tls: use internal API instead of crypto module

PR-URL: #22501
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Denys Otrishko <shishugi@gmail.com>

Author: tniessen

lib/_tls_common.js

@@ -31,8 +31,8 @@ const {
 
 const { SSL_OP_CIPHER_SERVER_PREFERENCE } = process.binding('constants').crypto;
 
-// Lazily loaded
-var crypto = null;
+// Lazily loaded from internal/crypto/util.
+let toBuf = null;
 
 const { internalBinding } = require('internal/bootstrap/loaders');
 const { SecureContext: NativeSecureContext } = internalBinding('crypto');
@@ -178,26 +178,26 @@ exports.createSecureContext = function createSecureContext(options, context) {
   }
 
   if (options.pfx) {
-    if (!crypto)
-      crypto = require('crypto');
+    if (!toBuf)
+      toBuf = require('internal/crypto/util').toBuf;
 
     if (Array.isArray(options.pfx)) {
       for (i = 0; i < options.pfx.length; i++) {
         const pfx = options.pfx[i];
         const raw = pfx.buf ? pfx.buf : pfx;
-        const buf = crypto._toBuf(raw);
+        const buf = toBuf(raw);
         const passphrase = pfx.passphrase || options.passphrase;
         if (passphrase) {
-          c.context.loadPKCS12(buf, crypto._toBuf(passphrase));
+          c.context.loadPKCS12(buf, toBuf(passphrase));
         } else {
           c.context.loadPKCS12(buf);
         }
       }
     } else {
-      const buf = crypto._toBuf(options.pfx);
+      const buf = toBuf(options.pfx);
       const passphrase = options.passphrase;
       if (passphrase) {
-        c.context.loadPKCS12(buf, crypto._toBuf(passphrase));
+        c.context.loadPKCS12(buf, toBuf(passphrase));
       } else {
         c.context.loadPKCS12(buf);
       }