@f2a/network 0.1.2

package/dist/core/connection-manager.d.ts

@@ -0,0 +1,80 @@
+/**
+ * ConnectionManager - 连接确认管理器
+ *
+ * 管理待确认连接请求，支持：
+ * - 1小时有效期
+ * - 同一 Agent 去重（保留最新）
+ * - 通过序号或 ID 确认/拒绝
+ */
+import { EventEmitter } from 'eventemitter3';
+import { Socket } from 'net';
+import { PendingConnection, PendingConnectionView, ConnectionRequestEvent, ConfirmationEvent, RejectionEvent, ExpirationEvent, Result } from '../types';
+export interface ConnectionManagerOptions {
+    timeout?: number;
+    cleanupInterval?: number;
+}
+export declare class ConnectionManager extends EventEmitter<{
+    pending_added: (event: ConnectionRequestEvent) => void;
+    confirmed: (event: ConfirmationEvent) => void;
+    rejected: (event: RejectionEvent) => void;
+    expired: (event: ExpirationEvent) => void;
+}> {
+    private pendingConnections;
+    private agentToConfirmation;
+    private maxIndex;
+    private cleanupInterval?;
+    private options;
+    constructor(options?: ConnectionManagerOptions);
+    /**
+     * 添加待确认连接
+     */
+    addPending(agentId: string, socket: Socket, publicKey: string, address: string, port: number): {
+        confirmationId: string;
+        isDuplicate: boolean;
+    };
+    /**
+     * 获取待确认连接列表
+     */
+    getPendingList(): PendingConnectionView[];
+    /**
+     * 通过序号查找
+     */
+    getByIndex(index: number): PendingConnection | null;
+    /**
+     * 通过 ID 查找
+     */
+    getById(confirmationId: string): PendingConnection | null;
+    /**
+     * 确认连接
+     */
+    confirm(idOrIndex: string | number): Result<PendingConnection>;
+    /**
+     * 拒绝连接
+     */
+    reject(idOrIndex: string | number, reason?: string): Result<PendingConnection>;
+    /**
+     * 获取待确认数量
+     */
+    getPendingCount(): number;
+    /**
+     * 检查 Agent 是否有待确认请求
+     */
+    hasPendingForAgent(agentId: string): boolean;
+    /**
+     * 停止管理器
+     */
+    stop(): void;
+    /**
+     * 启动定期清理
+     */
+    private startCleanup;
+    /**
+     * 清理过期连接
+     */
+    private cleanup;
+    /**
+     * 安全关闭 socket
+     */
+    private closeSocket;
+}
+//# sourceMappingURL=connection-manager.d.ts.map

package/dist/core/connection-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"connection-manager.d.ts","sourceRoot":"","sources":["../../src/core/connection-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,EAAE,MAAM,EAAE,MAAM,KAAK,CAAC;AAC7B,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,sBAAsB,EACtB,iBAAiB,EACjB,cAAc,EACd,eAAe,EACf,MAAM,EACP,MAAM,UAAU,CAAC;AAMlB,MAAM,WAAW,wBAAwB;IACvC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,qBAAa,iBAAkB,SAAQ,YAAY,CAAC;IAClD,aAAa,EAAE,CAAC,KAAK,EAAE,sBAAsB,KAAK,IAAI,CAAC;IACvD,SAAS,EAAE,CAAC,KAAK,EAAE,iBAAiB,KAAK,IAAI,CAAC;IAC9C,QAAQ,EAAE,CAAC,KAAK,EAAE,cAAc,KAAK,IAAI,CAAC;IAC1C,OAAO,EAAE,CAAC,KAAK,EAAE,eAAe,KAAK,IAAI,CAAC;CAC3C,CAAC;IACA,OAAO,CAAC,kBAAkB,CAA6C;IACvE,OAAO,CAAC,mBAAmB,CAAkC;IAC7D,OAAO,CAAC,QAAQ,CAAa;IAC7B,OAAO,CAAC,eAAe,CAAC,CAAiB;IACzC,OAAO,CAAC,OAAO,CAAqC;gBAExC,OAAO,GAAE,wBAA6B;IASlD;;OAEG;IACH,UAAU,CACR,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,GACX;QAAE,cAAc,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,OAAO,CAAA;KAAE;IA8CnD;;OAEG;IACH,cAAc,IAAI,qBAAqB,EAAE;IAwBzC;;OAEG;IACH,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,iBAAiB,GAAG,IAAI;IASnD;;OAEG;IACH,OAAO,CAAC,cAAc,EAAE,MAAM,GAAG,iBAAiB,GAAG,IAAI;IAgBzD;;OAEG;IACH,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC,iBAAiB,CAAC;IAuB9D;;OAEG;IACH,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,MAAM,GAAE,MAAe,GAAG,MAAM,CAAC,iBAAiB,CAAC;IAyBtF;;OAEG;IACH,eAAe,IAAI,MAAM;IAIzB;;OAEG;IACH,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO;IAI5C;;OAEG;IACH,IAAI,IAAI,IAAI;IAcZ;;OAEG;IACH,OAAO,CAAC,YAAY;IAMpB;;OAEG;IACH,OAAO,CAAC,OAAO;IAuBf;;OAEG;IACH,OAAO,CAAC,WAAW;CAOpB"}

package/dist/core/connection-manager.js

@@ -0,0 +1,235 @@
+"use strict";
+/**
+ * ConnectionManager - 连接确认管理器
+ *
+ * 管理待确认连接请求，支持：
+ * - 1小时有效期
+ * - 同一 Agent 去重（保留最新）
+ * - 通过序号或 ID 确认/拒绝
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ConnectionManager = void 0;
+const eventemitter3_1 = require("eventemitter3");
+const crypto_1 = require("crypto");
+// 常量
+const PENDING_TIMEOUT = 60 * 60 * 1000; // 1小时
+const CLEANUP_INTERVAL = 60 * 1000; // 每分钟清理一次
+class ConnectionManager extends eventemitter3_1.EventEmitter {
+    pendingConnections = new Map();
+    agentToConfirmation = new Map();
+    maxIndex = 0;
+    cleanupInterval;
+    options;
+    constructor(options = {}) {
+        super();
+        this.options = {
+            timeout: options.timeout ?? PENDING_TIMEOUT,
+            cleanupInterval: options.cleanupInterval ?? CLEANUP_INTERVAL
+        };
+        this.startCleanup();
+    }
+    /**
+     * 添加待确认连接
+     */
+    addPending(agentId, socket, publicKey, address, port) {
+        // 检查是否已有同一 Agent 的待确认请求
+        const existingId = this.agentToConfirmation.get(agentId);
+        let isDuplicate = false;
+        if (existingId) {
+            const existing = this.pendingConnections.get(existingId);
+            if (existing) {
+                // 关闭旧的 socket
+                this.closeSocket(existing.socket);
+                // 删除旧的记录
+                this.pendingConnections.delete(existingId);
+                console.log(`[ConnectionManager] 更新 ${agentId.slice(0, 16)}... 的连接请求（去重）`);
+                isDuplicate = true;
+            }
+        }
+        const confirmationId = (0, crypto_1.randomUUID)();
+        const now = Date.now();
+        const pending = {
+            confirmationId,
+            agentId,
+            socket,
+            publicKey,
+            address,
+            port,
+            timestamp: now,
+            expiresAt: now + this.options.timeout,
+            index: ++this.maxIndex
+        };
+        this.pendingConnections.set(confirmationId, pending);
+        this.agentToConfirmation.set(agentId, confirmationId);
+        this.emit('pending_added', {
+            confirmationId,
+            agentId,
+            address,
+            port,
+            isDuplicate
+        });
+        return { confirmationId, isDuplicate };
+    }
+    /**
+     * 获取待确认连接列表
+     */
+    getPendingList() {
+        const now = Date.now();
+        const list = [];
+        for (const pending of this.pendingConnections.values()) {
+            const remainingMs = pending.expiresAt - now;
+            const remainingMinutes = Math.max(0, Math.floor(remainingMs / 60000));
+            list.push({
+                index: pending.index,
+                confirmationId: pending.confirmationId,
+                shortId: pending.confirmationId.slice(0, 8),
+                agentId: pending.agentId,
+                agentIdShort: pending.agentId.slice(0, 16) + '...',
+                address: pending.address,
+                port: pending.port,
+                remainingMinutes,
+                requestedAt: pending.timestamp
+            });
+        }
+        return list.sort((a, b) => a.index - b.index);
+    }
+    /**
+     * 通过序号查找
+     */
+    getByIndex(index) {
+        for (const pending of this.pendingConnections.values()) {
+            if (pending.index === index) {
+                return pending;
+            }
+        }
+        return null;
+    }
+    /**
+     * 通过 ID 查找
+     */
+    getById(confirmationId) {
+        // 完整匹配
+        if (this.pendingConnections.has(confirmationId)) {
+            return this.pendingConnections.get(confirmationId);
+        }
+        // 短 ID 匹配（前8位）
+        for (const [id, pending] of this.pendingConnections) {
+            if (id.startsWith(confirmationId)) {
+                return pending;
+            }
+        }
+        return null;
+    }
+    /**
+     * 确认连接
+     */
+    confirm(idOrIndex) {
+        const pending = typeof idOrIndex === 'number'
+            ? this.getByIndex(idOrIndex)
+            : this.getById(idOrIndex);
+        if (!pending) {
+            return { success: false, error: '连接请求不存在或已过期' };
+        }
+        // 清理记录
+        this.pendingConnections.delete(pending.confirmationId);
+        this.agentToConfirmation.delete(pending.agentId);
+        this.emit('confirmed', {
+            confirmationId: pending.confirmationId,
+            agentId: pending.agentId,
+            socket: pending.socket,
+            publicKey: pending.publicKey
+        });
+        return { success: true, data: pending };
+    }
+    /**
+     * 拒绝连接
+     */
+    reject(idOrIndex, reason = '用户拒绝') {
+        const pending = typeof idOrIndex === 'number'
+            ? this.getByIndex(idOrIndex)
+            : this.getById(idOrIndex);
+        if (!pending) {
+            return { success: false, error: '连接请求不存在或已过期' };
+        }
+        // 关闭 socket
+        this.closeSocket(pending.socket);
+        // 清理记录
+        this.pendingConnections.delete(pending.confirmationId);
+        this.agentToConfirmation.delete(pending.agentId);
+        this.emit('rejected', {
+            confirmationId: pending.confirmationId,
+            agentId: pending.agentId,
+            reason
+        });
+        return { success: true, data: pending };
+    }
+    /**
+     * 获取待确认数量
+     */
+    getPendingCount() {
+        return this.pendingConnections.size;
+    }
+    /**
+     * 检查 Agent 是否有待确认请求
+     */
+    hasPendingForAgent(agentId) {
+        return this.agentToConfirmation.has(agentId);
+    }
+    /**
+     * 停止管理器
+     */
+    stop() {
+        if (this.cleanupInterval) {
+            clearInterval(this.cleanupInterval);
+        }
+        // 关闭所有待确认连接
+        for (const pending of this.pendingConnections.values()) {
+            this.closeSocket(pending.socket);
+        }
+        this.pendingConnections.clear();
+        this.agentToConfirmation.clear();
+    }
+    /**
+     * 启动定期清理
+     */
+    startCleanup() {
+        this.cleanupInterval = setInterval(() => {
+            this.cleanup();
+        }, this.options.cleanupInterval);
+    }
+    /**
+     * 清理过期连接
+     */
+    cleanup() {
+        const now = Date.now();
+        let expiredCount = 0;
+        for (const [confirmationId, pending] of this.pendingConnections) {
+            if (now > pending.expiresAt) {
+                this.closeSocket(pending.socket);
+                this.agentToConfirmation.delete(pending.agentId);
+                this.pendingConnections.delete(confirmationId);
+                expiredCount++;
+                this.emit('expired', {
+                    confirmationId,
+                    agentId: pending.agentId
+                });
+            }
+        }
+        if (expiredCount > 0) {
+            console.log(`[ConnectionManager] 清理 ${expiredCount} 个过期连接`);
+        }
+    }
+    /**
+     * 安全关闭 socket
+     */
+    closeSocket(socket) {
+        try {
+            socket.end();
+        }
+        catch {
+            // 忽略错误
+        }
+    }
+}
+exports.ConnectionManager = ConnectionManager;
+//# sourceMappingURL=connection-manager.js.map

package/dist/core/connection-manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"connection-manager.js","sourceRoot":"","sources":["../../src/core/connection-manager.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAEH,iDAA6C;AAC7C,mCAAoC;AAYpC,KAAK;AACL,MAAM,eAAe,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,MAAM;AAC9C,MAAM,gBAAgB,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,UAAU;AAO9C,MAAa,iBAAkB,SAAQ,4BAKrC;IACQ,kBAAkB,GAAmC,IAAI,GAAG,EAAE,CAAC;IAC/D,mBAAmB,GAAwB,IAAI,GAAG,EAAE,CAAC;IACrD,QAAQ,GAAW,CAAC,CAAC;IACrB,eAAe,CAAkB;IACjC,OAAO,CAAqC;IAEpD,YAAY,UAAoC,EAAE;QAChD,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,OAAO,GAAG;YACb,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,eAAe;YAC3C,eAAe,EAAE,OAAO,CAAC,eAAe,IAAI,gBAAgB;SAC7D,CAAC;QACF,IAAI,CAAC,YAAY,EAAE,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,UAAU,CACR,OAAe,EACf,MAAc,EACd,SAAiB,EACjB,OAAe,EACf,IAAY;QAEZ,wBAAwB;QACxB,MAAM,UAAU,GAAG,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACzD,IAAI,WAAW,GAAG,KAAK,CAAC;QAExB,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,QAAQ,GAAG,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACzD,IAAI,QAAQ,EAAE,CAAC;gBACb,cAAc;gBACd,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAClC,SAAS;gBACT,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;gBAC3C,OAAO,CAAC,GAAG,CAAC,0BAA0B,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC;gBAC3E,WAAW,GAAG,IAAI,CAAC;YACrB,CAAC;QACH,CAAC;QAED,MAAM,cAAc,GAAG,IAAA,mBAAU,GAAE,CAAC;QACpC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,MAAM,OAAO,GAAsB;YACjC,cAAc;YACd,OAAO;YACP,MAAM;YACN,SAAS;YACT,OAAO;YACP,IAAI;YACJ,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO;YACrC,KAAK,EAAE,EAAE,IAAI,CAAC,QAAQ;SACvB,CAAC;QAEF,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;QACrD,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QAEtD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,cAAc;YACd,OAAO;YACP,OAAO;YACP,IAAI;YACJ,WAAW;SACZ,CAAC,CAAC;QAEH,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,GAA4B,EAAE,CAAC;QAEzC,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,EAAE,CAAC;YACvD,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS,GAAG,GAAG,CAAC;YAC5C,MAAM,gBAAgB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC;YAEtE,IAAI,CAAC,IAAI,CAAC;gBACR,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,OAAO,EAAE,OAAO,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC3C,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;gBAClD,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,gBAAgB;gBAChB,WAAW,EAAE,OAAO,CAAC,SAAS;aAC/B,CAAC,CAAC;QACL,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,KAAa;QACtB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,EAAE,CAAC;YACvD,IAAI,OAAO,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;gBAC5B,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,cAAsB;QAC5B,OAAO;QACP,IAAI,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAC;YAChD,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,cAAc,CAAE,CAAC;QACtD,CAAC;QAED,eAAe;QACf,KAAK,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACpD,IAAI,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;gBAClC,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,SAA0B;QAChC,MAAM,OAAO,GAAG,OAAO,SAAS,KAAK,QAAQ;YAC3C,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;YAC5B,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAE5B,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC;QAClD,CAAC;QAED,OAAO;QACP,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QACvD,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAEjD,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE;YACrB,cAAc,EAAE,OAAO,CAAC,cAAc;YACtC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC,CAAC;QAEH,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,SAA0B,EAAE,SAAiB,MAAM;QACxD,MAAM,OAAO,GAAG,OAAO,SAAS,KAAK,QAAQ;YAC3C,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;YAC5B,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAE5B,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC;QAClD,CAAC;QAED,YAAY;QACZ,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAEjC,OAAO;QACP,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QACvD,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAEjD,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;YACpB,cAAc,EAAE,OAAO,CAAC,cAAc;YACtC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM;SACP,CAAC,CAAC;QAEH,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,kBAAkB,CAAC,OAAe;QAChC,OAAO,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,IAAI;QACF,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzB,aAAa,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACtC,CAAC;QAED,YAAY;QACZ,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,EAAE,CAAC;YACvD,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACnC,CAAC;QAED,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,CAAC;QAChC,IAAI,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACK,YAAY;QAClB,IAAI,CAAC,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE;YACtC,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IACnC,CAAC;IAED;;OAEG;IACK,OAAO;QACb,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,YAAY,GAAG,CAAC,CAAC;QAErB,KAAK,MAAM,CAAC,cAAc,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAChE,IAAI,GAAG,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;gBAC5B,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;gBACjC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACjD,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;gBAC/C,YAAY,EAAE,CAAC;gBAEf,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;oBACnB,cAAc;oBACd,OAAO,EAAE,OAAO,CAAC,OAAO;iBACzB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,0BAA0B,YAAY,QAAQ,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,MAAc;QAChC,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,EAAE,CAAC;QACf,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;IACH,CAAC;CACF;AAxQD,8CAwQC"}

package/dist/core/connection-manager.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=connection-manager.test.d.ts.map

package/dist/core/connection-manager.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"connection-manager.test.d.ts","sourceRoot":"","sources":["../../src/core/connection-manager.test.ts"],"names":[],"mappings":""}

package/dist/core/connection-manager.test.js

@@ -0,0 +1,52 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const connection_manager_1 = require("./connection-manager");
+// Mock Socket
+function createMockSocket() {
+    return {
+        ended: false,
+        end: function () { this.ended = true; },
+        remoteAddress: '192.168.1.100',
+        remotePort: 9001
+    };
+}
+(0, vitest_1.describe)('ConnectionManager', () => {
+    let cm;
+    (0, vitest_1.beforeEach)(() => {
+        cm = new connection_manager_1.ConnectionManager({ timeout: 1000, cleanupInterval: 100 });
+    });
+    (0, vitest_1.afterEach)(() => {
+        cm.stop();
+    });
+    (0, vitest_1.it)('should add pending connection', () => {
+        const socket = createMockSocket();
+        const result = cm.addPending('agent-1', socket, 'key', '192.168.1.100', 9001);
+        (0, vitest_1.expect)(result.confirmationId).toBeDefined();
+        (0, vitest_1.expect)(result.isDuplicate).toBe(false);
+        (0, vitest_1.expect)(cm.getPendingCount()).toBe(1);
+    });
+    (0, vitest_1.it)('should deduplicate same agent requests', () => {
+        const socket1 = createMockSocket();
+        cm.addPending('agent-1', socket1, 'key1', '192.168.1.100', 9001);
+        const socket2 = createMockSocket();
+        const result = cm.addPending('agent-1', socket2, 'key2', '192.168.1.100', 9002);
+        (0, vitest_1.expect)(result.isDuplicate).toBe(true);
+        (0, vitest_1.expect)(cm.getPendingCount()).toBe(1);
+    });
+    (0, vitest_1.it)('should confirm connection', () => {
+        cm.addPending('agent-1', createMockSocket(), 'key1', '192.168.1.100', 9001);
+        const result = cm.confirm(1);
+        (0, vitest_1.expect)(result.success).toBe(true);
+        (0, vitest_1.expect)(cm.getPendingCount()).toBe(0);
+    });
+    (0, vitest_1.it)('should reject connection', () => {
+        const socket = createMockSocket();
+        cm.addPending('agent-1', socket, 'key1', '192.168.1.100', 9001);
+        const result = cm.reject(1, 'test reason');
+        (0, vitest_1.expect)(result.success).toBe(true);
+        (0, vitest_1.expect)(socket.ended).toBe(true);
+        (0, vitest_1.expect)(cm.getPendingCount()).toBe(0);
+    });
+});
+//# sourceMappingURL=connection-manager.test.js.map

package/dist/core/connection-manager.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"connection-manager.test.js","sourceRoot":"","sources":["../../src/core/connection-manager.test.ts"],"names":[],"mappings":";;AAAA,mCAAqE;AACrE,6DAAyD;AAGzD,cAAc;AACd,SAAS,gBAAgB;IACvB,OAAO;QACL,KAAK,EAAE,KAAK;QACZ,GAAG,EAAE,cAAa,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC;QACtC,aAAa,EAAE,eAAe;QAC9B,UAAU,EAAE,IAAI;KACI,CAAC;AACzB,CAAC;AAED,IAAA,iBAAQ,EAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,IAAI,EAAqB,CAAC;IAE1B,IAAA,mBAAU,EAAC,GAAG,EAAE;QACd,EAAE,GAAG,IAAI,sCAAiB,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,GAAG,EAAE,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,IAAA,kBAAS,EAAC,GAAG,EAAE;QACb,EAAE,CAAC,IAAI,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;IAEH,IAAA,WAAE,EAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,MAAM,GAAG,gBAAgB,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,CAAC,CAAC;QAE9E,IAAA,eAAM,EAAC,MAAM,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;QAC5C,IAAA,eAAM,EAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACvC,IAAA,eAAM,EAAC,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,IAAA,WAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,OAAO,GAAG,gBAAgB,EAAE,CAAC;QACnC,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,CAAC;QAEjE,MAAM,OAAO,GAAG,gBAAgB,EAAE,CAAC;QACnC,MAAM,MAAM,GAAG,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,CAAC;QAEhF,IAAA,eAAM,EAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,IAAA,eAAM,EAAC,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,IAAA,WAAE,EAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,gBAAgB,EAAE,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,CAAC;QAE5E,MAAM,MAAM,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QAE7B,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,IAAA,eAAM,EAAC,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,IAAA,WAAE,EAAC,0BAA0B,EAAE,GAAG,EAAE;QAClC,MAAM,MAAM,GAAG,gBAAgB,EAAE,CAAC;QAClC,EAAE,CAAC,UAAU,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,CAAC;QAEhE,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;QAE3C,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,IAAA,eAAM,EAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChC,IAAA,eAAM,EAAC,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/core/e2ee-crypto.d.ts

@@ -0,0 +1,90 @@
+/**
+ * 端到端加密模块
+ * 使用 X25519 + AES-256-GCM 实现 Agent 间加密通信
+ */
+/**
+ * 加密密钥对
+ */
+export interface EncryptionKeyPair {
+    publicKey: Uint8Array;
+    privateKey: Uint8Array;
+}
+/**
+ * 加密后的消息
+ */
+export interface EncryptedMessage {
+    /** 发送方公钥 (用于接收方识别身份) */
+    senderPublicKey: string;
+    /**  nonce/IV */
+    iv: string;
+    /** 认证标签 */
+    authTag: string;
+    /** 加密后的密文 */
+    ciphertext: string;
+    /** 可选的附加认证数据 */
+    aad?: string;
+    /** 密钥派生使用的随机盐值（每次加密随机生成） */
+    salt: string;
+}
+/**
+ * 密钥管理器
+ */
+export declare class E2EECrypto {
+    private keyPair;
+    private peerPublicKeys;
+    private sharedSecrets;
+    private logger;
+    constructor();
+    /**
+     * 初始化密钥对
+     */
+    initialize(): Promise<void>;
+    /**
+     * 从已有密钥初始化
+     */
+    initializeWithKeyPair(privateKey: Uint8Array, publicKey: Uint8Array): void;
+    /**
+     * 获取公钥 (用于广播)
+     */
+    getPublicKey(): string | null;
+    /**
+     * 注册对等方的公钥
+     */
+    registerPeerPublicKey(peerId: string, publicKeyBase64: string): void;
+    /**
+     * 检查是否可以对等方加密通信
+     */
+    canEncryptTo(peerId: string): boolean;
+    /**
+     * 加密消息
+     */
+    encrypt(peerId: string, plaintext: string, aad?: string): EncryptedMessage | null;
+    /**
+     * 解密消息
+     */
+    decrypt(encrypted: EncryptedMessage): string | null;
+    /**
+     * 从共享密钥派生 AES 密钥
+     * 使用 HKDF (HMAC-based Key Derivation Function) 进行安全密钥派生
+     * @param sharedSecret 共享密钥
+     * @param salt 随机盐值（每次加密使用不同的盐值，提高安全性）
+     */
+    private deriveAESKey;
+    /**
+     * 获取已注册的对等方公钥
+     */
+    getPeerPublicKey(peerId: string): string | null;
+    /**
+     * 序列化密钥对用于存储
+     */
+    exportKeyPair(): {
+        publicKey: string;
+        privateKey: string;
+    } | null;
+    /**
+     * 获取已注册的对等方数量
+     */
+    getRegisteredPeerCount(): number;
+}
+export declare const defaultE2EECrypto: E2EECrypto;
+//# sourceMappingURL=e2ee-crypto.d.ts.map

package/dist/core/e2ee-crypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"e2ee-crypto.d.ts","sourceRoot":"","sources":["../../src/core/e2ee-crypto.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAWH;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,UAAU,CAAC;IACtB,UAAU,EAAE,UAAU,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,wBAAwB;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB;IAChB,EAAE,EAAE,MAAM,CAAC;IACX,WAAW;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,OAAO,CAAkC;IACjD,OAAO,CAAC,cAAc,CAAsC;IAC5D,OAAO,CAAC,aAAa,CAAsC;IAC3D,OAAO,CAAC,MAAM,CAAS;;IAMvB;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAQjC;;OAEG;IACH,qBAAqB,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,GAAG,IAAI;IAI1E;;OAEG;IACH,YAAY,IAAI,MAAM,GAAG,IAAI;IAK7B;;OAEG;IACH,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,IAAI;IAepE;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAIrC;;OAEG;IACH,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,gBAAgB,GAAG,IAAI;IAmDjF;;OAEG;IACH,OAAO,CAAC,SAAS,EAAE,gBAAgB,GAAG,MAAM,GAAG,IAAI;IAuCnD;;;;;OAKG;IACH,OAAO,CAAC,YAAY;IAWpB;;OAEG;IACH,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAK/C;;OAEG;IACH,aAAa,IAAI;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;IAQjE;;OAEG;IACH,sBAAsB,IAAI,MAAM;CAGjC;AAGD,eAAO,MAAM,iBAAiB,YAAmB,CAAC"}

package/dist/core/e2ee-crypto.js

@@ -0,0 +1,190 @@
+/**
+ * 端到端加密模块
+ * 使用 X25519 + AES-256-GCM 实现 Agent 间加密通信
+ */
+import { x25519 } from '@noble/curves/ed25519.js';
+import { randomBytes, createCipheriv, createDecipheriv, hkdfSync } from 'crypto';
+import { Logger } from '../utils/logger.js';
+// AES-256-GCM 参数
+const AES_KEY_SIZE = 32; // 256 bits
+const AES_IV_SIZE = 16; // 128 bits
+const AES_TAG_SIZE = 16; // 128 bits
+/**
+ * 密钥管理器
+ */
+export class E2EECrypto {
+    keyPair = null;
+    peerPublicKeys = new Map();
+    sharedSecrets = new Map();
+    logger;
+    constructor() {
+        this.logger = new Logger({ component: 'E2EE' });
+    }
+    /**
+     * 初始化密钥对
+     */
+    async initialize() {
+        // 生成 X25519 密钥对用于加密
+        const privateKey = x25519.utils.randomSecretKey();
+        const publicKey = x25519.getPublicKey(privateKey);
+        this.keyPair = { publicKey, privateKey };
+    }
+    /**
+     * 从已有密钥初始化
+     */
+    initializeWithKeyPair(privateKey, publicKey) {
+        this.keyPair = { privateKey, publicKey };
+    }
+    /**
+     * 获取公钥 (用于广播)
+     */
+    getPublicKey() {
+        if (!this.keyPair)
+            return null;
+        return Buffer.from(this.keyPair.publicKey).toString('base64');
+    }
+    /**
+     * 注册对等方的公钥
+     */
+    registerPeerPublicKey(peerId, publicKeyBase64) {
+        try {
+            const publicKey = Buffer.from(publicKeyBase64, 'base64');
+            this.peerPublicKeys.set(peerId, publicKey);
+            // 预计算共享密钥
+            if (this.keyPair) {
+                const sharedSecret = x25519.getSharedSecret(this.keyPair.privateKey, publicKey);
+                this.sharedSecrets.set(peerId, sharedSecret);
+            }
+        }
+        catch (error) {
+            this.logger.error('Failed to register public key', { peerId, error });
+        }
+    }
+    /**
+     * 检查是否可以对等方加密通信
+     */
+    canEncryptTo(peerId) {
+        return this.sharedSecrets.has(peerId);
+    }
+    /**
+     * 加密消息
+     */
+    encrypt(peerId, plaintext, aad) {
+        if (!this.keyPair) {
+            this.logger.error('Not initialized');
+            return null;
+        }
+        const sharedSecret = this.sharedSecrets.get(peerId);
+        if (!sharedSecret) {
+            this.logger.error('No shared secret for peer', { peerId });
+            return null;
+        }
+        try {
+            // 生成随机盐值（每次加密使用不同的盐值，提高安全性）
+            const salt = randomBytes(16);
+            // 从共享密钥派生 AES 密钥
+            const aesKey = this.deriveAESKey(sharedSecret, salt);
+            // 生成随机 IV
+            const iv = randomBytes(AES_IV_SIZE);
+            // 创建加密器
+            const cipher = createCipheriv('aes-256-gcm', aesKey, iv);
+            // 添加 AAD (如果有)
+            if (aad) {
+                cipher.setAAD(Buffer.from(aad, 'utf-8'));
+            }
+            // 加密
+            let ciphertext = cipher.update(plaintext, 'utf-8', 'base64');
+            ciphertext += cipher.final('base64');
+            // 获取认证标签
+            const authTag = cipher.getAuthTag();
+            return {
+                senderPublicKey: this.getPublicKey(),
+                iv: iv.toString('base64'),
+                authTag: authTag.toString('base64'),
+                ciphertext,
+                aad,
+                salt: salt.toString('base64')
+            };
+        }
+        catch (error) {
+            this.logger.error('Encryption failed', { error });
+            return null;
+        }
+    }
+    /**
+     * 解密消息
+     */
+    decrypt(encrypted) {
+        if (!this.keyPair) {
+            this.logger.error('Not initialized');
+            return null;
+        }
+        try {
+            // 使用发送方公钥计算共享密钥
+            const senderPublicKey = Buffer.from(encrypted.senderPublicKey, 'base64');
+            const sharedSecret = x25519.getSharedSecret(this.keyPair.privateKey, senderPublicKey);
+            // 使用消息中的盐值派生 AES 密钥（与加密方使用相同的盐值）
+            const salt = encrypted.salt ? Buffer.from(encrypted.salt, 'base64') : Buffer.from('F2A-E2EE-SALT-2024', 'utf-8');
+            const aesKey = this.deriveAESKey(sharedSecret, salt);
+            // 解码参数
+            const iv = Buffer.from(encrypted.iv, 'base64');
+            const authTag = Buffer.from(encrypted.authTag, 'base64');
+            // 创建解密器
+            const decipher = createDecipheriv('aes-256-gcm', aesKey, iv);
+            decipher.setAuthTag(authTag);
+            // 添加 AAD (如果有)
+            if (encrypted.aad) {
+                decipher.setAAD(Buffer.from(encrypted.aad, 'utf-8'));
+            }
+            // 解密
+            let plaintext = decipher.update(encrypted.ciphertext, 'base64', 'utf-8');
+            plaintext += decipher.final('utf-8');
+            return plaintext;
+        }
+        catch (error) {
+            this.logger.error('Decryption failed', { error });
+            return null;
+        }
+    }
+    /**
+     * 从共享密钥派生 AES 密钥
+     * 使用 HKDF (HMAC-based Key Derivation Function) 进行安全密钥派生
+     * @param sharedSecret 共享密钥
+     * @param salt 随机盐值（每次加密使用不同的盐值，提高安全性）
+     */
+    deriveAESKey(sharedSecret, salt) {
+        // HKDF 参数
+        const info = Buffer.from('AES-256-GCM-KEY', 'utf-8'); // 密钥用途标识
+        // 使用 HKDF-SHA256 进行密钥派生
+        // hkdfSync(digest, ikm, salt, info, keylen)
+        const derivedKey = hkdfSync('sha256', sharedSecret, salt, info, AES_KEY_SIZE);
+        return Buffer.from(derivedKey);
+    }
+    /**
+     * 获取已注册的对等方公钥
+     */
+    getPeerPublicKey(peerId) {
+        const publicKey = this.peerPublicKeys.get(peerId);
+        return publicKey ? Buffer.from(publicKey).toString('base64') : null;
+    }
+    /**
+     * 序列化密钥对用于存储
+     */
+    exportKeyPair() {
+        if (!this.keyPair)
+            return null;
+        return {
+            publicKey: Buffer.from(this.keyPair.publicKey).toString('base64'),
+            privateKey: Buffer.from(this.keyPair.privateKey).toString('base64')
+        };
+    }
+    /**
+     * 获取已注册的对等方数量
+     */
+    getRegisteredPeerCount() {
+        return this.peerPublicKeys.size;
+    }
+}
+// 单例导出
+export const defaultE2EECrypto = new E2EECrypto();
+//# sourceMappingURL=e2ee-crypto.js.map