aws-sdk-paymentcryptographydata 1.9.0 → 1.10.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7edf8086296d3beeb8b9ba8672b86c9575688b3c2f4b20d136997a9a6c0a9577
4
- data.tar.gz: a058ede4258aac1b77fc5ddb5d80aa27762f50b68b9d127ef0939fa59ec52117
3
+ metadata.gz: 6126989706af46778cf434cc347a8c7d3612827a1001706d0e213e05d5cd9612
4
+ data.tar.gz: a8a99a810c24b25b8ba1b9f30b7fc03d295cb426c41ff77e207dfe888a3654b9
5
5
  SHA512:
6
- metadata.gz: 319930fff955a252a87eaa25d0074f54a9adfdbb4304807db1c8a01a4399eabf4ad362cea5232a6c06b770efe9f183eabc786652f09ff06a1f35c34b944012ac
7
- data.tar.gz: d87ad4d1d55041f0b602bf657c7de4322720841daceee94fbcf6364c7cb462ea0ed498dbe01d4edc96dfd030968a7ecb971a27c792af75f70e320c3e82e420cb
6
+ metadata.gz: 1c69e8560dd194bdfaf4d56ae5ffaaeb3b00fd4a79531eae91657eb4d8095c469d9bb8ec5b19820ce97c8c179abc57351f132fa829bb9ff336c6a5664eadade1
7
+ data.tar.gz: d274c07082e1aa888f464d77ab4aa465a6a479a276b07537752850fa537d2601994e2a383974a57d80ca1f3605f9e6beaacf910df91f8252dab7c11380ad41dd
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.10.0 (2024-03-07)
5
+ ------------------
6
+
7
+ * Feature - AWS Payment Cryptography EMV Decrypt Feature Release
8
+
4
9
  1.9.0 (2024-01-26)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.9.0
1
+ 1.10.0
@@ -388,9 +388,10 @@ module Aws::PaymentCryptographyData
388
388
 
389
389
  # @!group API Operations
390
390
 
391
- # Decrypts ciphertext data to plaintext using symmetric, asymmetric, or
392
- # DUKPT data encryption key. For more information, see [Decrypt data][1]
393
- # in the *Amazon Web Services Payment Cryptography User Guide*.
391
+ # Decrypts ciphertext data to plaintext using a symmetric (TDES, AES),
392
+ # asymmetric (RSA), or derived (DUKPT or EMV) encryption key scheme. For
393
+ # more information, see [Decrypt data][1] in the *Amazon Web Services
394
+ # Payment Cryptography User Guide*.
394
395
  #
395
396
  # You can use an encryption key generated within Amazon Web Services
396
397
  # Payment Cryptography, or you can import your own encryption key by
@@ -403,11 +404,15 @@ module Aws::PaymentCryptographyData
403
404
  # [GetPublicCertificate][3].
404
405
  #
405
406
  # For symmetric and DUKPT decryption, Amazon Web Services Payment
406
- # Cryptography supports `TDES` and `AES` algorithms. For asymmetric
407
- # decryption, Amazon Web Services Payment Cryptography supports `RSA`.
408
- # When you use DUKPT, for `TDES` algorithm, the ciphertext data length
409
- # must be a multiple of 16 bytes. For `AES` algorithm, the ciphertext
410
- # data length must be a multiple of 32 bytes.
407
+ # Cryptography supports `TDES` and `AES` algorithms. For EMV decryption,
408
+ # Amazon Web Services Payment Cryptography supports `TDES` algorithms.
409
+ # For asymmetric decryption, Amazon Web Services Payment Cryptography
410
+ # supports `RSA`.
411
+ #
412
+ # When you use TDES or TDES DUKPT, the ciphertext data length must be a
413
+ # multiple of 8 bytes. For AES or AES DUKPT, the ciphertext data length
414
+ # must be a multiple of 16 bytes. For RSA, it sould be equal to the key
415
+ # size unless padding is enabled.
411
416
  #
412
417
  # For information about valid keys for this operation, see
413
418
  # [Understanding key attributes][4] and [Key types for specific data
@@ -464,6 +469,14 @@ module Aws::PaymentCryptographyData
464
469
  # key_serial_number: "HexLengthBetween10And24", # required
465
470
  # mode: "ECB", # accepts ECB, CBC
466
471
  # },
472
+ # emv: {
473
+ # initialization_vector: "HexLength16Or32",
474
+ # major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
475
+ # mode: "ECB", # accepts ECB, CBC
476
+ # pan_sequence_number: "HexLengthEquals2", # required
477
+ # primary_account_number: "NumberLengthBetween12And19", # required
478
+ # session_derivation_data: "HexLengthEquals16", # required
479
+ # },
467
480
  # symmetric: {
468
481
  # initialization_vector: "HexLength16Or32",
469
482
  # mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
@@ -488,9 +501,10 @@ module Aws::PaymentCryptographyData
488
501
  req.send_request(options)
489
502
  end
490
503
 
491
- # Encrypts plaintext data to ciphertext using symmetric, asymmetric, or
492
- # DUKPT data encryption key. For more information, see [Encrypt data][1]
493
- # in the *Amazon Web Services Payment Cryptography User Guide*.
504
+ # Encrypts plaintext data to ciphertext using a symmetric (TDES, AES),
505
+ # asymmetric (RSA), or derived (DUKPT or EMV) encryption key scheme. For
506
+ # more information, see [Encrypt data][1] in the *Amazon Web Services
507
+ # Payment Cryptography User Guide*.
494
508
  #
495
509
  # You can generate an encryption key within Amazon Web Services Payment
496
510
  # Cryptography by calling [CreateKey][2]. You can import your own
@@ -498,14 +512,24 @@ module Aws::PaymentCryptographyData
498
512
  # must have `KeyModesOfUse` set to `Encrypt`. In asymmetric encryption,
499
513
  # plaintext is encrypted using public component. You can import the
500
514
  # public component of an asymmetric key pair created outside Amazon Web
501
- # Services Payment Cryptography by calling [ImportKey][3]).
515
+ # Services Payment Cryptography by calling [ImportKey][3].
502
516
  #
503
- # for symmetric and DUKPT encryption, Amazon Web Services Payment
504
- # Cryptography supports `TDES` and `AES` algorithms. For asymmetric
505
- # encryption, Amazon Web Services Payment Cryptography supports `RSA`.
506
- # To encrypt using DUKPT, you must already have a DUKPT key in your
507
- # account with `KeyModesOfUse` set to `DeriveKey`, or you can generate a
508
- # new DUKPT key by calling [CreateKey][2].
517
+ # For symmetric and DUKPT encryption, Amazon Web Services Payment
518
+ # Cryptography supports `TDES` and `AES` algorithms. For EMV encryption,
519
+ # Amazon Web Services Payment Cryptography supports `TDES`
520
+ # algorithms.For asymmetric encryption, Amazon Web Services Payment
521
+ # Cryptography supports `RSA`.
522
+ #
523
+ # When you use TDES or TDES DUKPT, the plaintext data length must be a
524
+ # multiple of 8 bytes. For AES or AES DUKPT, the plaintext data length
525
+ # must be a multiple of 16 bytes. For RSA, it sould be equal to the key
526
+ # size unless padding is enabled.
527
+ #
528
+ # To encrypt using DUKPT, you must already have a BDK (Base Derivation
529
+ # Key) key in your account with `KeyModesOfUse` set to `DeriveKey`, or
530
+ # you can generate a new DUKPT key by calling [CreateKey][2]. To encrypt
531
+ # using EMV, you must already have an IMK (Issuer Master Key) key in
532
+ # your account with `KeyModesOfUse` set to `DeriveKey`.
509
533
  #
510
534
  # For information about valid keys for this operation, see
511
535
  # [Understanding key attributes][4] and [Key types for specific data
@@ -544,6 +568,18 @@ module Aws::PaymentCryptographyData
544
568
  # @option params [required, String] :plain_text
545
569
  # The plaintext to be encrypted.
546
570
  #
571
+ # <note markdown="1"> For encryption using asymmetric keys, plaintext data length is
572
+ # constrained by encryption key strength that you define in
573
+ # `KeyAlgorithm` and padding type that you define in
574
+ # `AsymmetricEncryptionAttributes`. For more information, see [Encrypt
575
+ # data][1] in the *Amazon Web Services Payment Cryptography User Guide*.
576
+ #
577
+ # </note>
578
+ #
579
+ #
580
+ #
581
+ # [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/encrypt-data.html
582
+ #
547
583
  # @return [Types::EncryptDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
548
584
  #
549
585
  # * {Types::EncryptDataOutput#cipher_text #cipher_text} => String
@@ -564,6 +600,14 @@ module Aws::PaymentCryptographyData
564
600
  # key_serial_number: "HexLengthBetween10And24", # required
565
601
  # mode: "ECB", # accepts ECB, CBC
566
602
  # },
603
+ # emv: {
604
+ # initialization_vector: "HexLength16Or32",
605
+ # major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
606
+ # mode: "ECB", # accepts ECB, CBC
607
+ # pan_sequence_number: "HexLengthEquals2", # required
608
+ # primary_account_number: "NumberLengthBetween12And19", # required
609
+ # session_derivation_data: "HexLengthEquals16", # required
610
+ # },
567
611
  # symmetric: {
568
612
  # initialization_vector: "HexLength16Or32",
569
613
  # mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
@@ -708,15 +752,19 @@ module Aws::PaymentCryptographyData
708
752
  # Generates a Message Authentication Code (MAC) cryptogram within Amazon
709
753
  # Web Services Payment Cryptography.
710
754
  #
711
- # You can use this operation when keys won't be shared but mutual data
712
- # is present on both ends for validation. In this case, known data
713
- # values are used to generate a MAC on both ends for comparision without
714
- # sending or receiving data in ciphertext or plaintext. You can use this
715
- # operation to generate a DUPKT, HMAC or EMV MAC by setting generation
716
- # attributes and algorithm to the associated values. The MAC generation
717
- # encryption key must have valid values for `KeyUsage` such as
718
- # `TR31_M7_HMAC_KEY` for HMAC generation, and they key must have
719
- # `KeyModesOfUse` set to `Generate` and `Verify`.
755
+ # You can use this operation to authenticate card-related data by using
756
+ # known data values to generate MAC for data validation between the
757
+ # sending and receiving parties. This operation uses message data, a
758
+ # secret encryption key and MAC algorithm to generate a unique MAC value
759
+ # for transmission. The receiving party of the MAC must use the same
760
+ # message data, secret encryption key and MAC algorithm to reproduce
761
+ # another MAC value for comparision.
762
+ #
763
+ # You can use this operation to generate a DUPKT, CMAC, HMAC or EMV MAC
764
+ # by setting generation attributes and algorithm to the associated
765
+ # values. The MAC generation encryption key must have valid values for
766
+ # `KeyUsage` such as `TR31_M7_HMAC_KEY` for HMAC generation, and they
767
+ # key must have `KeyModesOfUse` set to `Generate` and `Verify`.
720
768
  #
721
769
  # For information about valid keys for this operation, see
722
770
  # [Understanding key attributes][1] and [Key types for specific data
@@ -748,7 +796,8 @@ module Aws::PaymentCryptographyData
748
796
  # The length of a MAC under generation.
749
797
  #
750
798
  # @option params [required, String] :message_data
751
- # The data for which a MAC is under generation.
799
+ # The data for which a MAC is under generation. This value must be
800
+ # hexBinary.
752
801
  #
753
802
  # @return [Types::GenerateMacOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
754
803
  #
@@ -1073,10 +1122,7 @@ module Aws::PaymentCryptographyData
1073
1122
  # can be from PEK (Pin Encryption Key) to BDK (Base Derivation Key) for
1074
1123
  # DUKPT or from BDK for DUKPT to PEK. Amazon Web Services Payment
1075
1124
  # Cryptography supports `TDES` and `AES` key derivation type for DUKPT
1076
- # tranlations. You can use this operation for P2PE (Point to Point
1077
- # Encryption) use cases where the encryption keys should change but the
1078
- # processing system either does not need to, or is not permitted to,
1079
- # decrypt the data.
1125
+ # translations.
1080
1126
  #
1081
1127
  # The allowed combinations of PIN block format translations are guided
1082
1128
  # by PCI. It is important to note that not all encrypted PIN block
@@ -1090,8 +1136,9 @@ module Aws::PaymentCryptographyData
1090
1136
  # operations][3] in the *Amazon Web Services Payment Cryptography User
1091
1137
  # Guide*.
1092
1138
  #
1093
- # <note markdown="1"> At this time, Amazon Web Services Payment Cryptography does not
1094
- # support translations to PIN format 4.
1139
+ # <note markdown="1"> Amazon Web Services Payment Cryptography currently supports ISO PIN
1140
+ # block 4 translation for PIN block built using legacy PAN length. That
1141
+ # is, PAN is the right most 12 digits excluding the check digits.
1095
1142
  #
1096
1143
  # </note>
1097
1144
  #
@@ -1116,15 +1163,15 @@ module Aws::PaymentCryptographyData
1116
1163
  #
1117
1164
  # @option params [Types::DukptDerivationAttributes] :incoming_dukpt_attributes
1118
1165
  # The attributes and values to use for incoming DUKPT encryption key for
1119
- # PIN block tranlation.
1166
+ # PIN block translation.
1120
1167
  #
1121
1168
  # @option params [required, String] :incoming_key_identifier
1122
1169
  # The `keyARN` of the encryption key under which incoming PIN block data
1123
1170
  # is encrypted. This key type can be PEK or BDK.
1124
1171
  #
1125
1172
  # @option params [required, Types::TranslationIsoFormats] :incoming_translation_attributes
1126
- # The format of the incoming PIN block data for tranlation within Amazon
1127
- # Web Services Payment Cryptography.
1173
+ # The format of the incoming PIN block data for translation within
1174
+ # Amazon Web Services Payment Cryptography.
1128
1175
  #
1129
1176
  # @option params [Types::DukptDerivationAttributes] :outgoing_dukpt_attributes
1130
1177
  # The attributes and values to use for outgoing DUKPT encryption key
@@ -1135,7 +1182,7 @@ module Aws::PaymentCryptographyData
1135
1182
  # data. This key type can be PEK or BDK.
1136
1183
  #
1137
1184
  # @option params [required, Types::TranslationIsoFormats] :outgoing_translation_attributes
1138
- # The format of the outgoing PIN block data after tranlation by Amazon
1185
+ # The format of the outgoing PIN block data after translation by Amazon
1139
1186
  # Web Services Payment Cryptography.
1140
1187
  #
1141
1188
  # @return [Types::TranslatePinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -1460,13 +1507,12 @@ module Aws::PaymentCryptographyData
1460
1507
 
1461
1508
  # Verifies a Message Authentication Code (MAC).
1462
1509
  #
1463
- # You can use this operation when keys won't be shared but mutual data
1464
- # is present on both ends for validation. In this case, known data
1465
- # values are used to generate a MAC on both ends for verification
1466
- # without sending or receiving data in ciphertext or plaintext. You can
1467
- # use this operation to verify a DUPKT, HMAC or EMV MAC by setting
1468
- # generation attributes and algorithm to the associated values. Use the
1469
- # same encryption key for MAC verification as you use for GenerateMac.
1510
+ # You can use this operation to verify MAC for message data
1511
+ # authentication such as . In this operation, you must use the same
1512
+ # message data, secret encryption key and MAC algorithm that was used to
1513
+ # generate MAC. You can use this operation to verify a DUPKT, CMAC, HMAC
1514
+ # or EMV MAC by setting generation attributes and algorithm to the
1515
+ # associated values.
1470
1516
  #
1471
1517
  # For information about valid keys for this operation, see
1472
1518
  # [Understanding key attributes][1] and [Key types for specific data
@@ -1498,7 +1544,8 @@ module Aws::PaymentCryptographyData
1498
1544
  # The length of the MAC.
1499
1545
  #
1500
1546
  # @option params [required, String] :message_data
1501
- # The data on for which MAC is under verification.
1547
+ # The data on for which MAC is under verification. This value must be
1548
+ # hexBinary.
1502
1549
  #
1503
1550
  # @option params [required, Types::MacAttributes] :verification_attributes
1504
1551
  # The attributes and data values to use for MAC verification within
@@ -1691,7 +1738,7 @@ module Aws::PaymentCryptographyData
1691
1738
  params: params,
1692
1739
  config: config)
1693
1740
  context[:gem_name] = 'aws-sdk-paymentcryptographydata'
1694
- context[:gem_version] = '1.9.0'
1741
+ context[:gem_version] = '1.10.0'
1695
1742
  Seahorse::Client::Request.new(handlers, context)
1696
1743
  end
1697
1744
 
@@ -36,6 +36,9 @@ module Aws::PaymentCryptographyData
36
36
  DukptKeyVariant = Shapes::StringShape.new(name: 'DukptKeyVariant')
37
37
  DynamicCardVerificationCode = Shapes::StructureShape.new(name: 'DynamicCardVerificationCode')
38
38
  DynamicCardVerificationValue = Shapes::StructureShape.new(name: 'DynamicCardVerificationValue')
39
+ EmvEncryptionAttributes = Shapes::StructureShape.new(name: 'EmvEncryptionAttributes')
40
+ EmvEncryptionMode = Shapes::StringShape.new(name: 'EmvEncryptionMode')
41
+ EmvMajorKeyDerivationMode = Shapes::StringShape.new(name: 'EmvMajorKeyDerivationMode')
39
42
  EncryptDataInput = Shapes::StructureShape.new(name: 'EncryptDataInput')
40
43
  EncryptDataOutput = Shapes::StructureShape.new(name: 'EncryptDataOutput')
41
44
  EncryptionDecryptionAttributes = Shapes::UnionShape.new(name: 'EncryptionDecryptionAttributes')
@@ -253,6 +256,14 @@ module Aws::PaymentCryptographyData
253
256
  DynamicCardVerificationValue.add_member(:service_code, Shapes::ShapeRef.new(shape: NumberLengthEquals3, required: true, location_name: "ServiceCode"))
254
257
  DynamicCardVerificationValue.struct_class = Types::DynamicCardVerificationValue
255
258
 
259
+ EmvEncryptionAttributes.add_member(:initialization_vector, Shapes::ShapeRef.new(shape: HexLength16Or32, location_name: "InitializationVector"))
260
+ EmvEncryptionAttributes.add_member(:major_key_derivation_mode, Shapes::ShapeRef.new(shape: EmvMajorKeyDerivationMode, required: true, location_name: "MajorKeyDerivationMode"))
261
+ EmvEncryptionAttributes.add_member(:mode, Shapes::ShapeRef.new(shape: EmvEncryptionMode, location_name: "Mode"))
262
+ EmvEncryptionAttributes.add_member(:pan_sequence_number, Shapes::ShapeRef.new(shape: HexLengthEquals2, required: true, location_name: "PanSequenceNumber"))
263
+ EmvEncryptionAttributes.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: NumberLengthBetween12And19, required: true, location_name: "PrimaryAccountNumber"))
264
+ EmvEncryptionAttributes.add_member(:session_derivation_data, Shapes::ShapeRef.new(shape: HexLengthEquals16, required: true, location_name: "SessionDerivationData"))
265
+ EmvEncryptionAttributes.struct_class = Types::EmvEncryptionAttributes
266
+
256
267
  EncryptDataInput.add_member(:encryption_attributes, Shapes::ShapeRef.new(shape: EncryptionDecryptionAttributes, required: true, location_name: "EncryptionAttributes"))
257
268
  EncryptDataInput.add_member(:key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location: "uri", location_name: "KeyIdentifier"))
258
269
  EncryptDataInput.add_member(:plain_text, Shapes::ShapeRef.new(shape: HexEvenLengthBetween16And4064, required: true, location_name: "PlainText"))
@@ -265,10 +276,12 @@ module Aws::PaymentCryptographyData
265
276
 
266
277
  EncryptionDecryptionAttributes.add_member(:asymmetric, Shapes::ShapeRef.new(shape: AsymmetricEncryptionAttributes, location_name: "Asymmetric"))
267
278
  EncryptionDecryptionAttributes.add_member(:dukpt, Shapes::ShapeRef.new(shape: DukptEncryptionAttributes, location_name: "Dukpt"))
279
+ EncryptionDecryptionAttributes.add_member(:emv, Shapes::ShapeRef.new(shape: EmvEncryptionAttributes, location_name: "Emv"))
268
280
  EncryptionDecryptionAttributes.add_member(:symmetric, Shapes::ShapeRef.new(shape: SymmetricEncryptionAttributes, location_name: "Symmetric"))
269
281
  EncryptionDecryptionAttributes.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
270
282
  EncryptionDecryptionAttributes.add_member_subclass(:asymmetric, Types::EncryptionDecryptionAttributes::Asymmetric)
271
283
  EncryptionDecryptionAttributes.add_member_subclass(:dukpt, Types::EncryptionDecryptionAttributes::Dukpt)
284
+ EncryptionDecryptionAttributes.add_member_subclass(:emv, Types::EncryptionDecryptionAttributes::Emv)
272
285
  EncryptionDecryptionAttributes.add_member_subclass(:symmetric, Types::EncryptionDecryptionAttributes::Symmetric)
273
286
  EncryptionDecryptionAttributes.add_member_subclass(:unknown, Types::EncryptionDecryptionAttributes::Unknown)
274
287
  EncryptionDecryptionAttributes.struct_class = Types::EncryptionDecryptionAttributes
@@ -299,7 +312,7 @@ module Aws::PaymentCryptographyData
299
312
  GeneratePinDataInput.add_member(:generation_attributes, Shapes::ShapeRef.new(shape: PinGenerationAttributes, required: true, location_name: "GenerationAttributes"))
300
313
  GeneratePinDataInput.add_member(:generation_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "GenerationKeyIdentifier"))
301
314
  GeneratePinDataInput.add_member(:pin_block_format, Shapes::ShapeRef.new(shape: PinBlockFormatForPinData, required: true, location_name: "PinBlockFormat"))
302
- GeneratePinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength", metadata: {"box"=>true}))
315
+ GeneratePinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"))
303
316
  GeneratePinDataInput.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: NumberLengthBetween12And19, required: true, location_name: "PrimaryAccountNumber"))
304
317
  GeneratePinDataInput.struct_class = Types::GeneratePinDataInput
305
318
 
@@ -560,7 +573,7 @@ module Aws::PaymentCryptographyData
560
573
  VerifyPinDataInput.add_member(:encrypted_pin_block, Shapes::ShapeRef.new(shape: HexLengthBetween16And32, required: true, location_name: "EncryptedPinBlock"))
561
574
  VerifyPinDataInput.add_member(:encryption_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "EncryptionKeyIdentifier"))
562
575
  VerifyPinDataInput.add_member(:pin_block_format, Shapes::ShapeRef.new(shape: PinBlockFormatForPinData, required: true, location_name: "PinBlockFormat"))
563
- VerifyPinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength", metadata: {"box"=>true}))
576
+ VerifyPinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"))
564
577
  VerifyPinDataInput.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: NumberLengthBetween12And19, required: true, location_name: "PrimaryAccountNumber"))
565
578
  VerifyPinDataInput.add_member(:verification_attributes, Shapes::ShapeRef.new(shape: PinVerificationAttributes, required: true, location_name: "VerificationAttributes"))
566
579
  VerifyPinDataInput.add_member(:verification_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "VerificationKeyIdentifier"))
@@ -32,7 +32,7 @@ module Aws::PaymentCryptographyData
32
32
  raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
33
33
  end
34
34
  if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
35
- if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
35
+ if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
36
36
  return Aws::Endpoints::Endpoint.new(url: "https://dataplane.payment-cryptography-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
37
37
  end
38
38
  raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
@@ -376,15 +376,14 @@ module Aws::PaymentCryptographyData
376
376
  # @!attribute [rw] key_check_value
377
377
  # The key check value (KCV) of the encryption key. The KCV is used to
378
378
  # check if all parties holding a given key have the same key or to
379
- # detect that a key has changed. Amazon Web Services Payment
380
- # Cryptography calculates the KCV by using standard algorithms,
381
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
382
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
383
- # resulting cryptogram.
379
+ # detect that a key has changed.
380
+ #
381
+ # Amazon Web Services Payment Cryptography computes the KCV according
382
+ # to the CMAC specification.
384
383
  # @return [String]
385
384
  #
386
385
  # @!attribute [rw] plain_text
387
- # The decrypted plaintext data.
386
+ # The decrypted plaintext data in hexBinary format.
388
387
  # @return [String]
389
388
  #
390
389
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/DecryptDataOutput AWS API Documentation
@@ -494,11 +493,8 @@ module Aws::PaymentCryptographyData
494
493
  # @return [String]
495
494
  #
496
495
  # @!attribute [rw] initialization_vector
497
- # An input to cryptographic primitive used to provide the intial
498
- # state. Typically the `InitializationVector` must have a random or
499
- # psuedo-random value, but sometimes it only needs to be unpredictable
500
- # or unique. If you don't provide a value, Amazon Web Services
501
- # Payment Cryptography generates a random value.
496
+ # An input used to provide the intial state. If no value is provided,
497
+ # Amazon Web Services Payment Cryptography defaults it to zero.
502
498
  # @return [String]
503
499
  #
504
500
  # @!attribute [rw] key_serial_number
@@ -509,12 +505,7 @@ module Aws::PaymentCryptographyData
509
505
  # @return [String]
510
506
  #
511
507
  # @!attribute [rw] mode
512
- # The block cipher mode of operation. Block ciphers are designed to
513
- # encrypt a block of data of fixed size, for example, 128 bits. The
514
- # size of the input block is usually same as the size of the encrypted
515
- # output block, while the key length can be different. A mode of
516
- # operation describes how to repeatedly apply a cipher's single-block
517
- # operation to securely transform amounts of data larger than a block.
508
+ # The block cipher method to use for encryption.
518
509
  #
519
510
  # The default is CBC.
520
511
  # @return [String]
@@ -597,6 +588,53 @@ module Aws::PaymentCryptographyData
597
588
  include Aws::Structure
598
589
  end
599
590
 
591
+ # Parameters for plaintext encryption using EMV keys.
592
+ #
593
+ # @!attribute [rw] initialization_vector
594
+ # An input used to provide the intial state. If no value is provided,
595
+ # Amazon Web Services Payment Cryptography defaults it to zero.
596
+ # @return [String]
597
+ #
598
+ # @!attribute [rw] major_key_derivation_mode
599
+ # The EMV derivation mode to use for ICC master key derivation as per
600
+ # EMV version 4.3 book 2.
601
+ # @return [String]
602
+ #
603
+ # @!attribute [rw] mode
604
+ # The block cipher method to use for encryption.
605
+ # @return [String]
606
+ #
607
+ # @!attribute [rw] pan_sequence_number
608
+ # A number that identifies and differentiates payment cards with the
609
+ # same Primary Account Number (PAN).
610
+ # @return [String]
611
+ #
612
+ # @!attribute [rw] primary_account_number
613
+ # The Primary Account Number (PAN), a unique identifier for a payment
614
+ # credit or debit card and associates the card to a specific account
615
+ # holder.
616
+ # @return [String]
617
+ #
618
+ # @!attribute [rw] session_derivation_data
619
+ # The derivation value used to derive the ICC session key. It is
620
+ # typically the application transaction counter value padded with
621
+ # zeros or previous ARQC value padded with zeros as per EMV version
622
+ # 4.3 book 2.
623
+ # @return [String]
624
+ #
625
+ # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/EmvEncryptionAttributes AWS API Documentation
626
+ #
627
+ class EmvEncryptionAttributes < Struct.new(
628
+ :initialization_vector,
629
+ :major_key_derivation_mode,
630
+ :mode,
631
+ :pan_sequence_number,
632
+ :primary_account_number,
633
+ :session_derivation_data)
634
+ SENSITIVE = [:initialization_vector, :primary_account_number]
635
+ include Aws::Structure
636
+ end
637
+
600
638
  # @!attribute [rw] encryption_attributes
601
639
  # The encryption key type and attributes for plaintext encryption.
602
640
  # @return [Types::EncryptionDecryptionAttributes]
@@ -608,6 +646,19 @@ module Aws::PaymentCryptographyData
608
646
  #
609
647
  # @!attribute [rw] plain_text
610
648
  # The plaintext to be encrypted.
649
+ #
650
+ # <note markdown="1"> For encryption using asymmetric keys, plaintext data length is
651
+ # constrained by encryption key strength that you define in
652
+ # `KeyAlgorithm` and padding type that you define in
653
+ # `AsymmetricEncryptionAttributes`. For more information, see [Encrypt
654
+ # data][1] in the *Amazon Web Services Payment Cryptography User
655
+ # Guide*.
656
+ #
657
+ # </note>
658
+ #
659
+ #
660
+ #
661
+ # [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/encrypt-data.html
611
662
  # @return [String]
612
663
  #
613
664
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/EncryptDataInput AWS API Documentation
@@ -632,11 +683,10 @@ module Aws::PaymentCryptographyData
632
683
  # @!attribute [rw] key_check_value
633
684
  # The key check value (KCV) of the encryption key. The KCV is used to
634
685
  # check if all parties holding a given key have the same key or to
635
- # detect that a key has changed. Amazon Web Services Payment
636
- # Cryptography calculates the KCV by using standard algorithms,
637
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
638
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
639
- # resulting cryptogram.
686
+ # detect that a key has changed.
687
+ #
688
+ # Amazon Web Services Payment Cryptography computes the KCV according
689
+ # to the CMAC specification.
640
690
  # @return [String]
641
691
  #
642
692
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/EncryptDataOutput AWS API Documentation
@@ -662,6 +712,10 @@ module Aws::PaymentCryptographyData
662
712
  # Parameters that are required to encrypt plaintext data using DUKPT.
663
713
  # @return [Types::DukptEncryptionAttributes]
664
714
  #
715
+ # @!attribute [rw] emv
716
+ # Parameters for plaintext encryption using EMV keys.
717
+ # @return [Types::EmvEncryptionAttributes]
718
+ #
665
719
  # @!attribute [rw] symmetric
666
720
  # Parameters that are required to perform encryption and decryption
667
721
  # using symmetric keys.
@@ -672,6 +726,7 @@ module Aws::PaymentCryptographyData
672
726
  class EncryptionDecryptionAttributes < Struct.new(
673
727
  :asymmetric,
674
728
  :dukpt,
729
+ :emv,
675
730
  :symmetric,
676
731
  :unknown)
677
732
  SENSITIVE = []
@@ -680,6 +735,7 @@ module Aws::PaymentCryptographyData
680
735
 
681
736
  class Asymmetric < EncryptionDecryptionAttributes; end
682
737
  class Dukpt < EncryptionDecryptionAttributes; end
738
+ class Emv < EncryptionDecryptionAttributes; end
683
739
  class Symmetric < EncryptionDecryptionAttributes; end
684
740
  class Unknown < EncryptionDecryptionAttributes; end
685
741
  end
@@ -724,11 +780,10 @@ module Aws::PaymentCryptographyData
724
780
  # @!attribute [rw] key_check_value
725
781
  # The key check value (KCV) of the encryption key. The KCV is used to
726
782
  # check if all parties holding a given key have the same key or to
727
- # detect that a key has changed. Amazon Web Services Payment
728
- # Cryptography calculates the KCV by using standard algorithms,
729
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
730
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
731
- # resulting cryptogram.
783
+ # detect that a key has changed.
784
+ #
785
+ # Amazon Web Services Payment Cryptography computes the KCV according
786
+ # to the CMAC specification.
732
787
  # @return [String]
733
788
  #
734
789
  # @!attribute [rw] validation_data
@@ -760,7 +815,8 @@ module Aws::PaymentCryptographyData
760
815
  # @return [Integer]
761
816
  #
762
817
  # @!attribute [rw] message_data
763
- # The data for which a MAC is under generation.
818
+ # The data for which a MAC is under generation. This value must be
819
+ # hexBinary.
764
820
  # @return [String]
765
821
  #
766
822
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/GenerateMacInput AWS API Documentation
@@ -782,11 +838,10 @@ module Aws::PaymentCryptographyData
782
838
  # @!attribute [rw] key_check_value
783
839
  # The key check value (KCV) of the encryption key. The KCV is used to
784
840
  # check if all parties holding a given key have the same key or to
785
- # detect that a key has changed. Amazon Web Services Payment
786
- # Cryptography calculates the KCV by using standard algorithms,
787
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
788
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
789
- # resulting cryptogram.
841
+ # detect that a key has changed.
842
+ #
843
+ # Amazon Web Services Payment Cryptography computes the KCV according
844
+ # to the CMAC specification.
790
845
  # @return [String]
791
846
  #
792
847
  # @!attribute [rw] mac
@@ -870,11 +925,10 @@ module Aws::PaymentCryptographyData
870
925
  # @!attribute [rw] encryption_key_check_value
871
926
  # The key check value (KCV) of the encryption key. The KCV is used to
872
927
  # check if all parties holding a given key have the same key or to
873
- # detect that a key has changed. Amazon Web Services Payment
874
- # Cryptography calculates the KCV by using standard algorithms,
875
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
876
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
877
- # resulting cryptogram.
928
+ # detect that a key has changed.
929
+ #
930
+ # Amazon Web Services Payment Cryptography computes the KCV according
931
+ # to the CMAC specification.
878
932
  # @return [String]
879
933
  #
880
934
  # @!attribute [rw] generation_key_arn
@@ -885,11 +939,10 @@ module Aws::PaymentCryptographyData
885
939
  # @!attribute [rw] generation_key_check_value
886
940
  # The key check value (KCV) of the encryption key. The KCV is used to
887
941
  # check if all parties holding a given key have the same key or to
888
- # detect that a key has changed. Amazon Web Services Payment
889
- # Cryptography calculates the KCV by using standard algorithms,
890
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
891
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
892
- # resulting cryptogram.
942
+ # detect that a key has changed.
943
+ #
944
+ # Amazon Web Services Payment Cryptography computes the KCV according
945
+ # to the CMAC specification.
893
946
  # @return [String]
894
947
  #
895
948
  # @!attribute [rw] pin_data
@@ -1168,7 +1221,7 @@ module Aws::PaymentCryptographyData
1168
1221
  #
1169
1222
  # @!attribute [rw] dukpt_iso_9797_algorithm_3
1170
1223
  # Parameters that are required for MAC generation or verification
1171
- # using DUKPT ISO 9797 algorithm2.
1224
+ # using DUKPT ISO 9797 algorithm3.
1172
1225
  # @return [Types::MacAlgorithmDukpt]
1173
1226
  #
1174
1227
  # @!attribute [rw] emv_mac
@@ -1357,11 +1410,10 @@ module Aws::PaymentCryptographyData
1357
1410
  # @!attribute [rw] key_check_value
1358
1411
  # The key check value (KCV) of the encryption key. The KCV is used to
1359
1412
  # check if all parties holding a given key have the same key or to
1360
- # detect that a key has changed. Amazon Web Services Payment
1361
- # Cryptography calculates the KCV by using standard algorithms,
1362
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
1363
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
1364
- # resulting cryptogram.
1413
+ # detect that a key has changed.
1414
+ #
1415
+ # Amazon Web Services Payment Cryptography computes the KCV according
1416
+ # to the CMAC specification.
1365
1417
  # @return [String]
1366
1418
  #
1367
1419
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/ReEncryptDataOutput AWS API Documentation
@@ -1635,20 +1687,12 @@ module Aws::PaymentCryptographyData
1635
1687
  # Parameters requried to encrypt plaintext data using symmetric keys.
1636
1688
  #
1637
1689
  # @!attribute [rw] initialization_vector
1638
- # An input to cryptographic primitive used to provide the intial
1639
- # state. The `InitializationVector` is typically required have a
1640
- # random or psuedo-random value, but sometimes it only needs to be
1641
- # unpredictable or unique. If a value is not provided, Amazon Web
1642
- # Services Payment Cryptography generates a random value.
1690
+ # An input used to provide the intial state. If no value is provided,
1691
+ # Amazon Web Services Payment Cryptography defaults it to zero.
1643
1692
  # @return [String]
1644
1693
  #
1645
1694
  # @!attribute [rw] mode
1646
- # The block cipher mode of operation. Block ciphers are designed to
1647
- # encrypt a block of data of fixed size (for example, 128 bits). The
1648
- # size of the input block is usually same as the size of the encrypted
1649
- # output block, while the key length can be different. A mode of
1650
- # operation describes how to repeatedly apply a cipher's single-block
1651
- # operation to securely transform amounts of data larger than a block.
1695
+ # The block cipher method to use for encryption.
1652
1696
  # @return [String]
1653
1697
  #
1654
1698
  # @!attribute [rw] padding_type
@@ -1685,7 +1729,7 @@ module Aws::PaymentCryptographyData
1685
1729
  #
1686
1730
  # @!attribute [rw] incoming_dukpt_attributes
1687
1731
  # The attributes and values to use for incoming DUKPT encryption key
1688
- # for PIN block tranlation.
1732
+ # for PIN block translation.
1689
1733
  # @return [Types::DukptDerivationAttributes]
1690
1734
  #
1691
1735
  # @!attribute [rw] incoming_key_identifier
@@ -1694,7 +1738,7 @@ module Aws::PaymentCryptographyData
1694
1738
  # @return [String]
1695
1739
  #
1696
1740
  # @!attribute [rw] incoming_translation_attributes
1697
- # The format of the incoming PIN block data for tranlation within
1741
+ # The format of the incoming PIN block data for translation within
1698
1742
  # Amazon Web Services Payment Cryptography.
1699
1743
  # @return [Types::TranslationIsoFormats]
1700
1744
  #
@@ -1709,8 +1753,8 @@ module Aws::PaymentCryptographyData
1709
1753
  # @return [String]
1710
1754
  #
1711
1755
  # @!attribute [rw] outgoing_translation_attributes
1712
- # The format of the outgoing PIN block data after tranlation by Amazon
1713
- # Web Services Payment Cryptography.
1756
+ # The format of the outgoing PIN block data after translation by
1757
+ # Amazon Web Services Payment Cryptography.
1714
1758
  # @return [Types::TranslationIsoFormats]
1715
1759
  #
1716
1760
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/TranslatePinDataInput AWS API Documentation
@@ -1736,15 +1780,14 @@ module Aws::PaymentCryptographyData
1736
1780
  # @!attribute [rw] key_check_value
1737
1781
  # The key check value (KCV) of the encryption key. The KCV is used to
1738
1782
  # check if all parties holding a given key have the same key or to
1739
- # detect that a key has changed. Amazon Web Services Payment
1740
- # Cryptography calculates the KCV by using standard algorithms,
1741
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
1742
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
1743
- # resulting cryptogram.
1783
+ # detect that a key has changed.
1784
+ #
1785
+ # Amazon Web Services Payment Cryptography computes the KCV according
1786
+ # to the CMAC specification.
1744
1787
  # @return [String]
1745
1788
  #
1746
1789
  # @!attribute [rw] pin_block
1747
- # The ougoing encrypted PIN block data after tranlation.
1790
+ # The outgoing encrypted PIN block data after translation.
1748
1791
  # @return [String]
1749
1792
  #
1750
1793
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/TranslatePinDataOutput AWS API Documentation
@@ -1940,11 +1983,10 @@ module Aws::PaymentCryptographyData
1940
1983
  # @!attribute [rw] key_check_value
1941
1984
  # The key check value (KCV) of the encryption key. The KCV is used to
1942
1985
  # check if all parties holding a given key have the same key or to
1943
- # detect that a key has changed. Amazon Web Services Payment
1944
- # Cryptography calculates the KCV by using standard algorithms,
1945
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
1946
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
1947
- # resulting cryptogram.
1986
+ # detect that a key has changed.
1987
+ #
1988
+ # Amazon Web Services Payment Cryptography computes the KCV according
1989
+ # to the CMAC specification.
1948
1990
  # @return [String]
1949
1991
  #
1950
1992
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyAuthRequestCryptogramOutput AWS API Documentation
@@ -1997,11 +2039,10 @@ module Aws::PaymentCryptographyData
1997
2039
  # @!attribute [rw] key_check_value
1998
2040
  # The key check value (KCV) of the encryption key. The KCV is used to
1999
2041
  # check if all parties holding a given key have the same key or to
2000
- # detect that a key has changed. Amazon Web Services Payment
2001
- # Cryptography calculates the KCV by using standard algorithms,
2002
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
2003
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
2004
- # resulting cryptogram.
2042
+ # detect that a key has changed.
2043
+ #
2044
+ # Amazon Web Services Payment Cryptography computes the KCV according
2045
+ # to the CMAC specification.
2005
2046
  # @return [String]
2006
2047
  #
2007
2048
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyCardValidationDataOutput AWS API Documentation
@@ -2027,7 +2068,8 @@ module Aws::PaymentCryptographyData
2027
2068
  # @return [Integer]
2028
2069
  #
2029
2070
  # @!attribute [rw] message_data
2030
- # The data on for which MAC is under verification.
2071
+ # The data on for which MAC is under verification. This value must be
2072
+ # hexBinary.
2031
2073
  # @return [String]
2032
2074
  #
2033
2075
  # @!attribute [rw] verification_attributes
@@ -2055,11 +2097,10 @@ module Aws::PaymentCryptographyData
2055
2097
  # @!attribute [rw] key_check_value
2056
2098
  # The key check value (KCV) of the encryption key. The KCV is used to
2057
2099
  # check if all parties holding a given key have the same key or to
2058
- # detect that a key has changed. Amazon Web Services Payment
2059
- # Cryptography calculates the KCV by using standard algorithms,
2060
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
2061
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
2062
- # resulting cryptogram.
2100
+ # detect that a key has changed.
2101
+ #
2102
+ # Amazon Web Services Payment Cryptography computes the KCV according
2103
+ # to the CMAC specification.
2063
2104
  # @return [String]
2064
2105
  #
2065
2106
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyMacOutput AWS API Documentation
@@ -2139,11 +2180,10 @@ module Aws::PaymentCryptographyData
2139
2180
  # @!attribute [rw] encryption_key_check_value
2140
2181
  # The key check value (KCV) of the encryption key. The KCV is used to
2141
2182
  # check if all parties holding a given key have the same key or to
2142
- # detect that a key has changed. Amazon Web Services Payment
2143
- # Cryptography calculates the KCV by using standard algorithms,
2144
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
2145
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
2146
- # resulting cryptogram.
2183
+ # detect that a key has changed.
2184
+ #
2185
+ # Amazon Web Services Payment Cryptography computes the KCV according
2186
+ # to the CMAC specification.
2147
2187
  # @return [String]
2148
2188
  #
2149
2189
  # @!attribute [rw] verification_key_arn
@@ -2154,11 +2194,10 @@ module Aws::PaymentCryptographyData
2154
2194
  # @!attribute [rw] verification_key_check_value
2155
2195
  # The key check value (KCV) of the encryption key. The KCV is used to
2156
2196
  # check if all parties holding a given key have the same key or to
2157
- # detect that a key has changed. Amazon Web Services Payment
2158
- # Cryptography calculates the KCV by using standard algorithms,
2159
- # typically by encrypting 8 or 16 bytes or "00" or "01" and then
2160
- # truncating the result to the first 3 bytes, or 6 hex digits, of the
2161
- # resulting cryptogram.
2197
+ # detect that a key has changed.
2198
+ #
2199
+ # Amazon Web Services Payment Cryptography computes the KCV according
2200
+ # to the CMAC specification.
2162
2201
  # @return [String]
2163
2202
  #
2164
2203
  # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyPinDataOutput AWS API Documentation
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-paymentcryptographydata/customizations'
52
52
  # @!group service
53
53
  module Aws::PaymentCryptographyData
54
54
 
55
- GEM_VERSION = '1.9.0'
55
+ GEM_VERSION = '1.10.0'
56
56
 
57
57
  end
data/sig/client.rbs CHANGED
@@ -92,6 +92,14 @@ module Aws
92
92
  key_serial_number: ::String,
93
93
  mode: ("ECB" | "CBC")?
94
94
  }?,
95
+ emv: {
96
+ initialization_vector: ::String?,
97
+ major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B"),
98
+ mode: ("ECB" | "CBC")?,
99
+ pan_sequence_number: ::String,
100
+ primary_account_number: ::String,
101
+ session_derivation_data: ::String
102
+ }?,
95
103
  symmetric: {
96
104
  initialization_vector: ::String?,
97
105
  mode: ("ECB" | "CBC" | "CFB" | "CFB1" | "CFB8" | "CFB64" | "CFB128" | "OFB"),
@@ -121,6 +129,14 @@ module Aws
121
129
  key_serial_number: ::String,
122
130
  mode: ("ECB" | "CBC")?
123
131
  }?,
132
+ emv: {
133
+ initialization_vector: ::String?,
134
+ major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B"),
135
+ mode: ("ECB" | "CBC")?,
136
+ pan_sequence_number: ::String,
137
+ primary_account_number: ::String,
138
+ session_derivation_data: ::String
139
+ }?,
124
140
  symmetric: {
125
141
  initialization_vector: ::String?,
126
142
  mode: ("ECB" | "CBC" | "CFB" | "CFB1" | "CFB8" | "CFB64" | "CFB128" | "OFB"),
data/sig/types.rbs CHANGED
@@ -192,6 +192,16 @@ module Aws::PaymentCryptographyData
192
192
  SENSITIVE: []
193
193
  end
194
194
 
195
+ class EmvEncryptionAttributes
196
+ attr_accessor initialization_vector: ::String
197
+ attr_accessor major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B")
198
+ attr_accessor mode: ("ECB" | "CBC")
199
+ attr_accessor pan_sequence_number: ::String
200
+ attr_accessor primary_account_number: ::String
201
+ attr_accessor session_derivation_data: ::String
202
+ SENSITIVE: [:initialization_vector, :primary_account_number]
203
+ end
204
+
195
205
  class EncryptDataInput
196
206
  attr_accessor encryption_attributes: Types::EncryptionDecryptionAttributes
197
207
  attr_accessor key_identifier: ::String
@@ -209,6 +219,7 @@ module Aws::PaymentCryptographyData
209
219
  class EncryptionDecryptionAttributes
210
220
  attr_accessor asymmetric: Types::AsymmetricEncryptionAttributes
211
221
  attr_accessor dukpt: Types::DukptEncryptionAttributes
222
+ attr_accessor emv: Types::EmvEncryptionAttributes
212
223
  attr_accessor symmetric: Types::SymmetricEncryptionAttributes
213
224
  attr_accessor unknown: untyped
214
225
  SENSITIVE: []
@@ -217,6 +228,8 @@ module Aws::PaymentCryptographyData
217
228
  end
218
229
  class Dukpt < EncryptionDecryptionAttributes
219
230
  end
231
+ class Emv < EncryptionDecryptionAttributes
232
+ end
220
233
  class Symmetric < EncryptionDecryptionAttributes
221
234
  end
222
235
  class Unknown < EncryptionDecryptionAttributes
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-paymentcryptographydata
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.9.0
4
+ version: 1.10.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-26 00:00:00.000000000 Z
11
+ date: 2024-03-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core