@aws-sdk/client-payment-cryptography 3.775.0 → 3.778.0

package/dist-cjs/index.js

@@ -27,6 +27,9 @@ __export(index_exports, {
   CreateKeyCommand: () => CreateKeyCommand,
   DeleteAliasCommand: () => DeleteAliasCommand,
   DeleteKeyCommand: () => DeleteKeyCommand,
+  DeriveKeyUsage: () => DeriveKeyUsage,
+  DiffieHellmanDerivationData: () => DiffieHellmanDerivationData,
+  ExportDiffieHellmanTr31KeyBlockFilterSensitiveLog: () => ExportDiffieHellmanTr31KeyBlockFilterSensitiveLog,
   ExportKeyCommand: () => ExportKeyCommand,
   ExportKeyCryptogramFilterSensitiveLog: () => ExportKeyCryptogramFilterSensitiveLog,
   ExportKeyInputFilterSensitiveLog: () => ExportKeyInputFilterSensitiveLog,
@@ -43,6 +46,7 @@ __export(index_exports, {
   GetParametersForImportOutputFilterSensitiveLog: () => GetParametersForImportOutputFilterSensitiveLog,
   GetPublicKeyCertificateCommand: () => GetPublicKeyCertificateCommand,
   GetPublicKeyCertificateOutputFilterSensitiveLog: () => GetPublicKeyCertificateOutputFilterSensitiveLog,
+  ImportDiffieHellmanTr31KeyBlockFilterSensitiveLog: () => ImportDiffieHellmanTr31KeyBlockFilterSensitiveLog,
   ImportKeyCommand: () => ImportKeyCommand,
   ImportKeyCryptogramFilterSensitiveLog: () => ImportKeyCryptogramFilterSensitiveLog,
   ImportKeyInputFilterSensitiveLog: () => ImportKeyInputFilterSensitiveLog,
@@ -55,6 +59,8 @@ __export(index_exports, {
   KeyBlockHeadersFilterSensitiveLog: () => KeyBlockHeadersFilterSensitiveLog,
   KeyCheckValueAlgorithm: () => KeyCheckValueAlgorithm,
   KeyClass: () => KeyClass,
+  KeyDerivationFunction: () => KeyDerivationFunction,
+  KeyDerivationHashAlgorithm: () => KeyDerivationHashAlgorithm,
   KeyExportability: () => KeyExportability,
   KeyMaterialType: () => KeyMaterialType,
   KeyOrigin: () => KeyOrigin,
@@ -73,6 +79,7 @@ __export(index_exports, {
   ServiceUnavailableException: () => ServiceUnavailableException,
   StartKeyUsageCommand: () => StartKeyUsageCommand,
   StopKeyUsageCommand: () => StopKeyUsageCommand,
+  SymmetricKeyAlgorithm: () => SymmetricKeyAlgorithm,
   TagResourceCommand: () => TagResourceCommand,
   ThrottlingException: () => ThrottlingException,
   Tr34KeyBlockFormat: () => Tr34KeyBlockFormat,
@@ -427,12 +434,34 @@ var ValidationException = class _ValidationException extends PaymentCryptography
     this.Message = opts.Message;
   }
 };
+var DeriveKeyUsage = {
+  TR31_B0_BASE_DERIVATION_KEY: "TR31_B0_BASE_DERIVATION_KEY",
+  TR31_C0_CARD_VERIFICATION_KEY: "TR31_C0_CARD_VERIFICATION_KEY",
+  TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY: "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY",
+  TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS: "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS",
+  TR31_E1_EMV_MKEY_CONFIDENTIALITY: "TR31_E1_EMV_MKEY_CONFIDENTIALITY",
+  TR31_E2_EMV_MKEY_INTEGRITY: "TR31_E2_EMV_MKEY_INTEGRITY",
+  TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS: "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS",
+  TR31_E5_EMV_MKEY_CARD_PERSONALIZATION: "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION",
+  TR31_E6_EMV_MKEY_OTHER: "TR31_E6_EMV_MKEY_OTHER",
+  TR31_K0_KEY_ENCRYPTION_KEY: "TR31_K0_KEY_ENCRYPTION_KEY",
+  TR31_K1_KEY_BLOCK_PROTECTION_KEY: "TR31_K1_KEY_BLOCK_PROTECTION_KEY",
+  TR31_M1_ISO_9797_1_MAC_KEY: "TR31_M1_ISO_9797_1_MAC_KEY",
+  TR31_M3_ISO_9797_3_MAC_KEY: "TR31_M3_ISO_9797_3_MAC_KEY",
+  TR31_M6_ISO_9797_5_CMAC_KEY: "TR31_M6_ISO_9797_5_CMAC_KEY",
+  TR31_M7_HMAC_KEY: "TR31_M7_HMAC_KEY",
+  TR31_P0_PIN_ENCRYPTION_KEY: "TR31_P0_PIN_ENCRYPTION_KEY",
+  TR31_P1_PIN_GENERATION_KEY: "TR31_P1_PIN_GENERATION_KEY",
+  TR31_V1_IBM3624_PIN_VERIFICATION_KEY: "TR31_V1_IBM3624_PIN_VERIFICATION_KEY",
+  TR31_V2_VISA_PIN_VERIFICATION_KEY: "TR31_V2_VISA_PIN_VERIFICATION_KEY"
+};
 var KeyAlgorithm = {
   AES_128: "AES_128",
   AES_192: "AES_192",
   AES_256: "AES_256",
   ECC_NIST_P256: "ECC_NIST_P256",
   ECC_NIST_P384: "ECC_NIST_P384",
+  ECC_NIST_P521: "ECC_NIST_P521",
   RSA_2048: "RSA_2048",
   RSA_3072: "RSA_3072",
   RSA_4096: "RSA_4096",
@@ -484,15 +513,38 @@ var KeyState = {
   DELETE_COMPLETE: "DELETE_COMPLETE",
   DELETE_PENDING: "DELETE_PENDING"
 };
-var WrappingKeySpec = {
-  RSA_OAEP_SHA_256: "RSA_OAEP_SHA_256",
-  RSA_OAEP_SHA_512: "RSA_OAEP_SHA_512"
+var DiffieHellmanDerivationData;
+((DiffieHellmanDerivationData3) => {
+  DiffieHellmanDerivationData3.visit = /* @__PURE__ */ __name((value, visitor) => {
+    if (value.SharedInformation !== void 0) return visitor.SharedInformation(value.SharedInformation);
+    return visitor._(value.$unknown[0], value.$unknown[1]);
+  }, "visit");
+})(DiffieHellmanDerivationData || (DiffieHellmanDerivationData = {}));
+var SymmetricKeyAlgorithm = {
+  AES_128: "AES_128",
+  AES_192: "AES_192",
+  AES_256: "AES_256",
+  TDES_2KEY: "TDES_2KEY",
+  TDES_3KEY: "TDES_3KEY"
 };
 var KeyExportability = {
   EXPORTABLE: "EXPORTABLE",
   NON_EXPORTABLE: "NON_EXPORTABLE",
   SENSITIVE: "SENSITIVE"
 };
+var KeyDerivationFunction = {
+  ANSI_X963: "ANSI_X963",
+  NIST_SP800: "NIST_SP800"
+};
+var KeyDerivationHashAlgorithm = {
+  SHA_256: "SHA_256",
+  SHA_384: "SHA_384",
+  SHA_512: "SHA_512"
+};
+var WrappingKeySpec = {
+  RSA_OAEP_SHA_256: "RSA_OAEP_SHA_256",
+  RSA_OAEP_SHA_512: "RSA_OAEP_SHA_512"
+};
 var Tr34KeyBlockFormat = {
   X9_TR34_2012: "X9_TR34_2012"
 };
@@ -502,6 +554,8 @@ var ExportKeyMaterial;
     if (value.Tr31KeyBlock !== void 0) return visitor.Tr31KeyBlock(value.Tr31KeyBlock);
     if (value.Tr34KeyBlock !== void 0) return visitor.Tr34KeyBlock(value.Tr34KeyBlock);
     if (value.KeyCryptogram !== void 0) return visitor.KeyCryptogram(value.KeyCryptogram);
+    if (value.DiffieHellmanTr31KeyBlock !== void 0)
+      return visitor.DiffieHellmanTr31KeyBlock(value.DiffieHellmanTr31KeyBlock);
     return visitor._(value.$unknown[0], value.$unknown[1]);
   }, "visit");
 })(ExportKeyMaterial || (ExportKeyMaterial = {}));
@@ -527,17 +581,25 @@ var ImportKeyMaterial;
     if (value.Tr31KeyBlock !== void 0) return visitor.Tr31KeyBlock(value.Tr31KeyBlock);
     if (value.Tr34KeyBlock !== void 0) return visitor.Tr34KeyBlock(value.Tr34KeyBlock);
     if (value.KeyCryptogram !== void 0) return visitor.KeyCryptogram(value.KeyCryptogram);
+    if (value.DiffieHellmanTr31KeyBlock !== void 0)
+      return visitor.DiffieHellmanTr31KeyBlock(value.DiffieHellmanTr31KeyBlock);
     return visitor._(value.$unknown[0], value.$unknown[1]);
   }, "visit");
 })(ImportKeyMaterial || (ImportKeyMaterial = {}));
-var ExportKeyCryptogramFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
-  ...obj,
-  ...obj.WrappingKeyCertificate && { WrappingKeyCertificate: import_smithy_client.SENSITIVE_STRING }
-}), "ExportKeyCryptogramFilterSensitiveLog");
 var KeyBlockHeadersFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
   ...obj.OptionalBlocks && { OptionalBlocks: import_smithy_client.SENSITIVE_STRING }
 }), "KeyBlockHeadersFilterSensitiveLog");
+var ExportDiffieHellmanTr31KeyBlockFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
+  ...obj,
+  ...obj.PublicKeyCertificate && { PublicKeyCertificate: import_smithy_client.SENSITIVE_STRING },
+  ...obj.DerivationData && { DerivationData: obj.DerivationData },
+  ...obj.KeyBlockHeaders && { KeyBlockHeaders: KeyBlockHeadersFilterSensitiveLog(obj.KeyBlockHeaders) }
+}), "ExportDiffieHellmanTr31KeyBlockFilterSensitiveLog");
+var ExportKeyCryptogramFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
+  ...obj,
+  ...obj.WrappingKeyCertificate && { WrappingKeyCertificate: import_smithy_client.SENSITIVE_STRING }
+}), "ExportKeyCryptogramFilterSensitiveLog");
 var ExportTr31KeyBlockFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
   ...obj.KeyBlockHeaders && { KeyBlockHeaders: KeyBlockHeadersFilterSensitiveLog(obj.KeyBlockHeaders) }
@@ -552,6 +614,10 @@ var ExportKeyMaterialFilterSensitiveLog = /* @__PURE__ */ __name((obj) => {
   if (obj.Tr34KeyBlock !== void 0) return { Tr34KeyBlock: ExportTr34KeyBlockFilterSensitiveLog(obj.Tr34KeyBlock) };
   if (obj.KeyCryptogram !== void 0)
     return { KeyCryptogram: ExportKeyCryptogramFilterSensitiveLog(obj.KeyCryptogram) };
+  if (obj.DiffieHellmanTr31KeyBlock !== void 0)
+    return {
+      DiffieHellmanTr31KeyBlock: ExportDiffieHellmanTr31KeyBlockFilterSensitiveLog(obj.DiffieHellmanTr31KeyBlock)
+    };
   if (obj.$unknown !== void 0) return { [obj.$unknown[0]]: "UNKNOWN" };
 }, "ExportKeyMaterialFilterSensitiveLog");
 var ExportKeyInputFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
@@ -581,6 +647,12 @@ var GetPublicKeyCertificateOutputFilterSensitiveLog = /* @__PURE__ */ __name((ob
   ...obj.KeyCertificate && { KeyCertificate: import_smithy_client.SENSITIVE_STRING },
   ...obj.KeyCertificateChain && { KeyCertificateChain: import_smithy_client.SENSITIVE_STRING }
 }), "GetPublicKeyCertificateOutputFilterSensitiveLog");
+var ImportDiffieHellmanTr31KeyBlockFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
+  ...obj,
+  ...obj.PublicKeyCertificate && { PublicKeyCertificate: import_smithy_client.SENSITIVE_STRING },
+  ...obj.DerivationData && { DerivationData: obj.DerivationData },
+  ...obj.WrappedKeyBlock && { WrappedKeyBlock: import_smithy_client.SENSITIVE_STRING }
+}), "ImportDiffieHellmanTr31KeyBlockFilterSensitiveLog");
 var ImportKeyCryptogramFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
   ...obj.WrappedKeyCryptogram && { WrappedKeyCryptogram: import_smithy_client.SENSITIVE_STRING }
@@ -613,6 +685,10 @@ var ImportKeyMaterialFilterSensitiveLog = /* @__PURE__ */ __name((obj) => {
   if (obj.Tr34KeyBlock !== void 0) return { Tr34KeyBlock: ImportTr34KeyBlockFilterSensitiveLog(obj.Tr34KeyBlock) };
   if (obj.KeyCryptogram !== void 0)
     return { KeyCryptogram: ImportKeyCryptogramFilterSensitiveLog(obj.KeyCryptogram) };
+  if (obj.DiffieHellmanTr31KeyBlock !== void 0)
+    return {
+      DiffieHellmanTr31KeyBlock: ImportDiffieHellmanTr31KeyBlockFilterSensitiveLog(obj.DiffieHellmanTr31KeyBlock)
+    };
   if (obj.$unknown !== void 0) return { [obj.$unknown[0]]: "UNKNOWN" };
 }, "ImportKeyMaterialFilterSensitiveLog");
 var ImportKeyInputFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
@@ -1156,6 +1232,7 @@ var de_Key = /* @__PURE__ */ __name((output, context) => {
     CreateTimestamp: /* @__PURE__ */ __name((_) => (0, import_smithy_client.expectNonNull)((0, import_smithy_client.parseEpochTimestamp)((0, import_smithy_client.expectNumber)(_))), "CreateTimestamp"),
     DeletePendingTimestamp: /* @__PURE__ */ __name((_) => (0, import_smithy_client.expectNonNull)((0, import_smithy_client.parseEpochTimestamp)((0, import_smithy_client.expectNumber)(_))), "DeletePendingTimestamp"),
     DeleteTimestamp: /* @__PURE__ */ __name((_) => (0, import_smithy_client.expectNonNull)((0, import_smithy_client.parseEpochTimestamp)((0, import_smithy_client.expectNumber)(_))), "DeleteTimestamp"),
+    DeriveKeyUsage: import_smithy_client.expectString,
     Enabled: import_smithy_client.expectBoolean,
     Exportable: import_smithy_client.expectBoolean,
     KeyArn: import_smithy_client.expectString,
@@ -1593,21 +1670,27 @@ var paginateListTagsForResource = (0, import_core.createPaginator)(PaymentCrypto
   ServiceUnavailableException,
   ThrottlingException,
   ValidationException,
+  DeriveKeyUsage,
   KeyAlgorithm,
   KeyClass,
   KeyUsage,
   KeyCheckValueAlgorithm,
   KeyOrigin,
   KeyState,
-  WrappingKeySpec,
+  DiffieHellmanDerivationData,
+  SymmetricKeyAlgorithm,
   KeyExportability,
+  KeyDerivationFunction,
+  KeyDerivationHashAlgorithm,
+  WrappingKeySpec,
   Tr34KeyBlockFormat,
   ExportKeyMaterial,
   WrappedKeyMaterialFormat,
   KeyMaterialType,
   ImportKeyMaterial,
-  ExportKeyCryptogramFilterSensitiveLog,
   KeyBlockHeadersFilterSensitiveLog,
+  ExportDiffieHellmanTr31KeyBlockFilterSensitiveLog,
+  ExportKeyCryptogramFilterSensitiveLog,
   ExportTr31KeyBlockFilterSensitiveLog,
   ExportTr34KeyBlockFilterSensitiveLog,
   ExportKeyMaterialFilterSensitiveLog,
@@ -1617,6 +1700,7 @@ var paginateListTagsForResource = (0, import_core.createPaginator)(PaymentCrypto
   GetParametersForExportOutputFilterSensitiveLog,
   GetParametersForImportOutputFilterSensitiveLog,
   GetPublicKeyCertificateOutputFilterSensitiveLog,
+  ImportDiffieHellmanTr31KeyBlockFilterSensitiveLog,
   ImportKeyCryptogramFilterSensitiveLog,
   RootCertificatePublicKeyFilterSensitiveLog,
   ImportTr31KeyBlockFilterSensitiveLog,

package/dist-es/models/models_0.js

@@ -112,12 +112,34 @@ export class ValidationException extends __BaseException {
         this.Message = opts.Message;
     }
 }
+export const DeriveKeyUsage = {
+    TR31_B0_BASE_DERIVATION_KEY: "TR31_B0_BASE_DERIVATION_KEY",
+    TR31_C0_CARD_VERIFICATION_KEY: "TR31_C0_CARD_VERIFICATION_KEY",
+    TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY: "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY",
+    TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS: "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS",
+    TR31_E1_EMV_MKEY_CONFIDENTIALITY: "TR31_E1_EMV_MKEY_CONFIDENTIALITY",
+    TR31_E2_EMV_MKEY_INTEGRITY: "TR31_E2_EMV_MKEY_INTEGRITY",
+    TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS: "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS",
+    TR31_E5_EMV_MKEY_CARD_PERSONALIZATION: "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION",
+    TR31_E6_EMV_MKEY_OTHER: "TR31_E6_EMV_MKEY_OTHER",
+    TR31_K0_KEY_ENCRYPTION_KEY: "TR31_K0_KEY_ENCRYPTION_KEY",
+    TR31_K1_KEY_BLOCK_PROTECTION_KEY: "TR31_K1_KEY_BLOCK_PROTECTION_KEY",
+    TR31_M1_ISO_9797_1_MAC_KEY: "TR31_M1_ISO_9797_1_MAC_KEY",
+    TR31_M3_ISO_9797_3_MAC_KEY: "TR31_M3_ISO_9797_3_MAC_KEY",
+    TR31_M6_ISO_9797_5_CMAC_KEY: "TR31_M6_ISO_9797_5_CMAC_KEY",
+    TR31_M7_HMAC_KEY: "TR31_M7_HMAC_KEY",
+    TR31_P0_PIN_ENCRYPTION_KEY: "TR31_P0_PIN_ENCRYPTION_KEY",
+    TR31_P1_PIN_GENERATION_KEY: "TR31_P1_PIN_GENERATION_KEY",
+    TR31_V1_IBM3624_PIN_VERIFICATION_KEY: "TR31_V1_IBM3624_PIN_VERIFICATION_KEY",
+    TR31_V2_VISA_PIN_VERIFICATION_KEY: "TR31_V2_VISA_PIN_VERIFICATION_KEY",
+};
 export const KeyAlgorithm = {
     AES_128: "AES_128",
     AES_192: "AES_192",
     AES_256: "AES_256",
     ECC_NIST_P256: "ECC_NIST_P256",
     ECC_NIST_P384: "ECC_NIST_P384",
+    ECC_NIST_P521: "ECC_NIST_P521",
     RSA_2048: "RSA_2048",
     RSA_3072: "RSA_3072",
     RSA_4096: "RSA_4096",
@@ -169,15 +191,39 @@ export const KeyState = {
     DELETE_COMPLETE: "DELETE_COMPLETE",
     DELETE_PENDING: "DELETE_PENDING",
 };
-export const WrappingKeySpec = {
-    RSA_OAEP_SHA_256: "RSA_OAEP_SHA_256",
-    RSA_OAEP_SHA_512: "RSA_OAEP_SHA_512",
+export var DiffieHellmanDerivationData;
+(function (DiffieHellmanDerivationData) {
+    DiffieHellmanDerivationData.visit = (value, visitor) => {
+        if (value.SharedInformation !== undefined)
+            return visitor.SharedInformation(value.SharedInformation);
+        return visitor._(value.$unknown[0], value.$unknown[1]);
+    };
+})(DiffieHellmanDerivationData || (DiffieHellmanDerivationData = {}));
+export const SymmetricKeyAlgorithm = {
+    AES_128: "AES_128",
+    AES_192: "AES_192",
+    AES_256: "AES_256",
+    TDES_2KEY: "TDES_2KEY",
+    TDES_3KEY: "TDES_3KEY",
 };
 export const KeyExportability = {
     EXPORTABLE: "EXPORTABLE",
     NON_EXPORTABLE: "NON_EXPORTABLE",
     SENSITIVE: "SENSITIVE",
 };
+export const KeyDerivationFunction = {
+    ANSI_X963: "ANSI_X963",
+    NIST_SP800: "NIST_SP800",
+};
+export const KeyDerivationHashAlgorithm = {
+    SHA_256: "SHA_256",
+    SHA_384: "SHA_384",
+    SHA_512: "SHA_512",
+};
+export const WrappingKeySpec = {
+    RSA_OAEP_SHA_256: "RSA_OAEP_SHA_256",
+    RSA_OAEP_SHA_512: "RSA_OAEP_SHA_512",
+};
 export const Tr34KeyBlockFormat = {
     X9_TR34_2012: "X9_TR34_2012",
 };
@@ -190,6 +236,8 @@ export var ExportKeyMaterial;
             return visitor.Tr34KeyBlock(value.Tr34KeyBlock);
         if (value.KeyCryptogram !== undefined)
             return visitor.KeyCryptogram(value.KeyCryptogram);
+        if (value.DiffieHellmanTr31KeyBlock !== undefined)
+            return visitor.DiffieHellmanTr31KeyBlock(value.DiffieHellmanTr31KeyBlock);
         return visitor._(value.$unknown[0], value.$unknown[1]);
     };
 })(ExportKeyMaterial || (ExportKeyMaterial = {}));
@@ -218,17 +266,25 @@ export var ImportKeyMaterial;
             return visitor.Tr34KeyBlock(value.Tr34KeyBlock);
         if (value.KeyCryptogram !== undefined)
             return visitor.KeyCryptogram(value.KeyCryptogram);
+        if (value.DiffieHellmanTr31KeyBlock !== undefined)
+            return visitor.DiffieHellmanTr31KeyBlock(value.DiffieHellmanTr31KeyBlock);
         return visitor._(value.$unknown[0], value.$unknown[1]);
     };
 })(ImportKeyMaterial || (ImportKeyMaterial = {}));
-export const ExportKeyCryptogramFilterSensitiveLog = (obj) => ({
-    ...obj,
-    ...(obj.WrappingKeyCertificate && { WrappingKeyCertificate: SENSITIVE_STRING }),
-});
 export const KeyBlockHeadersFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.OptionalBlocks && { OptionalBlocks: SENSITIVE_STRING }),
 });
+export const ExportDiffieHellmanTr31KeyBlockFilterSensitiveLog = (obj) => ({
+    ...obj,
+    ...(obj.PublicKeyCertificate && { PublicKeyCertificate: SENSITIVE_STRING }),
+    ...(obj.DerivationData && { DerivationData: obj.DerivationData }),
+    ...(obj.KeyBlockHeaders && { KeyBlockHeaders: KeyBlockHeadersFilterSensitiveLog(obj.KeyBlockHeaders) }),
+});
+export const ExportKeyCryptogramFilterSensitiveLog = (obj) => ({
+    ...obj,
+    ...(obj.WrappingKeyCertificate && { WrappingKeyCertificate: SENSITIVE_STRING }),
+});
 export const ExportTr31KeyBlockFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.KeyBlockHeaders && { KeyBlockHeaders: KeyBlockHeadersFilterSensitiveLog(obj.KeyBlockHeaders) }),
@@ -245,6 +301,10 @@ export const ExportKeyMaterialFilterSensitiveLog = (obj) => {
         return { Tr34KeyBlock: ExportTr34KeyBlockFilterSensitiveLog(obj.Tr34KeyBlock) };
     if (obj.KeyCryptogram !== undefined)
         return { KeyCryptogram: ExportKeyCryptogramFilterSensitiveLog(obj.KeyCryptogram) };
+    if (obj.DiffieHellmanTr31KeyBlock !== undefined)
+        return {
+            DiffieHellmanTr31KeyBlock: ExportDiffieHellmanTr31KeyBlockFilterSensitiveLog(obj.DiffieHellmanTr31KeyBlock),
+        };
     if (obj.$unknown !== undefined)
         return { [obj.$unknown[0]]: "UNKNOWN" };
 };
@@ -275,6 +335,12 @@ export const GetPublicKeyCertificateOutputFilterSensitiveLog = (obj) => ({
     ...(obj.KeyCertificate && { KeyCertificate: SENSITIVE_STRING }),
     ...(obj.KeyCertificateChain && { KeyCertificateChain: SENSITIVE_STRING }),
 });
+export const ImportDiffieHellmanTr31KeyBlockFilterSensitiveLog = (obj) => ({
+    ...obj,
+    ...(obj.PublicKeyCertificate && { PublicKeyCertificate: SENSITIVE_STRING }),
+    ...(obj.DerivationData && { DerivationData: obj.DerivationData }),
+    ...(obj.WrappedKeyBlock && { WrappedKeyBlock: SENSITIVE_STRING }),
+});
 export const ImportKeyCryptogramFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.WrappedKeyCryptogram && { WrappedKeyCryptogram: SENSITIVE_STRING }),
@@ -309,6 +375,10 @@ export const ImportKeyMaterialFilterSensitiveLog = (obj) => {
         return { Tr34KeyBlock: ImportTr34KeyBlockFilterSensitiveLog(obj.Tr34KeyBlock) };
     if (obj.KeyCryptogram !== undefined)
         return { KeyCryptogram: ImportKeyCryptogramFilterSensitiveLog(obj.KeyCryptogram) };
+    if (obj.DiffieHellmanTr31KeyBlock !== undefined)
+        return {
+            DiffieHellmanTr31KeyBlock: ImportDiffieHellmanTr31KeyBlockFilterSensitiveLog(obj.DiffieHellmanTr31KeyBlock),
+        };
     if (obj.$unknown !== undefined)
         return { [obj.$unknown[0]]: "UNKNOWN" };
 };

package/dist-es/protocols/Aws_json1_0.js

@@ -538,6 +538,7 @@ const de_Key = (output, context) => {
         CreateTimestamp: (_) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))),
         DeletePendingTimestamp: (_) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))),
         DeleteTimestamp: (_) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))),
+        DeriveKeyUsage: __expectString,
         Enabled: __expectBoolean,
         Exportable: __expectBoolean,
         KeyArn: __expectString,

package/dist-types/commands/CreateAliasCommand.d.ts

@@ -111,6 +111,7 @@ declare const CreateAliasCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class CreateAliasCommand extends CreateAliasCommand_base {

package/dist-types/commands/CreateKeyCommand.d.ts

@@ -85,6 +85,7 @@ declare const CreateKeyCommand_base: {
  *       Value: "STRING_VALUE", // required
  *     },
  *   ],
+ *   DeriveKeyUsage: "STRING_VALUE",
  * };
  * const command = new CreateKeyCommand(input);
  * const response = await client.send(command);
@@ -118,6 +119,7 @@ declare const CreateKeyCommand_base: {
  * //     UsageStopTimestamp: new Date("TIMESTAMP"),
  * //     DeletePendingTimestamp: new Date("TIMESTAMP"),
  * //     DeleteTimestamp: new Date("TIMESTAMP"),
+ * //     DeriveKeyUsage: "STRING_VALUE",
  * //   },
  * // };
  *
@@ -156,6 +158,7 @@ declare const CreateKeyCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class CreateKeyCommand extends CreateKeyCommand_base {

package/dist-types/commands/DeleteAliasCommand.d.ts

@@ -101,6 +101,7 @@ declare const DeleteAliasCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class DeleteAliasCommand extends DeleteAliasCommand_base {

package/dist-types/commands/DeleteKeyCommand.d.ts

@@ -94,6 +94,7 @@ declare const DeleteKeyCommand_base: {
  * //     UsageStopTimestamp: new Date("TIMESTAMP"),
  * //     DeletePendingTimestamp: new Date("TIMESTAMP"),
  * //     DeleteTimestamp: new Date("TIMESTAMP"),
+ * //     DeriveKeyUsage: "STRING_VALUE",
  * //   },
  * // };
  *
@@ -129,6 +130,7 @@ declare const DeleteKeyCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class DeleteKeyCommand extends DeleteKeyCommand_base {

package/dist-types/commands/ExportKeyCommand.d.ts

@@ -187,6 +187,35 @@ declare const ExportKeyCommand_base: {
  *       WrappingKeyCertificate: "STRING_VALUE", // required
  *       WrappingSpec: "STRING_VALUE",
  *     },
+ *     DiffieHellmanTr31KeyBlock: { // ExportDiffieHellmanTr31KeyBlock
+ *       PrivateKeyIdentifier: "STRING_VALUE", // required
+ *       CertificateAuthorityPublicKeyIdentifier: "STRING_VALUE", // required
+ *       PublicKeyCertificate: "STRING_VALUE", // required
+ *       DeriveKeyAlgorithm: "TDES_2KEY" || "TDES_3KEY" || "AES_128" || "AES_192" || "AES_256", // required
+ *       KeyDerivationFunction: "NIST_SP800" || "ANSI_X963", // required
+ *       KeyDerivationHashAlgorithm: "SHA_256" || "SHA_384" || "SHA_512", // required
+ *       DerivationData: { // DiffieHellmanDerivationData Union: only one key present
+ *         SharedInformation: "STRING_VALUE",
+ *       },
+ *       KeyBlockHeaders: {
+ *         KeyModesOfUse: {
+ *           Encrypt: true || false,
+ *           Decrypt: true || false,
+ *           Wrap: true || false,
+ *           Unwrap: true || false,
+ *           Generate: true || false,
+ *           Sign: true || false,
+ *           Verify: true || false,
+ *           DeriveKey: true || false,
+ *           NoRestrictions: true || false,
+ *         },
+ *         KeyExportability: "STRING_VALUE",
+ *         KeyVersion: "STRING_VALUE",
+ *         OptionalBlocks: {
+ *           "<keys>": "STRING_VALUE",
+ *         },
+ *       },
+ *     },
  *   },
  *   ExportKeyIdentifier: "STRING_VALUE", // required
  *   ExportAttributes: { // ExportAttributes
@@ -240,6 +269,7 @@ declare const ExportKeyCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class ExportKeyCommand extends ExportKeyCommand_base {

package/dist-types/commands/GetAliasCommand.d.ts

@@ -102,6 +102,7 @@ declare const GetAliasCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class GetAliasCommand extends GetAliasCommand_base {

package/dist-types/commands/GetKeyCommand.d.ts

@@ -91,6 +91,7 @@ declare const GetKeyCommand_base: {
  * //     UsageStopTimestamp: new Date("TIMESTAMP"),
  * //     DeletePendingTimestamp: new Date("TIMESTAMP"),
  * //     DeleteTimestamp: new Date("TIMESTAMP"),
+ * //     DeriveKeyUsage: "STRING_VALUE",
  * //   },
  * // };
  *
@@ -123,6 +124,7 @@ declare const GetKeyCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class GetKeyCommand extends GetKeyCommand_base {

package/dist-types/commands/GetParametersForExportCommand.d.ts

@@ -101,6 +101,7 @@ declare const GetParametersForExportCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class GetParametersForExportCommand extends GetParametersForExportCommand_base {

package/dist-types/commands/GetParametersForImportCommand.d.ts

@@ -101,6 +101,7 @@ declare const GetParametersForImportCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class GetParametersForImportCommand extends GetParametersForImportCommand_base {

package/dist-types/commands/GetPublicKeyCertificateCommand.d.ts

@@ -76,6 +76,7 @@ declare const GetPublicKeyCertificateCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class GetPublicKeyCertificateCommand extends GetPublicKeyCertificateCommand_base {

package/dist-types/commands/ImportKeyCommand.d.ts

@@ -35,10 +35,6 @@ declare const ImportKeyCommand_base: {
  *          <p>
  *             <b>To import a public root key certificate</b>
  *          </p>
- *          <p>You can also import a <i>root public key certificate</i>, used to sign other public key certificates, or a <i>trusted public key certificate</i> under an already established root public key certificate.</p>
- *          <p>
- *             <b>To import a public root key certificate</b>
- *          </p>
  *          <p>Using this operation, you can import the public component (in PEM cerificate format) of your private root key. You can use the imported public root key certificate for digital signatures, for example signing wrapping key or signing key in TR-34, within your Amazon Web Services Payment Cryptography account.</p>
  *          <p>Set the following parameters:</p>
  *          <ul>
@@ -240,6 +236,18 @@ declare const ImportKeyCommand_base: {
  *       ImportToken: "STRING_VALUE", // required
  *       WrappingSpec: "STRING_VALUE",
  *     },
+ *     DiffieHellmanTr31KeyBlock: { // ImportDiffieHellmanTr31KeyBlock
+ *       PrivateKeyIdentifier: "STRING_VALUE", // required
+ *       CertificateAuthorityPublicKeyIdentifier: "STRING_VALUE", // required
+ *       PublicKeyCertificate: "STRING_VALUE", // required
+ *       DeriveKeyAlgorithm: "TDES_2KEY" || "TDES_3KEY" || "AES_128" || "AES_192" || "AES_256", // required
+ *       KeyDerivationFunction: "NIST_SP800" || "ANSI_X963", // required
+ *       KeyDerivationHashAlgorithm: "SHA_256" || "SHA_384" || "SHA_512", // required
+ *       DerivationData: { // DiffieHellmanDerivationData Union: only one key present
+ *         SharedInformation: "STRING_VALUE",
+ *       },
+ *       WrappedKeyBlock: "STRING_VALUE", // required
+ *     },
  *   },
  *   KeyCheckValueAlgorithm: "STRING_VALUE",
  *   Enabled: true || false,
@@ -282,6 +290,7 @@ declare const ImportKeyCommand_base: {
  * //     UsageStopTimestamp: new Date("TIMESTAMP"),
  * //     DeletePendingTimestamp: new Date("TIMESTAMP"),
  * //     DeleteTimestamp: new Date("TIMESTAMP"),
+ * //     DeriveKeyUsage: "STRING_VALUE",
  * //   },
  * // };
  *
@@ -320,6 +329,7 @@ declare const ImportKeyCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class ImportKeyCommand extends ImportKeyCommand_base {

package/dist-types/commands/ListAliasesCommand.d.ts

@@ -109,6 +109,7 @@ declare const ListAliasesCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class ListAliasesCommand extends ListAliasesCommand_base {

package/dist-types/commands/ListKeysCommand.d.ts

@@ -124,6 +124,7 @@ declare const ListKeysCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class ListKeysCommand extends ListKeysCommand_base {

package/dist-types/commands/ListTagsForResourceCommand.d.ts

@@ -100,6 +100,7 @@ declare const ListTagsForResourceCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class ListTagsForResourceCommand extends ListTagsForResourceCommand_base {

package/dist-types/commands/RestoreKeyCommand.d.ts

@@ -93,6 +93,7 @@ declare const RestoreKeyCommand_base: {
  * //     UsageStopTimestamp: new Date("TIMESTAMP"),
  * //     DeletePendingTimestamp: new Date("TIMESTAMP"),
  * //     DeleteTimestamp: new Date("TIMESTAMP"),
+ * //     DeriveKeyUsage: "STRING_VALUE",
  * //   },
  * // };
  *
@@ -131,6 +132,7 @@ declare const RestoreKeyCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class RestoreKeyCommand extends RestoreKeyCommand_base {

package/dist-types/commands/StartKeyUsageCommand.d.ts

@@ -81,6 +81,7 @@ declare const StartKeyUsageCommand_base: {
  * //     UsageStopTimestamp: new Date("TIMESTAMP"),
  * //     DeletePendingTimestamp: new Date("TIMESTAMP"),
  * //     DeleteTimestamp: new Date("TIMESTAMP"),
+ * //     DeriveKeyUsage: "STRING_VALUE",
  * //   },
  * // };
  *
@@ -119,6 +120,7 @@ declare const StartKeyUsageCommand_base: {
  * @throws {@link PaymentCryptographyServiceException}
  * <p>Base exception class for all service exceptions from PaymentCryptography service.</p>
  *
+ *
  * @public
  */
 export declare class StartKeyUsageCommand extends StartKeyUsageCommand_base {