@aws-sdk/client-payment-cryptography 3.687.0 → 3.691.0

package/dist-cjs/index.js

@@ -44,6 +44,7 @@ __export(src_exports, {
   GetPublicKeyCertificateCommand: () => GetPublicKeyCertificateCommand,
   GetPublicKeyCertificateOutputFilterSensitiveLog: () => GetPublicKeyCertificateOutputFilterSensitiveLog,
   ImportKeyCommand: () => ImportKeyCommand,
+  ImportKeyCryptogramFilterSensitiveLog: () => ImportKeyCryptogramFilterSensitiveLog,
   ImportKeyInputFilterSensitiveLog: () => ImportKeyInputFilterSensitiveLog,
   ImportKeyMaterial: () => ImportKeyMaterial,
   ImportKeyMaterialFilterSensitiveLog: () => ImportKeyMaterialFilterSensitiveLog,
@@ -564,6 +565,10 @@ var GetPublicKeyCertificateOutputFilterSensitiveLog = /* @__PURE__ */ __name((ob
   ...obj.KeyCertificate && { KeyCertificate: import_smithy_client.SENSITIVE_STRING },
   ...obj.KeyCertificateChain && { KeyCertificateChain: import_smithy_client.SENSITIVE_STRING }
 }), "GetPublicKeyCertificateOutputFilterSensitiveLog");
+var ImportKeyCryptogramFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
+  ...obj,
+  ...obj.WrappedKeyCryptogram && { WrappedKeyCryptogram: import_smithy_client.SENSITIVE_STRING }
+}), "ImportKeyCryptogramFilterSensitiveLog");
 var RootCertificatePublicKeyFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
   ...obj.PublicKeyCertificate && { PublicKeyCertificate: import_smithy_client.SENSITIVE_STRING }
@@ -574,7 +579,8 @@ var ImportTr31KeyBlockFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
 }), "ImportTr31KeyBlockFilterSensitiveLog");
 var ImportTr34KeyBlockFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
-  ...obj.SigningKeyCertificate && { SigningKeyCertificate: import_smithy_client.SENSITIVE_STRING }
+  ...obj.SigningKeyCertificate && { SigningKeyCertificate: import_smithy_client.SENSITIVE_STRING },
+  ...obj.WrappedKeyBlock && { WrappedKeyBlock: import_smithy_client.SENSITIVE_STRING }
 }), "ImportTr34KeyBlockFilterSensitiveLog");
 var TrustedCertificatePublicKeyFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
@@ -592,7 +598,7 @@ var ImportKeyMaterialFilterSensitiveLog = /* @__PURE__ */ __name((obj) => {
   if (obj.Tr34KeyBlock !== void 0)
     return { Tr34KeyBlock: ImportTr34KeyBlockFilterSensitiveLog(obj.Tr34KeyBlock) };
   if (obj.KeyCryptogram !== void 0)
-    return { KeyCryptogram: obj.KeyCryptogram };
+    return { KeyCryptogram: ImportKeyCryptogramFilterSensitiveLog(obj.KeyCryptogram) };
   if (obj.$unknown !== void 0)
     return { [obj.$unknown[0]]: "UNKNOWN" };
 }, "ImportKeyMaterialFilterSensitiveLog");
@@ -1577,6 +1583,7 @@ var paginateListTagsForResource = (0, import_core.createPaginator)(PaymentCrypto
   GetParametersForExportOutputFilterSensitiveLog,
   GetParametersForImportOutputFilterSensitiveLog,
   GetPublicKeyCertificateOutputFilterSensitiveLog,
+  ImportKeyCryptogramFilterSensitiveLog,
   RootCertificatePublicKeyFilterSensitiveLog,
   ImportTr31KeyBlockFilterSensitiveLog,
   ImportTr34KeyBlockFilterSensitiveLog,

package/dist-es/models/models_0.js

@@ -267,6 +267,10 @@ export const GetPublicKeyCertificateOutputFilterSensitiveLog = (obj) => ({
     ...(obj.KeyCertificate && { KeyCertificate: SENSITIVE_STRING }),
     ...(obj.KeyCertificateChain && { KeyCertificateChain: SENSITIVE_STRING }),
 });
+export const ImportKeyCryptogramFilterSensitiveLog = (obj) => ({
+    ...obj,
+    ...(obj.WrappedKeyCryptogram && { WrappedKeyCryptogram: SENSITIVE_STRING }),
+});
 export const RootCertificatePublicKeyFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.PublicKeyCertificate && { PublicKeyCertificate: SENSITIVE_STRING }),
@@ -278,6 +282,7 @@ export const ImportTr31KeyBlockFilterSensitiveLog = (obj) => ({
 export const ImportTr34KeyBlockFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.SigningKeyCertificate && { SigningKeyCertificate: SENSITIVE_STRING }),
+    ...(obj.WrappedKeyBlock && { WrappedKeyBlock: SENSITIVE_STRING }),
 });
 export const TrustedCertificatePublicKeyFilterSensitiveLog = (obj) => ({
     ...obj,
@@ -295,7 +300,7 @@ export const ImportKeyMaterialFilterSensitiveLog = (obj) => {
     if (obj.Tr34KeyBlock !== undefined)
         return { Tr34KeyBlock: ImportTr34KeyBlockFilterSensitiveLog(obj.Tr34KeyBlock) };
     if (obj.KeyCryptogram !== undefined)
-        return { KeyCryptogram: obj.KeyCryptogram };
+        return { KeyCryptogram: ImportKeyCryptogramFilterSensitiveLog(obj.KeyCryptogram) };
     if (obj.$unknown !== undefined)
         return { [obj.$unknown[0]]: "UNKNOWN" };
 };

package/dist-types/commands/CreateKeyCommand.d.ts

@@ -82,7 +82,7 @@ declare const CreateKeyCommand_base: {
  *   Tags: [ // Tags
  *     { // Tag
  *       Key: "STRING_VALUE", // required
- *       Value: "STRING_VALUE",
+ *       Value: "STRING_VALUE", // required
  *     },
  *   ],
  * };

package/dist-types/commands/ImportKeyCommand.d.ts

@@ -246,7 +246,7 @@ declare const ImportKeyCommand_base: {
  *   Tags: [ // Tags
  *     { // Tag
  *       Key: "STRING_VALUE", // required
- *       Value: "STRING_VALUE",
+ *       Value: "STRING_VALUE", // required
  *     },
  *   ],
  * };

package/dist-types/commands/ListAliasesCommand.d.ts

@@ -27,7 +27,7 @@ declare const ListAliasesCommand_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Lists the aliases for all keys in the caller's Amazon Web Services account and Amazon Web Services Region. You can filter the list of aliases. For more information, see <a href="https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-managealias.html">Using aliases</a> in the <i>Amazon Web Services Payment Cryptography User Guide</i>.</p>
+ * <p>Lists the aliases for all keys in the caller's Amazon Web Services account and Amazon Web Services Region. You can filter the aliases by <code>keyARN</code>. For more information, see <a href="https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-managealias.html">Using aliases</a> in the <i>Amazon Web Services Payment Cryptography User Guide</i>.</p>
  *          <p>This is a paginated operation, which means that each response might contain only a subset of all the aliases. When the response contains only a subset of aliases, it includes a <code>NextToken</code> value.
  *          Use this value in a subsequent <code>ListAliases</code> request to get more aliases. When you receive a response with no NextToken (or an empty or null value), that means there are no more aliases to get.</p>
  *          <p>
@@ -64,6 +64,7 @@ declare const ListAliasesCommand_base: {
  * // const { PaymentCryptographyClient, ListAliasesCommand } = require("@aws-sdk/client-payment-cryptography"); // CommonJS import
  * const client = new PaymentCryptographyClient(config);
  * const input = { // ListAliasesInput
+ *   KeyArn: "STRING_VALUE",
  *   NextToken: "STRING_VALUE",
  *   MaxResults: Number("int"),
  * };

package/dist-types/commands/ListTagsForResourceCommand.d.ts

@@ -65,7 +65,7 @@ declare const ListTagsForResourceCommand_base: {
  * //   Tags: [ // Tags // required
  * //     { // Tag
  * //       Key: "STRING_VALUE", // required
- * //       Value: "STRING_VALUE",
+ * //       Value: "STRING_VALUE", // required
  * //     },
  * //   ],
  * //   NextToken: "STRING_VALUE",

package/dist-types/commands/TagResourceCommand.d.ts

@@ -60,7 +60,7 @@ declare const TagResourceCommand_base: {
  *   Tags: [ // Tags // required
  *     { // Tag
  *       Key: "STRING_VALUE", // required
- *       Value: "STRING_VALUE",
+ *       Value: "STRING_VALUE", // required
  *     },
  *   ],
  * };

package/dist-types/models/models_0.d.ts

@@ -7,7 +7,7 @@ import { PaymentCryptographyServiceException as __BaseException } from "./Paymen
 export declare class AccessDeniedException extends __BaseException {
     readonly name: "AccessDeniedException";
     readonly $fault: "client";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -30,7 +30,7 @@ export interface Alias {
      * <p>The <code>KeyARN</code> of the key associated with the alias.</p>
      * @public
      */
-    KeyArn?: string;
+    KeyArn?: string | undefined;
 }
 /**
  * <p>This request can cause an inconsistent state for the resource.</p>
@@ -39,7 +39,7 @@ export interface Alias {
 export declare class ConflictException extends __BaseException {
     readonly name: "ConflictException";
     readonly $fault: "client";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -61,7 +61,7 @@ export interface CreateAliasInput {
      * <p>The <code>KeyARN</code> of the key to associate with the alias.</p>
      * @public
      */
-    KeyArn?: string;
+    KeyArn?: string | undefined;
 }
 /**
  * @public
@@ -80,7 +80,7 @@ export interface CreateAliasOutput {
 export declare class InternalServerException extends __BaseException {
     readonly name: "InternalServerException";
     readonly $fault: "server";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -97,7 +97,7 @@ export declare class ResourceNotFoundException extends __BaseException {
      * <p>The string for the exception.</p>
      * @public
      */
-    ResourceId?: string;
+    ResourceId?: string | undefined;
     /**
      * @internal
      */
@@ -110,7 +110,7 @@ export declare class ResourceNotFoundException extends __BaseException {
 export declare class ServiceQuotaExceededException extends __BaseException {
     readonly name: "ServiceQuotaExceededException";
     readonly $fault: "client";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -123,7 +123,7 @@ export declare class ServiceQuotaExceededException extends __BaseException {
 export declare class ServiceUnavailableException extends __BaseException {
     readonly name: "ServiceUnavailableException";
     readonly $fault: "server";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -136,7 +136,7 @@ export declare class ServiceUnavailableException extends __BaseException {
 export declare class ThrottlingException extends __BaseException {
     readonly name: "ThrottlingException";
     readonly $fault: "client";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -149,7 +149,7 @@ export declare class ThrottlingException extends __BaseException {
 export declare class ValidationException extends __BaseException {
     readonly name: "ValidationException";
     readonly $fault: "client";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -194,17 +194,22 @@ export interface GetAliasOutput {
  * @public
  */
 export interface ListAliasesInput {
+    /**
+     * <p>The <code>keyARN</code> for which you want to list all aliases.</p>
+     * @public
+     */
+    KeyArn?: string | undefined;
     /**
      * <p>Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of <code>NextToken</code> from the truncated response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
     /**
      * <p>Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer.</p>
      *          <p>This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
 }
 /**
  * @public
@@ -219,7 +224,7 @@ export interface ListAliasesOutput {
      * <p>The token for the next set of results, or an empty or null value if there are no more results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -234,7 +239,7 @@ export interface UpdateAliasInput {
      * <p>The <code>KeyARN</code> for the key that you are updating or removing from the alias.</p>
      * @public
      */
-    KeyArn?: string;
+    KeyArn?: string | undefined;
 }
 /**
  * @public
@@ -289,47 +294,47 @@ export interface KeyModesOfUse {
      * <p>Specifies whether an Amazon Web Services Payment Cryptography key can be used to encrypt data.</p>
      * @public
      */
-    Encrypt?: boolean;
+    Encrypt?: boolean | undefined;
     /**
      * <p>Specifies whether an Amazon Web Services Payment Cryptography key can be used to decrypt data.</p>
      * @public
      */
-    Decrypt?: boolean;
+    Decrypt?: boolean | undefined;
     /**
      * <p>Specifies whether an Amazon Web Services Payment Cryptography key can be used to wrap other keys.</p>
      * @public
      */
-    Wrap?: boolean;
+    Wrap?: boolean | undefined;
     /**
      * <p>Specifies whether an Amazon Web Services Payment Cryptography key can be used to unwrap other keys.</p>
      * @public
      */
-    Unwrap?: boolean;
+    Unwrap?: boolean | undefined;
     /**
      * <p>Specifies whether an Amazon Web Services Payment Cryptography key can be used to generate and verify other card and PIN verification keys.</p>
      * @public
      */
-    Generate?: boolean;
+    Generate?: boolean | undefined;
     /**
      * <p>Specifies whether an Amazon Web Services Payment Cryptography key can be used for signing.</p>
      * @public
      */
-    Sign?: boolean;
+    Sign?: boolean | undefined;
     /**
      * <p>Specifies whether an Amazon Web Services Payment Cryptography key can be used to verify signatures.</p>
      * @public
      */
-    Verify?: boolean;
+    Verify?: boolean | undefined;
     /**
      * <p>Specifies whether an Amazon Web Services Payment Cryptography key can be used to derive new keys.</p>
      * @public
      */
-    DeriveKey?: boolean;
+    DeriveKey?: boolean | undefined;
     /**
      * <p>Specifies whether an Amazon Web Services Payment Cryptography key has no special restrictions other than the restrictions implied by <code>KeyUsage</code>.</p>
      * @public
      */
-    NoRestrictions?: boolean;
+    NoRestrictions?: boolean | undefined;
 }
 /**
  * @public
@@ -417,7 +422,7 @@ export interface Tag {
      * <p>The value of the tag.</p>
      * @public
      */
-    Value?: string;
+    Value: string | undefined;
 }
 /**
  * @public
@@ -433,7 +438,7 @@ export interface CreateKeyInput {
      *          <p>For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.</p>
      * @public
      */
-    KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
+    KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm | undefined;
     /**
      * <p>Specifies whether the key is exportable from the service.</p>
      * @public
@@ -443,7 +448,7 @@ export interface CreateKeyInput {
      * <p>Specifies whether to enable the key. If the key is enabled, it is activated for use within the service. If the key is not enabled, then it is created but not activated. The default value is enabled.</p>
      * @public
      */
-    Enabled?: boolean;
+    Enabled?: boolean | undefined;
     /**
      * <p>Assigns one or more tags to the Amazon Web Services Payment Cryptography key. Use this parameter to tag a key when it is created. To tag an existing Amazon Web Services Payment Cryptography key, use the <a href="https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html">TagResource</a> operation.</p>
      *          <p>Each tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You can't have more than one tag on an Amazon Web Services Payment Cryptography key with the same tag key. </p>
@@ -455,7 +460,7 @@ export interface CreateKeyInput {
      *          </note>
      * @public
      */
-    Tags?: Tag[];
+    Tags?: Tag[] | undefined;
 }
 /**
  * @public
@@ -538,22 +543,22 @@ export interface Key {
      * <p>The date and time after which Amazon Web Services Payment Cryptography will start using the key material for cryptographic operations.</p>
      * @public
      */
-    UsageStartTimestamp?: Date;
+    UsageStartTimestamp?: Date | undefined;
     /**
      * <p>The date and time after which Amazon Web Services Payment Cryptography will stop using the key material for cryptographic operations.</p>
      * @public
      */
-    UsageStopTimestamp?: Date;
+    UsageStopTimestamp?: Date | undefined;
     /**
      * <p>The date and time after which Amazon Web Services Payment Cryptography will delete the key. This value is present only when <code>KeyState</code> is <code>DELETE_PENDING</code> and the key is scheduled for deletion.</p>
      * @public
      */
-    DeletePendingTimestamp?: Date;
+    DeletePendingTimestamp?: Date | undefined;
     /**
      * <p>The date and time after which Amazon Web Services Payment Cryptography will delete the key. This value is present only when when the <code>KeyState</code> is <code>DELETE_COMPLETE</code> and the Amazon Web Services Payment Cryptography key is deleted.</p>
      * @public
      */
-    DeleteTimestamp?: Date;
+    DeleteTimestamp?: Date | undefined;
 }
 /**
  * @public
@@ -578,7 +583,7 @@ export interface DeleteKeyInput {
      * <p>The waiting period for key deletion. The default value is seven days.</p>
      * @public
      */
-    DeleteKeyInDays?: number;
+    DeleteKeyInDays?: number | undefined;
 }
 /**
  * @public
@@ -611,13 +616,13 @@ export interface ExportAttributes {
      * <p>Parameter information for IPEK export.</p>
      * @public
      */
-    ExportDukptInitialKey?: ExportDukptInitialKey;
+    ExportDukptInitialKey?: ExportDukptInitialKey | undefined;
     /**
      * <p>The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity. Specify KCV for IPEK export only.</p>
      *          <p>For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.</p>
      * @public
      */
-    KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
+    KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm | undefined;
 }
 /**
  * @public
@@ -650,7 +655,7 @@ export interface ExportKeyCryptogram {
      * <p>The wrapping spec for the key under export.</p>
      * @public
      */
-    WrappingSpec?: WrappingKeySpec;
+    WrappingSpec?: WrappingKeySpec | undefined;
 }
 /**
  * @public
@@ -674,24 +679,24 @@ export interface KeyBlockHeaders {
      * <p>The list of cryptographic operations that you can perform using the key. The modes of use are defined in section A.5.3 of the TR-31 spec.</p>
      * @public
      */
-    KeyModesOfUse?: KeyModesOfUse;
+    KeyModesOfUse?: KeyModesOfUse | undefined;
     /**
      * <p>Specifies subsequent exportability of the key within the key block after it is received by the receiving party. It can be used to further restrict exportability of the key after export from Amazon Web Services Payment Cryptography.</p>
      *          <p>When set to <code>EXPORTABLE</code>, the key can be subsequently exported by the receiver under a KEK using TR-31 or TR-34 key block export only. When set to <code>NON_EXPORTABLE</code>, the key cannot be subsequently exported by the receiver. When set to <code>SENSITIVE</code>, the key can be exported by the receiver under a KEK using TR-31, TR-34, RSA wrap and unwrap cryptogram or using a symmetric cryptogram key export method. For further information refer to <a href="https://webstore.ansi.org/standards/ascx9/ansix91432022">ANSI X9.143-2022</a>.</p>
      * @public
      */
-    KeyExportability?: KeyExportability;
+    KeyExportability?: KeyExportability | undefined;
     /**
      * <p>Parameter used to indicate the version of the key carried in the key block or indicate the value carried in the key block is a component of a key.</p>
      * @public
      */
-    KeyVersion?: string;
+    KeyVersion?: string | undefined;
     /**
      * <p>Parameter used to indicate the type of optional data in key block headers. Refer to <a href="https://webstore.ansi.org/standards/ascx9/ansix91432022">ANSI X9.143-2022</a> for information on allowed data type for optional blocks.</p>
      *          <p>Optional block character limit is 112 characters. For each optional block, 2 characters are reserved for optional block ID and 2 characters reserved for optional block length. More than one optional blocks can be included as long as the combined length does not increase 112 characters.</p>
      * @public
      */
-    OptionalBlocks?: Record<string, string>;
+    OptionalBlocks?: Record<string, string> | undefined;
 }
 /**
  * <p>Parameter information for key material export using symmetric TR-31 key exchange method.</p>
@@ -707,7 +712,7 @@ export interface ExportTr31KeyBlock {
      * <p>Optional metadata for export associated with the key material. This data is signed but transmitted in clear text.</p>
      * @public
      */
-    KeyBlockHeaders?: KeyBlockHeaders;
+    KeyBlockHeaders?: KeyBlockHeaders | undefined;
 }
 /**
  * @public
@@ -749,12 +754,12 @@ export interface ExportTr34KeyBlock {
      * <p>A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass.</p>
      * @public
      */
-    RandomNonce?: string;
+    RandomNonce?: string | undefined;
     /**
      * <p>Optional metadata for export associated with the key material. This data is signed but transmitted in clear text.</p>
      * @public
      */
-    KeyBlockHeaders?: KeyBlockHeaders;
+    KeyBlockHeaders?: KeyBlockHeaders | undefined;
 }
 /**
  * <p>Parameter information for key material export from Amazon Web Services Payment Cryptography using TR-31 or TR-34 or RSA wrap and unwrap key exchange method.</p>
@@ -830,7 +835,7 @@ export interface ExportKeyInput {
      * <p>The attributes for IPEK generation during export.</p>
      * @public
      */
-    ExportAttributes?: ExportAttributes;
+    ExportAttributes?: ExportAttributes | undefined;
 }
 /**
  * @public
@@ -869,13 +874,13 @@ export interface WrappedKey {
      * <p>The key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.</p>
      * @public
      */
-    KeyCheckValue?: string;
+    KeyCheckValue?: string | undefined;
     /**
      * <p>The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.</p>
      *          <p>For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.</p>
      * @public
      */
-    KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
+    KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm | undefined;
 }
 /**
  * @public
@@ -885,7 +890,7 @@ export interface ExportKeyOutput {
      * <p>The key material under export as a TR-34 WrappedKeyBlock or a TR-31 WrappedKeyBlock. or a RSA WrappedKeyCryptogram.</p>
      * @public
      */
-    WrappedKey?: WrappedKey;
+    WrappedKey?: WrappedKey | undefined;
 }
 /**
  * @public
@@ -1068,7 +1073,7 @@ export interface ImportKeyCryptogram {
      * <p>The wrapping spec for the wrapped key cryptogram.</p>
      * @public
      */
-    WrappingSpec?: WrappingKeySpec;
+    WrappingSpec?: WrappingKeySpec | undefined;
 }
 /**
  * <p>Parameter information for root public key certificate import.</p>
@@ -1136,7 +1141,7 @@ export interface ImportTr34KeyBlock {
      * <p>A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass.</p>
      * @public
      */
-    RandomNonce?: string;
+    RandomNonce?: string | undefined;
 }
 /**
  * <p>Parameter information for trusted public key certificate import.</p>
@@ -1263,12 +1268,12 @@ export interface ImportKeyInput {
      *          <p>For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.</p>
      * @public
      */
-    KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
+    KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm | undefined;
     /**
      * <p>Specifies whether import key is enabled.</p>
      * @public
      */
-    Enabled?: boolean;
+    Enabled?: boolean | undefined;
     /**
      * <p>Assigns one or more tags to the Amazon Web Services Payment Cryptography key. Use this parameter to tag a key when it is imported. To tag an existing Amazon Web Services Payment Cryptography key, use the <a href="https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_TagResource.html">TagResource</a> operation.</p>
      *          <p>Each tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You can't have more than one tag on an Amazon Web Services Payment Cryptography key with the same tag key. If you specify an existing tag key with a different tag value, Amazon Web Services Payment Cryptography replaces the current tag value with the specified one.</p>
@@ -1280,7 +1285,7 @@ export interface ImportKeyInput {
      *          </note>
      * @public
      */
-    Tags?: Tag[];
+    Tags?: Tag[] | undefined;
 }
 /**
  * @public
@@ -1300,18 +1305,18 @@ export interface ListKeysInput {
      * <p>The key state of the keys you want to list.</p>
      * @public
      */
-    KeyState?: KeyState;
+    KeyState?: KeyState | undefined;
     /**
      * <p>Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of <code>NextToken</code> from the truncated response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
     /**
      * <p>Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer.</p>
      *          <p>This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
 }
 /**
  * <p>Metadata about an Amazon Web Services Payment Cryptography key.</p>
@@ -1362,7 +1367,7 @@ export interface ListKeysOutput {
      * <p>The token for the next set of results, or an empty or null value if there are no more results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -1437,13 +1442,13 @@ export interface ListTagsForResourceInput {
      * <p>Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of <code>NextToken</code> from the truncated response you just received.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
     /**
      * <p>Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer.</p>
      *          <p>This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
 }
 /**
  * @public
@@ -1458,7 +1463,7 @@ export interface ListTagsForResourceOutput {
      * <p>The token for the next set of results, or an empty or null value if there are no more results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -1552,6 +1557,10 @@ export declare const GetParametersForImportOutputFilterSensitiveLog: (obj: GetPa
  * @internal
  */
 export declare const GetPublicKeyCertificateOutputFilterSensitiveLog: (obj: GetPublicKeyCertificateOutput) => any;
+/**
+ * @internal
+ */
+export declare const ImportKeyCryptogramFilterSensitiveLog: (obj: ImportKeyCryptogram) => any;
 /**
  * @internal
  */

package/dist-types/ts3.4/models/models_0.d.ts

@@ -3,24 +3,24 @@ import { PaymentCryptographyServiceException as __BaseException } from "./Paymen
 export declare class AccessDeniedException extends __BaseException {
   readonly name: "AccessDeniedException";
   readonly $fault: "client";
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<AccessDeniedException, __BaseException>
   );
 }
 export interface Alias {
   AliasName: string | undefined;
-  KeyArn?: string;
+  KeyArn?: string | undefined;
 }
 export declare class ConflictException extends __BaseException {
   readonly name: "ConflictException";
   readonly $fault: "client";
-  Message?: string;
+  Message?: string | undefined;
   constructor(opts: __ExceptionOptionType<ConflictException, __BaseException>);
 }
 export interface CreateAliasInput {
   AliasName: string | undefined;
-  KeyArn?: string;
+  KeyArn?: string | undefined;
 }
 export interface CreateAliasOutput {
   Alias: Alias | undefined;
@@ -28,7 +28,7 @@ export interface CreateAliasOutput {
 export declare class InternalServerException extends __BaseException {
   readonly name: "InternalServerException";
   readonly $fault: "server";
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<InternalServerException, __BaseException>
   );
@@ -36,7 +36,7 @@ export declare class InternalServerException extends __BaseException {
 export declare class ResourceNotFoundException extends __BaseException {
   readonly name: "ResourceNotFoundException";
   readonly $fault: "client";
-  ResourceId?: string;
+  ResourceId?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<ResourceNotFoundException, __BaseException>
   );
@@ -44,7 +44,7 @@ export declare class ResourceNotFoundException extends __BaseException {
 export declare class ServiceQuotaExceededException extends __BaseException {
   readonly name: "ServiceQuotaExceededException";
   readonly $fault: "client";
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<ServiceQuotaExceededException, __BaseException>
   );
@@ -52,7 +52,7 @@ export declare class ServiceQuotaExceededException extends __BaseException {
 export declare class ServiceUnavailableException extends __BaseException {
   readonly name: "ServiceUnavailableException";
   readonly $fault: "server";
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<ServiceUnavailableException, __BaseException>
   );
@@ -60,7 +60,7 @@ export declare class ServiceUnavailableException extends __BaseException {
 export declare class ThrottlingException extends __BaseException {
   readonly name: "ThrottlingException";
   readonly $fault: "client";
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<ThrottlingException, __BaseException>
   );
@@ -68,7 +68,7 @@ export declare class ThrottlingException extends __BaseException {
 export declare class ValidationException extends __BaseException {
   readonly name: "ValidationException";
   readonly $fault: "client";
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<ValidationException, __BaseException>
   );
@@ -84,16 +84,17 @@ export interface GetAliasOutput {
   Alias: Alias | undefined;
 }
 export interface ListAliasesInput {
-  NextToken?: string;
-  MaxResults?: number;
+  KeyArn?: string | undefined;
+  NextToken?: string | undefined;
+  MaxResults?: number | undefined;
 }
 export interface ListAliasesOutput {
   Aliases: Alias[] | undefined;
-  NextToken?: string;
+  NextToken?: string | undefined;
 }
 export interface UpdateAliasInput {
   AliasName: string | undefined;
-  KeyArn?: string;
+  KeyArn?: string | undefined;
 }
 export interface UpdateAliasOutput {
   Alias: Alias | undefined;
@@ -119,15 +120,15 @@ export declare const KeyClass: {
 };
 export type KeyClass = (typeof KeyClass)[keyof typeof KeyClass];
 export interface KeyModesOfUse {
-  Encrypt?: boolean;
-  Decrypt?: boolean;
-  Wrap?: boolean;
-  Unwrap?: boolean;
-  Generate?: boolean;
-  Sign?: boolean;
-  Verify?: boolean;
-  DeriveKey?: boolean;
-  NoRestrictions?: boolean;
+  Encrypt?: boolean | undefined;
+  Decrypt?: boolean | undefined;
+  Wrap?: boolean | undefined;
+  Unwrap?: boolean | undefined;
+  Generate?: boolean | undefined;
+  Sign?: boolean | undefined;
+  Verify?: boolean | undefined;
+  DeriveKey?: boolean | undefined;
+  NoRestrictions?: boolean | undefined;
 }
 export declare const KeyUsage: {
   readonly TR31_B0_BASE_DERIVATION_KEY: "TR31_B0_BASE_DERIVATION_KEY";
@@ -169,14 +170,14 @@ export type KeyCheckValueAlgorithm =
   (typeof KeyCheckValueAlgorithm)[keyof typeof KeyCheckValueAlgorithm];
 export interface Tag {
   Key: string | undefined;
-  Value?: string;
+  Value: string | undefined;
 }
 export interface CreateKeyInput {
   KeyAttributes: KeyAttributes | undefined;
-  KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
+  KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm | undefined;
   Exportable: boolean | undefined;
-  Enabled?: boolean;
-  Tags?: Tag[];
+  Enabled?: boolean | undefined;
+  Tags?: Tag[] | undefined;
 }
 export declare const KeyOrigin: {
   readonly AWS_PAYMENT_CRYPTOGRAPHY: "AWS_PAYMENT_CRYPTOGRAPHY";
@@ -200,17 +201,17 @@ export interface Key {
   KeyState: KeyState | undefined;
   KeyOrigin: KeyOrigin | undefined;
   CreateTimestamp: Date | undefined;
-  UsageStartTimestamp?: Date;
-  UsageStopTimestamp?: Date;
-  DeletePendingTimestamp?: Date;
-  DeleteTimestamp?: Date;
+  UsageStartTimestamp?: Date | undefined;
+  UsageStopTimestamp?: Date | undefined;
+  DeletePendingTimestamp?: Date | undefined;
+  DeleteTimestamp?: Date | undefined;
 }
 export interface CreateKeyOutput {
   Key: Key | undefined;
 }
 export interface DeleteKeyInput {
   KeyIdentifier: string | undefined;
-  DeleteKeyInDays?: number;
+  DeleteKeyInDays?: number | undefined;
 }
 export interface DeleteKeyOutput {
   Key: Key | undefined;
@@ -219,8 +220,8 @@ export interface ExportDukptInitialKey {
   KeySerialNumber: string | undefined;
 }
 export interface ExportAttributes {
-  ExportDukptInitialKey?: ExportDukptInitialKey;
-  KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
+  ExportDukptInitialKey?: ExportDukptInitialKey | undefined;
+  KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm | undefined;
 }
 export declare const WrappingKeySpec: {
   readonly RSA_OAEP_SHA_256: "RSA_OAEP_SHA_256";
@@ -231,7 +232,7 @@ export type WrappingKeySpec =
 export interface ExportKeyCryptogram {
   CertificateAuthorityPublicKeyIdentifier: string | undefined;
   WrappingKeyCertificate: string | undefined;
-  WrappingSpec?: WrappingKeySpec;
+  WrappingSpec?: WrappingKeySpec | undefined;
 }
 export declare const KeyExportability: {
   readonly EXPORTABLE: "EXPORTABLE";
@@ -241,14 +242,14 @@ export declare const KeyExportability: {
 export type KeyExportability =
   (typeof KeyExportability)[keyof typeof KeyExportability];
 export interface KeyBlockHeaders {
-  KeyModesOfUse?: KeyModesOfUse;
-  KeyExportability?: KeyExportability;
-  KeyVersion?: string;
-  OptionalBlocks?: Record<string, string>;
+  KeyModesOfUse?: KeyModesOfUse | undefined;
+  KeyExportability?: KeyExportability | undefined;
+  KeyVersion?: string | undefined;
+  OptionalBlocks?: Record<string, string> | undefined;
 }
 export interface ExportTr31KeyBlock {
   WrappingKeyIdentifier: string | undefined;
-  KeyBlockHeaders?: KeyBlockHeaders;
+  KeyBlockHeaders?: KeyBlockHeaders | undefined;
 }
 export declare const Tr34KeyBlockFormat: {
   readonly X9_TR34_2012: "X9_TR34_2012";
@@ -260,8 +261,8 @@ export interface ExportTr34KeyBlock {
   WrappingKeyCertificate: string | undefined;
   ExportToken: string | undefined;
   KeyBlockFormat: Tr34KeyBlockFormat | undefined;
-  RandomNonce?: string;
-  KeyBlockHeaders?: KeyBlockHeaders;
+  RandomNonce?: string | undefined;
+  KeyBlockHeaders?: KeyBlockHeaders | undefined;
 }
 export type ExportKeyMaterial =
   | ExportKeyMaterial.KeyCryptogramMember
@@ -304,7 +305,7 @@ export declare namespace ExportKeyMaterial {
 export interface ExportKeyInput {
   KeyMaterial: ExportKeyMaterial | undefined;
   ExportKeyIdentifier: string | undefined;
-  ExportAttributes?: ExportAttributes;
+  ExportAttributes?: ExportAttributes | undefined;
 }
 export declare const WrappedKeyMaterialFormat: {
   readonly KEY_CRYPTOGRAM: "KEY_CRYPTOGRAM";
@@ -317,11 +318,11 @@ export interface WrappedKey {
   WrappingKeyArn: string | undefined;
   WrappedKeyMaterialFormat: WrappedKeyMaterialFormat | undefined;
   KeyMaterial: string | undefined;
-  KeyCheckValue?: string;
-  KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
+  KeyCheckValue?: string | undefined;
+  KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm | undefined;
 }
 export interface ExportKeyOutput {
-  WrappedKey?: WrappedKey;
+  WrappedKey?: WrappedKey | undefined;
 }
 export interface GetKeyInput {
   KeyIdentifier: string | undefined;
@@ -372,7 +373,7 @@ export interface ImportKeyCryptogram {
   Exportable: boolean | undefined;
   WrappedKeyCryptogram: string | undefined;
   ImportToken: string | undefined;
-  WrappingSpec?: WrappingKeySpec;
+  WrappingSpec?: WrappingKeySpec | undefined;
 }
 export interface RootCertificatePublicKey {
   KeyAttributes: KeyAttributes | undefined;
@@ -388,7 +389,7 @@ export interface ImportTr34KeyBlock {
   ImportToken: string | undefined;
   WrappedKeyBlock: string | undefined;
   KeyBlockFormat: Tr34KeyBlockFormat | undefined;
-  RandomNonce?: string;
+  RandomNonce?: string | undefined;
 }
 export interface TrustedCertificatePublicKey {
   KeyAttributes: KeyAttributes | undefined;
@@ -463,17 +464,17 @@ export declare namespace ImportKeyMaterial {
 }
 export interface ImportKeyInput {
   KeyMaterial: ImportKeyMaterial | undefined;
-  KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
-  Enabled?: boolean;
-  Tags?: Tag[];
+  KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm | undefined;
+  Enabled?: boolean | undefined;
+  Tags?: Tag[] | undefined;
 }
 export interface ImportKeyOutput {
   Key: Key | undefined;
 }
 export interface ListKeysInput {
-  KeyState?: KeyState;
-  NextToken?: string;
-  MaxResults?: number;
+  KeyState?: KeyState | undefined;
+  NextToken?: string | undefined;
+  MaxResults?: number | undefined;
 }
 export interface KeySummary {
   KeyArn: string | undefined;
@@ -485,7 +486,7 @@ export interface KeySummary {
 }
 export interface ListKeysOutput {
   Keys: KeySummary[] | undefined;
-  NextToken?: string;
+  NextToken?: string | undefined;
 }
 export interface RestoreKeyInput {
   KeyIdentifier: string | undefined;
@@ -507,12 +508,12 @@ export interface StopKeyUsageOutput {
 }
 export interface ListTagsForResourceInput {
   ResourceArn: string | undefined;
-  NextToken?: string;
-  MaxResults?: number;
+  NextToken?: string | undefined;
+  MaxResults?: number | undefined;
 }
 export interface ListTagsForResourceOutput {
   Tags: Tag[] | undefined;
-  NextToken?: string;
+  NextToken?: string | undefined;
 }
 export interface TagResourceInput {
   ResourceArn: string | undefined;
@@ -555,6 +556,9 @@ export declare const GetParametersForImportOutputFilterSensitiveLog: (
 export declare const GetPublicKeyCertificateOutputFilterSensitiveLog: (
   obj: GetPublicKeyCertificateOutput
 ) => any;
+export declare const ImportKeyCryptogramFilterSensitiveLog: (
+  obj: ImportKeyCryptogram
+) => any;
 export declare const RootCertificatePublicKeyFilterSensitiveLog: (
   obj: RootCertificatePublicKey
 ) => any;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-payment-cryptography",
   "description": "AWS SDK for JavaScript Payment Cryptography Client for Node.js, Browser and React Native",
-  "version": "3.687.0",
+  "version": "3.691.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-payment-cryptography",
@@ -20,19 +20,19 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "5.2.0",
     "@aws-crypto/sha256-js": "5.2.0",
-    "@aws-sdk/client-sso-oidc": "3.687.0",
-    "@aws-sdk/client-sts": "3.687.0",
-    "@aws-sdk/core": "3.686.0",
-    "@aws-sdk/credential-provider-node": "3.687.0",
+    "@aws-sdk/client-sso-oidc": "3.691.0",
+    "@aws-sdk/client-sts": "3.691.0",
+    "@aws-sdk/core": "3.691.0",
+    "@aws-sdk/credential-provider-node": "3.691.0",
     "@aws-sdk/middleware-host-header": "3.686.0",
     "@aws-sdk/middleware-logger": "3.686.0",
     "@aws-sdk/middleware-recursion-detection": "3.686.0",
-    "@aws-sdk/middleware-user-agent": "3.687.0",
+    "@aws-sdk/middleware-user-agent": "3.691.0",
     "@aws-sdk/region-config-resolver": "3.686.0",
     "@aws-sdk/types": "3.686.0",
     "@aws-sdk/util-endpoints": "3.686.0",
     "@aws-sdk/util-user-agent-browser": "3.686.0",
-    "@aws-sdk/util-user-agent-node": "3.687.0",
+    "@aws-sdk/util-user-agent-node": "3.691.0",
     "@smithy/config-resolver": "^3.0.10",
     "@smithy/core": "^2.5.1",
     "@smithy/fetch-http-handler": "^4.0.0",