Additional support for managing HMAC keys that adheres to changes documented in X9.143-2021 and provides better interoperability for key import/export

Author: aws-sdk-dotnet-automation

generator/ServiceModels/payment-cryptography-data/payment-cryptography-data-2022-02-03.api.json

@@ -371,7 +371,7 @@
     },
     "CipherTextType":{
       "type":"string",
-      "max":4096,
+      "max":4224,
       "min":2,
       "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+",
       "sensitive":true
@@ -486,15 +486,15 @@
         "DukptDerivationType"
       ],
       "members":{
-        "KeySerialNumber":{"shape":"HexLengthBetween10And24"},
+        "KeySerialNumber":{"shape":"HexLength16Or20Or24"},
         "DukptDerivationType":{"shape":"DukptDerivationType"}
       }
     },
     "DukptDerivationAttributes":{
       "type":"structure",
       "required":["KeySerialNumber"],
       "members":{
-        "KeySerialNumber":{"shape":"HexLengthBetween10And24"},
+        "KeySerialNumber":{"shape":"HexLength16Or20Or24"},
         "DukptKeyDerivationType":{"shape":"DukptDerivationType"},
         "DukptKeyVariant":{"shape":"DukptKeyVariant"}
       }
@@ -513,7 +513,7 @@
       "type":"structure",
       "required":["KeySerialNumber"],
       "members":{
-        "KeySerialNumber":{"shape":"HexLengthBetween10And24"},
+        "KeySerialNumber":{"shape":"HexLength16Or20Or24"},
         "Mode":{"shape":"DukptEncryptionMode"},
         "DukptKeyDerivationType":{"shape":"DukptDerivationType"},
         "DukptKeyVariant":{"shape":"DukptKeyVariant"},
@@ -855,11 +855,11 @@
       "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+",
       "sensitive":true
     },
-    "HexLengthBetween10And24":{
+    "HexLength16Or20Or24":{
       "type":"string",
       "max":24,
-      "min":10,
-      "pattern":"[0-9a-fA-F]+"
+      "min":16,
+      "pattern":"(?:[0-9a-fA-F]{16}|[0-9a-fA-F]{20}|[0-9a-fA-F]{24})"
     },
     "HexLengthBetween2And4":{
       "type":"string",
@@ -1024,7 +1024,8 @@
       "type":"string",
       "enum":[
         "CMAC",
-        "ANSI_X9_24"
+        "ANSI_X9_24",
+        "HMAC"
       ]
     },
     "KeyDerivationFunction":{
@@ -1061,7 +1062,7 @@
         "DukptKeyVariant"
       ],
       "members":{
-        "KeySerialNumber":{"shape":"HexLengthBetween10And24"},
+        "KeySerialNumber":{"shape":"HexLength16Or20Or24"},
         "DukptKeyVariant":{"shape":"DukptKeyVariant"},
         "DukptDerivationType":{"shape":"DukptDerivationType"}
       }
@@ -1240,14 +1241,14 @@
     },
     "PlainTextOutputType":{
       "type":"string",
-      "max":4096,
+      "max":4224,
       "min":2,
       "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+",
       "sensitive":true
     },
     "PlainTextType":{
       "type":"string",
-      "max":4064,
+      "max":4096,
       "min":2,
       "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+",
       "sensitive":true
@@ -1450,7 +1451,11 @@
         "TDES_3KEY",
         "AES_128",
         "AES_192",
-        "AES_256"
+        "AES_256",
+        "HMAC_SHA256",
+        "HMAC_SHA384",
+        "HMAC_SHA512",
+        "HMAC_SHA224"
       ]
     },
     "ThrottlingException":{

generator/ServiceModels/payment-cryptography-data/payment-cryptography-data-2022-02-03.docs.json

@@ -363,7 +363,7 @@
         "TranslatePinDataInput$EncryptedPinBlock": "<p>The encrypted PIN block data that Amazon Web Services Payment Cryptography translates.</p>"
       }
     },
-    "HexLengthBetween10And24": {
+    "HexLength16Or20Or24": {
       "base": null,
       "refs": {
         "DukptAttributes$KeySerialNumber": "<p>The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.</p>",

generator/ServiceModels/payment-cryptography-data/payment-cryptography-data-2022-02-03.normal.json

@@ -480,7 +480,7 @@
     },
     "CipherTextType":{
       "type":"string",
-      "max":4096,
+      "max":4224,
       "min":2,
       "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+",
       "sensitive":true
@@ -666,7 +666,7 @@
       ],
       "members":{
         "KeySerialNumber":{
-          "shape":"HexLengthBetween10And24",
+          "shape":"HexLength16Or20Or24",
           "documentation":"<p>The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.</p>"
         },
         "DukptDerivationType":{
@@ -681,7 +681,7 @@
       "required":["KeySerialNumber"],
       "members":{
         "KeySerialNumber":{
-          "shape":"HexLengthBetween10And24",
+          "shape":"HexLength16Or20Or24",
           "documentation":"<p>The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.</p>"
         },
         "DukptKeyDerivationType":{
@@ -710,7 +710,7 @@
       "required":["KeySerialNumber"],
       "members":{
         "KeySerialNumber":{
-          "shape":"HexLengthBetween10And24",
+          "shape":"HexLength16Or20Or24",
           "documentation":"<p>The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.</p>"
         },
         "Mode":{
@@ -1318,11 +1318,11 @@
       "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+",
       "sensitive":true
     },
-    "HexLengthBetween10And24":{
+    "HexLength16Or20Or24":{
       "type":"string",
       "max":24,
-      "min":10,
-      "pattern":"[0-9a-fA-F]+"
+      "min":16,
+      "pattern":"(?:[0-9a-fA-F]{16}|[0-9a-fA-F]{20}|[0-9a-fA-F]{24})"
     },
     "HexLengthBetween2And4":{
       "type":"string",
@@ -1547,7 +1547,8 @@
       "type":"string",
       "enum":[
         "CMAC",
-        "ANSI_X9_24"
+        "ANSI_X9_24",
+        "HMAC"
       ]
     },
     "KeyDerivationFunction":{
@@ -1585,7 +1586,7 @@
       ],
       "members":{
         "KeySerialNumber":{
-          "shape":"HexLengthBetween10And24",
+          "shape":"HexLength16Or20Or24",
           "documentation":"<p>The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.</p>"
         },
         "DukptKeyVariant":{
@@ -1851,14 +1852,14 @@
     },
     "PlainTextOutputType":{
       "type":"string",
-      "max":4096,
+      "max":4224,
       "min":2,
       "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+",
       "sensitive":true
     },
     "PlainTextType":{
       "type":"string",
-      "max":4064,
+      "max":4096,
       "min":2,
       "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+",
       "sensitive":true
@@ -2177,7 +2178,11 @@
         "TDES_3KEY",
         "AES_128",
         "AES_192",
-        "AES_256"
+        "AES_256",
+        "HMAC_SHA256",
+        "HMAC_SHA384",
+        "HMAC_SHA512",
+        "HMAC_SHA224"
       ]
     },
     "ThrottlingException":{

sdk/code-analysis/ServiceAnalysis/PaymentCryptographyData/Generated/PropertyValueRules.xml

@@ -3,7 +3,7 @@
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.DecryptDataRequest.CipherText</property>
     <min>2</min>
-    <max>4096</max>
+    <max>4224</max>
     <pattern>(?:[0-9a-fA-F][0-9a-fA-F])+</pattern>
   </property-value-rule>
   <property-value-rule>
@@ -27,7 +27,7 @@
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.DecryptDataResponse.PlainText</property>
     <min>2</min>
-    <max>4096</max>
+    <max>4224</max>
     <pattern>(?:[0-9a-fA-F][0-9a-fA-F])+</pattern>
   </property-value-rule>
   <property-value-rule>
@@ -39,13 +39,13 @@
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.EncryptDataRequest.PlainText</property>
     <min>2</min>
-    <max>4064</max>
+    <max>4096</max>
     <pattern>(?:[0-9a-fA-F][0-9a-fA-F])+</pattern>
   </property-value-rule>
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.EncryptDataResponse.CipherText</property>
     <min>2</min>
-    <max>4096</max>
+    <max>4224</max>
     <pattern>(?:[0-9a-fA-F][0-9a-fA-F])+</pattern>
   </property-value-rule>
   <property-value-rule>
@@ -264,7 +264,7 @@
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.ReEncryptDataRequest.CipherText</property>
     <min>2</min>
-    <max>4096</max>
+    <max>4224</max>
     <pattern>(?:[0-9a-fA-F][0-9a-fA-F])+</pattern>
   </property-value-rule>
   <property-value-rule>
@@ -282,7 +282,7 @@
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.ReEncryptDataResponse.CipherText</property>
     <min>2</min>
-    <max>4096</max>
+    <max>4224</max>
     <pattern>(?:[0-9a-fA-F][0-9a-fA-F])+</pattern>
   </property-value-rule>
   <property-value-rule>
@@ -615,15 +615,15 @@
   </property-value-rule>
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.DukptAttributes.KeySerialNumber</property>
-    <min>10</min>
+    <min>16</min>
     <max>24</max>
-    <pattern>[0-9a-fA-F]+</pattern>
+    <pattern>(?:[0-9a-fA-F]{16}|[0-9a-fA-F]{20}|[0-9a-fA-F]{24})</pattern>
   </property-value-rule>
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.DukptDerivationAttributes.KeySerialNumber</property>
-    <min>10</min>
+    <min>16</min>
     <max>24</max>
-    <pattern>[0-9a-fA-F]+</pattern>
+    <pattern>(?:[0-9a-fA-F]{16}|[0-9a-fA-F]{20}|[0-9a-fA-F]{24})</pattern>
   </property-value-rule>
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.DukptEncryptionAttributes.InitializationVector</property>
@@ -633,9 +633,9 @@
   </property-value-rule>
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.DukptEncryptionAttributes.KeySerialNumber</property>
-    <min>10</min>
+    <min>16</min>
     <max>24</max>
-    <pattern>[0-9a-fA-F]+</pattern>
+    <pattern>(?:[0-9a-fA-F]{16}|[0-9a-fA-F]{20}|[0-9a-fA-F]{24})</pattern>
   </property-value-rule>
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.DynamicCardVerificationCode.ApplicationTransactionCounter</property>
@@ -873,9 +873,9 @@
   </property-value-rule>
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.MacAlgorithmDukpt.KeySerialNumber</property>
-    <min>10</min>
+    <min>16</min>
     <max>24</max>
-    <pattern>[0-9a-fA-F]+</pattern>
+    <pattern>(?:[0-9a-fA-F]{16}|[0-9a-fA-F]{20}|[0-9a-fA-F]{24})</pattern>
   </property-value-rule>
   <property-value-rule>
     <property>Amazon.PaymentCryptographyData.Model.MacAlgorithmEmv.PanSequenceNumber</property>

sdk/src/Services/PaymentCryptographyData/Generated/Model/DecryptDataRequest.cs

@@ -114,7 +114,7 @@ public partial class DecryptDataRequest : AmazonPaymentCryptographyDataRequest
         /// The ciphertext to decrypt.
         /// </para>
         /// </summary>
-        [AWSProperty(Required=true, Sensitive=true, Min=2, Max=4096)]
+        [AWSProperty(Required=true, Sensitive=true, Min=2, Max=4224)]
         public string CipherText
         {
             get { return this._cipherText; }

sdk/src/Services/PaymentCryptographyData/Generated/Model/DecryptDataResponse.cs

@@ -88,7 +88,7 @@ internal bool IsSetKeyCheckValue()
         /// The decrypted plaintext data in hexBinary format.
         /// </para>
         /// </summary>
-        [AWSProperty(Required=true, Sensitive=true, Min=2, Max=4096)]
+        [AWSProperty(Required=true, Sensitive=true, Min=2, Max=4224)]
         public string PlainText
         {
             get { return this._plainText; }

sdk/src/Services/PaymentCryptographyData/Generated/Model/DukptAttributes.cs

@@ -67,7 +67,7 @@ internal bool IsSetDukptDerivationType()
         /// unique identifier and an internal transaction counter.
         /// </para>
         /// </summary>
-        [AWSProperty(Required=true, Min=10, Max=24)]
+        [AWSProperty(Required=true, Min=16, Max=24)]
         public string KeySerialNumber
         {
             get { return this._keySerialNumber; }

sdk/src/Services/PaymentCryptographyData/Generated/Model/DukptDerivationAttributes.cs

@@ -86,7 +86,7 @@ internal bool IsSetDukptKeyVariant()
         /// unique identifier and an internal transaction counter.
         /// </para>
         /// </summary>
-        [AWSProperty(Required=true, Min=10, Max=24)]
+        [AWSProperty(Required=true, Min=16, Max=24)]
         public string KeySerialNumber
         {
             get { return this._keySerialNumber; }

sdk/src/Services/PaymentCryptographyData/Generated/Model/DukptEncryptionAttributes.cs

@@ -108,7 +108,7 @@ internal bool IsSetInitializationVector()
         /// unique identifier and an internal transaction counter.
         /// </para>
         /// </summary>
-        [AWSProperty(Required=true, Min=10, Max=24)]
+        [AWSProperty(Required=true, Min=16, Max=24)]
         public string KeySerialNumber
         {
             get { return this._keySerialNumber; }

sdk/src/Services/PaymentCryptographyData/Generated/Model/EncryptDataRequest.cs

@@ -182,7 +182,7 @@ internal bool IsSetKeyIdentifier()
         /// </para>
         ///  </note>
         /// </summary>
-        [AWSProperty(Required=true, Sensitive=true, Min=2, Max=4064)]
+        [AWSProperty(Required=true, Sensitive=true, Min=2, Max=4096)]
         public string PlainText
         {
             get { return this._plainText; }