogram(params = {})
|
|
1005
|
+
# @param [Hash] params ({})
|
|
1006
|
+
def generate_auth_request_cryptogram(params = {}, options = {})
|
|
1007
|
+
req = build_request(:generate_auth_request_cryptogram, params)
|
|
1008
|
+
req.send_request(options)
|
|
1009
|
+
end
|
|
1010
|
+
|
|
880
1011
|
# Generates card-related validation data using algorithms such as Card
|
|
881
1012
|
# Verification Values (CVV/CVV2), Dynamic Card Verification Values
|
|
882
1013
|
# (dCVV/dCVV2), or Card Security Codes (CSC). For more information, see
|
|
@@ -898,8 +1029,9 @@ module Aws::PaymentCryptographyData
|
|
|
898
1029
|
# operations][5] in the *Amazon Web Services Payment Cryptography User
|
|
899
1030
|
# Guide*.
|
|
900
1031
|
#
|
|
901
|
-
# **Cross-account use**: This operation
|
|
902
|
-
#
|
|
1032
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
1033
|
+
# the key has a resource-based policy that grants access. For more
|
|
1034
|
+
# information, see [Resource-based policies][6].
|
|
903
1035
|
#
|
|
904
1036
|
# **Related operations:**
|
|
905
1037
|
#
|
|
@@ -914,6 +1046,7 @@ module Aws::PaymentCryptographyData
|
|
|
914
1046
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
|
915
1047
|
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
916
1048
|
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1049
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
917
1050
|
#
|
|
918
1051
|
# @option params [required, String] :key_identifier
|
|
919
1052
|
# The `keyARN` of the CVK encryption key that Amazon Web Services
|
|
@@ -1015,8 +1148,9 @@ module Aws::PaymentCryptographyData
|
|
|
1015
1148
|
# operations][2] in the *Amazon Web Services Payment Cryptography User
|
|
1016
1149
|
# Guide*.
|
|
1017
1150
|
#
|
|
1018
|
-
# **Cross-account use**: This operation
|
|
1019
|
-
#
|
|
1151
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
1152
|
+
# the key has a resource-based policy that grants access. For more
|
|
1153
|
+
# information, see [Resource-based policies][3].
|
|
1020
1154
|
#
|
|
1021
1155
|
# **Related operations:**
|
|
1022
1156
|
#
|
|
@@ -1028,6 +1162,7 @@ module Aws::PaymentCryptographyData
|
|
|
1028
1162
|
#
|
|
1029
1163
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1030
1164
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1165
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
1031
1166
|
#
|
|
1032
1167
|
# @option params [required, String] :key_identifier
|
|
1033
1168
|
# The `keyARN` of the MAC generation encryption key.
|
|
@@ -1133,8 +1268,9 @@ module Aws::PaymentCryptographyData
|
|
|
1133
1268
|
#
|
|
1134
1269
|
# </note>
|
|
1135
1270
|
#
|
|
1136
|
-
# **Cross-account use**: This operation
|
|
1137
|
-
#
|
|
1271
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
1272
|
+
# the key has a resource-based policy that grants access. For more
|
|
1273
|
+
# information, see [Resource-based policies][2].
|
|
1138
1274
|
#
|
|
1139
1275
|
# **Related operations:**
|
|
1140
1276
|
#
|
|
@@ -1145,6 +1281,7 @@ module Aws::PaymentCryptographyData
|
|
|
1145
1281
|
#
|
|
1146
1282
|
#
|
|
1147
1283
|
# [1]: https://www.emvco.com/specifications/
|
|
1284
|
+
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
1148
1285
|
#
|
|
1149
1286
|
# @option params [required, String] :new_pin_pek_identifier
|
|
1150
1287
|
# The `keyARN` of the PEK protecting the incoming new encrypted PIN
|
|
@@ -1293,8 +1430,9 @@ module Aws::PaymentCryptographyData
|
|
|
1293
1430
|
# operations][4] in the *Amazon Web Services Payment Cryptography User
|
|
1294
1431
|
# Guide*.
|
|
1295
1432
|
#
|
|
1296
|
-
# **Cross-account use**: This operation
|
|
1297
|
-
#
|
|
1433
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
1434
|
+
# the key has a resource-based policy that grants access. For more
|
|
1435
|
+
# information, see [Resource-based policies][5].
|
|
1298
1436
|
#
|
|
1299
1437
|
# **Related operations:**
|
|
1300
1438
|
#
|
|
@@ -1310,6 +1448,7 @@ module Aws::PaymentCryptographyData
|
|
|
1310
1448
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/create-keys.html
|
|
1311
1449
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1312
1450
|
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1451
|
+
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
1313
1452
|
#
|
|
1314
1453
|
# @option params [required, String] :generation_key_identifier
|
|
1315
1454
|
# The `keyARN` of the PEK that Amazon Web Services Payment Cryptography
|
|
@@ -1464,8 +1603,9 @@ module Aws::PaymentCryptographyData
|
|
|
1464
1603
|
# operations][5] in the *Amazon Web Services Payment Cryptography User
|
|
1465
1604
|
# Guide*.
|
|
1466
1605
|
#
|
|
1467
|
-
# **Cross-account use**: This operation
|
|
1468
|
-
#
|
|
1606
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
1607
|
+
# the key has a resource-based policy that grants access. For more
|
|
1608
|
+
# information, see [Resource-based policies][6].
|
|
1469
1609
|
#
|
|
1470
1610
|
# **Related operations:**
|
|
1471
1611
|
#
|
|
@@ -1473,7 +1613,7 @@ module Aws::PaymentCryptographyData
|
|
|
1473
1613
|
#
|
|
1474
1614
|
# * EncryptData
|
|
1475
1615
|
#
|
|
1476
|
-
# * [GetPublicCertificate][
|
|
1616
|
+
# * [GetPublicCertificate][7]
|
|
1477
1617
|
#
|
|
1478
1618
|
# * [ImportKey][2]
|
|
1479
1619
|
#
|
|
@@ -1484,7 +1624,8 @@ module Aws::PaymentCryptographyData
|
|
|
1484
1624
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/use-cases-acquirers-dynamickeys.html
|
|
1485
1625
|
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1486
1626
|
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1487
|
-
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/
|
|
1627
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
1628
|
+
# [7]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html
|
|
1488
1629
|
#
|
|
1489
1630
|
# @option params [required, String] :incoming_key_identifier
|
|
1490
1631
|
# The `keyARN` of the encryption key of incoming ciphertext data.
|
|
@@ -1628,16 +1769,17 @@ module Aws::PaymentCryptographyData
|
|
|
1628
1769
|
# operations][5] in the *Amazon Web Services Payment Cryptography User
|
|
1629
1770
|
# Guide*.
|
|
1630
1771
|
#
|
|
1631
|
-
# **Cross-account use**: This operation
|
|
1632
|
-
#
|
|
1772
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
1773
|
+
# the key has a resource-based policy that grants access. For more
|
|
1774
|
+
# information, see [Resource-based policies][6].
|
|
1633
1775
|
#
|
|
1634
1776
|
# **Related operations:**
|
|
1635
1777
|
#
|
|
1636
|
-
# * [CreateKey][
|
|
1778
|
+
# * [CreateKey][7]
|
|
1637
1779
|
#
|
|
1638
|
-
# * [GetPublicCertificate][
|
|
1780
|
+
# * [GetPublicCertificate][8]
|
|
1639
1781
|
#
|
|
1640
|
-
# * [ImportKey][
|
|
1782
|
+
# * [ImportKey][9]
|
|
1641
1783
|
#
|
|
1642
1784
|
#
|
|
1643
1785
|
#
|
|
@@ -1646,9 +1788,10 @@ module Aws::PaymentCryptographyData
|
|
|
1646
1788
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/terminology.html#terms.kek
|
|
1647
1789
|
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1648
1790
|
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1649
|
-
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/
|
|
1650
|
-
# [7]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/
|
|
1651
|
-
# [8]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/
|
|
1791
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
1792
|
+
# [7]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
|
1793
|
+
# [8]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_GetPublicKeyCertificate.html
|
|
1794
|
+
# [9]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html
|
|
1652
1795
|
#
|
|
1653
1796
|
# @option params [required, Types::IncomingKeyMaterial] :incoming_key_material
|
|
1654
1797
|
# Parameter information of the TR31WrappedKeyBlock containing the
|
|
@@ -1759,8 +1902,9 @@ module Aws::PaymentCryptographyData
|
|
|
1759
1902
|
#
|
|
1760
1903
|
# </note>
|
|
1761
1904
|
#
|
|
1762
|
-
# **Cross-account use**: This operation
|
|
1763
|
-
#
|
|
1905
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
1906
|
+
# the key has a resource-based policy that grants access. For more
|
|
1907
|
+
# information, see [Resource-based policies][6].
|
|
1764
1908
|
#
|
|
1765
1909
|
# **Related operations:**
|
|
1766
1910
|
#
|
|
@@ -1775,6 +1919,7 @@ module Aws::PaymentCryptographyData
|
|
|
1775
1919
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/create-keys.html
|
|
1776
1920
|
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1777
1921
|
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
1922
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
1778
1923
|
#
|
|
1779
1924
|
# @option params [required, String] :incoming_key_identifier
|
|
1780
1925
|
# The `keyARN` of the encryption key under which incoming PIN block data
|
|
@@ -1946,8 +2091,9 @@ module Aws::PaymentCryptographyData
|
|
|
1946
2091
|
# operations][5] in the *Amazon Web Services Payment Cryptography User
|
|
1947
2092
|
# Guide*.
|
|
1948
2093
|
#
|
|
1949
|
-
# **Cross-account use**: This operation
|
|
1950
|
-
#
|
|
2094
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
2095
|
+
# the key has a resource-based policy that grants access. For more
|
|
2096
|
+
# information, see [Resource-based policies][6].
|
|
1951
2097
|
#
|
|
1952
2098
|
# **Related operations:**
|
|
1953
2099
|
#
|
|
@@ -1962,6 +2108,7 @@ module Aws::PaymentCryptographyData
|
|
|
1962
2108
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html
|
|
1963
2109
|
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
1964
2110
|
# [5]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
2111
|
+
# [6]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
1965
2112
|
#
|
|
1966
2113
|
# @option params [required, String] :key_identifier
|
|
1967
2114
|
# The `keyARN` of the major encryption key that Amazon Web Services
|
|
@@ -2017,7 +2164,7 @@ module Aws::PaymentCryptographyData
|
|
|
2017
2164
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
2018
2165
|
# pan_sequence_number: "NumberLengthEquals2", # required
|
|
2019
2166
|
# application_transaction_counter: "HexLengthEquals4", # required
|
|
2020
|
-
# unpredictable_number: "
|
|
2167
|
+
# unpredictable_number: "HexLengthEquals8", # required
|
|
2021
2168
|
# },
|
|
2022
2169
|
# emv_2000: {
|
|
2023
2170
|
# primary_account_number: "PrimaryAccountNumberType", # required
|
|
@@ -2080,8 +2227,9 @@ module Aws::PaymentCryptographyData
|
|
|
2080
2227
|
# operations][3] in the *Amazon Web Services Payment Cryptography User
|
|
2081
2228
|
# Guide*.
|
|
2082
2229
|
#
|
|
2083
|
-
# **Cross-account use**: This operation
|
|
2084
|
-
#
|
|
2230
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
2231
|
+
# the key has a resource-based policy that grants access. For more
|
|
2232
|
+
# information, see [Resource-based policies][4].
|
|
2085
2233
|
#
|
|
2086
2234
|
# **Related operations:**
|
|
2087
2235
|
#
|
|
@@ -2096,6 +2244,7 @@ module Aws::PaymentCryptographyData
|
|
|
2096
2244
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/verify-card-data.html
|
|
2097
2245
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
2098
2246
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
2247
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
2099
2248
|
#
|
|
2100
2249
|
# @option params [required, String] :key_identifier
|
|
2101
2250
|
# The `keyARN` of the CVK encryption key that Amazon Web Services
|
|
@@ -2193,8 +2342,9 @@ module Aws::PaymentCryptographyData
|
|
|
2193
2342
|
# operations][2] in the *Amazon Web Services Payment Cryptography User
|
|
2194
2343
|
# Guide*.
|
|
2195
2344
|
#
|
|
2196
|
-
# **Cross-account use**: This operation
|
|
2197
|
-
#
|
|
2345
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
2346
|
+
# the key has a resource-based policy that grants access. For more
|
|
2347
|
+
# information, see [Resource-based policies][3].
|
|
2198
2348
|
#
|
|
2199
2349
|
# **Related operations:**
|
|
2200
2350
|
#
|
|
@@ -2206,6 +2356,7 @@ module Aws::PaymentCryptographyData
|
|
|
2206
2356
|
#
|
|
2207
2357
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
2208
2358
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
2359
|
+
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
2209
2360
|
#
|
|
2210
2361
|
# @option params [required, String] :key_identifier
|
|
2211
2362
|
# The `keyARN` of the encryption key that Amazon Web Services Payment
|
|
@@ -2297,8 +2448,9 @@ module Aws::PaymentCryptographyData
|
|
|
2297
2448
|
# operations][3] in the *Amazon Web Services Payment Cryptography User
|
|
2298
2449
|
# Guide*.
|
|
2299
2450
|
#
|
|
2300
|
-
# **Cross-account use**: This operation
|
|
2301
|
-
#
|
|
2451
|
+
# **Cross-account use**: This operation supports cross-account use when
|
|
2452
|
+
# the key has a resource-based policy that grants access. For more
|
|
2453
|
+
# information, see [Resource-based policies][4].
|
|
2302
2454
|
#
|
|
2303
2455
|
# **Related operations:**
|
|
2304
2456
|
#
|
|
@@ -2311,6 +2463,7 @@ module Aws::PaymentCryptographyData
|
|
|
2311
2463
|
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/verify-pin-data.html
|
|
2312
2464
|
# [2]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-validattributes.html
|
|
2313
2465
|
# [3]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/crypto-ops-validkeys-ops.html
|
|
2466
|
+
# [4]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/security_iam_resource-based-policies.html
|
|
2314
2467
|
#
|
|
2315
2468
|
# @option params [required, String] :verification_key_identifier
|
|
2316
2469
|
# The `keyARN` of the PIN verification key.
|
|
@@ -2435,7 +2588,7 @@ module Aws::PaymentCryptographyData
|
|
|
2435
2588
|
tracer: tracer
|
|
2436
2589
|
)
|
|
2437
2590
|
context[:gem_name] = 'aws-sdk-paymentcryptographydata'
|
|
2438
|
-
context[:gem_version] = '1.
|
|
2591
|
+
context[:gem_version] = '1.52.0'
|
|
2439
2592
|
Seahorse::Client::Request.new(handlers, context)
|
|
2440
2593
|
end
|
|
2441
2594
|
|
|
@@ -65,6 +65,8 @@ module Aws::PaymentCryptographyData
|
|
|
65
65
|
EncryptionMode = Shapes::StringShape.new(name: 'EncryptionMode')
|
|
66
66
|
GenerateAs2805KekValidationInput = Shapes::StructureShape.new(name: 'GenerateAs2805KekValidationInput')
|
|
67
67
|
GenerateAs2805KekValidationOutput = Shapes::StructureShape.new(name: 'GenerateAs2805KekValidationOutput')
|
|
68
|
+
GenerateAuthRequestCryptogramInput = Shapes::StructureShape.new(name: 'GenerateAuthRequestCryptogramInput')
|
|
69
|
+
GenerateAuthRequestCryptogramOutput = Shapes::StructureShape.new(name: 'GenerateAuthRequestCryptogramOutput')
|
|
68
70
|
GenerateCardValidationDataInput = Shapes::StructureShape.new(name: 'GenerateCardValidationDataInput')
|
|
69
71
|
GenerateCardValidationDataOutput = Shapes::StructureShape.new(name: 'GenerateCardValidationDataOutput')
|
|
70
72
|
GenerateMacEmvPinChangeInput = Shapes::StructureShape.new(name: 'GenerateMacEmvPinChangeInput')
|
|
@@ -91,7 +93,7 @@ module Aws::PaymentCryptographyData
|
|
|
91
93
|
IntegerRangeBetween0And6 = Shapes::IntegerShape.new(name: 'IntegerRangeBetween0And6')
|
|
92
94
|
IntegerRangeBetween3And5Type = Shapes::IntegerShape.new(name: 'IntegerRangeBetween3And5Type')
|
|
93
95
|
IntegerRangeBetween4And12 = Shapes::IntegerShape.new(name: 'IntegerRangeBetween4And12')
|
|
94
|
-
|
|
96
|
+
IntegerRangeBetween4And32 = Shapes::IntegerShape.new(name: 'IntegerRangeBetween4And32')
|
|
95
97
|
InternalServerException = Shapes::StructureShape.new(name: 'InternalServerException')
|
|
96
98
|
KekValidationRequest = Shapes::StructureShape.new(name: 'KekValidationRequest')
|
|
97
99
|
KekValidationResponse = Shapes::StructureShape.new(name: 'KekValidationResponse')
|
|
@@ -130,6 +132,7 @@ module Aws::PaymentCryptographyData
|
|
|
130
132
|
PlainTextType = Shapes::StringShape.new(name: 'PlainTextType')
|
|
131
133
|
PrimaryAccountNumberType = Shapes::StringShape.new(name: 'PrimaryAccountNumberType')
|
|
132
134
|
ProprietaryAuthenticationDataType = Shapes::StringShape.new(name: 'ProprietaryAuthenticationDataType')
|
|
135
|
+
RandomKeyMaxLength = Shapes::StringShape.new(name: 'RandomKeyMaxLength')
|
|
133
136
|
RandomKeySendVariantMask = Shapes::StringShape.new(name: 'RandomKeySendVariantMask')
|
|
134
137
|
ReEncryptDataInput = Shapes::StructureShape.new(name: 'ReEncryptDataInput')
|
|
135
138
|
ReEncryptDataOutput = Shapes::StructureShape.new(name: 'ReEncryptDataOutput')
|
|
@@ -419,6 +422,17 @@ module Aws::PaymentCryptographyData
|
|
|
419
422
|
GenerateAs2805KekValidationOutput.add_member(:random_key_receive, Shapes::ShapeRef.new(shape: As2805RandomKeyMaterial, required: true, location_name: "RandomKeyReceive"))
|
|
420
423
|
GenerateAs2805KekValidationOutput.struct_class = Types::GenerateAs2805KekValidationOutput
|
|
421
424
|
|
|
425
|
+
GenerateAuthRequestCryptogramInput.add_member(:key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "KeyIdentifier"))
|
|
426
|
+
GenerateAuthRequestCryptogramInput.add_member(:transaction_data, Shapes::ShapeRef.new(shape: TransactionDataType, required: true, location_name: "TransactionData"))
|
|
427
|
+
GenerateAuthRequestCryptogramInput.add_member(:major_key_derivation_mode, Shapes::ShapeRef.new(shape: MajorKeyDerivationMode, required: true, location_name: "MajorKeyDerivationMode"))
|
|
428
|
+
GenerateAuthRequestCryptogramInput.add_member(:session_key_derivation_attributes, Shapes::ShapeRef.new(shape: SessionKeyDerivation, required: true, location_name: "SessionKeyDerivationAttributes"))
|
|
429
|
+
GenerateAuthRequestCryptogramInput.struct_class = Types::GenerateAuthRequestCryptogramInput
|
|
430
|
+
|
|
431
|
+
GenerateAuthRequestCryptogramOutput.add_member(:key_arn, Shapes::ShapeRef.new(shape: KeyArn, required: true, location_name: "KeyArn"))
|
|
432
|
+
GenerateAuthRequestCryptogramOutput.add_member(:key_check_value, Shapes::ShapeRef.new(shape: KeyCheckValue, required: true, location_name: "KeyCheckValue"))
|
|
433
|
+
GenerateAuthRequestCryptogramOutput.add_member(:auth_request_cryptogram, Shapes::ShapeRef.new(shape: AuthRequestCryptogramType, required: true, location_name: "AuthRequestCryptogram"))
|
|
434
|
+
GenerateAuthRequestCryptogramOutput.struct_class = Types::GenerateAuthRequestCryptogramOutput
|
|
435
|
+
|
|
422
436
|
GenerateCardValidationDataInput.add_member(:key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "KeyIdentifier"))
|
|
423
437
|
GenerateCardValidationDataInput.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: PrimaryAccountNumberType, required: true, location_name: "PrimaryAccountNumber"))
|
|
424
438
|
GenerateCardValidationDataInput.add_member(:generation_attributes, Shapes::ShapeRef.new(shape: CardGenerationAttributes, required: true, location_name: "GenerationAttributes"))
|
|
@@ -453,7 +467,7 @@ module Aws::PaymentCryptographyData
|
|
|
453
467
|
GenerateMacInput.add_member(:key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "KeyIdentifier"))
|
|
454
468
|
GenerateMacInput.add_member(:message_data, Shapes::ShapeRef.new(shape: MessageDataType, required: true, location_name: "MessageData"))
|
|
455
469
|
GenerateMacInput.add_member(:generation_attributes, Shapes::ShapeRef.new(shape: MacAttributes, required: true, location_name: "GenerationAttributes"))
|
|
456
|
-
GenerateMacInput.add_member(:mac_length, Shapes::ShapeRef.new(shape:
|
|
470
|
+
GenerateMacInput.add_member(:mac_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And32, location_name: "MacLength"))
|
|
457
471
|
GenerateMacInput.struct_class = Types::GenerateMacInput
|
|
458
472
|
|
|
459
473
|
GenerateMacOutput.add_member(:key_arn, Shapes::ShapeRef.new(shape: KeyArn, required: true, location_name: "KeyArn"))
|
|
@@ -526,6 +540,7 @@ module Aws::PaymentCryptographyData
|
|
|
526
540
|
InternalServerException.struct_class = Types::InternalServerException
|
|
527
541
|
|
|
528
542
|
KekValidationRequest.add_member(:derive_key_algorithm, Shapes::ShapeRef.new(shape: SymmetricKeyAlgorithm, required: true, location_name: "DeriveKeyAlgorithm"))
|
|
543
|
+
KekValidationRequest.add_member(:random_key_max_length, Shapes::ShapeRef.new(shape: RandomKeyMaxLength, location_name: "RandomKeyMaxLength"))
|
|
529
544
|
KekValidationRequest.struct_class = Types::KekValidationRequest
|
|
530
545
|
|
|
531
546
|
KekValidationResponse.add_member(:random_key_send, Shapes::ShapeRef.new(shape: As2805RandomKeyMaterial, required: true, location_name: "RandomKeySend"))
|
|
@@ -668,7 +683,7 @@ module Aws::PaymentCryptographyData
|
|
|
668
683
|
SessionKeyMastercard.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: PrimaryAccountNumberType, required: true, location_name: "PrimaryAccountNumber"))
|
|
669
684
|
SessionKeyMastercard.add_member(:pan_sequence_number, Shapes::ShapeRef.new(shape: NumberLengthEquals2, required: true, location_name: "PanSequenceNumber"))
|
|
670
685
|
SessionKeyMastercard.add_member(:application_transaction_counter, Shapes::ShapeRef.new(shape: HexLengthEquals4, required: true, location_name: "ApplicationTransactionCounter"))
|
|
671
|
-
SessionKeyMastercard.add_member(:unpredictable_number, Shapes::ShapeRef.new(shape:
|
|
686
|
+
SessionKeyMastercard.add_member(:unpredictable_number, Shapes::ShapeRef.new(shape: HexLengthEquals8, required: true, location_name: "UnpredictableNumber"))
|
|
672
687
|
SessionKeyMastercard.struct_class = Types::SessionKeyMastercard
|
|
673
688
|
|
|
674
689
|
SessionKeyVisa.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: PrimaryAccountNumberType, required: true, location_name: "PrimaryAccountNumber"))
|
|
@@ -771,7 +786,7 @@ module Aws::PaymentCryptographyData
|
|
|
771
786
|
VerifyMacInput.add_member(:message_data, Shapes::ShapeRef.new(shape: MessageDataType, required: true, location_name: "MessageData"))
|
|
772
787
|
VerifyMacInput.add_member(:mac, Shapes::ShapeRef.new(shape: MacType, required: true, location_name: "Mac"))
|
|
773
788
|
VerifyMacInput.add_member(:verification_attributes, Shapes::ShapeRef.new(shape: MacAttributes, required: true, location_name: "VerificationAttributes"))
|
|
774
|
-
VerifyMacInput.add_member(:mac_length, Shapes::ShapeRef.new(shape:
|
|
789
|
+
VerifyMacInput.add_member(:mac_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And32, location_name: "MacLength"))
|
|
775
790
|
VerifyMacInput.struct_class = Types::VerifyMacInput
|
|
776
791
|
|
|
777
792
|
VerifyMacOutput.add_member(:key_arn, Shapes::ShapeRef.new(shape: KeyArn, required: true, location_name: "KeyArn"))
|
|
@@ -895,6 +910,19 @@ module Aws::PaymentCryptographyData
|
|
|
895
910
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
|
896
911
|
end)
|
|
897
912
|
|
|
913
|
+
api.add_operation(:generate_auth_request_cryptogram, Seahorse::Model::Operation.new.tap do |o|
|
|
914
|
+
o.name = "GenerateAuthRequestCryptogram"
|
|
915
|
+
o.http_method = "POST"
|
|
916
|
+
o.http_request_uri = "/cryptogram/generate"
|
|
917
|
+
o.input = Shapes::ShapeRef.new(shape: GenerateAuthRequestCryptogramInput)
|
|
918
|
+
o.output = Shapes::ShapeRef.new(shape: GenerateAuthRequestCryptogramOutput)
|
|
919
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
|
920
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
921
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
|
922
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
|
923
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
|
924
|
+
end)
|
|
925
|
+
|
|
898
926
|
api.add_operation(:generate_card_validation_data, Seahorse::Model::Operation.new.tap do |o|
|
|
899
927
|
o.name = "GenerateCardValidationData"
|
|
900
928
|
o.http_method = "POST"
|
|
@@ -1097,8 +1097,8 @@ module Aws::PaymentCryptographyData
|
|
|
1097
1097
|
# @return [String]
|
|
1098
1098
|
#
|
|
1099
1099
|
# @!attribute [rw] kek_validation_type
|
|
1100
|
-
#
|
|
1101
|
-
#
|
|
1100
|
+
# Defines whether to generate a KEK validation request or KEK
|
|
1101
|
+
# validation response for node-to-node initialization.
|
|
1102
1102
|
# @return [Types::As2805KekValidationType]
|
|
1103
1103
|
#
|
|
1104
1104
|
# @!attribute [rw] random_key_send_variant_mask
|
|
@@ -1147,6 +1147,69 @@ module Aws::PaymentCryptographyData
|
|
|
1147
1147
|
include Aws::Structure
|
|
1148
1148
|
end
|
|
1149
1149
|
|
|
1150
|
+
# @!attribute [rw] key_identifier
|
|
1151
|
+
# The `keyARN` of the IMK-AC (TR31\_E0\_EMV\_MKEY\_APP\_CRYPTOGRAMS)
|
|
1152
|
+
# that Amazon Web Services Payment Cryptography uses to generate the
|
|
1153
|
+
# ARQC.
|
|
1154
|
+
# @return [String]
|
|
1155
|
+
#
|
|
1156
|
+
# @!attribute [rw] transaction_data
|
|
1157
|
+
# The transaction data that Amazon Web Services Payment Cryptography
|
|
1158
|
+
# uses for ARQC generation. The same transaction data is used for ARQC
|
|
1159
|
+
# verification by the issuer using VerifyAuthRequestCryptogram.
|
|
1160
|
+
# @return [String]
|
|
1161
|
+
#
|
|
1162
|
+
# @!attribute [rw] major_key_derivation_mode
|
|
1163
|
+
# The method to use when deriving the major encryption key for ARQC
|
|
1164
|
+
# generation within Amazon Web Services Payment Cryptography.
|
|
1165
|
+
# @return [String]
|
|
1166
|
+
#
|
|
1167
|
+
# @!attribute [rw] session_key_derivation_attributes
|
|
1168
|
+
# The attributes and values to use for deriving a session key for ARQC
|
|
1169
|
+
# generation within Amazon Web Services Payment Cryptography.
|
|
1170
|
+
# @return [Types::SessionKeyDerivation]
|
|
1171
|
+
#
|
|
1172
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/GenerateAuthRequestCryptogramInput AWS API Documentation
|
|
1173
|
+
#
|
|
1174
|
+
class GenerateAuthRequestCryptogramInput < Struct.new(
|
|
1175
|
+
:key_identifier,
|
|
1176
|
+
:transaction_data,
|
|
1177
|
+
:major_key_derivation_mode,
|
|
1178
|
+
:session_key_derivation_attributes)
|
|
1179
|
+
SENSITIVE = [:transaction_data]
|
|
1180
|
+
include Aws::Structure
|
|
1181
|
+
end
|
|
1182
|
+
|
|
1183
|
+
# @!attribute [rw] key_arn
|
|
1184
|
+
# The `keyARN` of the IMK-AC that Amazon Web Services Payment
|
|
1185
|
+
# Cryptography uses for ARQC generation.
|
|
1186
|
+
# @return [String]
|
|
1187
|
+
#
|
|
1188
|
+
# @!attribute [rw] key_check_value
|
|
1189
|
+
# The key check value (KCV) of the encryption key. The KCV is used to
|
|
1190
|
+
# check if all parties holding a given key have the same key or to
|
|
1191
|
+
# detect that a key has changed.
|
|
1192
|
+
#
|
|
1193
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
|
1194
|
+
# to the CMAC specification.
|
|
1195
|
+
# @return [String]
|
|
1196
|
+
#
|
|
1197
|
+
# @!attribute [rw] auth_request_cryptogram
|
|
1198
|
+
# The Authorization Request Cryptogram (ARQC) generated by Amazon Web
|
|
1199
|
+
# Services Payment Cryptography using the specified key and
|
|
1200
|
+
# transaction data.
|
|
1201
|
+
# @return [String]
|
|
1202
|
+
#
|
|
1203
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/GenerateAuthRequestCryptogramOutput AWS API Documentation
|
|
1204
|
+
#
|
|
1205
|
+
class GenerateAuthRequestCryptogramOutput < Struct.new(
|
|
1206
|
+
:key_arn,
|
|
1207
|
+
:key_check_value,
|
|
1208
|
+
:auth_request_cryptogram)
|
|
1209
|
+
SENSITIVE = [:auth_request_cryptogram]
|
|
1210
|
+
include Aws::Structure
|
|
1211
|
+
end
|
|
1212
|
+
|
|
1150
1213
|
# @!attribute [rw] key_identifier
|
|
1151
1214
|
# The `keyARN` of the CVK encryption key that Amazon Web Services
|
|
1152
1215
|
# Payment Cryptography uses to generate card data.
|
|
@@ -1739,10 +1802,16 @@ module Aws::PaymentCryptographyData
|
|
|
1739
1802
|
# request.
|
|
1740
1803
|
# @return [String]
|
|
1741
1804
|
#
|
|
1805
|
+
# @!attribute [rw] random_key_max_length
|
|
1806
|
+
# The maximum length of the random key to generate for a KEK
|
|
1807
|
+
# validation request.
|
|
1808
|
+
# @return [String]
|
|
1809
|
+
#
|
|
1742
1810
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/KekValidationRequest AWS API Documentation
|
|
1743
1811
|
#
|
|
1744
1812
|
class KekValidationRequest < Struct.new(
|
|
1745
|
-
:derive_key_algorithm
|
|
1813
|
+
:derive_key_algorithm,
|
|
1814
|
+
:random_key_max_length)
|
|
1746
1815
|
SENSITIVE = []
|
|
1747
1816
|
include Aws::Structure
|
|
1748
1817
|
end
|
|
@@ -1751,7 +1820,8 @@ module Aws::PaymentCryptographyData
|
|
|
1751
1820
|
# node-to-node initialization.
|
|
1752
1821
|
#
|
|
1753
1822
|
# @!attribute [rw] random_key_send
|
|
1754
|
-
# The random key
|
|
1823
|
+
# The random key send value received from the initiating node to
|
|
1824
|
+
# generate a KEK validation response.
|
|
1755
1825
|
# @return [String]
|
|
1756
1826
|
#
|
|
1757
1827
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/KekValidationResponse AWS API Documentation
|
data/sig/client.rbs
CHANGED
|
@@ -120,7 +120,8 @@ module Aws
|
|
|
120
120
|
key_identifier: ::String,
|
|
121
121
|
kek_validation_type: {
|
|
122
122
|
kek_validation_request: {
|
|
123
|
-
derive_key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256" | "HMAC_SHA256" | "HMAC_SHA384" | "HMAC_SHA512" | "HMAC_SHA224")
|
|
123
|
+
derive_key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256" | "HMAC_SHA256" | "HMAC_SHA384" | "HMAC_SHA512" | "HMAC_SHA224"),
|
|
124
|
+
random_key_max_length: ("BYTES_8" | "BYTES_16" | "BYTES_24")?
|
|
124
125
|
}?,
|
|
125
126
|
kek_validation_response: {
|
|
126
127
|
random_key_send: ::String
|
|
@@ -130,6 +131,21 @@ module Aws
|
|
|
130
131
|
) -> _GenerateAs2805KekValidationResponseSuccess
|
|
131
132
|
| (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GenerateAs2805KekValidationResponseSuccess
|
|
132
133
|
|
|
134
|
+
interface _GenerateAuthRequestCryptogramResponseSuccess
|
|
135
|
+
include ::Seahorse::Client::_ResponseSuccess[Types::GenerateAuthRequestCryptogramOutput]
|
|
136
|
+
def key_arn: () -> ::String
|
|
137
|
+
def key_check_value: () -> ::String
|
|
138
|
+
def auth_request_cryptogram: () -> ::String
|
|
139
|
+
end
|
|
140
|
+
# https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/PaymentCryptographyData/Client.html#generate_auth_request_cryptogram-instance_method
|
|
141
|
+
def generate_auth_request_cryptogram: (
|
|
142
|
+
key_identifier: ::String,
|
|
143
|
+
transaction_data: ::String,
|
|
144
|
+
major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B"),
|
|
145
|
+
session_key_derivation_attributes: Params::session_key_derivation
|
|
146
|
+
) -> _GenerateAuthRequestCryptogramResponseSuccess
|
|
147
|
+
| (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GenerateAuthRequestCryptogramResponseSuccess
|
|
148
|
+
|
|
133
149
|
interface _GenerateCardValidationDataResponseSuccess
|
|
134
150
|
include ::Seahorse::Client::_ResponseSuccess[Types::GenerateCardValidationDataOutput]
|
|
135
151
|
def key_arn: () -> ::String
|
|
@@ -402,32 +418,7 @@ module Aws
|
|
|
402
418
|
transaction_data: ::String,
|
|
403
419
|
auth_request_cryptogram: ::String,
|
|
404
420
|
major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B"),
|
|
405
|
-
session_key_derivation_attributes:
|
|
406
|
-
emv_common: {
|
|
407
|
-
primary_account_number: ::String,
|
|
408
|
-
pan_sequence_number: ::String,
|
|
409
|
-
application_transaction_counter: ::String
|
|
410
|
-
}?,
|
|
411
|
-
mastercard: {
|
|
412
|
-
primary_account_number: ::String,
|
|
413
|
-
pan_sequence_number: ::String,
|
|
414
|
-
application_transaction_counter: ::String,
|
|
415
|
-
unpredictable_number: ::String
|
|
416
|
-
}?,
|
|
417
|
-
emv_2000: {
|
|
418
|
-
primary_account_number: ::String,
|
|
419
|
-
pan_sequence_number: ::String,
|
|
420
|
-
application_transaction_counter: ::String
|
|
421
|
-
}?,
|
|
422
|
-
amex: {
|
|
423
|
-
primary_account_number: ::String,
|
|
424
|
-
pan_sequence_number: ::String
|
|
425
|
-
}?,
|
|
426
|
-
visa: {
|
|
427
|
-
primary_account_number: ::String,
|
|
428
|
-
pan_sequence_number: ::String
|
|
429
|
-
}?
|
|
430
|
-
},
|
|
421
|
+
session_key_derivation_attributes: Params::session_key_derivation,
|
|
431
422
|
?auth_response_attributes: {
|
|
432
423
|
arpc_method_1: {
|
|
433
424
|
auth_response_code: ::String
|
data/sig/params.rbs
CHANGED
|
@@ -55,6 +55,33 @@ module Aws
|
|
|
55
55
|
key_check_value_algorithm: ("CMAC" | "ANSI_X9_24" | "HMAC" | "SHA_1")?
|
|
56
56
|
}
|
|
57
57
|
|
|
58
|
+
type session_key_derivation = {
|
|
59
|
+
emv_common: {
|
|
60
|
+
primary_account_number: ::String,
|
|
61
|
+
pan_sequence_number: ::String,
|
|
62
|
+
application_transaction_counter: ::String
|
|
63
|
+
}?,
|
|
64
|
+
mastercard: {
|
|
65
|
+
primary_account_number: ::String,
|
|
66
|
+
pan_sequence_number: ::String,
|
|
67
|
+
application_transaction_counter: ::String,
|
|
68
|
+
unpredictable_number: ::String
|
|
69
|
+
}?,
|
|
70
|
+
emv_2000: {
|
|
71
|
+
primary_account_number: ::String,
|
|
72
|
+
pan_sequence_number: ::String,
|
|
73
|
+
application_transaction_counter: ::String
|
|
74
|
+
}?,
|
|
75
|
+
amex: {
|
|
76
|
+
primary_account_number: ::String,
|
|
77
|
+
pan_sequence_number: ::String
|
|
78
|
+
}?,
|
|
79
|
+
visa: {
|
|
80
|
+
primary_account_number: ::String,
|
|
81
|
+
pan_sequence_number: ::String
|
|
82
|
+
}?
|
|
83
|
+
}
|
|
84
|
+
|
|
58
85
|
type mac_algorithm_emv = {
|
|
59
86
|
major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B"),
|
|
60
87
|
primary_account_number: ::String,
|
data/sig/types.rbs
CHANGED
|
@@ -352,6 +352,21 @@ module Aws::PaymentCryptographyData
|
|
|
352
352
|
SENSITIVE: [:random_key_send, :random_key_receive]
|
|
353
353
|
end
|
|
354
354
|
|
|
355
|
+
class GenerateAuthRequestCryptogramInput
|
|
356
|
+
attr_accessor key_identifier: ::String
|
|
357
|
+
attr_accessor transaction_data: ::String
|
|
358
|
+
attr_accessor major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B")
|
|
359
|
+
attr_accessor session_key_derivation_attributes: Types::SessionKeyDerivation
|
|
360
|
+
SENSITIVE: [:transaction_data]
|
|
361
|
+
end
|
|
362
|
+
|
|
363
|
+
class GenerateAuthRequestCryptogramOutput
|
|
364
|
+
attr_accessor key_arn: ::String
|
|
365
|
+
attr_accessor key_check_value: ::String
|
|
366
|
+
attr_accessor auth_request_cryptogram: ::String
|
|
367
|
+
SENSITIVE: [:auth_request_cryptogram]
|
|
368
|
+
end
|
|
369
|
+
|
|
355
370
|
class GenerateCardValidationDataInput
|
|
356
371
|
attr_accessor key_identifier: ::String
|
|
357
372
|
attr_accessor primary_account_number: ::String
|
|
@@ -495,6 +510,7 @@ module Aws::PaymentCryptographyData
|
|
|
495
510
|
|
|
496
511
|
class KekValidationRequest
|
|
497
512
|
attr_accessor derive_key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256" | "HMAC_SHA256" | "HMAC_SHA384" | "HMAC_SHA512" | "HMAC_SHA224")
|
|
513
|
+
attr_accessor random_key_max_length: ("BYTES_8" | "BYTES_16" | "BYTES_24")
|
|
498
514
|
SENSITIVE: []
|
|
499
515
|
end
|
|
500
516
|
|