/AWS1/IF_PCD=>GENERATEAS2805KEKVALIDATION()¶
About GenerateAs2805KekValidation¶
Establishes node-to-node initialization between payment processing nodes such as an acquirer, issuer or payment network using Australian Standard 2805 (AS2805).
During node-to-node initialization, both communicating nodes must validate that they possess the correct Key Encrypting Keys (KEKs) before proceeding with session key exchange. In AS2805, the sending KEK (KEKs) of one node corresponds to the receiving KEK (KEKr) of its partner node. Each node uses its KEK to encrypt and decrypt session keys exchanged between the nodes. A KEK can be created or imported into Amazon Web Services Payment Cryptography using either the CreateKey or ImportKey operations.
The node initiating communication can use GenerateAS2805KekValidation to generate a combined KEK validation request and KEK validation response to send to the partnering node for validation. When invoked, the API internally generates a random sending key encrypted under KEKs and provides a receiving key encrypted under KEKr as response. The initiating node sends the response returned by this API to its partner for validation.
For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.
Cross-account use: This operation can't be used across different Amazon Web Services accounts.
Method Signature¶
METHODS /AWS1/IF_PCD~GENERATEAS2805KEKVALIDATION
IMPORTING
!IV_KEYIDENTIFIER TYPE /AWS1/PCDKEYARNORKEYALIASTYPE OPTIONAL
!IO_KEKVALIDATIONTYPE TYPE REF TO /AWS1/CL_PCDAS2805KEKVLDTNTYPE OPTIONAL
!IV_RANDOMKEYSENDVARIANTMASK TYPE /AWS1/PCDRANDOMKEYSENDVARIAN00 OPTIONAL
RETURNING
VALUE(OO_OUTPUT) TYPE REF TO /aws1/cl_pcdgenas2805kekvalout
RAISING
/AWS1/CX_PCDACCESSDENIEDEX
/AWS1/CX_PCDINTERNALSERVEREX
/AWS1/CX_PCDRESOURCENOTFOUNDEX
/AWS1/CX_PCDTHROTTLINGEX
/AWS1/CX_PCDVALIDATIONEX
/AWS1/CX_PCDCLIENTEXC
/AWS1/CX_PCDSERVEREXC
/AWS1/CX_RT_TECHNICAL_GENERIC
/AWS1/CX_RT_SERVICE_GENERIC.
IMPORTING¶
Required arguments:¶
iv_keyidentifier TYPE /AWS1/PCDKEYARNORKEYALIASTYPE /AWS1/PCDKEYARNORKEYALIASTYPE¶
The
keyARNof sending KEK that Amazon Web Services Payment Cryptography uses for node-to-node initialization
io_kekvalidationtype TYPE REF TO /AWS1/CL_PCDAS2805KEKVLDTNTYPE /AWS1/CL_PCDAS2805KEKVLDTNTYPE¶
Parameter information for generating a random key for KEK validation to perform node-to-node initialization.
iv_randomkeysendvariantmask TYPE /AWS1/PCDRANDOMKEYSENDVARIAN00 /AWS1/PCDRANDOMKEYSENDVARIAN00¶
The key variant to use for generating a random key for KEK validation during node-to-node initialization.
RETURNING¶
oo_output TYPE REF TO /aws1/cl_pcdgenas2805kekvalout /AWS1/CL_PCDGENAS2805KEKVALOUT¶
Domain /AWS1/RT_ACCOUNT_ID Primitive Type NUMC
Examples¶
Syntax Example¶
This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.
DATA(lo_result) = lo_client->generateas2805kekvalidation(
io_kekvalidationtype = new /aws1/cl_pcdas2805kekvldtntype(
io_kekvalidationrequest = new /aws1/cl_pcdkekvldtnrequest( |string| )
io_kekvalidationresponse = new /aws1/cl_pcdkekvldtnresponse( |string| )
)
iv_keyidentifier = |string|
iv_randomkeysendvariantmask = |string|
).
This is an example of reading all possible response values
lo_result = lo_result.
IF lo_result IS NOT INITIAL.
lv_keyarn = lo_result->get_keyarn( ).
lv_keycheckvalue = lo_result->get_keycheckvalue( ).
lv_as2805randomkeymaterial = lo_result->get_randomkeysend( ).
lv_as2805randomkeymaterial = lo_result->get_randomkeyreceive( ).
ENDIF.