tlsSocket.getPeerFinished()


  • 返回: <Buffer> | <undefined> 作为 SSL/TLS 握手的一部分,预期或实际已从套接字接收到的最新 Finished 消息,如果到目前为止还没有 Finished 消息,则为 undefined

由于 Finished 消息是完整握手的消息摘要(对于 TLS 1.0 总共有 192 位,对于 SSL 3.0 则更多),当不需要或不需要 SSL/TLS 提供的身份验证时,它们可用于外部身份验证程序不够。

对应于 OpenSSL 中的 SSL_get_peer_finished 例程,可用于实现 RFC 5929 中的 tls-unique 通道绑定。

  • Returns: <Buffer> | <undefined> The latest Finished message that is expected or has actually been received from the socket as part of a SSL/TLS handshake, or undefined if there is no Finished message so far.

As the Finished messages are message digests of the complete handshake (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can be used for external authentication procedures when the authentication provided by SSL/TLS is not desired or is not enough.

Corresponds to the SSL_get_peer_finished routine in OpenSSL and may be used to implement the tls-unique channel binding from RFC 5929.