isServer = false,
              requestCert = !isServer,
              rejectUnauthorized = false,
              options = kEmptyObject) {
    super();
    const { socket1, socket2 } = new DuplexPair();

    this.server = options.server;
    this.credentials = secureContext;

    this.encrypted = socket1;
    this.cleartext = new _tls_wrap.TLSSocket(socket2, {
      secureContext,
      isServer,
      requestCert,
      rejectUnauthorized,
      ...options,
    });
    this.cleartext.once('secure', () => this.emit('secure'));
  }

  destroy() {
    this.cleartext.destroy();
    this.encrypted.destroy();
  }
}

exports.createSecurePair = function createSecurePair(...args) {
  return ReflectConstruct(SecurePair, args);
};