Skip to content

Commit 1d88d0c

Browse files
committed
doc: update src/crypto/README.md
1 parent 65e5612 commit 1d88d0c

1 file changed

Lines changed: 17 additions & 9 deletions

File tree

src/crypto/README.md

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -149,24 +149,32 @@ core key objects.
149149
#### `KeyObjectData`
150150

151151
`KeyObjectData` is an internal thread-safe structure used to wrap either
152-
a `EVPKeyPointer` (for Public or Private keys) or a `ByteSource` containing
153-
a Secret key.
152+
an `EVPKeyPointer` (for Public or Private keys) or a `ByteSource` containing
153+
a Secret key. It is the shared backing representation used by `KeyObject`,
154+
`CryptoKey`, and native crypto jobs that operate on key material.
154155

155156
#### `KeyObjectHandle`
156157

157-
The `KeyObjectHandle` provides the interface between the native C++ code
158-
handling keys and the public JavaScript `KeyObject` API.
158+
`KeyObjectHandle` is the JavaScript-visible C++ handle for a
159+
`KeyObjectData`. It exposes operations that internal JavaScript uses to
160+
initialize, inspect, compare, and export key material. Native code passes
161+
`KeyObjectData` across threads and jobs; a `KeyObjectHandle` is created when
162+
JavaScript needs access to those operations.
159163

160164
#### `KeyObject`
161165

162-
A `KeyObject` is the public Node.js-specific API for keys. A single
163-
`KeyObject` wraps exactly one `KeyObjectHandle`.
166+
A `KeyObject` is the public Node.js-specific API for keys. It extends a
167+
native `NativeKeyObject`, which stores `KeyObjectData` for structured
168+
cloning, and it owns one `KeyObjectHandle` used by the JavaScript API
169+
surface.
164170

165171
#### `CryptoKey`
166172

167-
A `CryptoKey` is the Web Crypto API's alternative to `KeyObject`. In the
168-
Node.js implementation, `CryptoKey` is a thin wrapper around the
169-
`KeyObject` and it is largely possible to use them interchangeably.
173+
A `CryptoKey` is the Web Crypto API key type. In the Node.js implementation,
174+
public `CryptoKey` instances are backed by a native `NativeCryptoKey`, not by
175+
a `KeyObject`. `NativeCryptoKey` stores the same `KeyObjectData`
176+
representation as `KeyObject`, plus the Web Crypto internal slots
177+
(`[[extractable]]`, `[[algorithm]]`, and `[[usages]]`).
170178

171179
### `CryptoJob`
172180

0 commit comments

Comments
 (0)