@@ -1645,6 +1645,259 @@ thrown.
16451645Because public keys can be derived from private keys, a private key may
16461646be passed instead of a public key.
16471647
1648+ ## Class: ` X509Certificate `
1649+ <!-- YAML
1650+ added: REPLACEME
1651+ -->
1652+
1653+ Encapsulates an X509 certificate and provides read-only access to
1654+ it's information.
1655+
1656+ ``` js
1657+ const { X509Certificate } = require (' crypto'
1658+
1659+ const x509 = new X509Certificate (' {... pem encoded cert ...}'
1660+
1661+ console .log (x509 .subject );
1662+ ```
1663+
1664+ ### ` new X509Certificate(buffer) `
1665+ <!-- YAML
1666+ added: REPLACEME
1667+ -->
1668+
1669+ * ` buffer ` {string|TypedArray|Buffer|DataView} A PEM or DER encoded
1670+ X509 Certificate.
1671+
1672+ ### ` x509.ca `
1673+ <!-- YAML
1674+ added: REPLACEME
1675+ -->
1676+
1677+ * Type: {boolean} Will be ` true ` if this is a Certificate Authority (ca)
1678+ certificate.
1679+
1680+ ### ` x509.checkEmail(email[, options]) `
1681+ <!-- YAML
1682+ added: REPLACEME
1683+ -->
1684+
1685+ * ` email ` {string}
1686+ * ` options ` {Object}
1687+ * ` subject ` {string} ` 'always' ` or ` 'never' ` . ** Defaults** : ` 'always' ` .
1688+ * ` wildcards ` {boolean} ** Defaults** : ` true ` .
1689+ * ` partialWildcards ` {boolean} ** Defaults** : ` true ` .
1690+ * ` multiLabelWildcards ` {boolean} ** Defaults** : ` false ` .
1691+ * ` singleLabelSubdomains ` {boolean} ** Defaults** : ` false ` .
1692+ * Returns: {string|undefined} Returns ` email ` if the certificate matches,
1693+ ` undefined ` if it does not.
1694+
1695+ Checks whether the certificate matches the given email address.
1696+
1697+ ### ` x509.checkHost(name[, options]) `
1698+ <!-- YAML
1699+ added: REPLACEME
1700+ -->
1701+
1702+ * ` name ` {string}
1703+ * ` options ` {Object}
1704+ * ` subject ` {string} ` 'always' ` or ` 'never' ` . ** Defaults** : ` 'always' ` .
1705+ * ` wildcards ` {boolean} ** Defaults** : ` true ` .
1706+ * ` partialWildcards ` {boolean} ** Defaults** : ` true ` .
1707+ * ` multiLabelWildcards ` {boolean} ** Defaults** : ` false ` .
1708+ * ` singleLabelSubdomains ` {boolean} ** Defaults** : ` false ` .
1709+ * Returns: {string|undefined} Returns ` name ` if the certificate matches,
1710+ ` undefined ` if it does not.
1711+
1712+ Checks whether the certificate matches the given host name.
1713+
1714+ ### ` x509.checkIP(ip[, options]) `
1715+ <!-- YAML
1716+ added: REPLACEME
1717+ -->
1718+
1719+ * ` ip ` {string}
1720+ * ` options ` {Object}
1721+ * ` subject ` {string} ` 'always' ` or ` 'never' ` . ** Defaults** : ` 'always' ` .
1722+ * ` wildcards ` {boolean} ** Defaults** : ` true ` .
1723+ * ` partialWildcards ` {boolean} ** Defaults** : ` true ` .
1724+ * ` multiLabelWildcards ` {boolean} ** Defaults** : ` false ` .
1725+ * ` singleLabelSubdomains ` {boolean} ** Defaults** : ` false ` .
1726+ * Returns: {string|undefined} Returns ` ip ` if the certificate matches,
1727+ ` undefined ` if it does not.
1728+
1729+ Checks whether the certificate matches the given IP address (IPv4 or IPv6).
1730+
1731+ ### ` x509.checkIssued(otherCert) `
1732+ <!-- YAML
1733+ added: REPLACEME
1734+ -->
1735+
1736+ * ` otherCert ` {X509Certificate}
1737+ * Returns: {boolean}
1738+
1739+ Checks whether this certificate was issued by the given ` otherCert ` .
1740+
1741+ ### ` x509.checkPrivateKey(privateKey) `
1742+ <!-- YAML
1743+ added: REPLACEME
1744+ -->
1745+
1746+ * ` privateKey ` {KeyObject} A private key.
1747+ * Returns: {boolean}
1748+
1749+ Checks whether the public key for this certificate is consistent with
1750+ the given private key.
1751+
1752+ ### ` x509.fingerprint `
1753+ <!-- YAML
1754+ added: REPLACEME
1755+ -->
1756+
1757+ * Type: {string}
1758+
1759+ The SHA-1 fingerprint of this certificate.
1760+
1761+ ### ` x509.fingerprint256 `
1762+ <!-- YAML
1763+ added: REPLACEME
1764+ -->
1765+
1766+ * Type: {string}
1767+
1768+ The SHA-256 fingerprint of this certificate.
1769+
1770+ ### ` x509.infoAccess `
1771+ <!-- YAML
1772+ added: REPLACEME
1773+ -->
1774+
1775+ * Type: {string}
1776+
1777+ The information access content of this certificate.
1778+
1779+ ### ` x509.issuer `
1780+ <!-- YAML
1781+ added: REPLACEME
1782+ -->
1783+
1784+ * Type: {string}
1785+
1786+ The issuer identification included in this certificate.
1787+
1788+ ### ` x509.keyUsage `
1789+ <!-- YAML
1790+ added: REPLACEME
1791+ -->
1792+
1793+ * Type: {string[ ] }
1794+
1795+ An array detailing the key usages for this certificate.
1796+
1797+ ### ` x509.publicKey `
1798+ <!-- YAML
1799+ added: REPLACEME
1800+ -->
1801+
1802+ * Type: {KeyObject}
1803+
1804+ The public key {KeyObject} for this certificate.
1805+
1806+ ### ` x509.raw `
1807+ <!-- YAML
1808+ added: REPLACEME
1809+ -->
1810+
1811+ * Type: {Buffer}
1812+
1813+ A ` Buffer ` containing the DER encoding of this certificate.
1814+
1815+ ### ` x509.serialNumber `
1816+ <!-- YAML
1817+ added: REPLACEME
1818+ -->
1819+
1820+ * Type: {string}
1821+
1822+ The serial number of this certificate.
1823+
1824+ ### ` x509.subject `
1825+ <!-- YAML
1826+ added: REPLACEME
1827+ -->
1828+
1829+ * Type: {string}
1830+
1831+ The complete subject of this certificate.
1832+
1833+ ### ` x509.subjectAltName `
1834+ <!-- YAML
1835+ added: REPLACEME
1836+ -->
1837+
1838+ * Type: {string}
1839+
1840+ The subject alternative name specified for this certificate.
1841+
1842+ ### ` x509.toJSON() `
1843+ <!-- YAML
1844+ added: REPLACEME
1845+ -->
1846+
1847+ * Type: {string}
1848+
1849+ There is no standard JSON encoding for X509 certificates. The
1850+ ` toJSON() ` method returns a string containing the PEM encoded
1851+ certificate.
1852+
1853+ ### ` x509.toLegacyObject() `
1854+ <!-- YAML
1855+ added: REPLACEME
1856+ -->
1857+
1858+ * Type: {Object}
1859+
1860+ Returns information about this certificate using the legacy
1861+ [ certificate object] [ ] encoding.
1862+
1863+ ### ` x509.toString() `
1864+ <!-- YAML
1865+ added: REPLACEME
1866+ -->
1867+
1868+ * Type: {string}
1869+
1870+ Returns the PEM-encoded certificate.
1871+
1872+ ### ` x509.validFrom `
1873+ <!-- YAML
1874+ added: REPLACEME
1875+ -->
1876+
1877+ * Type: {string}
1878+
1879+ The date/time from which this certificate is considered valid.
1880+
1881+ ### ` x509.validTo `
1882+ <!-- YAML
1883+ added: REPLACEME
1884+ -->
1885+
1886+ * Type: {string}
1887+
1888+ The date/time until which this certificate is considered valid.
1889+
1890+ ### ` x509.verify(publicKey) `
1891+ <!-- YAML
1892+ added: REPLACEME
1893+ -->
1894+
1895+ * ` publicKey ` {KeyObject} A public key.
1896+ * Returns: {boolean}
1897+
1898+ Verifies that this certificate was signed by the given public key.
1899+ Does not perform any other validation checks on the certificate.
1900+
16481901## ` crypto ` module methods and properties
16491902
16501903### ` crypto.constants `
@@ -3997,6 +4250,7 @@ See the [list of SSL OP Flags][] for details.
39974250[ `util.promisify()` ] : util.md#util_util_promisify_original
39984251[ `verify.update()` ] : #crypto_verify_update_data_inputencoding
39994252[ `verify.verify()` ] : #crypto_verify_verify_object_signature_signatureencoding
4253+ [ certificate object ] : tls.md#tls_certificate_object
40004254[ encoding ] : buffer.md#buffer_buffers_and_character_encodings
40014255[ initialization vector ] : https://en.wikipedia.org/wiki/Initialization_vector
40024256[ list of SSL OP Flags ] : https://wiki.openssl.org/index.php/List_of_SSL_OP_Flags#Table_of_Options
0 commit comments