@f2a/network 0.1.2 → 0.2.0

package/src/core/e2ee-crypto.ts

@@ -1,246 +0,0 @@
-/**
- * 端到端加密模块
- * 使用 X25519 + AES-256-GCM 实现 Agent 间加密通信
- */
-
-import { x25519 } from '@noble/curves/ed25519.js';
-import { randomBytes, createCipheriv, createDecipheriv, createHash, hkdfSync } from 'crypto';
-import { Logger } from '../utils/logger.js';
-
-// AES-256-GCM 参数
-const AES_KEY_SIZE = 32; // 256 bits
-const AES_IV_SIZE = 16;  // 128 bits
-const AES_TAG_SIZE = 16; // 128 bits
-
-/**
- * 加密密钥对
- */
-export interface EncryptionKeyPair {
-  publicKey: Uint8Array;
-  privateKey: Uint8Array;
-}
-
-/**
- * 加密后的消息
- */
-export interface EncryptedMessage {
-  /** 发送方公钥 (用于接收方识别身份) */
-  senderPublicKey: string;
-  /**  nonce/IV */
-  iv: string;
-  /** 认证标签 */
-  authTag: string;
-  /** 加密后的密文 */
-  ciphertext: string;
-  /** 可选的附加认证数据 */
-  aad?: string;
-  /** 密钥派生使用的随机盐值（每次加密随机生成） */
-  salt: string;
-}
-
-/**
- * 密钥管理器
- */
-export class E2EECrypto {
-  private keyPair: EncryptionKeyPair | null = null;
-  private peerPublicKeys: Map<string, Uint8Array> = new Map();
-  private sharedSecrets: Map<string, Uint8Array> = new Map();
-  private logger: Logger;
-
-  constructor() {
-    this.logger = new Logger({ component: 'E2EE' });
-  }
-
-  /**
-   * 初始化密钥对
-   */
-  async initialize(): Promise<void> {
-    // 生成 X25519 密钥对用于加密
-    const privateKey = x25519.utils.randomSecretKey();
-    const publicKey = x25519.getPublicKey(privateKey);
-
-    this.keyPair = { publicKey, privateKey };
-  }
-
-  /**
-   * 从已有密钥初始化
-   */
-  initializeWithKeyPair(privateKey: Uint8Array, publicKey: Uint8Array): void {
-    this.keyPair = { privateKey, publicKey };
-  }
-
-  /**
-   * 获取公钥 (用于广播)
-   */
-  getPublicKey(): string | null {
-    if (!this.keyPair) return null;
-    return Buffer.from(this.keyPair.publicKey).toString('base64');
-  }
-
-  /**
-   * 注册对等方的公钥
-   */
-  registerPeerPublicKey(peerId: string, publicKeyBase64: string): void {
-    try {
-      const publicKey = Buffer.from(publicKeyBase64, 'base64');
-      this.peerPublicKeys.set(peerId, publicKey);
-
-      // 预计算共享密钥
-      if (this.keyPair) {
-        const sharedSecret = x25519.getSharedSecret(this.keyPair.privateKey, publicKey);
-        this.sharedSecrets.set(peerId, sharedSecret);
-      }
-    } catch (error) {
-      this.logger.error('Failed to register public key', { peerId, error });
-    }
-  }
-
-  /**
-   * 检查是否可以对等方加密通信
-   */
-  canEncryptTo(peerId: string): boolean {
-    return this.sharedSecrets.has(peerId);
-  }
-
-  /**
-   * 加密消息
-   */
-  encrypt(peerId: string, plaintext: string, aad?: string): EncryptedMessage | null {
-    if (!this.keyPair) {
-      this.logger.error('Not initialized');
-      return null;
-    }
-
-    const sharedSecret = this.sharedSecrets.get(peerId);
-    if (!sharedSecret) {
-      this.logger.error('No shared secret for peer', { peerId });
-      return null;
-    }
-
-    try {
-      // 生成随机盐值（每次加密使用不同的盐值，提高安全性）
-      const salt = randomBytes(16);
-      
-      // 从共享密钥派生 AES 密钥
-      const aesKey = this.deriveAESKey(sharedSecret, salt);
-
-      // 生成随机 IV
-      const iv = randomBytes(AES_IV_SIZE);
-
-      // 创建加密器
-      const cipher = createCipheriv('aes-256-gcm', aesKey, iv);
-
-      // 添加 AAD (如果有)
-      if (aad) {
-        cipher.setAAD(Buffer.from(aad, 'utf-8'));
-      }
-
-      // 加密
-      let ciphertext = cipher.update(plaintext, 'utf-8', 'base64');
-      ciphertext += cipher.final('base64');
-
-      // 获取认证标签
-      const authTag = cipher.getAuthTag();
-
-      return {
-        senderPublicKey: this.getPublicKey()!,
-        iv: iv.toString('base64'),
-        authTag: authTag.toString('base64'),
-        ciphertext,
-        aad,
-        salt: salt.toString('base64')
-      };
-    } catch (error) {
-      this.logger.error('Encryption failed', { error });
-      return null;
-    }
-  }
-
-  /**
-   * 解密消息
-   */
-  decrypt(encrypted: EncryptedMessage): string | null {
-    if (!this.keyPair) {
-      this.logger.error('Not initialized');
-      return null;
-    }
-
-    try {
-      // 使用发送方公钥计算共享密钥
-      const senderPublicKey = Buffer.from(encrypted.senderPublicKey, 'base64');
-      const sharedSecret = x25519.getSharedSecret(this.keyPair.privateKey, senderPublicKey);
-      
-      // 使用消息中的盐值派生 AES 密钥（与加密方使用相同的盐值）
-      const salt = encrypted.salt ? Buffer.from(encrypted.salt, 'base64') : Buffer.from('F2A-E2EE-SALT-2024', 'utf-8');
-      const aesKey = this.deriveAESKey(sharedSecret, salt);
-
-      // 解码参数
-      const iv = Buffer.from(encrypted.iv, 'base64');
-      const authTag = Buffer.from(encrypted.authTag, 'base64');
-
-      // 创建解密器
-      const decipher = createDecipheriv('aes-256-gcm', aesKey, iv);
-      decipher.setAuthTag(authTag);
-
-      // 添加 AAD (如果有)
-      if (encrypted.aad) {
-        decipher.setAAD(Buffer.from(encrypted.aad, 'utf-8'));
-      }
-
-      // 解密
-      let plaintext = decipher.update(encrypted.ciphertext, 'base64', 'utf-8');
-      plaintext += decipher.final('utf-8');
-
-      return plaintext;
-    } catch (error) {
-      this.logger.error('Decryption failed', { error });
-      return null;
-    }
-  }
-
-  /**
-   * 从共享密钥派生 AES 密钥
-   * 使用 HKDF (HMAC-based Key Derivation Function) 进行安全密钥派生
-   * @param sharedSecret 共享密钥
-   * @param salt 随机盐值（每次加密使用不同的盐值，提高安全性）
-   */
-  private deriveAESKey(sharedSecret: Uint8Array, salt: Buffer): Buffer {
-    // HKDF 参数
-    const info = Buffer.from('AES-256-GCM-KEY', 'utf-8');    // 密钥用途标识
-    
-    // 使用 HKDF-SHA256 进行密钥派生
-    // hkdfSync(digest, ikm, salt, info, keylen)
-    const derivedKey = hkdfSync('sha256', sharedSecret, salt, info, AES_KEY_SIZE);
-    
-    return Buffer.from(derivedKey);
-  }
-
-  /**
-   * 获取已注册的对等方公钥
-   */
-  getPeerPublicKey(peerId: string): string | null {
-    const publicKey = this.peerPublicKeys.get(peerId);
-    return publicKey ? Buffer.from(publicKey).toString('base64') : null;
-  }
-
-  /**
-   * 序列化密钥对用于存储
-   */
-  exportKeyPair(): { publicKey: string; privateKey: string } | null {
-    if (!this.keyPair) return null;
-    return {
-      publicKey: Buffer.from(this.keyPair.publicKey).toString('base64'),
-      privateKey: Buffer.from(this.keyPair.privateKey).toString('base64')
-    };
-  }
-
-  /**
-   * 获取已注册的对等方数量
-   */
-  getRegisteredPeerCount(): number {
-    return this.peerPublicKeys.size;
-  }
-}
-
-// 单例导出
-export const defaultE2EECrypto = new E2EECrypto();

package/src/core/f2a.test.ts

@@ -1,269 +0,0 @@
-import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
-import { F2A } from './f2a.js';
-import { AgentCapability, TaskDelegateOptions } from '../types/index.js';
-
-// Mock P2PNetwork
-vi.mock('./p2p-network', () => ({
-  P2PNetwork: vi.fn().mockImplementation(() => ({
-    start: vi.fn().mockResolvedValue({ 
-      success: true, 
-      data: { peerId: 'test-peer-id', addresses: ['/ip4/127.0.0.1/tcp/9000'] }
-    }),
-    stop: vi.fn(),
-    discoverAgents: vi.fn().mockResolvedValue([]),
-    getConnectedPeers: vi.fn().mockReturnValue([]),
-    sendTaskRequest: vi.fn(),
-    sendTaskResponse: vi.fn().mockResolvedValue({ success: true }),
-    useMiddleware: vi.fn(),
-    removeMiddleware: vi.fn().mockReturnValue(true),
-    listMiddlewares: vi.fn().mockReturnValue(['test-middleware']),
-    findPeerViaDHT: vi.fn().mockResolvedValue({ success: false, error: { code: 'DHT_NOT_AVAILABLE', message: 'DHT not enabled' } }),
-    getDHTPeerCount: vi.fn().mockReturnValue(0),
-    isDHTEnabled: vi.fn().mockReturnValue(false),
-    on: vi.fn(),
-    getPeerId: vi.fn().mockReturnValue('test-peer-id')
-  }))
-}));
-
-describe('F2A', () => {
-  let f2a: F2A;
-
-  beforeEach(async () => {
-    f2a = await F2A.create({
-      displayName: 'Test Agent',
-      agentType: 'openclaw',
-      network: {
-        listenPort: 0,
-        enableMDNS: false
-      }
-    });
-  });
-
-  afterEach(async () => {
-    await f2a.stop();
-  });
-
-  describe('create', () => {
-    it('should create F2A instance with default options', async () => {
-      const instance = await F2A.create();
-      expect(instance).toBeDefined();
-      expect(instance.agentInfo.agentType).toBe('openclaw');
-      await instance.stop();
-    });
-
-    it('should create F2A instance with custom options', async () => {
-      const instance = await F2A.create({
-        displayName: 'Custom Agent',
-        agentType: 'custom'
-      });
-      expect(instance.agentInfo.displayName).toBe('Custom Agent');
-      expect(instance.agentInfo.agentType).toBe('custom');
-      await instance.stop();
-    });
-  });
-
-  describe('start/stop', () => {
-    it('should start successfully', async () => {
-      const result = await f2a.start();
-      expect(result.success).toBe(true);
-    });
-
-    it('should not start twice', async () => {
-      await f2a.start();
-      const result = await f2a.start();
-      expect(result.success).toBe(false);
-      expect(result.error?.message || result.error).toContain('already running');
-    });
-
-    it('should handle stop before start', async () => {
-      const newF2a = await F2A.create();
-      await newF2a.stop(); // Should not throw
-    });
-
-    it('should handle multiple stop calls', async () => {
-      await f2a.start();
-      await f2a.stop();
-      await f2a.stop(); // Should not throw
-    });
-  });
-
-  describe('capability management', () => {
-    it('should register capability', () => {
-      const capability: AgentCapability = {
-        name: 'test-capability',
-        description: 'Test capability',
-        tools: ['tool1', 'tool2']
-      };
-
-      f2a.registerCapability(capability, async () => 'result');
-      
-      const capabilities = f2a.getCapabilities();
-      expect(capabilities).toHaveLength(1);
-      expect(capabilities[0].name).toBe('test-capability');
-    });
-
-    it('should register multiple capabilities', () => {
-      f2a.registerCapability(
-        { name: 'cap1', description: 'Cap 1', tools: [] },
-        async () => 'result1'
-      );
-      f2a.registerCapability(
-        { name: 'cap2', description: 'Cap 2', tools: [] },
-        async () => 'result2'
-      );
-
-      const capabilities = f2a.getCapabilities();
-      expect(capabilities).toHaveLength(2);
-    });
-
-    it('should update capability when registering same name', () => {
-      f2a.registerCapability(
-        { name: 'same-cap', description: 'Original', tools: [] },
-        async () => 'original'
-      );
-      f2a.registerCapability(
-        { name: 'same-cap', description: 'Updated', tools: ['new-tool'] },
-        async () => 'updated'
-      );
-
-      const capabilities = f2a.getCapabilities();
-      expect(capabilities).toHaveLength(1);
-      expect(capabilities[0].description).toBe('Updated');
-    });
-  });
-
-  describe('events', () => {
-    it('should emit network:started event', async () => {
-      const eventPromise = new Promise((resolve) => {
-        f2a.on('network:started', (event) => {
-          resolve(event);
-        });
-      });
-
-      await f2a.start();
-      const event = await eventPromise;
-      expect(event).toBeDefined();
-    });
-
-    it('should emit network:stopped event', async () => {
-      await f2a.start();
-      
-      const eventPromise = new Promise((resolve) => {
-        f2a.on('network:stopped', () => {
-          resolve(true);
-        });
-      });
-
-      await f2a.stop();
-      await eventPromise;
-    });
-  });
-
-  describe('peer management', () => {
-    it('should return empty peers when not started', () => {
-      const peers = f2a.getConnectedPeers();
-      expect(peers).toEqual([]);
-    });
-  });
-
-  describe('task delegation', () => {
-    it('should fail delegation when no agents found', async () => {
-      const options: TaskDelegateOptions = {
-        capability: 'non-existent-capability',
-        description: 'Test task'
-      };
-
-      const result = await f2a.delegateTask(options);
-      expect(result.success).toBe(false);
-      expect(result.error?.message || result.error).toContain('No agent found');
-    });
-
-    it('should delegate task with parallel option', async () => {
-      const options: TaskDelegateOptions = {
-        capability: 'test-cap',
-        description: 'Test task',
-        parallel: true,
-        minResponses: 1
-      };
-
-      const result = await f2a.delegateTask(options);
-      expect(result.success).toBe(false); // No agents found
-    });
-  });
-
-  describe('sendTaskTo', () => {
-    it('should send task to specific peer', async () => {
-      await f2a.start();
-      // Mock returns undefined, just verify it doesn't throw
-      await f2a.sendTaskTo(
-        'peer-id',
-        'task-type',
-        'description',
-        { param: 'value' }
-      );
-    });
-  });
-
-  describe('respondToTask', () => {
-    it('should respond to task successfully', async () => {
-      await f2a.start();
-      const result = await f2a.respondToTask(
-        'peer-id',
-        'task-id',
-        'success',
-        { data: 'result' }
-      );
-      expect(result.success).toBe(true);
-    });
-
-    it('should respond to task with error', async () => {
-      await f2a.start();
-      const result = await f2a.respondToTask(
-        'peer-id',
-        'task-id',
-        'error',
-        undefined,
-        'Error message'
-      );
-      expect(result.success).toBe(true);
-    });
-  });
-
-  describe('middleware and DHT facade', () => {
-    it('should proxy middleware methods to p2p network', () => {
-      const middleware = {
-        name: 'test-middleware',
-        priority: 10,
-        process: vi.fn().mockResolvedValue({ action: 'continue' })
-      };
-
-      f2a.useMiddleware(middleware as any);
-      expect(f2a.listMiddlewares()).toEqual(['test-middleware']);
-      expect(f2a.removeMiddleware('test-middleware')).toBe(true);
-    });
-
-    it('should proxy dht methods to p2p network', async () => {
-      const lookup = await f2a.findPeerViaDHT('peer-id');
-      expect(lookup.success).toBe(false);
-      expect(lookup.error?.code).toBe('DHT_NOT_AVAILABLE');
-      expect(f2a.getDHTPeerCount()).toBe(0);
-      expect(f2a.isDHTEnabled()).toBe(false);
-    });
-  });
-
-  describe('error handling', () => {
-    it('should emit error event', async () => {
-      const errorPromise = new Promise<Error>((resolve) => {
-        f2a.on('error', (error) => {
-          resolve(error);
-        });
-      });
-
-      // Emit error through f2a directly
-      (f2a as any).emit('error', new Error('Test error'));
-      
-      const error = await errorPromise;
-      expect(error.message).toBe('Test error');
-    });
-  });
-});