/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the payment-cryptography-data-2022-02-03.normal.json service model.
*/
using System;
using System.Runtime.ExceptionServices;
using System.Threading;
using System.Threading.Tasks;
using System.Collections.Generic;
using System.Net;
using Amazon.PaymentCryptographyData.Model;
using Amazon.PaymentCryptographyData.Model.Internal.MarshallTransformations;
using Amazon.PaymentCryptographyData.Internal;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
using Amazon.Runtime.Internal.Auth;
using Amazon.Runtime.Internal.Transform;
namespace Amazon.PaymentCryptographyData
{
///
/// Implementation for accessing PaymentCryptographyData
///
/// You use the Amazon Web Services Payment Cryptography Data Plane to manage how encryption
/// keys are used for payment-related transaction processing and associated cryptographic
/// operations. You can encrypt, decrypt, generate, verify, and translate payment-related
/// cryptographic operations in Amazon Web Services Payment Cryptography. For more information,
/// see Data
/// operations in the Amazon Web Services Payment Cryptography User Guide.
///
///
///
/// To manage your encryption keys, you use the Amazon
/// Web Services Payment Cryptography Control Plane. You can create, import, export,
/// share, manage, and delete keys. You can also manage Identity and Access Management
/// (IAM) policies for keys.
///
///
public partial class AmazonPaymentCryptographyDataClient : AmazonServiceClient, IAmazonPaymentCryptographyData
{
private static IServiceMetadata serviceMetadata = new AmazonPaymentCryptographyDataMetadata();
#region Constructors
///
/// Constructs AmazonPaymentCryptographyDataClient with the credentials loaded from the application's
/// default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance.
///
/// Example App.config with credentials set.
///
/// <?xml version="1.0" encoding="utf-8" ?>
/// <configuration>
/// <appSettings>
/// <add key="AWSProfileName" value="AWS Default"/>
/// </appSettings>
/// </configuration>
///
///
///
public AmazonPaymentCryptographyDataClient()
: base(FallbackCredentialsFactory.GetCredentials(), new AmazonPaymentCryptographyDataConfig()) { }
///
/// Constructs AmazonPaymentCryptographyDataClient with the credentials loaded from the application's
/// default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance.
///
/// Example App.config with credentials set.
///
/// <?xml version="1.0" encoding="utf-8" ?>
/// <configuration>
/// <appSettings>
/// <add key="AWSProfileName" value="AWS Default"/>
/// </appSettings>
/// </configuration>
///
///
///
/// The region to connect.
public AmazonPaymentCryptographyDataClient(RegionEndpoint region)
: base(FallbackCredentialsFactory.GetCredentials(), new AmazonPaymentCryptographyDataConfig{RegionEndpoint = region}) { }
///
/// Constructs AmazonPaymentCryptographyDataClient with the credentials loaded from the application's
/// default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance.
///
/// Example App.config with credentials set.
///
/// <?xml version="1.0" encoding="utf-8" ?>
/// <configuration>
/// <appSettings>
/// <add key="AWSProfileName" value="AWS Default"/>
/// </appSettings>
/// </configuration>
///
///
///
/// The AmazonPaymentCryptographyDataClient Configuration Object
public AmazonPaymentCryptographyDataClient(AmazonPaymentCryptographyDataConfig config)
: base(FallbackCredentialsFactory.GetCredentials(config), config){}
///
/// Constructs AmazonPaymentCryptographyDataClient with AWS Credentials
///
/// AWS Credentials
public AmazonPaymentCryptographyDataClient(AWSCredentials credentials)
: this(credentials, new AmazonPaymentCryptographyDataConfig())
{
}
///
/// Constructs AmazonPaymentCryptographyDataClient with AWS Credentials
///
/// AWS Credentials
/// The region to connect.
public AmazonPaymentCryptographyDataClient(AWSCredentials credentials, RegionEndpoint region)
: this(credentials, new AmazonPaymentCryptographyDataConfig{RegionEndpoint = region})
{
}
///
/// Constructs AmazonPaymentCryptographyDataClient with AWS Credentials and an
/// AmazonPaymentCryptographyDataClient Configuration object.
///
/// AWS Credentials
/// The AmazonPaymentCryptographyDataClient Configuration Object
public AmazonPaymentCryptographyDataClient(AWSCredentials credentials, AmazonPaymentCryptographyDataConfig clientConfig)
: base(credentials, clientConfig)
{
}
///
/// Constructs AmazonPaymentCryptographyDataClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
public AmazonPaymentCryptographyDataClient(string awsAccessKeyId, string awsSecretAccessKey)
: this(awsAccessKeyId, awsSecretAccessKey, new AmazonPaymentCryptographyDataConfig())
{
}
///
/// Constructs AmazonPaymentCryptographyDataClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// The region to connect.
public AmazonPaymentCryptographyDataClient(string awsAccessKeyId, string awsSecretAccessKey, RegionEndpoint region)
: this(awsAccessKeyId, awsSecretAccessKey, new AmazonPaymentCryptographyDataConfig() {RegionEndpoint=region})
{
}
///
/// Constructs AmazonPaymentCryptographyDataClient with AWS Access Key ID, AWS Secret Key and an
/// AmazonPaymentCryptographyDataClient Configuration object.
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// The AmazonPaymentCryptographyDataClient Configuration Object
public AmazonPaymentCryptographyDataClient(string awsAccessKeyId, string awsSecretAccessKey, AmazonPaymentCryptographyDataConfig clientConfig)
: base(awsAccessKeyId, awsSecretAccessKey, clientConfig)
{
}
///
/// Constructs AmazonPaymentCryptographyDataClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// AWS Session Token
public AmazonPaymentCryptographyDataClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken)
: this(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, new AmazonPaymentCryptographyDataConfig())
{
}
///
/// Constructs AmazonPaymentCryptographyDataClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// AWS Session Token
/// The region to connect.
public AmazonPaymentCryptographyDataClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken, RegionEndpoint region)
: this(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, new AmazonPaymentCryptographyDataConfig{RegionEndpoint = region})
{
}
///
/// Constructs AmazonPaymentCryptographyDataClient with AWS Access Key ID, AWS Secret Key and an
/// AmazonPaymentCryptographyDataClient Configuration object.
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// AWS Session Token
/// The AmazonPaymentCryptographyDataClient Configuration Object
public AmazonPaymentCryptographyDataClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken, AmazonPaymentCryptographyDataConfig clientConfig)
: base(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, clientConfig)
{
}
#endregion
#region Overrides
///
/// Creates the signer for the service.
///
protected override AbstractAWSSigner CreateSigner()
{
return new AWS4Signer();
}
///
/// Customizes the runtime pipeline.
///
/// Runtime pipeline for the current client.
protected override void CustomizeRuntimePipeline(RuntimePipeline pipeline)
{
pipeline.RemoveHandler();
pipeline.AddHandlerAfter(new AmazonPaymentCryptographyDataEndpointResolver());
}
///
/// Capture metadata for the service.
///
protected override IServiceMetadata ServiceMetadata
{
get
{
return serviceMetadata;
}
}
#endregion
#region Dispose
///
/// Disposes the service client.
///
protected override void Dispose(bool disposing)
{
base.Dispose(disposing);
}
#endregion
#region DecryptData
internal virtual DecryptDataResponse DecryptData(DecryptDataRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = DecryptDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = DecryptDataResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Decrypts ciphertext data to plaintext using symmetric, asymmetric, or DUKPT data encryption
/// key. For more information, see Decrypt
/// data in the Amazon Web Services Payment Cryptography User Guide.
///
///
///
/// You can use an encryption key generated within Amazon Web Services Payment Cryptography,
/// or you can import your own encryption key by calling ImportKey.
/// For this operation, the key must have KeyModesOfUse set to Decrypt.
/// In asymmetric decryption, Amazon Web Services Payment Cryptography decrypts the ciphertext
/// using the private component of the asymmetric encryption key pair. For data encryption
/// outside of Amazon Web Services Payment Cryptography, you can export the public component
/// of the asymmetric key pair by calling GetPublicCertificate.
///
///
///
/// For symmetric and DUKPT decryption, Amazon Web Services Payment Cryptography supports
/// TDES and AES algorithms. For asymmetric decryption, Amazon
/// Web Services Payment Cryptography supports RSA. When you use DUKPT, for
/// TDES algorithm, the ciphertext data length must be a multiple of 16 bytes.
/// For AES algorithm, the ciphertext data length must be a multiple of 32
/// bytes.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the DecryptData service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the DecryptData service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
/// REST API Reference for DecryptData Operation
public virtual Task DecryptDataAsync(DecryptDataRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = DecryptDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = DecryptDataResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region EncryptData
internal virtual EncryptDataResponse EncryptData(EncryptDataRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = EncryptDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = EncryptDataResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Encrypts plaintext data to ciphertext using symmetric, asymmetric, or DUKPT data encryption
/// key. For more information, see Encrypt
/// data in the Amazon Web Services Payment Cryptography User Guide.
///
///
///
/// You can generate an encryption key within Amazon Web Services Payment Cryptography
/// by calling CreateKey.
/// You can import your own encryption key by calling ImportKey.
/// For this operation, the key must have KeyModesOfUse set to Encrypt.
/// In asymmetric encryption, plaintext is encrypted using public component. You can import
/// the public component of an asymmetric key pair created outside Amazon Web Services
/// Payment Cryptography by calling ImportKey).
///
///
///
///
/// for symmetric and DUKPT encryption, Amazon Web Services Payment Cryptography supports
/// TDES and AES algorithms. For asymmetric encryption, Amazon
/// Web Services Payment Cryptography supports RSA. To encrypt using DUKPT,
/// you must already have a DUKPT key in your account with KeyModesOfUse
/// set to DeriveKey, or you can generate a new DUKPT key by calling CreateKey.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the EncryptData service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the EncryptData service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
/// REST API Reference for EncryptData Operation
public virtual Task EncryptDataAsync(EncryptDataRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = EncryptDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = EncryptDataResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region GenerateCardValidationData
internal virtual GenerateCardValidationDataResponse GenerateCardValidationData(GenerateCardValidationDataRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = GenerateCardValidationDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = GenerateCardValidationDataResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Generates card-related validation data using algorithms such as Card Verification
/// Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2), or Card Security
/// Codes (CSC). For more information, see Generate
/// card data in the Amazon Web Services Payment Cryptography User Guide.
///
///
///
/// This operation generates a CVV or CSC value that is printed on a payment credit or
/// debit card during card production. The CVV or CSC, PAN (Primary Account Number) and
/// expiration date of the card are required to check its validity during transaction
/// processing. To begin this operation, a CVK (Card Verification Key) encryption key
/// is required. You can use CreateKey
/// or ImportKey
/// to establish a CVK within Amazon Web Services Payment Cryptography. The KeyModesOfUse
/// should be set to Generate and Verify for a CVK encryption
/// key.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the GenerateCardValidationData service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the GenerateCardValidationData service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
/// REST API Reference for GenerateCardValidationData Operation
public virtual Task GenerateCardValidationDataAsync(GenerateCardValidationDataRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = GenerateCardValidationDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = GenerateCardValidationDataResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region GenerateMac
internal virtual GenerateMacResponse GenerateMac(GenerateMacRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = GenerateMacRequestMarshaller.Instance;
options.ResponseUnmarshaller = GenerateMacResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Generates a Message Authentication Code (MAC) cryptogram within Amazon Web Services
/// Payment Cryptography.
///
///
///
/// You can use this operation when keys won't be shared but mutual data is present on
/// both ends for validation. In this case, known data values are used to generate a MAC
/// on both ends for comparision without sending or receiving data in ciphertext or plaintext.
/// You can use this operation to generate a DUPKT, HMAC or EMV MAC by setting generation
/// attributes and algorithm to the associated values. The MAC generation encryption key
/// must have valid values for KeyUsage such as TR31_M7_HMAC_KEY
/// for HMAC generation, and they key must have KeyModesOfUse set to Generate
/// and Verify.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the GenerateMac service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the GenerateMac service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
/// REST API Reference for GenerateMac Operation
public virtual Task GenerateMacAsync(GenerateMacRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = GenerateMacRequestMarshaller.Instance;
options.ResponseUnmarshaller = GenerateMacResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region GeneratePinData
internal virtual GeneratePinDataResponse GeneratePinData(GeneratePinDataRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = GeneratePinDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = GeneratePinDataResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Generates pin-related data such as PIN, PIN Verification Value (PVV), PIN Block, and
/// PIN Offset during new card issuance or reissuance. For more information, see Generate
/// PIN data in the Amazon Web Services Payment Cryptography User Guide.
///
///
///
/// PIN data is never transmitted in clear to or from Amazon Web Services Payment Cryptography.
/// This operation generates PIN, PVV, or PIN Offset and then encrypts it using Pin Encryption
/// Key (PEK) to create an EncryptedPinBlock for transmission from Amazon
/// Web Services Payment Cryptography. This operation uses a separate Pin Verification
/// Key (PVK) for VISA PVV generation.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the GeneratePinData service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the GeneratePinData service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
/// REST API Reference for GeneratePinData Operation
public virtual Task GeneratePinDataAsync(GeneratePinDataRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = GeneratePinDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = GeneratePinDataResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region ReEncryptData
internal virtual ReEncryptDataResponse ReEncryptData(ReEncryptDataRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = ReEncryptDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = ReEncryptDataResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Re-encrypt ciphertext using DUKPT, Symmetric and Asymmetric Data Encryption Keys.
///
///
///
///
/// You can either generate an encryption key within Amazon Web Services Payment Cryptography
/// by calling CreateKey
/// or import your own encryption key by calling ImportKey.
/// The KeyArn for use with this operation must be in a compatible key state
/// with KeyModesOfUse set to Encrypt. In asymmetric encryption,
/// ciphertext is encrypted using public component (imported by calling ImportKey)
/// of the asymmetric key pair created outside of Amazon Web Services Payment Cryptography.
///
///
///
///
/// For symmetric and DUKPT encryption, Amazon Web Services Payment Cryptography supports
/// TDES and AES algorithms. For asymmetric encryption, Amazon
/// Web Services Payment Cryptography supports RSA. To encrypt using DUKPT,
/// a DUKPT key must already exist within your account with KeyModesOfUse
/// set to DeriveKey or a new DUKPT can be generated by calling CreateKey.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the ReEncryptData service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the ReEncryptData service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
/// REST API Reference for ReEncryptData Operation
public virtual Task ReEncryptDataAsync(ReEncryptDataRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = ReEncryptDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = ReEncryptDataResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region TranslatePinData
internal virtual TranslatePinDataResponse TranslatePinData(TranslatePinDataRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = TranslatePinDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = TranslatePinDataResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Translates encrypted PIN block from and to ISO 9564 formats 0,1,3,4. For more information,
/// see Translate
/// PIN data in the Amazon Web Services Payment Cryptography User Guide.
///
///
///
/// PIN block translation involves changing the encrytion of PIN block from one encryption
/// key to another encryption key and changing PIN block format from one to another without
/// PIN block data leaving Amazon Web Services Payment Cryptography. The encryption key
/// transformation can be from PEK (Pin Encryption Key) to BDK (Base Derivation Key) for
/// DUKPT or from BDK for DUKPT to PEK. Amazon Web Services Payment Cryptography supports
/// TDES and AES key derivation type for DUKPT tranlations.
/// You can use this operation for P2PE (Point to Point Encryption) use cases where the
/// encryption keys should change but the processing system either does not need to, or
/// is not permitted to, decrypt the data.
///
///
///
/// The allowed combinations of PIN block format translations are guided by PCI. It is
/// important to note that not all encrypted PIN block formats (example, format 1) require
/// PAN (Primary Account Number) as input. And as such, PIN block format that requires
/// PAN (example, formats 0,3,4) cannot be translated to a format (format 1) that does
/// not require a PAN for generation.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// At this time, Amazon Web Services Payment Cryptography does not support translations
/// to PIN format 4.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the TranslatePinData service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the TranslatePinData service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
/// REST API Reference for TranslatePinData Operation
public virtual Task TranslatePinDataAsync(TranslatePinDataRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = TranslatePinDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = TranslatePinDataResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region VerifyAuthRequestCryptogram
internal virtual VerifyAuthRequestCryptogramResponse VerifyAuthRequestCryptogram(VerifyAuthRequestCryptogramRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = VerifyAuthRequestCryptogramRequestMarshaller.Instance;
options.ResponseUnmarshaller = VerifyAuthRequestCryptogramResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Verifies Authorization Request Cryptogram (ARQC) for a EMV chip payment card authorization.
/// For more information, see Verify
/// auth request cryptogram in the Amazon Web Services Payment Cryptography User
/// Guide.
///
///
///
/// ARQC generation is done outside of Amazon Web Services Payment Cryptography and is
/// typically generated on a point of sale terminal for an EMV chip card to obtain payment
/// authorization during transaction time. For ARQC verification, you must first import
/// the ARQC generated outside of Amazon Web Services Payment Cryptography by calling
/// ImportKey.
/// This operation uses the imported ARQC and an major encryption key (DUKPT) created
/// by calling CreateKey
/// to either provide a boolean ARQC verification result or provide an APRC (Authorization
/// Response Cryptogram) response using Method 1 or Method 2. The ARPC_METHOD_1
/// uses AuthResponseCode to generate ARPC and ARPC_METHOD_2
/// uses CardStatusUpdate to generate ARPC.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the VerifyAuthRequestCryptogram service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the VerifyAuthRequestCryptogram service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
///
/// This request failed verification.
///
/// REST API Reference for VerifyAuthRequestCryptogram Operation
public virtual Task VerifyAuthRequestCryptogramAsync(VerifyAuthRequestCryptogramRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = VerifyAuthRequestCryptogramRequestMarshaller.Instance;
options.ResponseUnmarshaller = VerifyAuthRequestCryptogramResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region VerifyCardValidationData
internal virtual VerifyCardValidationDataResponse VerifyCardValidationData(VerifyCardValidationDataRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = VerifyCardValidationDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = VerifyCardValidationDataResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Verifies card-related validation data using algorithms such as Card Verification Values
/// (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2) and Card Security Codes
/// (CSC). For more information, see Verify
/// card data in the Amazon Web Services Payment Cryptography User Guide.
///
///
///
/// This operation validates the CVV or CSC codes that is printed on a payment credit
/// or debit card during card payment transaction. The input values are typically provided
/// as part of an inbound transaction to an issuer or supporting platform partner. Amazon
/// Web Services Payment Cryptography uses CVV or CSC, PAN (Primary Account Number) and
/// expiration date of the card to check its validity during transaction processing. In
/// this operation, the CVK (Card Verification Key) encryption key for use with card data
/// verification is same as the one in used for GenerateCardValidationData.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the VerifyCardValidationData service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the VerifyCardValidationData service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
///
/// This request failed verification.
///
/// REST API Reference for VerifyCardValidationData Operation
public virtual Task VerifyCardValidationDataAsync(VerifyCardValidationDataRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = VerifyCardValidationDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = VerifyCardValidationDataResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region VerifyMac
internal virtual VerifyMacResponse VerifyMac(VerifyMacRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = VerifyMacRequestMarshaller.Instance;
options.ResponseUnmarshaller = VerifyMacResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Verifies a Message Authentication Code (MAC).
///
///
///
/// You can use this operation when keys won't be shared but mutual data is present on
/// both ends for validation. In this case, known data values are used to generate a MAC
/// on both ends for verification without sending or receiving data in ciphertext or plaintext.
/// You can use this operation to verify a DUPKT, HMAC or EMV MAC by setting generation
/// attributes and algorithm to the associated values. Use the same encryption key for
/// MAC verification as you use for GenerateMac.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the VerifyMac service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the VerifyMac service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
///
/// This request failed verification.
///
/// REST API Reference for VerifyMac Operation
public virtual Task VerifyMacAsync(VerifyMacRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = VerifyMacRequestMarshaller.Instance;
options.ResponseUnmarshaller = VerifyMacResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region VerifyPinData
internal virtual VerifyPinDataResponse VerifyPinData(VerifyPinDataRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = VerifyPinDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = VerifyPinDataResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Verifies pin-related data such as PIN and PIN Offset using algorithms including VISA
/// PVV and IBM3624. For more information, see Verify
/// PIN data in the Amazon Web Services Payment Cryptography User Guide.
///
///
///
/// This operation verifies PIN data for user payment card. A card holder PIN data is
/// never transmitted in clear to or from Amazon Web Services Payment Cryptography. This
/// operation uses PIN Verification Key (PVK) for PIN or PIN Offset generation and then
/// encrypts it using PIN Encryption Key (PEK) to create an EncryptedPinBlock
/// for transmission from Amazon Web Services Payment Cryptography.
///
///
///
/// For information about valid keys for this operation, see Understanding
/// key attributes and Key
/// types for specific data operations in the Amazon Web Services Payment Cryptography
/// User Guide.
///
///
///
/// Cross-account use: This operation can't be used across different Amazon Web
/// Services accounts.
///
///
///
/// Related operations:
///
///
///
/// Container for the necessary parameters to execute the VerifyPinData service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the VerifyPinData service method, as returned by PaymentCryptographyData.
///
/// You do not have sufficient access to perform this action.
///
///
/// The request processing has failed because of an unknown error, exception, or failure.
///
///
/// The request was denied due to an invalid resource error.
///
///
/// The request was denied due to request throttling.
///
///
/// The request was denied due to an invalid request error.
///
///
/// This request failed verification.
///
/// REST API Reference for VerifyPinData Operation
public virtual Task VerifyPinDataAsync(VerifyPinDataRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = VerifyPinDataRequestMarshaller.Instance;
options.ResponseUnmarshaller = VerifyPinDataResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
}
}