/*
* Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.paymentcryptography;
import org.w3c.dom.*;
import java.net.*;
import java.util.*;
import javax.annotation.Generated;
import org.apache.commons.logging.*;
import com.amazonaws.*;
import com.amazonaws.annotation.SdkInternalApi;
import com.amazonaws.auth.*;
import com.amazonaws.handlers.*;
import com.amazonaws.http.*;
import com.amazonaws.internal.*;
import com.amazonaws.internal.auth.*;
import com.amazonaws.metrics.*;
import com.amazonaws.regions.*;
import com.amazonaws.transform.*;
import com.amazonaws.util.*;
import com.amazonaws.protocol.json.*;
import com.amazonaws.util.AWSRequestMetrics.Field;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.client.AwsSyncClientParams;
import com.amazonaws.client.builder.AdvancedConfig;
import com.amazonaws.services.paymentcryptography.AWSPaymentCryptographyClientBuilder;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.services.paymentcryptography.model.*;
import com.amazonaws.services.paymentcryptography.model.transform.*;
/**
* Client for accessing Payment Cryptography Control Plane. All service calls made using this client are blocking, and
* will not return until the service call completes.
*
*
* You use the Amazon Web Services Payment Cryptography Control Plane to manage the encryption keys you use for
* payment-related cryptographic operations. You can create, import, export, share, manage, and delete keys. You can
* also manage Identity and Access Management (IAM) policies for keys. For more information, see Identity and access
* management in the Amazon Web Services Payment Cryptography User Guide.
*
*
* To use encryption keys for payment-related transaction processing and associated cryptographic operations, you use
* the Amazon Web
* Services Payment Cryptography Data Plane. You can encrypt, decrypt, generate, verify, and translate
* payment-related cryptographic operations.
*
*
* All Amazon Web Services Payment Cryptography API calls must be signed and transmitted using Transport Layer Security
* (TLS). We recommend you always use the latest supported TLS version for logging API requests.
*
*
* Amazon Web Services Payment Cryptography supports CloudTrail, a service that logs Amazon Web Services API calls and
* related events for your Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By
* using the information collected by CloudTrail, you can determine what requests were made to Amazon Web Services
* Payment Cryptography, who made the request, when it was made, and so on. If you don't configure a trail, you can still
* view the most recent events in the CloudTrail console. For more information, see the CloudTrail User Guide.
*
*/
@ThreadSafe
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class AWSPaymentCryptographyClient extends AmazonWebServiceClient implements AWSPaymentCryptography {
/** Provider for AWS credentials. */
private final AWSCredentialsProvider awsCredentialsProvider;
private static final Log log = LogFactory.getLog(AWSPaymentCryptography.class);
/** Default signing name for the service. */
private static final String DEFAULT_SIGNING_NAME = "payment-cryptography";
/** Client configuration factory providing ClientConfigurations tailored to this client */
protected static final ClientConfigurationFactory configFactory = new ClientConfigurationFactory();
private final AdvancedConfig advancedConfig;
private static final com.amazonaws.protocol.json.SdkJsonProtocolFactory protocolFactory = new com.amazonaws.protocol.json.SdkJsonProtocolFactory(
new JsonClientMetadata()
.withProtocolVersion("1.0")
.withSupportsCbor(false)
.withSupportsIon(false)
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("AccessDeniedException").withExceptionUnmarshaller(
com.amazonaws.services.paymentcryptography.model.transform.AccessDeniedExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ConflictException").withExceptionUnmarshaller(
com.amazonaws.services.paymentcryptography.model.transform.ConflictExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ResourceNotFoundException").withExceptionUnmarshaller(
com.amazonaws.services.paymentcryptography.model.transform.ResourceNotFoundExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ThrottlingException").withExceptionUnmarshaller(
com.amazonaws.services.paymentcryptography.model.transform.ThrottlingExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ValidationException").withExceptionUnmarshaller(
com.amazonaws.services.paymentcryptography.model.transform.ValidationExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ServiceUnavailableException").withExceptionUnmarshaller(
com.amazonaws.services.paymentcryptography.model.transform.ServiceUnavailableExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ServiceQuotaExceededException").withExceptionUnmarshaller(
com.amazonaws.services.paymentcryptography.model.transform.ServiceQuotaExceededExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InternalServerException").withExceptionUnmarshaller(
com.amazonaws.services.paymentcryptography.model.transform.InternalServerExceptionUnmarshaller.getInstance()))
.withBaseServiceExceptionClass(com.amazonaws.services.paymentcryptography.model.AWSPaymentCryptographyException.class));
public static AWSPaymentCryptographyClientBuilder builder() {
return AWSPaymentCryptographyClientBuilder.standard();
}
/**
* Constructs a new client to invoke service methods on Payment Cryptography Control Plane using the specified
* parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AWSPaymentCryptographyClient(AwsSyncClientParams clientParams) {
this(clientParams, false);
}
/**
* Constructs a new client to invoke service methods on Payment Cryptography Control Plane using the specified
* parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AWSPaymentCryptographyClient(AwsSyncClientParams clientParams, boolean endpointDiscoveryEnabled) {
super(clientParams);
this.awsCredentialsProvider = clientParams.getCredentialsProvider();
this.advancedConfig = clientParams.getAdvancedConfig();
init();
}
private void init() {
setServiceNameIntern(DEFAULT_SIGNING_NAME);
setEndpointPrefix(ENDPOINT_PREFIX);
// calling this.setEndPoint(...) will also modify the signer accordingly
setEndpoint("controlplane.payment-cryptography.us-east-1.amazonaws.com");
HandlerChainFactory chainFactory = new HandlerChainFactory();
requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com/amazonaws/services/paymentcryptography/request.handlers"));
requestHandler2s.addAll(chainFactory.newRequestHandler2Chain("/com/amazonaws/services/paymentcryptography/request.handler2s"));
requestHandler2s.addAll(chainFactory.getGlobalHandlers());
}
/**
*
* Creates an alias, or a friendly name, for an Amazon Web Services Payment Cryptography key. You can use an
* alias to identify a key in the console and when you call cryptographic operations such as EncryptData or DecryptData.
*
*
* You can associate the alias with any key in the same Amazon Web Services Region. Each alias is associated with
* only one key at a time, but a key can have multiple aliases. You can't create an alias without a key. The alias
* must be unique in the account and Amazon Web Services Region, but you can create another alias with the same name
* in a different Amazon Web Services Region.
*
*
* To change the key that's associated with the alias, call UpdateAlias. To delete the alias, call
* DeleteAlias. These operations don't affect the underlying key. To get the alias that you created, call
* ListAliases.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param createAliasRequest
* @return Result of the CreateAlias operation returned by the service.
* @throws ServiceQuotaExceededException
* This request would cause a service quota to be exceeded.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.CreateAlias
* @see AWS API Documentation
*/
@Override
public CreateAliasResult createAlias(CreateAliasRequest request) {
request = beforeClientExecution(request);
return executeCreateAlias(request);
}
@SdkInternalApi
final CreateAliasResult executeCreateAlias(CreateAliasRequest createAliasRequest) {
ExecutionContext executionContext = createExecutionContext(createAliasRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateAliasRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createAliasRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateAlias");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateAliasResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates an Amazon Web Services Payment Cryptography key, a logical representation of a cryptographic key, that is
* unique in your account and Amazon Web Services Region. You use keys for cryptographic functions such as
* encryption and decryption.
*
*
* In addition to the key material used in cryptographic operations, an Amazon Web Services Payment Cryptography key
* includes metadata such as the key ARN, key usage, key origin, creation date, description, and key state.
*
*
* When you create a key, you specify both immutable and mutable data about the key. The immutable data contains key
* attributes that defines the scope and cryptographic operations that you can perform using the key, for example
* key class (example: SYMMETRIC_KEY), key algorithm (example: TDES_2KEY), key usage
* (example: TR31_P0_PIN_ENCRYPTION_KEY) and key modes of use (example: Encrypt). For
* information about valid combinations of key attributes, see Understanding
* key attributes in the Amazon Web Services Payment Cryptography User Guide. The mutable data contained
* within a key includes usage timestamp and key deletion timestamp and can be modified after creation.
*
*
* Amazon Web Services Payment Cryptography binds key attributes to keys using key blocks when you store or export
* them. Amazon Web Services Payment Cryptography stores the key contents wrapped and never stores or transmits them
* in the clear.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param createKeyRequest
* @return Result of the CreateKey operation returned by the service.
* @throws ServiceQuotaExceededException
* This request would cause a service quota to be exceeded.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.CreateKey
* @see AWS
* API Documentation
*/
@Override
public CreateKeyResult createKey(CreateKeyRequest request) {
request = beforeClientExecution(request);
return executeCreateKey(request);
}
@SdkInternalApi
final CreateKeyResult executeCreateKey(CreateKeyRequest createKeyRequest) {
ExecutionContext executionContext = createExecutionContext(createKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateKeyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateKey");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateKeyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the alias, but doesn't affect the underlying key.
*
*
* Each key can have multiple aliases. To get the aliases of all keys, use the ListAliases operation. To
* change the alias of a key, first use DeleteAlias to delete the current alias and then use
* CreateAlias to create a new alias. To associate an existing alias with a different key, call
* UpdateAlias.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param deleteAliasRequest
* @return Result of the DeleteAlias operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.DeleteAlias
* @see AWS API Documentation
*/
@Override
public DeleteAliasResult deleteAlias(DeleteAliasRequest request) {
request = beforeClientExecution(request);
return executeDeleteAlias(request);
}
@SdkInternalApi
final DeleteAliasResult executeDeleteAlias(DeleteAliasRequest deleteAliasRequest) {
ExecutionContext executionContext = createExecutionContext(deleteAliasRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteAliasRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteAliasRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteAlias");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteAliasResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the key material and all metadata associated with Amazon Web Services Payment Cryptography key.
*
*
* Key deletion is irreversible. After a key is deleted, you can't perform cryptographic operations using the key.
* For example, you can't decrypt data that was encrypted by a deleted Amazon Web Services Payment Cryptography key,
* and the data may become unrecoverable. Because key deletion is destructive, Amazon Web Services Payment
* Cryptography has a safety mechanism to prevent accidental deletion of a key. When you call this operation, Amazon
* Web Services Payment Cryptography disables the specified key but doesn't delete it until after a waiting period.
* The default waiting period is 7 days. To set a different waiting period, set DeleteKeyInDays. During
* the waiting period, the KeyState is DELETE_PENDING. After the key is deleted, the
* KeyState is DELETE_COMPLETE.
*
*
* If you delete key material, you can use ImportKey to reimport the same key material into the Amazon Web
* Services Payment Cryptography key.
*
*
* You should delete a key only when you are sure that you don't need to use it anymore and no other parties are
* utilizing this key. If you aren't sure, consider deactivating it instead by calling StopKeyUsage.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param deleteKeyRequest
* @return Result of the DeleteKey operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.DeleteKey
* @see AWS
* API Documentation
*/
@Override
public DeleteKeyResult deleteKey(DeleteKeyRequest request) {
request = beforeClientExecution(request);
return executeDeleteKey(request);
}
@SdkInternalApi
final DeleteKeyResult executeDeleteKey(DeleteKeyRequest deleteKeyRequest) {
ExecutionContext executionContext = createExecutionContext(deleteKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteKeyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteKey");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteKeyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Exports a key from Amazon Web Services Payment Cryptography using either ANSI X9 TR-34 or TR-31 key export
* standard.
*
*
* Amazon Web Services Payment Cryptography simplifies main or root key exchange process by eliminating the need of
* a paper-based key exchange process. It takes a modern and secure approach based of the ANSI X9 TR-34 key exchange
* standard.
*
*
* You can use ExportKey to export main or root keys such as KEK (Key Encryption Key), using asymmetric
* key exchange technique following ANSI X9 TR-34 standard. The ANSI X9 TR-34 standard uses asymmetric keys to
* establishes bi-directional trust between the two parties exchanging keys. After which you can export working keys
* using the ANSI X9 TR-31 symmetric key exchange standard as mandated by PCI PIN. Using this operation, you can
* share your Amazon Web Services Payment Cryptography generated keys with other service partners to perform
* cryptographic operations outside of Amazon Web Services Payment Cryptography
*
*
* TR-34 key export
*
*
* Amazon Web Services Payment Cryptography uses TR-34 asymmetric key exchange standard to export main keys such as
* KEK. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving
* party of the key is called Key Receiving Host (KRH). In key export process, KDH is Amazon Web Services Payment
* Cryptography which initiates key export. KRH is the user receiving the key. Before you initiate TR-34 key export,
* you must obtain an export token by calling GetParametersForExport. This operation also returns the signing
* key certificate that KDH uses to sign the wrapped key to generate a TR-34 wrapped key block. The export token
* expires after 7 days.
*
*
* Set the following parameters:
*
*
* - CertificateAuthorityPublicKeyIdentifier
* -
*
* The KeyARN of the certificate chain that will sign the wrapping key certificate. This must exist
* within Amazon Web Services Payment Cryptography before you initiate TR-34 key export. If it does not exist, you
* can import it by calling ImportKey for RootCertificatePublicKey.
*
*
* - ExportToken
* -
*
* Obtained from KDH by calling GetParametersForExport.
*
*
* - WrappingKeyCertificate
* -
*
* Amazon Web Services Payment Cryptography uses this to wrap the key under export.
*
*
*
*
* When this operation is successful, Amazon Web Services Payment Cryptography returns the TR-34 wrapped key block.
*
*
* TR-31 key export
*
*
* Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange standard to export working keys. In
* TR-31, you must use a main key such as KEK to encrypt or wrap the key under export. To establish a KEK, you can
* use CreateKey or ImportKey. When this operation is successful, Amazon Web Services Payment
* Cryptography returns a TR-31 wrapped key block.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param exportKeyRequest
* @return Result of the ExportKey operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.ExportKey
* @see AWS
* API Documentation
*/
@Override
public ExportKeyResult exportKey(ExportKeyRequest request) {
request = beforeClientExecution(request);
return executeExportKey(request);
}
@SdkInternalApi
final ExportKeyResult executeExportKey(ExportKeyRequest exportKeyRequest) {
ExecutionContext executionContext = createExecutionContext(exportKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ExportKeyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(exportKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ExportKey");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new ExportKeyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Gets the Amazon Web Services Payment Cryptography key associated with the alias.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param getAliasRequest
* @return Result of the GetAlias operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.GetAlias
* @see AWS
* API Documentation
*/
@Override
public GetAliasResult getAlias(GetAliasRequest request) {
request = beforeClientExecution(request);
return executeGetAlias(request);
}
@SdkInternalApi
final GetAliasResult executeGetAlias(GetAliasRequest getAliasRequest) {
ExecutionContext executionContext = createExecutionContext(getAliasRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetAliasRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getAliasRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetAlias");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetAliasResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Gets the key material for an Amazon Web Services Payment Cryptography key, including the immutable and mutable
* data specified when the key was created.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param getKeyRequest
* @return Result of the GetKey operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.GetKey
* @see AWS
* API Documentation
*/
@Override
public GetKeyResult getKey(GetKeyRequest request) {
request = beforeClientExecution(request);
return executeGetKey(request);
}
@SdkInternalApi
final GetKeyResult executeGetKey(GetKeyRequest getKeyRequest) {
ExecutionContext executionContext = createExecutionContext(getKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetKeyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetKey");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetKeyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Gets the export token and the signing key certificate to initiate a TR-34 key export from Amazon Web Services
* Payment Cryptography.
*
*
* The signing key certificate signs the wrapped key under export within the TR-34 key payload. The export token and
* signing key certificate must be in place and operational before calling ExportKey. The export token
* expires in 7 days. You can use the same export token to export multiple keys from your service account.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param getParametersForExportRequest
* @return Result of the GetParametersForExport operation returned by the service.
* @throws ServiceQuotaExceededException
* This request would cause a service quota to be exceeded.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.GetParametersForExport
* @see AWS API Documentation
*/
@Override
public GetParametersForExportResult getParametersForExport(GetParametersForExportRequest request) {
request = beforeClientExecution(request);
return executeGetParametersForExport(request);
}
@SdkInternalApi
final GetParametersForExportResult executeGetParametersForExport(GetParametersForExportRequest getParametersForExportRequest) {
ExecutionContext executionContext = createExecutionContext(getParametersForExportRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetParametersForExportRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getParametersForExportRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetParametersForExport");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new GetParametersForExportResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Gets the import token and the wrapping key certificate to initiate a TR-34 key import into Amazon Web Services
* Payment Cryptography.
*
*
* The wrapping key certificate wraps the key under import within the TR-34 key payload. The import token and
* wrapping key certificate must be in place and operational before calling ImportKey. The import token
* expires in 7 days. The same import token can be used to import multiple keys into your service account.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param getParametersForImportRequest
* @return Result of the GetParametersForImport operation returned by the service.
* @throws ServiceQuotaExceededException
* This request would cause a service quota to be exceeded.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.GetParametersForImport
* @see AWS API Documentation
*/
@Override
public GetParametersForImportResult getParametersForImport(GetParametersForImportRequest request) {
request = beforeClientExecution(request);
return executeGetParametersForImport(request);
}
@SdkInternalApi
final GetParametersForImportResult executeGetParametersForImport(GetParametersForImportRequest getParametersForImportRequest) {
ExecutionContext executionContext = createExecutionContext(getParametersForImportRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetParametersForImportRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getParametersForImportRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetParametersForImport");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new GetParametersForImportResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Gets the public key certificate of the asymmetric key pair that exists within Amazon Web Services Payment
* Cryptography.
*
*
* Unlike the private key of an asymmetric key, which never leaves Amazon Web Services Payment Cryptography
* unencrypted, callers with GetPublicKeyCertificate permission can download the public key certificate
* of the asymmetric key. You can share the public key certificate to allow others to encrypt messages and verify
* signatures outside of Amazon Web Services Payment Cryptography
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* @param getPublicKeyCertificateRequest
* @return Result of the GetPublicKeyCertificate operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.GetPublicKeyCertificate
* @see AWS API Documentation
*/
@Override
public GetPublicKeyCertificateResult getPublicKeyCertificate(GetPublicKeyCertificateRequest request) {
request = beforeClientExecution(request);
return executeGetPublicKeyCertificate(request);
}
@SdkInternalApi
final GetPublicKeyCertificateResult executeGetPublicKeyCertificate(GetPublicKeyCertificateRequest getPublicKeyCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(getPublicKeyCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetPublicKeyCertificateRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(getPublicKeyCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetPublicKeyCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new GetPublicKeyCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Imports keys and public key certificates into Amazon Web Services Payment Cryptography.
*
*
* Amazon Web Services Payment Cryptography simplifies main or root key exchange process by eliminating the need of
* a paper-based key exchange process. It takes a modern and secure approach based of the ANSI X9 TR-34 key exchange
* standard.
*
*
* You can use ImportKey to import main or root keys such as KEK (Key Encryption Key) using asymmetric
* key exchange technique following the ANSI X9 TR-34 standard. The ANSI X9 TR-34 standard uses asymmetric keys to
* establishes bi-directional trust between the two parties exchanging keys.
*
*
* After you have imported a main or root key, you can import working keys to perform various cryptographic
* operations within Amazon Web Services Payment Cryptography using the ANSI X9 TR-31 symmetric key exchange
* standard as mandated by PCI PIN.
*
*
* You can also import a root public key certificate, a self-signed certificate used to sign other public key
* certificates, or a trusted public key certificate under an already established root public key
* certificate.
*
*
* To import a public root key certificate
*
*
* Using this operation, you can import the public component (in PEM cerificate format) of your private root key.
* You can use the imported public root key certificate for digital signatures, for example signing wrapping key or
* signing key in TR-34, within your Amazon Web Services Payment Cryptography account.
*
*
* Set the following parameters:
*
*
* -
*
* KeyMaterial: RootCertificatePublicKey
*
*
* -
*
* KeyClass: PUBLIC_KEY
*
*
* -
*
* KeyModesOfUse: Verify
*
*
* -
*
* KeyUsage: TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE
*
*
* -
*
* PublicKeyCertificate: The certificate authority used to sign the root public key certificate.
*
*
*
*
* To import a trusted public key certificate
*
*
* The root public key certificate must be in place and operational before you import a trusted public key
* certificate. Set the following parameters:
*
*
* -
*
* KeyMaterial: TrustedCertificatePublicKey
*
*
* -
*
* CertificateAuthorityPublicKeyIdentifier: KeyArn of the
* RootCertificatePublicKey.
*
*
* -
*
* KeyModesOfUse and KeyUsage: Corresponding to the cryptographic operations such as wrap,
* sign, or encrypt that you will allow the trusted public key certificate to perform.
*
*
* -
*
* PublicKeyCertificate: The certificate authority used to sign the trusted public key certificate.
*
*
*
*
* Import main keys
*
*
* Amazon Web Services Payment Cryptography uses TR-34 asymmetric key exchange standard to import main keys such as
* KEK. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving
* party of the key is called Key Receiving Host (KRH). During the key import process, KDH is the user who initiates
* the key import and KRH is Amazon Web Services Payment Cryptography who receives the key. Before initiating TR-34
* key import, you must obtain an import token by calling GetParametersForImport. This operation also returns
* the wrapping key certificate that KDH uses wrap key under import to generate a TR-34 wrapped key block. The
* import token expires after 7 days.
*
*
* Set the following parameters:
*
*
* -
*
* CertificateAuthorityPublicKeyIdentifier: The KeyArn of the certificate chain that will
* sign the signing key certificate and should exist within Amazon Web Services Payment Cryptography before
* initiating TR-34 key import. If it does not exist, you can import it by calling by calling ImportKey
* for RootCertificatePublicKey.
*
*
* -
*
* ImportToken: Obtained from KRH by calling GetParametersForImport.
*
*
* -
*
* WrappedKeyBlock: The TR-34 wrapped key block from KDH. It contains the KDH key under import, wrapped
* with KRH provided wrapping key certificate and signed by the KDH private signing key. This TR-34 key block is
* generated by the KDH Hardware Security Module (HSM) outside of Amazon Web Services Payment Cryptography.
*
*
* -
*
* SigningKeyCertificate: The public component of the private key that signed the KDH TR-34 wrapped key
* block. In PEM certificate format.
*
*
*
*
*
* TR-34 is intended primarily to exchange 3DES keys. Your ability to export AES-128 and larger AES keys may be
* dependent on your source system.
*
*
*
* Import working keys
*
*
* Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange standard to import working keys. A KEK
* must be established within Amazon Web Services Payment Cryptography by using TR-34 key import. To initiate a
* TR-31 key import, set the following parameters:
*
*
* -
*
* WrappedKeyBlock: The key under import and encrypted using KEK. The TR-31 key block generated by your
* HSM outside of Amazon Web Services Payment Cryptography.
*
*
* -
*
* WrappingKeyIdentifier: The KeyArn of the KEK that Amazon Web Services Payment
* Cryptography uses to decrypt or unwrap the key under import.
*
*
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param importKeyRequest
* @return Result of the ImportKey operation returned by the service.
* @throws ServiceQuotaExceededException
* This request would cause a service quota to be exceeded.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.ImportKey
* @see AWS
* API Documentation
*/
@Override
public ImportKeyResult importKey(ImportKeyRequest request) {
request = beforeClientExecution(request);
return executeImportKey(request);
}
@SdkInternalApi
final ImportKeyResult executeImportKey(ImportKeyRequest importKeyRequest) {
ExecutionContext executionContext = createExecutionContext(importKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ImportKeyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(importKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ImportKey");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new ImportKeyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists the aliases for all keys in the caller's Amazon Web Services account and Amazon Web Services Region. You
* can filter the list of aliases. For more information, see Using aliases
* in the Amazon Web Services Payment Cryptography User Guide.
*
*
* This is a paginated operation, which means that each response might contain only a subset of all the aliases.
* When the response contains only a subset of aliases, it includes a NextToken value. Use this value
* in a subsequent ListAliases request to get more aliases. When you receive a response with no
* NextToken (or an empty or null value), that means there are no more aliases to get.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param listAliasesRequest
* @return Result of the ListAliases operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.ListAliases
* @see AWS API Documentation
*/
@Override
public ListAliasesResult listAliases(ListAliasesRequest request) {
request = beforeClientExecution(request);
return executeListAliases(request);
}
@SdkInternalApi
final ListAliasesResult executeListAliases(ListAliasesRequest listAliasesRequest) {
ExecutionContext executionContext = createExecutionContext(listAliasesRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListAliasesRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listAliasesRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListAliases");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListAliasesResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists the keys in the caller's Amazon Web Services account and Amazon Web Services Region. You can filter the
* list of keys.
*
*
* This is a paginated operation, which means that each response might contain only a subset of all the keys. When
* the response contains only a subset of keys, it includes a NextToken value. Use this value in a
* subsequent ListKeys request to get more keys. When you receive a response with no NextToken (or an
* empty or null value), that means there are no more keys to get.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param listKeysRequest
* @return Result of the ListKeys operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.ListKeys
* @see AWS
* API Documentation
*/
@Override
public ListKeysResult listKeys(ListKeysRequest request) {
request = beforeClientExecution(request);
return executeListKeys(request);
}
@SdkInternalApi
final ListKeysResult executeListKeys(ListKeysRequest listKeysRequest) {
ExecutionContext executionContext = createExecutionContext(listKeysRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListKeysRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listKeysRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListKeys");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListKeysResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists the tags for an Amazon Web Services resource.
*
*
* This is a paginated operation, which means that each response might contain only a subset of all the tags. When
* the response contains only a subset of tags, it includes a NextToken value. Use this value in a
* subsequent ListTagsForResource request to get more tags. When you receive a response with no
* NextToken (or an empty or null value), that means there are no more tags to get.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param listTagsForResourceRequest
* @return Result of the ListTagsForResource operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.ListTagsForResource
* @see AWS API Documentation
*/
@Override
public ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest request) {
request = beforeClientExecution(request);
return executeListTagsForResource(request);
}
@SdkInternalApi
final ListTagsForResourceResult executeListTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest) {
ExecutionContext executionContext = createExecutionContext(listTagsForResourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListTagsForResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listTagsForResourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListTagsForResource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListTagsForResourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Cancels a scheduled key deletion during the waiting period. Use this operation to restore a Key that
* is scheduled for deletion.
*
*
* During the waiting period, the KeyState is DELETE_PENDING and
* deletePendingTimestamp contains the date and time after which the Key will be deleted.
* After Key is restored, the KeyState is CREATE_COMPLETE, and the value for
* deletePendingTimestamp is removed.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param restoreKeyRequest
* @return Result of the RestoreKey operation returned by the service.
* @throws ServiceQuotaExceededException
* This request would cause a service quota to be exceeded.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.RestoreKey
* @see AWS API Documentation
*/
@Override
public RestoreKeyResult restoreKey(RestoreKeyRequest request) {
request = beforeClientExecution(request);
return executeRestoreKey(request);
}
@SdkInternalApi
final RestoreKeyResult executeRestoreKey(RestoreKeyRequest restoreKeyRequest) {
ExecutionContext executionContext = createExecutionContext(restoreKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new RestoreKeyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(restoreKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "RestoreKey");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new RestoreKeyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Enables an Amazon Web Services Payment Cryptography key, which makes it active for cryptographic operations
* within Amazon Web Services Payment Cryptography
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param startKeyUsageRequest
* @return Result of the StartKeyUsage operation returned by the service.
* @throws ServiceQuotaExceededException
* This request would cause a service quota to be exceeded.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.StartKeyUsage
* @see AWS API Documentation
*/
@Override
public StartKeyUsageResult startKeyUsage(StartKeyUsageRequest request) {
request = beforeClientExecution(request);
return executeStartKeyUsage(request);
}
@SdkInternalApi
final StartKeyUsageResult executeStartKeyUsage(StartKeyUsageRequest startKeyUsageRequest) {
ExecutionContext executionContext = createExecutionContext(startKeyUsageRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new StartKeyUsageRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(startKeyUsageRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "StartKeyUsage");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new StartKeyUsageResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Disables an Amazon Web Services Payment Cryptography key, which makes it inactive within Amazon Web Services
* Payment Cryptography.
*
*
* You can use this operation instead of DeleteKey to deactivate a key. You can enable the key in the future
* by calling StartKeyUsage.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param stopKeyUsageRequest
* @return Result of the StopKeyUsage operation returned by the service.
* @throws ServiceQuotaExceededException
* This request would cause a service quota to be exceeded.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.StopKeyUsage
* @see AWS API Documentation
*/
@Override
public StopKeyUsageResult stopKeyUsage(StopKeyUsageRequest request) {
request = beforeClientExecution(request);
return executeStopKeyUsage(request);
}
@SdkInternalApi
final StopKeyUsageResult executeStopKeyUsage(StopKeyUsageRequest stopKeyUsageRequest) {
ExecutionContext executionContext = createExecutionContext(stopKeyUsageRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new StopKeyUsageRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(stopKeyUsageRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "StopKeyUsage");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new StopKeyUsageResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Adds or edits tags on an Amazon Web Services Payment Cryptography key.
*
*
*
* Tagging or untagging an Amazon Web Services Payment Cryptography key can allow or deny permission to the key.
*
*
*
* Each tag consists of a tag key and a tag value, both of which are case-sensitive strings. The tag value can be an
* empty (null) string. To add a tag, specify a new tag key and a tag value. To edit a tag, specify an existing tag
* key and a new tag value. You can also add tags to an Amazon Web Services Payment Cryptography key when you create
* it with CreateKey.
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param tagResourceRequest
* @return Result of the TagResource operation returned by the service.
* @throws ServiceQuotaExceededException
* This request would cause a service quota to be exceeded.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.TagResource
* @see AWS API Documentation
*/
@Override
public TagResourceResult tagResource(TagResourceRequest request) {
request = beforeClientExecution(request);
return executeTagResource(request);
}
@SdkInternalApi
final TagResourceResult executeTagResource(TagResourceRequest tagResourceRequest) {
ExecutionContext executionContext = createExecutionContext(tagResourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new TagResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(tagResourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "TagResource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new TagResourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes a tag from an Amazon Web Services Payment Cryptography key.
*
*
*
* Tagging or untagging an Amazon Web Services Payment Cryptography key can allow or deny permission to the key.
*
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param untagResourceRequest
* @return Result of the UntagResource operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.UntagResource
* @see AWS API Documentation
*/
@Override
public UntagResourceResult untagResource(UntagResourceRequest request) {
request = beforeClientExecution(request);
return executeUntagResource(request);
}
@SdkInternalApi
final UntagResourceResult executeUntagResource(UntagResourceRequest untagResourceRequest) {
ExecutionContext executionContext = createExecutionContext(untagResourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UntagResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(untagResourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UntagResource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UntagResourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Associates an existing Amazon Web Services Payment Cryptography alias with a different key. Each alias is
* associated with only one Amazon Web Services Payment Cryptography key at a time, although a key can have multiple
* aliases. The alias and the Amazon Web Services Payment Cryptography key must be in the same Amazon Web Services
* account and Amazon Web Services Region
*
*
* Cross-account use: This operation can't be used across different Amazon Web Services accounts.
*
*
* Related operations:
*
*
*
* @param updateAliasRequest
* @return Result of the UpdateAlias operation returned by the service.
* @throws ServiceUnavailableException
* The service cannot complete the request.
* @throws ValidationException
* The request was denied due to an invalid request error.
* @throws ConflictException
* This request can cause an inconsistent state for the resource.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request was denied due to an invalid resource error.
* @throws ThrottlingException
* The request was denied due to request throttling.
* @throws InternalServerException
* The request processing has failed because of an unknown error, exception, or failure.
* @sample AWSPaymentCryptography.UpdateAlias
* @see AWS API Documentation
*/
@Override
public UpdateAliasResult updateAlias(UpdateAliasRequest request) {
request = beforeClientExecution(request);
return executeUpdateAlias(request);
}
@SdkInternalApi
final UpdateAliasResult executeUpdateAlias(UpdateAliasRequest updateAliasRequest) {
ExecutionContext executionContext = createExecutionContext(updateAliasRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateAliasRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateAliasRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Payment Cryptography");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateAlias");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateAliasResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
* Returns additional metadata for a previously executed successful, request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing the request.
*
* @param request
* The originally executed request
*
* @return The response metadata for the specified request, or null if none is available.
*/
public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request) {
return client.getResponseMetadataForRequest(request);
}
/**
* Normal invoke with authentication. Credentials are required and may be overriden at the request level.
**/
private Response invoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext) {
return invoke(request, responseHandler, executionContext, null, null);
}
/**
* Normal invoke with authentication. Credentials are required and may be overriden at the request level.
**/
private Response invoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext, URI cachedEndpoint, URI uriFromEndpointTrait) {
executionContext.setCredentialsProvider(CredentialUtils.getCredentialsProvider(request.getOriginalRequest(), awsCredentialsProvider));
return doInvoke(request, responseHandler, executionContext, cachedEndpoint, uriFromEndpointTrait);
}
/**
* Invoke with no authentication. Credentials are not required and any credentials set on the client or request will
* be ignored for this operation.
**/
private Response anonymousInvoke(Request request,
HttpResponseHandler> responseHandler, ExecutionContext executionContext) {
return doInvoke(request, responseHandler, executionContext, null, null);
}
/**
* Invoke the request using the http client. Assumes credentials (or lack thereof) have been configured in the
* ExecutionContext beforehand.
**/
private Response doInvoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext, URI discoveredEndpoint, URI uriFromEndpointTrait) {
if (discoveredEndpoint != null) {
request.setEndpoint(discoveredEndpoint);
request.getOriginalRequest().getRequestClientOptions().appendUserAgent("endpoint-discovery");
} else if (uriFromEndpointTrait != null) {
request.setEndpoint(uriFromEndpointTrait);
} else {
request.setEndpoint(endpoint);
}
request.setTimeOffset(timeOffset);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(new JsonErrorResponseMetadata());
return client.execute(request, responseHandler, errorResponseHandler, executionContext);
}
@com.amazonaws.annotation.SdkInternalApi
static com.amazonaws.protocol.json.SdkJsonProtocolFactory getProtocolFactory() {
return protocolFactory;
}
@Override
public void shutdown() {
super.shutdown();
}
}