diff --git a/doc/api/crypto.md b/doc/api/crypto.md index 4afb6d27d38706..bc406afc588d6d 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -1804,6 +1804,16 @@ added: v15.6.0 The issuer identification included in this certificate. +### `x509.issuerCertificate` + + +* Type: {X509Certificate} + +The issuer certificate or `undefined` if the issuer certificate is not +available. + ### `x509.keyUsage` + +* `length` {number} number of bytes to retrieve from keying material +* `label` {string} an application specific label, typically this will be a + value from the + [IANA Exporter Label Registry](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels). +* `context` {Buffer} Optionally provide a context. + +* Returns: {Buffer} requested bytes of the keying material + +Keying material is used for validations to prevent different kind of attacks in +network protocols, for example in the specifications of IEEE 802.1X. + +Example + +```js +const keyingMaterial = tlsSocket.exportKeyingMaterial( + 128, + 'client finished'); + +/** + Example return value of keyingMaterial: + +*/ +``` +See the OpenSSL [`SSL_export_keying_material`][] documentation for more +information. + ### `tlsSocket.getCertificate()` + +* Returns: {X509Certificate} + +Returns the peer certificate as an {X509Certificate} object. + +If there is no peer certificate, or the socket has been destroyed, +`undefined` will be returned. + ### `tlsSocket.getProtocol()` - -* `length` {number} number of bytes to retrieve from keying material -* `label` {string} an application specific label, typically this will be a - value from the - [IANA Exporter Label Registry](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels). -* `context` {Buffer} Optionally provide a context. - -* Returns: {Buffer} requested bytes of the keying material - -Keying material is used for validations to prevent different kind of attacks in -network protocols, for example in the specifications of IEEE 802.1X. - -Example - -```js -const keyingMaterial = tlsSocket.exportKeyingMaterial( - 128, - 'client finished'); - -/** - Example return value of keyingMaterial: - -*/ -``` -See the OpenSSL [`SSL_export_keying_material`][] documentation for more -information. - ### `tlsSocket.getTLSTicket()` + +* Returns: {X509Certificate} + +Returns the local certificate as an {X509Certificate} object. + +If there is no local certificate, or the socket has been destroyed, +`undefined` will be returned. + ### `tlsSocket.isSessionReused()`