PaymentCryptography class

Amazon Web Services Payment Cryptography Control Plane APIs manage encryption keys for use during payment-related cryptographic operations. You can create, import, export, share, manage, and delete keys. You can also manage Identity and Access Management (IAM) policies for keys. For more information, see Identity and access management in the Amazon Web Services Payment Cryptography User Guide.

To use encryption keys for payment-related transaction processing and associated cryptographic operations, you use the Amazon Web Services Payment Cryptography Data Plane. You can perform actions like encrypt, decrypt, generate, and verify payment-related data.

All Amazon Web Services Payment Cryptography API calls must be signed and transmitted using Transport Layer Security (TLS). We recommend you always use the latest supported TLS version for logging API requests.

Amazon Web Services Payment Cryptography supports CloudTrail for control plane operations, a service that logs Amazon Web Services API calls and related events for your Amazon Web Services account and delivers them to an Amazon S3 bucket you specify. By using the information collected by CloudTrail, you can determine what requests were made to Amazon Web Services Payment Cryptography, who made the request, when it was made, and so on. If you don't configure a trail, you can still view the most recent events in the CloudTrail console. For more information, see the CloudTrail User Guide.

Constructors

PaymentCryptography({required String region, AwsClientCredentials? credentials, AwsClientCredentialsProvider? credentialsProvider, Client? client, String? endpointUrl})

Properties

hashCode → int

The hash code for this object.

no setter, inherited

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

Methods

addKeyReplicationRegions({required String keyIdentifier, required List<String> replicationRegions}) → Future<AddKeyReplicationRegionsOutput>

Adds replication Amazon Web Services Regions to an existing Amazon Web Services Payment Cryptography key, enabling the key to be used for cryptographic operations in additional Amazon Web Services Regions.

associateMpaTeam({required MpaOperation action, required String mpaTeamArn, String? requesterComment}) → Future<AssociateMpaTeamOutput>

Associates a Multi-Party Approval (MPA) team with a protected operation. For more information, see Multi-Party Approval in the Amazon Web Services Payment Cryptography User Guide.

close() → void

Closes the internal HTTP client if none was provided at creation. If a client was passed as a constructor argument, this becomes a noop.

createAlias({required String aliasName, String? keyArn}) → Future<CreateAliasOutput>

Creates an alias, or a friendly name, for an Amazon Web Services Payment Cryptography key. You can use an alias to identify a key in the console and when you call cryptographic operations such as EncryptData or DecryptData.

createKey({required bool exportable, required KeyAttributes keyAttributes, DeriveKeyUsage? deriveKeyUsage, bool? enabled, KeyCheckValueAlgorithm? keyCheckValueAlgorithm, List<String>? replicationRegions, List<Tag>? tags}) → Future<CreateKeyOutput>

Creates an Amazon Web Services Payment Cryptography key, a logical representation of a cryptographic key, that is unique in your account and Amazon Web Services Region. You use keys for cryptographic functions such as encryption and decryption.

deleteAlias({required String aliasName}) → Future<void>

Deletes the alias, but doesn't affect the underlying key.

deleteKey({required String keyIdentifier, int? deleteKeyInDays}) → Future<DeleteKeyOutput>

Deletes the key material and metadata associated with Amazon Web Services Payment Cryptography key.

deleteResourcePolicy({required String resourceArn}) → Future<void>

Removes the resource-based policy attached to an Amazon Web Services Payment Cryptography key.

disableDefaultKeyReplicationRegions({required List<String> replicationRegions}) → Future<DisableDefaultKeyReplicationRegionsOutput>

Disables Multi-Region key replication settings for the specified Amazon Web Services Regions in your Amazon Web Services account, preventing new keys from being automatically replicated to those regions.

disassociateMpaTeam({required MpaOperation action, String? requesterComment}) → Future<DisassociateMpaTeamOutput>

Removes the association between a Multi-Party Approval (MPA) team and a protected operation.

enableDefaultKeyReplicationRegions({required List<String> replicationRegions}) → Future<EnableDefaultKeyReplicationRegionsOutput>

Enables Multi-Region key replication settings for your Amazon Web Services account, causing new keys to be automatically replicated to the specified Amazon Web Services Regions when created.

exportKey({required String exportKeyIdentifier, required ExportKeyMaterial keyMaterial, ExportAttributes? exportAttributes}) → Future<ExportKeyOutput>

Exports a key from Amazon Web Services Payment Cryptography.

getAlias({required String aliasName}) → Future<GetAliasOutput>

Gets the Amazon Web Services Payment Cryptography key associated with the alias.

getCertificateSigningRequest({required CertificateSubjectType certificateSubject, required String keyIdentifier, required SigningAlgorithmType signingAlgorithm}) → Future<GetCertificateSigningRequestOutput>

Creates a certificate signing request (CSR) from a key pair.

getDefaultKeyReplicationRegions() → Future<GetDefaultKeyReplicationRegionsOutput>

Retrieves the list of Amazon Web Services Regions where Multi-Region key replication is currently enabled for your Amazon Web Services account.

getKey({required String keyIdentifier}) → Future<GetKeyOutput>

Gets the key metadata for an Amazon Web Services Payment Cryptography key, including the immutable and mutable attributes specified when the key was created. Returns key metadata including attributes, state, and timestamps, but does not return the actual cryptographic key material.

getMpaTeamAssociation({required MpaOperation action}) → Future<GetMpaTeamAssociationOutput>

Returns the Multi-Party Approval (MPA) team association for a protected operation.

getParametersForExport({required KeyMaterialType keyMaterialType, required KeyAlgorithm signingKeyAlgorithm, bool? reuseLastGeneratedToken}) → Future<GetParametersForExportOutput>

Gets the export token and the signing key certificate to initiate a TR-34 key export from Amazon Web Services Payment Cryptography.

getParametersForImport({required KeyMaterialType keyMaterialType, required KeyAlgorithm wrappingKeyAlgorithm, bool? reuseLastGeneratedToken}) → Future<GetParametersForImportOutput>

Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock or a RSA WrappedKeyCryptogram import into Amazon Web Services Payment Cryptography.

getPublicKeyCertificate({required String keyIdentifier}) → Future<GetPublicKeyCertificateOutput>

Gets the public key certificate of the asymmetric key pair that exists within Amazon Web Services Payment Cryptography.

getResourcePolicy({required String resourceArn}) → Future<GetResourcePolicyOutput>

Returns the resource-based policy attached to an Amazon Web Services Payment Cryptography key.

importKey({required ImportKeyMaterial keyMaterial, bool? enabled, KeyCheckValueAlgorithm? keyCheckValueAlgorithm, List<String>? replicationRegions, String? requesterComment, List<Tag>? tags}) → Future<ImportKeyOutput>

Imports symmetric keys and public key certificates in PEM format (base64 encoded) into Amazon Web Services Payment Cryptography.

listAliases({String? keyArn, int? maxResults, String? nextToken}) → Future<ListAliasesOutput>

Lists the aliases for all keys in the caller's Amazon Web Services account and Amazon Web Services Region. You can filter the aliases by keyARN. For more information, see Using aliases in the Amazon Web Services Payment Cryptography User Guide.

listKeys({KeyState? keyState, int? maxResults, String? nextToken}) → Future<ListKeysOutput>

Lists the keys in the caller's Amazon Web Services account and Amazon Web Services Region. You can filter the list of keys.

listTagsForResource({required String resourceArn, int? maxResults, String? nextToken}) → Future<ListTagsForResourceOutput>

Lists the tags for an Amazon Web Services resource.

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

putResourcePolicy({required String policy, required String resourceArn}) → Future<PutResourcePolicyOutput>

Attaches or replaces a resource-based policy on an Amazon Web Services Payment Cryptography key. A resource-based policy can grant cross-account access to your key.

removeKeyReplicationRegions({required String keyIdentifier, required List<String> replicationRegions}) → Future<RemoveKeyReplicationRegionsOutput>

Removes Replication Regions from an existing Amazon Web Services Payment Cryptography key, disabling the key's availability for cryptographic operations in the specified Amazon Web Services Regions.

restoreKey({required String keyIdentifier}) → Future<RestoreKeyOutput>

Cancels a scheduled key deletion during the waiting period. Use this operation to restore a Key that is scheduled for deletion.

startKeyUsage({required String keyIdentifier}) → Future<StartKeyUsageOutput>

Enables an Amazon Web Services Payment Cryptography key, which makes it active for cryptographic operations within Amazon Web Services Payment Cryptography

stopKeyUsage({required String keyIdentifier}) → Future<StopKeyUsageOutput>

Disables an Amazon Web Services Payment Cryptography key, which makes it inactive within Amazon Web Services Payment Cryptography.

tagResource({required String resourceArn, required List<Tag> tags}) → Future<void>

Adds or edits tags on an Amazon Web Services Payment Cryptography key. Each tag consists of a tag key and a tag value, both of which are case-sensitive strings. The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag value. To edit a tag, specify an existing tag key and a new tag value. You can also add tags to an Amazon Web Services Payment Cryptography key when you create it with CreateKey.

toString() → String

A string representation of this object.

inherited

untagResource({required String resourceArn, required List<String> tagKeys}) → Future<void>

Deletes a tag from an Amazon Web Services Payment Cryptography key. Cross-account use: This operation supports cross-account use when the key has a resource-based policy that grants access. For more information, see Resource-based policies.

updateAlias({required String aliasName, String? keyArn}) → Future<UpdateAliasOutput>

Associates an existing Amazon Web Services Payment Cryptography alias with a different key. Each alias is associated with only one Amazon Web Services Payment Cryptography key at a time, although a key can have multiple aliases. The alias and the Amazon Web Services Payment Cryptography key must be in the same Amazon Web Services account and Amazon Web Services Region

Operators

operator ==(Object other) → bool

The equality operator.

inherited