aws-sdk-paymentcryptographydata 1.9.0 → 1.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-paymentcryptographydata/client.rb +163 -92
- data/lib/aws-sdk-paymentcryptographydata/client_api.rb +15 -2
- data/lib/aws-sdk-paymentcryptographydata/endpoint_provider.rb +1 -1
- data/lib/aws-sdk-paymentcryptographydata/types.rb +135 -96
- data/lib/aws-sdk-paymentcryptographydata.rb +1 -1
- data/sig/client.rbs +16 -0
- data/sig/types.rbs +13 -0
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3a8fc927035075162901f841e6e49be8f2bc4d16236345628b8de85612dc5c7a
|
4
|
+
data.tar.gz: 0ddc79036f87c98f0874a1acbc5e31c4fee5f8f1b511a8756bb8180353149691
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4151ef0f90943b6575975fb2dc4efa6c7b8d90540048d1b583fc2a4abaf9f80574512fed457213fe1d9cf90d1b40f06c68b49e7b7b38a934d085b3bd158cb744
|
7
|
+
data.tar.gz: 668e5df2b09407d671cf07e47b7c9cd0a05300d3f416150a6ad1cf688e3ac6675b02268fb9d3090c29a1e37caf606ecccfa172b7f65ad7488bff81e32d22ae6e
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,16 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.11.0 (2024-04-25)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
8
|
+
|
9
|
+
1.10.0 (2024-03-07)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - AWS Payment Cryptography EMV Decrypt Feature Release
|
13
|
+
|
4
14
|
1.9.0 (2024-01-26)
|
5
15
|
------------------
|
6
16
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.11.0
|
@@ -22,6 +22,7 @@ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
|
|
22
22
|
require 'aws-sdk-core/plugins/response_paging.rb'
|
23
23
|
require 'aws-sdk-core/plugins/stub_responses.rb'
|
24
24
|
require 'aws-sdk-core/plugins/idempotency_token.rb'
|
25
|
+
require 'aws-sdk-core/plugins/invocation_id.rb'
|
25
26
|
require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
26
27
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
27
28
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
@@ -72,6 +73,7 @@ module Aws::PaymentCryptographyData
|
|
72
73
|
add_plugin(Aws::Plugins::ResponsePaging)
|
73
74
|
add_plugin(Aws::Plugins::StubResponses)
|
74
75
|
add_plugin(Aws::Plugins::IdempotencyToken)
|
76
|
+
add_plugin(Aws::Plugins::InvocationId)
|
75
77
|
add_plugin(Aws::Plugins::JsonvalueConverter)
|
76
78
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
77
79
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
@@ -196,10 +198,17 @@ module Aws::PaymentCryptographyData
|
|
196
198
|
# When set to 'true' the request body will not be compressed
|
197
199
|
# for supported operations.
|
198
200
|
#
|
199
|
-
# @option options [String] :endpoint
|
200
|
-
#
|
201
|
-
#
|
202
|
-
#
|
201
|
+
# @option options [String, URI::HTTPS, URI::HTTP] :endpoint
|
202
|
+
# Normally you should not configure the `:endpoint` option
|
203
|
+
# directly. This is normally constructed from the `:region`
|
204
|
+
# option. Configuring `:endpoint` is normally reserved for
|
205
|
+
# connecting to test or custom endpoints. The endpoint should
|
206
|
+
# be a URI formatted like:
|
207
|
+
#
|
208
|
+
# 'http://example.com'
|
209
|
+
# 'https://example.com'
|
210
|
+
# 'http://example.com:123'
|
211
|
+
#
|
203
212
|
#
|
204
213
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
205
214
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -337,50 +346,65 @@ module Aws::PaymentCryptographyData
|
|
337
346
|
# @option options [Aws::PaymentCryptographyData::EndpointProvider] :endpoint_provider
|
338
347
|
# The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::PaymentCryptographyData::EndpointParameters`
|
339
348
|
#
|
340
|
-
# @option options [
|
341
|
-
#
|
342
|
-
#
|
343
|
-
#
|
344
|
-
#
|
345
|
-
#
|
346
|
-
#
|
347
|
-
#
|
348
|
-
#
|
349
|
-
#
|
350
|
-
#
|
351
|
-
# @option options [Float] :
|
352
|
-
#
|
353
|
-
#
|
354
|
-
#
|
355
|
-
#
|
356
|
-
#
|
357
|
-
#
|
358
|
-
#
|
359
|
-
#
|
360
|
-
#
|
361
|
-
#
|
362
|
-
#
|
363
|
-
#
|
364
|
-
#
|
365
|
-
#
|
366
|
-
#
|
367
|
-
#
|
349
|
+
# @option options [Float] :http_continue_timeout (1)
|
350
|
+
# The number of seconds to wait for a 100-continue response before sending the
|
351
|
+
# request body. This option has no effect unless the request has "Expect"
|
352
|
+
# header set to "100-continue". Defaults to `nil` which disables this
|
353
|
+
# behaviour. This value can safely be set per request on the session.
|
354
|
+
#
|
355
|
+
# @option options [Float] :http_idle_timeout (5)
|
356
|
+
# The number of seconds a connection is allowed to sit idle before it
|
357
|
+
# is considered stale. Stale connections are closed and removed from the
|
358
|
+
# pool before making a request.
|
359
|
+
#
|
360
|
+
# @option options [Float] :http_open_timeout (15)
|
361
|
+
# The default number of seconds to wait for response data.
|
362
|
+
# This value can safely be set per-request on the session.
|
363
|
+
#
|
364
|
+
# @option options [URI::HTTP,String] :http_proxy
|
365
|
+
# A proxy to send requests through. Formatted like 'http://proxy.com:123'.
|
366
|
+
#
|
367
|
+
# @option options [Float] :http_read_timeout (60)
|
368
|
+
# The default number of seconds to wait for response data.
|
369
|
+
# This value can safely be set per-request on the session.
|
370
|
+
#
|
371
|
+
# @option options [Boolean] :http_wire_trace (false)
|
372
|
+
# When `true`, HTTP debug output will be sent to the `:logger`.
|
373
|
+
#
|
374
|
+
# @option options [Proc] :on_chunk_received
|
375
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
376
|
+
# of the response body is received. It provides three arguments: the chunk,
|
377
|
+
# the number of bytes received, and the total number of
|
378
|
+
# bytes in the response (or nil if the server did not send a `content-length`).
|
379
|
+
#
|
380
|
+
# @option options [Proc] :on_chunk_sent
|
381
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
382
|
+
# of the request body is sent. It provides three arguments: the chunk,
|
383
|
+
# the number of bytes read from the body, and the total number of
|
384
|
+
# bytes in the body.
|
385
|
+
#
|
386
|
+
# @option options [Boolean] :raise_response_errors (true)
|
387
|
+
# When `true`, response errors are raised.
|
388
|
+
#
|
389
|
+
# @option options [String] :ssl_ca_bundle
|
390
|
+
# Full path to the SSL certificate authority bundle file that should be used when
|
391
|
+
# verifying peer certificates. If you do not pass `:ssl_ca_bundle` or
|
392
|
+
# `:ssl_ca_directory` the the system default will be used if available.
|
393
|
+
#
|
394
|
+
# @option options [String] :ssl_ca_directory
|
395
|
+
# Full path of the directory that contains the unbundled SSL certificate
|
396
|
+
# authority files for verifying peer certificates. If you do
|
397
|
+
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the system
|
398
|
+
# default will be used if available.
|
368
399
|
#
|
369
|
-
# @option options [
|
370
|
-
#
|
371
|
-
# connection.
|
400
|
+
# @option options [String] :ssl_ca_store
|
401
|
+
# Sets the X509::Store to verify peer certificate.
|
372
402
|
#
|
373
|
-
# @option options [
|
374
|
-
#
|
375
|
-
# verifying peer certificates. If you do not pass
|
376
|
-
# `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
|
377
|
-
# will be used if available.
|
403
|
+
# @option options [Float] :ssl_timeout
|
404
|
+
# Sets the SSL timeout in seconds
|
378
405
|
#
|
379
|
-
# @option options [
|
380
|
-
#
|
381
|
-
# authority files for verifying peer certificates. If you do
|
382
|
-
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
|
383
|
-
# system default will be used if available.
|
406
|
+
# @option options [Boolean] :ssl_verify_peer (true)
|
407
|
+
# When `true`, SSL peer certificates are verified when establishing a connection.
|
384
408
|
#
|
385
409
|
def initialize(*args)
|
386
410
|
super
|
@@ -388,9 +412,10 @@ module Aws::PaymentCryptographyData
|
|
388
412
|
|
389
413
|
# @!group API Operations
|
390
414
|
|
391
|
-
# Decrypts ciphertext data to plaintext using symmetric,
|
392
|
-
# DUKPT
|
393
|
-
# in the *Amazon Web Services
|
415
|
+
# Decrypts ciphertext data to plaintext using a symmetric (TDES, AES),
|
416
|
+
# asymmetric (RSA), or derived (DUKPT or EMV) encryption key scheme. For
|
417
|
+
# more information, see [Decrypt data][1] in the *Amazon Web Services
|
418
|
+
# Payment Cryptography User Guide*.
|
394
419
|
#
|
395
420
|
# You can use an encryption key generated within Amazon Web Services
|
396
421
|
# Payment Cryptography, or you can import your own encryption key by
|
@@ -403,11 +428,15 @@ module Aws::PaymentCryptographyData
|
|
403
428
|
# [GetPublicCertificate][3].
|
404
429
|
#
|
405
430
|
# For symmetric and DUKPT decryption, Amazon Web Services Payment
|
406
|
-
# Cryptography supports `TDES` and `AES` algorithms. For
|
407
|
-
#
|
408
|
-
#
|
409
|
-
#
|
410
|
-
#
|
431
|
+
# Cryptography supports `TDES` and `AES` algorithms. For EMV decryption,
|
432
|
+
# Amazon Web Services Payment Cryptography supports `TDES` algorithms.
|
433
|
+
# For asymmetric decryption, Amazon Web Services Payment Cryptography
|
434
|
+
# supports `RSA`.
|
435
|
+
#
|
436
|
+
# When you use TDES or TDES DUKPT, the ciphertext data length must be a
|
437
|
+
# multiple of 8 bytes. For AES or AES DUKPT, the ciphertext data length
|
438
|
+
# must be a multiple of 16 bytes. For RSA, it sould be equal to the key
|
439
|
+
# size unless padding is enabled.
|
411
440
|
#
|
412
441
|
# For information about valid keys for this operation, see
|
413
442
|
# [Understanding key attributes][4] and [Key types for specific data
|
@@ -464,6 +493,14 @@ module Aws::PaymentCryptographyData
|
|
464
493
|
# key_serial_number: "HexLengthBetween10And24", # required
|
465
494
|
# mode: "ECB", # accepts ECB, CBC
|
466
495
|
# },
|
496
|
+
# emv: {
|
497
|
+
# initialization_vector: "HexLength16Or32",
|
498
|
+
# major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
|
499
|
+
# mode: "ECB", # accepts ECB, CBC
|
500
|
+
# pan_sequence_number: "HexLengthEquals2", # required
|
501
|
+
# primary_account_number: "NumberLengthBetween12And19", # required
|
502
|
+
# session_derivation_data: "HexLengthEquals16", # required
|
503
|
+
# },
|
467
504
|
# symmetric: {
|
468
505
|
# initialization_vector: "HexLength16Or32",
|
469
506
|
# mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
|
@@ -488,9 +525,10 @@ module Aws::PaymentCryptographyData
|
|
488
525
|
req.send_request(options)
|
489
526
|
end
|
490
527
|
|
491
|
-
# Encrypts plaintext data to ciphertext using symmetric,
|
492
|
-
# DUKPT
|
493
|
-
# in the *Amazon Web Services
|
528
|
+
# Encrypts plaintext data to ciphertext using a symmetric (TDES, AES),
|
529
|
+
# asymmetric (RSA), or derived (DUKPT or EMV) encryption key scheme. For
|
530
|
+
# more information, see [Encrypt data][1] in the *Amazon Web Services
|
531
|
+
# Payment Cryptography User Guide*.
|
494
532
|
#
|
495
533
|
# You can generate an encryption key within Amazon Web Services Payment
|
496
534
|
# Cryptography by calling [CreateKey][2]. You can import your own
|
@@ -498,14 +536,24 @@ module Aws::PaymentCryptographyData
|
|
498
536
|
# must have `KeyModesOfUse` set to `Encrypt`. In asymmetric encryption,
|
499
537
|
# plaintext is encrypted using public component. You can import the
|
500
538
|
# public component of an asymmetric key pair created outside Amazon Web
|
501
|
-
# Services Payment Cryptography by calling [ImportKey][3]
|
539
|
+
# Services Payment Cryptography by calling [ImportKey][3].
|
502
540
|
#
|
503
|
-
#
|
504
|
-
# Cryptography supports `TDES` and `AES` algorithms. For
|
505
|
-
#
|
506
|
-
#
|
507
|
-
#
|
508
|
-
#
|
541
|
+
# For symmetric and DUKPT encryption, Amazon Web Services Payment
|
542
|
+
# Cryptography supports `TDES` and `AES` algorithms. For EMV encryption,
|
543
|
+
# Amazon Web Services Payment Cryptography supports `TDES`
|
544
|
+
# algorithms.For asymmetric encryption, Amazon Web Services Payment
|
545
|
+
# Cryptography supports `RSA`.
|
546
|
+
#
|
547
|
+
# When you use TDES or TDES DUKPT, the plaintext data length must be a
|
548
|
+
# multiple of 8 bytes. For AES or AES DUKPT, the plaintext data length
|
549
|
+
# must be a multiple of 16 bytes. For RSA, it sould be equal to the key
|
550
|
+
# size unless padding is enabled.
|
551
|
+
#
|
552
|
+
# To encrypt using DUKPT, you must already have a BDK (Base Derivation
|
553
|
+
# Key) key in your account with `KeyModesOfUse` set to `DeriveKey`, or
|
554
|
+
# you can generate a new DUKPT key by calling [CreateKey][2]. To encrypt
|
555
|
+
# using EMV, you must already have an IMK (Issuer Master Key) key in
|
556
|
+
# your account with `KeyModesOfUse` set to `DeriveKey`.
|
509
557
|
#
|
510
558
|
# For information about valid keys for this operation, see
|
511
559
|
# [Understanding key attributes][4] and [Key types for specific data
|
@@ -544,6 +592,18 @@ module Aws::PaymentCryptographyData
|
|
544
592
|
# @option params [required, String] :plain_text
|
545
593
|
# The plaintext to be encrypted.
|
546
594
|
#
|
595
|
+
# <note markdown="1"> For encryption using asymmetric keys, plaintext data length is
|
596
|
+
# constrained by encryption key strength that you define in
|
597
|
+
# `KeyAlgorithm` and padding type that you define in
|
598
|
+
# `AsymmetricEncryptionAttributes`. For more information, see [Encrypt
|
599
|
+
# data][1] in the *Amazon Web Services Payment Cryptography User Guide*.
|
600
|
+
#
|
601
|
+
# </note>
|
602
|
+
#
|
603
|
+
#
|
604
|
+
#
|
605
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/encrypt-data.html
|
606
|
+
#
|
547
607
|
# @return [Types::EncryptDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
548
608
|
#
|
549
609
|
# * {Types::EncryptDataOutput#cipher_text #cipher_text} => String
|
@@ -564,6 +624,14 @@ module Aws::PaymentCryptographyData
|
|
564
624
|
# key_serial_number: "HexLengthBetween10And24", # required
|
565
625
|
# mode: "ECB", # accepts ECB, CBC
|
566
626
|
# },
|
627
|
+
# emv: {
|
628
|
+
# initialization_vector: "HexLength16Or32",
|
629
|
+
# major_key_derivation_mode: "EMV_OPTION_A", # required, accepts EMV_OPTION_A, EMV_OPTION_B
|
630
|
+
# mode: "ECB", # accepts ECB, CBC
|
631
|
+
# pan_sequence_number: "HexLengthEquals2", # required
|
632
|
+
# primary_account_number: "NumberLengthBetween12And19", # required
|
633
|
+
# session_derivation_data: "HexLengthEquals16", # required
|
634
|
+
# },
|
567
635
|
# symmetric: {
|
568
636
|
# initialization_vector: "HexLength16Or32",
|
569
637
|
# mode: "ECB", # required, accepts ECB, CBC, CFB, CFB1, CFB8, CFB64, CFB128, OFB
|
@@ -708,15 +776,19 @@ module Aws::PaymentCryptographyData
|
|
708
776
|
# Generates a Message Authentication Code (MAC) cryptogram within Amazon
|
709
777
|
# Web Services Payment Cryptography.
|
710
778
|
#
|
711
|
-
# You can use this operation
|
712
|
-
#
|
713
|
-
#
|
714
|
-
#
|
715
|
-
#
|
716
|
-
#
|
717
|
-
#
|
718
|
-
#
|
719
|
-
#
|
779
|
+
# You can use this operation to authenticate card-related data by using
|
780
|
+
# known data values to generate MAC for data validation between the
|
781
|
+
# sending and receiving parties. This operation uses message data, a
|
782
|
+
# secret encryption key and MAC algorithm to generate a unique MAC value
|
783
|
+
# for transmission. The receiving party of the MAC must use the same
|
784
|
+
# message data, secret encryption key and MAC algorithm to reproduce
|
785
|
+
# another MAC value for comparision.
|
786
|
+
#
|
787
|
+
# You can use this operation to generate a DUPKT, CMAC, HMAC or EMV MAC
|
788
|
+
# by setting generation attributes and algorithm to the associated
|
789
|
+
# values. The MAC generation encryption key must have valid values for
|
790
|
+
# `KeyUsage` such as `TR31_M7_HMAC_KEY` for HMAC generation, and they
|
791
|
+
# key must have `KeyModesOfUse` set to `Generate` and `Verify`.
|
720
792
|
#
|
721
793
|
# For information about valid keys for this operation, see
|
722
794
|
# [Understanding key attributes][1] and [Key types for specific data
|
@@ -748,7 +820,8 @@ module Aws::PaymentCryptographyData
|
|
748
820
|
# The length of a MAC under generation.
|
749
821
|
#
|
750
822
|
# @option params [required, String] :message_data
|
751
|
-
# The data for which a MAC is under generation.
|
823
|
+
# The data for which a MAC is under generation. This value must be
|
824
|
+
# hexBinary.
|
752
825
|
#
|
753
826
|
# @return [Types::GenerateMacOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
754
827
|
#
|
@@ -1073,10 +1146,7 @@ module Aws::PaymentCryptographyData
|
|
1073
1146
|
# can be from PEK (Pin Encryption Key) to BDK (Base Derivation Key) for
|
1074
1147
|
# DUKPT or from BDK for DUKPT to PEK. Amazon Web Services Payment
|
1075
1148
|
# Cryptography supports `TDES` and `AES` key derivation type for DUKPT
|
1076
|
-
#
|
1077
|
-
# Encryption) use cases where the encryption keys should change but the
|
1078
|
-
# processing system either does not need to, or is not permitted to,
|
1079
|
-
# decrypt the data.
|
1149
|
+
# translations.
|
1080
1150
|
#
|
1081
1151
|
# The allowed combinations of PIN block format translations are guided
|
1082
1152
|
# by PCI. It is important to note that not all encrypted PIN block
|
@@ -1090,8 +1160,9 @@ module Aws::PaymentCryptographyData
|
|
1090
1160
|
# operations][3] in the *Amazon Web Services Payment Cryptography User
|
1091
1161
|
# Guide*.
|
1092
1162
|
#
|
1093
|
-
# <note markdown="1">
|
1094
|
-
#
|
1163
|
+
# <note markdown="1"> Amazon Web Services Payment Cryptography currently supports ISO PIN
|
1164
|
+
# block 4 translation for PIN block built using legacy PAN length. That
|
1165
|
+
# is, PAN is the right most 12 digits excluding the check digits.
|
1095
1166
|
#
|
1096
1167
|
# </note>
|
1097
1168
|
#
|
@@ -1116,15 +1187,15 @@ module Aws::PaymentCryptographyData
|
|
1116
1187
|
#
|
1117
1188
|
# @option params [Types::DukptDerivationAttributes] :incoming_dukpt_attributes
|
1118
1189
|
# The attributes and values to use for incoming DUKPT encryption key for
|
1119
|
-
# PIN block
|
1190
|
+
# PIN block translation.
|
1120
1191
|
#
|
1121
1192
|
# @option params [required, String] :incoming_key_identifier
|
1122
1193
|
# The `keyARN` of the encryption key under which incoming PIN block data
|
1123
1194
|
# is encrypted. This key type can be PEK or BDK.
|
1124
1195
|
#
|
1125
1196
|
# @option params [required, Types::TranslationIsoFormats] :incoming_translation_attributes
|
1126
|
-
# The format of the incoming PIN block data for
|
1127
|
-
# Web Services Payment Cryptography.
|
1197
|
+
# The format of the incoming PIN block data for translation within
|
1198
|
+
# Amazon Web Services Payment Cryptography.
|
1128
1199
|
#
|
1129
1200
|
# @option params [Types::DukptDerivationAttributes] :outgoing_dukpt_attributes
|
1130
1201
|
# The attributes and values to use for outgoing DUKPT encryption key
|
@@ -1135,7 +1206,7 @@ module Aws::PaymentCryptographyData
|
|
1135
1206
|
# data. This key type can be PEK or BDK.
|
1136
1207
|
#
|
1137
1208
|
# @option params [required, Types::TranslationIsoFormats] :outgoing_translation_attributes
|
1138
|
-
# The format of the outgoing PIN block data after
|
1209
|
+
# The format of the outgoing PIN block data after translation by Amazon
|
1139
1210
|
# Web Services Payment Cryptography.
|
1140
1211
|
#
|
1141
1212
|
# @return [Types::TranslatePinDataOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
@@ -1460,13 +1531,12 @@ module Aws::PaymentCryptographyData
|
|
1460
1531
|
|
1461
1532
|
# Verifies a Message Authentication Code (MAC).
|
1462
1533
|
#
|
1463
|
-
# You can use this operation
|
1464
|
-
#
|
1465
|
-
#
|
1466
|
-
#
|
1467
|
-
#
|
1468
|
-
#
|
1469
|
-
# same encryption key for MAC verification as you use for GenerateMac.
|
1534
|
+
# You can use this operation to verify MAC for message data
|
1535
|
+
# authentication such as . In this operation, you must use the same
|
1536
|
+
# message data, secret encryption key and MAC algorithm that was used to
|
1537
|
+
# generate MAC. You can use this operation to verify a DUPKT, CMAC, HMAC
|
1538
|
+
# or EMV MAC by setting generation attributes and algorithm to the
|
1539
|
+
# associated values.
|
1470
1540
|
#
|
1471
1541
|
# For information about valid keys for this operation, see
|
1472
1542
|
# [Understanding key attributes][1] and [Key types for specific data
|
@@ -1498,7 +1568,8 @@ module Aws::PaymentCryptographyData
|
|
1498
1568
|
# The length of the MAC.
|
1499
1569
|
#
|
1500
1570
|
# @option params [required, String] :message_data
|
1501
|
-
# The data on for which MAC is under verification.
|
1571
|
+
# The data on for which MAC is under verification. This value must be
|
1572
|
+
# hexBinary.
|
1502
1573
|
#
|
1503
1574
|
# @option params [required, Types::MacAttributes] :verification_attributes
|
1504
1575
|
# The attributes and data values to use for MAC verification within
|
@@ -1691,7 +1762,7 @@ module Aws::PaymentCryptographyData
|
|
1691
1762
|
params: params,
|
1692
1763
|
config: config)
|
1693
1764
|
context[:gem_name] = 'aws-sdk-paymentcryptographydata'
|
1694
|
-
context[:gem_version] = '1.
|
1765
|
+
context[:gem_version] = '1.11.0'
|
1695
1766
|
Seahorse::Client::Request.new(handlers, context)
|
1696
1767
|
end
|
1697
1768
|
|
@@ -36,6 +36,9 @@ module Aws::PaymentCryptographyData
|
|
36
36
|
DukptKeyVariant = Shapes::StringShape.new(name: 'DukptKeyVariant')
|
37
37
|
DynamicCardVerificationCode = Shapes::StructureShape.new(name: 'DynamicCardVerificationCode')
|
38
38
|
DynamicCardVerificationValue = Shapes::StructureShape.new(name: 'DynamicCardVerificationValue')
|
39
|
+
EmvEncryptionAttributes = Shapes::StructureShape.new(name: 'EmvEncryptionAttributes')
|
40
|
+
EmvEncryptionMode = Shapes::StringShape.new(name: 'EmvEncryptionMode')
|
41
|
+
EmvMajorKeyDerivationMode = Shapes::StringShape.new(name: 'EmvMajorKeyDerivationMode')
|
39
42
|
EncryptDataInput = Shapes::StructureShape.new(name: 'EncryptDataInput')
|
40
43
|
EncryptDataOutput = Shapes::StructureShape.new(name: 'EncryptDataOutput')
|
41
44
|
EncryptionDecryptionAttributes = Shapes::UnionShape.new(name: 'EncryptionDecryptionAttributes')
|
@@ -253,6 +256,14 @@ module Aws::PaymentCryptographyData
|
|
253
256
|
DynamicCardVerificationValue.add_member(:service_code, Shapes::ShapeRef.new(shape: NumberLengthEquals3, required: true, location_name: "ServiceCode"))
|
254
257
|
DynamicCardVerificationValue.struct_class = Types::DynamicCardVerificationValue
|
255
258
|
|
259
|
+
EmvEncryptionAttributes.add_member(:initialization_vector, Shapes::ShapeRef.new(shape: HexLength16Or32, location_name: "InitializationVector"))
|
260
|
+
EmvEncryptionAttributes.add_member(:major_key_derivation_mode, Shapes::ShapeRef.new(shape: EmvMajorKeyDerivationMode, required: true, location_name: "MajorKeyDerivationMode"))
|
261
|
+
EmvEncryptionAttributes.add_member(:mode, Shapes::ShapeRef.new(shape: EmvEncryptionMode, location_name: "Mode"))
|
262
|
+
EmvEncryptionAttributes.add_member(:pan_sequence_number, Shapes::ShapeRef.new(shape: HexLengthEquals2, required: true, location_name: "PanSequenceNumber"))
|
263
|
+
EmvEncryptionAttributes.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: NumberLengthBetween12And19, required: true, location_name: "PrimaryAccountNumber"))
|
264
|
+
EmvEncryptionAttributes.add_member(:session_derivation_data, Shapes::ShapeRef.new(shape: HexLengthEquals16, required: true, location_name: "SessionDerivationData"))
|
265
|
+
EmvEncryptionAttributes.struct_class = Types::EmvEncryptionAttributes
|
266
|
+
|
256
267
|
EncryptDataInput.add_member(:encryption_attributes, Shapes::ShapeRef.new(shape: EncryptionDecryptionAttributes, required: true, location_name: "EncryptionAttributes"))
|
257
268
|
EncryptDataInput.add_member(:key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location: "uri", location_name: "KeyIdentifier"))
|
258
269
|
EncryptDataInput.add_member(:plain_text, Shapes::ShapeRef.new(shape: HexEvenLengthBetween16And4064, required: true, location_name: "PlainText"))
|
@@ -265,10 +276,12 @@ module Aws::PaymentCryptographyData
|
|
265
276
|
|
266
277
|
EncryptionDecryptionAttributes.add_member(:asymmetric, Shapes::ShapeRef.new(shape: AsymmetricEncryptionAttributes, location_name: "Asymmetric"))
|
267
278
|
EncryptionDecryptionAttributes.add_member(:dukpt, Shapes::ShapeRef.new(shape: DukptEncryptionAttributes, location_name: "Dukpt"))
|
279
|
+
EncryptionDecryptionAttributes.add_member(:emv, Shapes::ShapeRef.new(shape: EmvEncryptionAttributes, location_name: "Emv"))
|
268
280
|
EncryptionDecryptionAttributes.add_member(:symmetric, Shapes::ShapeRef.new(shape: SymmetricEncryptionAttributes, location_name: "Symmetric"))
|
269
281
|
EncryptionDecryptionAttributes.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
|
270
282
|
EncryptionDecryptionAttributes.add_member_subclass(:asymmetric, Types::EncryptionDecryptionAttributes::Asymmetric)
|
271
283
|
EncryptionDecryptionAttributes.add_member_subclass(:dukpt, Types::EncryptionDecryptionAttributes::Dukpt)
|
284
|
+
EncryptionDecryptionAttributes.add_member_subclass(:emv, Types::EncryptionDecryptionAttributes::Emv)
|
272
285
|
EncryptionDecryptionAttributes.add_member_subclass(:symmetric, Types::EncryptionDecryptionAttributes::Symmetric)
|
273
286
|
EncryptionDecryptionAttributes.add_member_subclass(:unknown, Types::EncryptionDecryptionAttributes::Unknown)
|
274
287
|
EncryptionDecryptionAttributes.struct_class = Types::EncryptionDecryptionAttributes
|
@@ -299,7 +312,7 @@ module Aws::PaymentCryptographyData
|
|
299
312
|
GeneratePinDataInput.add_member(:generation_attributes, Shapes::ShapeRef.new(shape: PinGenerationAttributes, required: true, location_name: "GenerationAttributes"))
|
300
313
|
GeneratePinDataInput.add_member(:generation_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "GenerationKeyIdentifier"))
|
301
314
|
GeneratePinDataInput.add_member(:pin_block_format, Shapes::ShapeRef.new(shape: PinBlockFormatForPinData, required: true, location_name: "PinBlockFormat"))
|
302
|
-
GeneratePinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"
|
315
|
+
GeneratePinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"))
|
303
316
|
GeneratePinDataInput.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: NumberLengthBetween12And19, required: true, location_name: "PrimaryAccountNumber"))
|
304
317
|
GeneratePinDataInput.struct_class = Types::GeneratePinDataInput
|
305
318
|
|
@@ -560,7 +573,7 @@ module Aws::PaymentCryptographyData
|
|
560
573
|
VerifyPinDataInput.add_member(:encrypted_pin_block, Shapes::ShapeRef.new(shape: HexLengthBetween16And32, required: true, location_name: "EncryptedPinBlock"))
|
561
574
|
VerifyPinDataInput.add_member(:encryption_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "EncryptionKeyIdentifier"))
|
562
575
|
VerifyPinDataInput.add_member(:pin_block_format, Shapes::ShapeRef.new(shape: PinBlockFormatForPinData, required: true, location_name: "PinBlockFormat"))
|
563
|
-
VerifyPinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"
|
576
|
+
VerifyPinDataInput.add_member(:pin_data_length, Shapes::ShapeRef.new(shape: IntegerRangeBetween4And12, location_name: "PinDataLength"))
|
564
577
|
VerifyPinDataInput.add_member(:primary_account_number, Shapes::ShapeRef.new(shape: NumberLengthBetween12And19, required: true, location_name: "PrimaryAccountNumber"))
|
565
578
|
VerifyPinDataInput.add_member(:verification_attributes, Shapes::ShapeRef.new(shape: PinVerificationAttributes, required: true, location_name: "VerificationAttributes"))
|
566
579
|
VerifyPinDataInput.add_member(:verification_key_identifier, Shapes::ShapeRef.new(shape: KeyArnOrKeyAliasType, required: true, location_name: "VerificationKeyIdentifier"))
|
@@ -32,7 +32,7 @@ module Aws::PaymentCryptographyData
|
|
32
32
|
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
33
33
|
end
|
34
34
|
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
35
|
-
if Aws::Endpoints::Matchers.boolean_equals?(
|
35
|
+
if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
|
36
36
|
return Aws::Endpoints::Endpoint.new(url: "https://dataplane.payment-cryptography-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
37
37
|
end
|
38
38
|
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
@@ -376,15 +376,14 @@ module Aws::PaymentCryptographyData
|
|
376
376
|
# @!attribute [rw] key_check_value
|
377
377
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
378
378
|
# check if all parties holding a given key have the same key or to
|
379
|
-
# detect that a key has changed.
|
380
|
-
#
|
381
|
-
#
|
382
|
-
#
|
383
|
-
# resulting cryptogram.
|
379
|
+
# detect that a key has changed.
|
380
|
+
#
|
381
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
382
|
+
# to the CMAC specification.
|
384
383
|
# @return [String]
|
385
384
|
#
|
386
385
|
# @!attribute [rw] plain_text
|
387
|
-
# The decrypted plaintext data.
|
386
|
+
# The decrypted plaintext data in hexBinary format.
|
388
387
|
# @return [String]
|
389
388
|
#
|
390
389
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/DecryptDataOutput AWS API Documentation
|
@@ -494,11 +493,8 @@ module Aws::PaymentCryptographyData
|
|
494
493
|
# @return [String]
|
495
494
|
#
|
496
495
|
# @!attribute [rw] initialization_vector
|
497
|
-
# An input
|
498
|
-
#
|
499
|
-
# psuedo-random value, but sometimes it only needs to be unpredictable
|
500
|
-
# or unique. If you don't provide a value, Amazon Web Services
|
501
|
-
# Payment Cryptography generates a random value.
|
496
|
+
# An input used to provide the intial state. If no value is provided,
|
497
|
+
# Amazon Web Services Payment Cryptography defaults it to zero.
|
502
498
|
# @return [String]
|
503
499
|
#
|
504
500
|
# @!attribute [rw] key_serial_number
|
@@ -509,12 +505,7 @@ module Aws::PaymentCryptographyData
|
|
509
505
|
# @return [String]
|
510
506
|
#
|
511
507
|
# @!attribute [rw] mode
|
512
|
-
# The block cipher
|
513
|
-
# encrypt a block of data of fixed size, for example, 128 bits. The
|
514
|
-
# size of the input block is usually same as the size of the encrypted
|
515
|
-
# output block, while the key length can be different. A mode of
|
516
|
-
# operation describes how to repeatedly apply a cipher's single-block
|
517
|
-
# operation to securely transform amounts of data larger than a block.
|
508
|
+
# The block cipher method to use for encryption.
|
518
509
|
#
|
519
510
|
# The default is CBC.
|
520
511
|
# @return [String]
|
@@ -597,6 +588,53 @@ module Aws::PaymentCryptographyData
|
|
597
588
|
include Aws::Structure
|
598
589
|
end
|
599
590
|
|
591
|
+
# Parameters for plaintext encryption using EMV keys.
|
592
|
+
#
|
593
|
+
# @!attribute [rw] initialization_vector
|
594
|
+
# An input used to provide the intial state. If no value is provided,
|
595
|
+
# Amazon Web Services Payment Cryptography defaults it to zero.
|
596
|
+
# @return [String]
|
597
|
+
#
|
598
|
+
# @!attribute [rw] major_key_derivation_mode
|
599
|
+
# The EMV derivation mode to use for ICC master key derivation as per
|
600
|
+
# EMV version 4.3 book 2.
|
601
|
+
# @return [String]
|
602
|
+
#
|
603
|
+
# @!attribute [rw] mode
|
604
|
+
# The block cipher method to use for encryption.
|
605
|
+
# @return [String]
|
606
|
+
#
|
607
|
+
# @!attribute [rw] pan_sequence_number
|
608
|
+
# A number that identifies and differentiates payment cards with the
|
609
|
+
# same Primary Account Number (PAN).
|
610
|
+
# @return [String]
|
611
|
+
#
|
612
|
+
# @!attribute [rw] primary_account_number
|
613
|
+
# The Primary Account Number (PAN), a unique identifier for a payment
|
614
|
+
# credit or debit card and associates the card to a specific account
|
615
|
+
# holder.
|
616
|
+
# @return [String]
|
617
|
+
#
|
618
|
+
# @!attribute [rw] session_derivation_data
|
619
|
+
# The derivation value used to derive the ICC session key. It is
|
620
|
+
# typically the application transaction counter value padded with
|
621
|
+
# zeros or previous ARQC value padded with zeros as per EMV version
|
622
|
+
# 4.3 book 2.
|
623
|
+
# @return [String]
|
624
|
+
#
|
625
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/EmvEncryptionAttributes AWS API Documentation
|
626
|
+
#
|
627
|
+
class EmvEncryptionAttributes < Struct.new(
|
628
|
+
:initialization_vector,
|
629
|
+
:major_key_derivation_mode,
|
630
|
+
:mode,
|
631
|
+
:pan_sequence_number,
|
632
|
+
:primary_account_number,
|
633
|
+
:session_derivation_data)
|
634
|
+
SENSITIVE = [:initialization_vector, :primary_account_number]
|
635
|
+
include Aws::Structure
|
636
|
+
end
|
637
|
+
|
600
638
|
# @!attribute [rw] encryption_attributes
|
601
639
|
# The encryption key type and attributes for plaintext encryption.
|
602
640
|
# @return [Types::EncryptionDecryptionAttributes]
|
@@ -608,6 +646,19 @@ module Aws::PaymentCryptographyData
|
|
608
646
|
#
|
609
647
|
# @!attribute [rw] plain_text
|
610
648
|
# The plaintext to be encrypted.
|
649
|
+
#
|
650
|
+
# <note markdown="1"> For encryption using asymmetric keys, plaintext data length is
|
651
|
+
# constrained by encryption key strength that you define in
|
652
|
+
# `KeyAlgorithm` and padding type that you define in
|
653
|
+
# `AsymmetricEncryptionAttributes`. For more information, see [Encrypt
|
654
|
+
# data][1] in the *Amazon Web Services Payment Cryptography User
|
655
|
+
# Guide*.
|
656
|
+
#
|
657
|
+
# </note>
|
658
|
+
#
|
659
|
+
#
|
660
|
+
#
|
661
|
+
# [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/encrypt-data.html
|
611
662
|
# @return [String]
|
612
663
|
#
|
613
664
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/EncryptDataInput AWS API Documentation
|
@@ -632,11 +683,10 @@ module Aws::PaymentCryptographyData
|
|
632
683
|
# @!attribute [rw] key_check_value
|
633
684
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
634
685
|
# check if all parties holding a given key have the same key or to
|
635
|
-
# detect that a key has changed.
|
636
|
-
#
|
637
|
-
#
|
638
|
-
#
|
639
|
-
# resulting cryptogram.
|
686
|
+
# detect that a key has changed.
|
687
|
+
#
|
688
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
689
|
+
# to the CMAC specification.
|
640
690
|
# @return [String]
|
641
691
|
#
|
642
692
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/EncryptDataOutput AWS API Documentation
|
@@ -662,6 +712,10 @@ module Aws::PaymentCryptographyData
|
|
662
712
|
# Parameters that are required to encrypt plaintext data using DUKPT.
|
663
713
|
# @return [Types::DukptEncryptionAttributes]
|
664
714
|
#
|
715
|
+
# @!attribute [rw] emv
|
716
|
+
# Parameters for plaintext encryption using EMV keys.
|
717
|
+
# @return [Types::EmvEncryptionAttributes]
|
718
|
+
#
|
665
719
|
# @!attribute [rw] symmetric
|
666
720
|
# Parameters that are required to perform encryption and decryption
|
667
721
|
# using symmetric keys.
|
@@ -672,6 +726,7 @@ module Aws::PaymentCryptographyData
|
|
672
726
|
class EncryptionDecryptionAttributes < Struct.new(
|
673
727
|
:asymmetric,
|
674
728
|
:dukpt,
|
729
|
+
:emv,
|
675
730
|
:symmetric,
|
676
731
|
:unknown)
|
677
732
|
SENSITIVE = []
|
@@ -680,6 +735,7 @@ module Aws::PaymentCryptographyData
|
|
680
735
|
|
681
736
|
class Asymmetric < EncryptionDecryptionAttributes; end
|
682
737
|
class Dukpt < EncryptionDecryptionAttributes; end
|
738
|
+
class Emv < EncryptionDecryptionAttributes; end
|
683
739
|
class Symmetric < EncryptionDecryptionAttributes; end
|
684
740
|
class Unknown < EncryptionDecryptionAttributes; end
|
685
741
|
end
|
@@ -724,11 +780,10 @@ module Aws::PaymentCryptographyData
|
|
724
780
|
# @!attribute [rw] key_check_value
|
725
781
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
726
782
|
# check if all parties holding a given key have the same key or to
|
727
|
-
# detect that a key has changed.
|
728
|
-
#
|
729
|
-
#
|
730
|
-
#
|
731
|
-
# resulting cryptogram.
|
783
|
+
# detect that a key has changed.
|
784
|
+
#
|
785
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
786
|
+
# to the CMAC specification.
|
732
787
|
# @return [String]
|
733
788
|
#
|
734
789
|
# @!attribute [rw] validation_data
|
@@ -760,7 +815,8 @@ module Aws::PaymentCryptographyData
|
|
760
815
|
# @return [Integer]
|
761
816
|
#
|
762
817
|
# @!attribute [rw] message_data
|
763
|
-
# The data for which a MAC is under generation.
|
818
|
+
# The data for which a MAC is under generation. This value must be
|
819
|
+
# hexBinary.
|
764
820
|
# @return [String]
|
765
821
|
#
|
766
822
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/GenerateMacInput AWS API Documentation
|
@@ -782,11 +838,10 @@ module Aws::PaymentCryptographyData
|
|
782
838
|
# @!attribute [rw] key_check_value
|
783
839
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
784
840
|
# check if all parties holding a given key have the same key or to
|
785
|
-
# detect that a key has changed.
|
786
|
-
#
|
787
|
-
#
|
788
|
-
#
|
789
|
-
# resulting cryptogram.
|
841
|
+
# detect that a key has changed.
|
842
|
+
#
|
843
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
844
|
+
# to the CMAC specification.
|
790
845
|
# @return [String]
|
791
846
|
#
|
792
847
|
# @!attribute [rw] mac
|
@@ -870,11 +925,10 @@ module Aws::PaymentCryptographyData
|
|
870
925
|
# @!attribute [rw] encryption_key_check_value
|
871
926
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
872
927
|
# check if all parties holding a given key have the same key or to
|
873
|
-
# detect that a key has changed.
|
874
|
-
#
|
875
|
-
#
|
876
|
-
#
|
877
|
-
# resulting cryptogram.
|
928
|
+
# detect that a key has changed.
|
929
|
+
#
|
930
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
931
|
+
# to the CMAC specification.
|
878
932
|
# @return [String]
|
879
933
|
#
|
880
934
|
# @!attribute [rw] generation_key_arn
|
@@ -885,11 +939,10 @@ module Aws::PaymentCryptographyData
|
|
885
939
|
# @!attribute [rw] generation_key_check_value
|
886
940
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
887
941
|
# check if all parties holding a given key have the same key or to
|
888
|
-
# detect that a key has changed.
|
889
|
-
#
|
890
|
-
#
|
891
|
-
#
|
892
|
-
# resulting cryptogram.
|
942
|
+
# detect that a key has changed.
|
943
|
+
#
|
944
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
945
|
+
# to the CMAC specification.
|
893
946
|
# @return [String]
|
894
947
|
#
|
895
948
|
# @!attribute [rw] pin_data
|
@@ -1168,7 +1221,7 @@ module Aws::PaymentCryptographyData
|
|
1168
1221
|
#
|
1169
1222
|
# @!attribute [rw] dukpt_iso_9797_algorithm_3
|
1170
1223
|
# Parameters that are required for MAC generation or verification
|
1171
|
-
# using DUKPT ISO 9797
|
1224
|
+
# using DUKPT ISO 9797 algorithm3.
|
1172
1225
|
# @return [Types::MacAlgorithmDukpt]
|
1173
1226
|
#
|
1174
1227
|
# @!attribute [rw] emv_mac
|
@@ -1357,11 +1410,10 @@ module Aws::PaymentCryptographyData
|
|
1357
1410
|
# @!attribute [rw] key_check_value
|
1358
1411
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
1359
1412
|
# check if all parties holding a given key have the same key or to
|
1360
|
-
# detect that a key has changed.
|
1361
|
-
#
|
1362
|
-
#
|
1363
|
-
#
|
1364
|
-
# resulting cryptogram.
|
1413
|
+
# detect that a key has changed.
|
1414
|
+
#
|
1415
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
1416
|
+
# to the CMAC specification.
|
1365
1417
|
# @return [String]
|
1366
1418
|
#
|
1367
1419
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/ReEncryptDataOutput AWS API Documentation
|
@@ -1635,20 +1687,12 @@ module Aws::PaymentCryptographyData
|
|
1635
1687
|
# Parameters requried to encrypt plaintext data using symmetric keys.
|
1636
1688
|
#
|
1637
1689
|
# @!attribute [rw] initialization_vector
|
1638
|
-
# An input
|
1639
|
-
#
|
1640
|
-
# random or psuedo-random value, but sometimes it only needs to be
|
1641
|
-
# unpredictable or unique. If a value is not provided, Amazon Web
|
1642
|
-
# Services Payment Cryptography generates a random value.
|
1690
|
+
# An input used to provide the intial state. If no value is provided,
|
1691
|
+
# Amazon Web Services Payment Cryptography defaults it to zero.
|
1643
1692
|
# @return [String]
|
1644
1693
|
#
|
1645
1694
|
# @!attribute [rw] mode
|
1646
|
-
# The block cipher
|
1647
|
-
# encrypt a block of data of fixed size (for example, 128 bits). The
|
1648
|
-
# size of the input block is usually same as the size of the encrypted
|
1649
|
-
# output block, while the key length can be different. A mode of
|
1650
|
-
# operation describes how to repeatedly apply a cipher's single-block
|
1651
|
-
# operation to securely transform amounts of data larger than a block.
|
1695
|
+
# The block cipher method to use for encryption.
|
1652
1696
|
# @return [String]
|
1653
1697
|
#
|
1654
1698
|
# @!attribute [rw] padding_type
|
@@ -1685,7 +1729,7 @@ module Aws::PaymentCryptographyData
|
|
1685
1729
|
#
|
1686
1730
|
# @!attribute [rw] incoming_dukpt_attributes
|
1687
1731
|
# The attributes and values to use for incoming DUKPT encryption key
|
1688
|
-
# for PIN block
|
1732
|
+
# for PIN block translation.
|
1689
1733
|
# @return [Types::DukptDerivationAttributes]
|
1690
1734
|
#
|
1691
1735
|
# @!attribute [rw] incoming_key_identifier
|
@@ -1694,7 +1738,7 @@ module Aws::PaymentCryptographyData
|
|
1694
1738
|
# @return [String]
|
1695
1739
|
#
|
1696
1740
|
# @!attribute [rw] incoming_translation_attributes
|
1697
|
-
# The format of the incoming PIN block data for
|
1741
|
+
# The format of the incoming PIN block data for translation within
|
1698
1742
|
# Amazon Web Services Payment Cryptography.
|
1699
1743
|
# @return [Types::TranslationIsoFormats]
|
1700
1744
|
#
|
@@ -1709,8 +1753,8 @@ module Aws::PaymentCryptographyData
|
|
1709
1753
|
# @return [String]
|
1710
1754
|
#
|
1711
1755
|
# @!attribute [rw] outgoing_translation_attributes
|
1712
|
-
# The format of the outgoing PIN block data after
|
1713
|
-
# Web Services Payment Cryptography.
|
1756
|
+
# The format of the outgoing PIN block data after translation by
|
1757
|
+
# Amazon Web Services Payment Cryptography.
|
1714
1758
|
# @return [Types::TranslationIsoFormats]
|
1715
1759
|
#
|
1716
1760
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/TranslatePinDataInput AWS API Documentation
|
@@ -1736,15 +1780,14 @@ module Aws::PaymentCryptographyData
|
|
1736
1780
|
# @!attribute [rw] key_check_value
|
1737
1781
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
1738
1782
|
# check if all parties holding a given key have the same key or to
|
1739
|
-
# detect that a key has changed.
|
1740
|
-
#
|
1741
|
-
#
|
1742
|
-
#
|
1743
|
-
# resulting cryptogram.
|
1783
|
+
# detect that a key has changed.
|
1784
|
+
#
|
1785
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
1786
|
+
# to the CMAC specification.
|
1744
1787
|
# @return [String]
|
1745
1788
|
#
|
1746
1789
|
# @!attribute [rw] pin_block
|
1747
|
-
# The
|
1790
|
+
# The outgoing encrypted PIN block data after translation.
|
1748
1791
|
# @return [String]
|
1749
1792
|
#
|
1750
1793
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/TranslatePinDataOutput AWS API Documentation
|
@@ -1940,11 +1983,10 @@ module Aws::PaymentCryptographyData
|
|
1940
1983
|
# @!attribute [rw] key_check_value
|
1941
1984
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
1942
1985
|
# check if all parties holding a given key have the same key or to
|
1943
|
-
# detect that a key has changed.
|
1944
|
-
#
|
1945
|
-
#
|
1946
|
-
#
|
1947
|
-
# resulting cryptogram.
|
1986
|
+
# detect that a key has changed.
|
1987
|
+
#
|
1988
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
1989
|
+
# to the CMAC specification.
|
1948
1990
|
# @return [String]
|
1949
1991
|
#
|
1950
1992
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyAuthRequestCryptogramOutput AWS API Documentation
|
@@ -1997,11 +2039,10 @@ module Aws::PaymentCryptographyData
|
|
1997
2039
|
# @!attribute [rw] key_check_value
|
1998
2040
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
1999
2041
|
# check if all parties holding a given key have the same key or to
|
2000
|
-
# detect that a key has changed.
|
2001
|
-
#
|
2002
|
-
#
|
2003
|
-
#
|
2004
|
-
# resulting cryptogram.
|
2042
|
+
# detect that a key has changed.
|
2043
|
+
#
|
2044
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
2045
|
+
# to the CMAC specification.
|
2005
2046
|
# @return [String]
|
2006
2047
|
#
|
2007
2048
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyCardValidationDataOutput AWS API Documentation
|
@@ -2027,7 +2068,8 @@ module Aws::PaymentCryptographyData
|
|
2027
2068
|
# @return [Integer]
|
2028
2069
|
#
|
2029
2070
|
# @!attribute [rw] message_data
|
2030
|
-
# The data on for which MAC is under verification.
|
2071
|
+
# The data on for which MAC is under verification. This value must be
|
2072
|
+
# hexBinary.
|
2031
2073
|
# @return [String]
|
2032
2074
|
#
|
2033
2075
|
# @!attribute [rw] verification_attributes
|
@@ -2055,11 +2097,10 @@ module Aws::PaymentCryptographyData
|
|
2055
2097
|
# @!attribute [rw] key_check_value
|
2056
2098
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
2057
2099
|
# check if all parties holding a given key have the same key or to
|
2058
|
-
# detect that a key has changed.
|
2059
|
-
#
|
2060
|
-
#
|
2061
|
-
#
|
2062
|
-
# resulting cryptogram.
|
2100
|
+
# detect that a key has changed.
|
2101
|
+
#
|
2102
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
2103
|
+
# to the CMAC specification.
|
2063
2104
|
# @return [String]
|
2064
2105
|
#
|
2065
2106
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyMacOutput AWS API Documentation
|
@@ -2139,11 +2180,10 @@ module Aws::PaymentCryptographyData
|
|
2139
2180
|
# @!attribute [rw] encryption_key_check_value
|
2140
2181
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
2141
2182
|
# check if all parties holding a given key have the same key or to
|
2142
|
-
# detect that a key has changed.
|
2143
|
-
#
|
2144
|
-
#
|
2145
|
-
#
|
2146
|
-
# resulting cryptogram.
|
2183
|
+
# detect that a key has changed.
|
2184
|
+
#
|
2185
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
2186
|
+
# to the CMAC specification.
|
2147
2187
|
# @return [String]
|
2148
2188
|
#
|
2149
2189
|
# @!attribute [rw] verification_key_arn
|
@@ -2154,11 +2194,10 @@ module Aws::PaymentCryptographyData
|
|
2154
2194
|
# @!attribute [rw] verification_key_check_value
|
2155
2195
|
# The key check value (KCV) of the encryption key. The KCV is used to
|
2156
2196
|
# check if all parties holding a given key have the same key or to
|
2157
|
-
# detect that a key has changed.
|
2158
|
-
#
|
2159
|
-
#
|
2160
|
-
#
|
2161
|
-
# resulting cryptogram.
|
2197
|
+
# detect that a key has changed.
|
2198
|
+
#
|
2199
|
+
# Amazon Web Services Payment Cryptography computes the KCV according
|
2200
|
+
# to the CMAC specification.
|
2162
2201
|
# @return [String]
|
2163
2202
|
#
|
2164
2203
|
# @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-data-2022-02-03/VerifyPinDataOutput AWS API Documentation
|
data/sig/client.rbs
CHANGED
@@ -92,6 +92,14 @@ module Aws
|
|
92
92
|
key_serial_number: ::String,
|
93
93
|
mode: ("ECB" | "CBC")?
|
94
94
|
}?,
|
95
|
+
emv: {
|
96
|
+
initialization_vector: ::String?,
|
97
|
+
major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B"),
|
98
|
+
mode: ("ECB" | "CBC")?,
|
99
|
+
pan_sequence_number: ::String,
|
100
|
+
primary_account_number: ::String,
|
101
|
+
session_derivation_data: ::String
|
102
|
+
}?,
|
95
103
|
symmetric: {
|
96
104
|
initialization_vector: ::String?,
|
97
105
|
mode: ("ECB" | "CBC" | "CFB" | "CFB1" | "CFB8" | "CFB64" | "CFB128" | "OFB"),
|
@@ -121,6 +129,14 @@ module Aws
|
|
121
129
|
key_serial_number: ::String,
|
122
130
|
mode: ("ECB" | "CBC")?
|
123
131
|
}?,
|
132
|
+
emv: {
|
133
|
+
initialization_vector: ::String?,
|
134
|
+
major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B"),
|
135
|
+
mode: ("ECB" | "CBC")?,
|
136
|
+
pan_sequence_number: ::String,
|
137
|
+
primary_account_number: ::String,
|
138
|
+
session_derivation_data: ::String
|
139
|
+
}?,
|
124
140
|
symmetric: {
|
125
141
|
initialization_vector: ::String?,
|
126
142
|
mode: ("ECB" | "CBC" | "CFB" | "CFB1" | "CFB8" | "CFB64" | "CFB128" | "OFB"),
|
data/sig/types.rbs
CHANGED
@@ -192,6 +192,16 @@ module Aws::PaymentCryptographyData
|
|
192
192
|
SENSITIVE: []
|
193
193
|
end
|
194
194
|
|
195
|
+
class EmvEncryptionAttributes
|
196
|
+
attr_accessor initialization_vector: ::String
|
197
|
+
attr_accessor major_key_derivation_mode: ("EMV_OPTION_A" | "EMV_OPTION_B")
|
198
|
+
attr_accessor mode: ("ECB" | "CBC")
|
199
|
+
attr_accessor pan_sequence_number: ::String
|
200
|
+
attr_accessor primary_account_number: ::String
|
201
|
+
attr_accessor session_derivation_data: ::String
|
202
|
+
SENSITIVE: [:initialization_vector, :primary_account_number]
|
203
|
+
end
|
204
|
+
|
195
205
|
class EncryptDataInput
|
196
206
|
attr_accessor encryption_attributes: Types::EncryptionDecryptionAttributes
|
197
207
|
attr_accessor key_identifier: ::String
|
@@ -209,6 +219,7 @@ module Aws::PaymentCryptographyData
|
|
209
219
|
class EncryptionDecryptionAttributes
|
210
220
|
attr_accessor asymmetric: Types::AsymmetricEncryptionAttributes
|
211
221
|
attr_accessor dukpt: Types::DukptEncryptionAttributes
|
222
|
+
attr_accessor emv: Types::EmvEncryptionAttributes
|
212
223
|
attr_accessor symmetric: Types::SymmetricEncryptionAttributes
|
213
224
|
attr_accessor unknown: untyped
|
214
225
|
SENSITIVE: []
|
@@ -217,6 +228,8 @@ module Aws::PaymentCryptographyData
|
|
217
228
|
end
|
218
229
|
class Dukpt < EncryptionDecryptionAttributes
|
219
230
|
end
|
231
|
+
class Emv < EncryptionDecryptionAttributes
|
232
|
+
end
|
220
233
|
class Symmetric < EncryptionDecryptionAttributes
|
221
234
|
end
|
222
235
|
class Unknown < EncryptionDecryptionAttributes
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-paymentcryptographydata
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.11.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-04-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
22
|
+
version: 3.193.0
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.
|
32
|
+
version: 3.193.0
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: aws-sigv4
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|