@f2a/network 0.1.3 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +278 -63
- package/dist/cli/commands.d.ts.map +1 -1
- package/dist/cli/commands.js +29 -2
- package/dist/cli/commands.js.map +1 -1
- package/dist/cli/config.d.ts +176 -0
- package/dist/cli/config.d.ts.map +1 -0
- package/dist/cli/config.js +386 -0
- package/dist/cli/config.js.map +1 -0
- package/dist/cli/daemon.d.ts +54 -0
- package/dist/cli/daemon.d.ts.map +1 -0
- package/dist/cli/daemon.js +572 -0
- package/dist/cli/daemon.js.map +1 -0
- package/dist/cli/index.js +90 -16
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/init.d.ts +13 -0
- package/dist/cli/init.d.ts.map +1 -0
- package/dist/cli/init.js +352 -0
- package/dist/cli/init.js.map +1 -0
- package/dist/core/e2ee-crypto.d.ts +127 -1
- package/dist/core/e2ee-crypto.d.ts.map +1 -1
- package/dist/core/e2ee-crypto.js +446 -12
- package/dist/core/e2ee-crypto.js.map +1 -1
- package/dist/core/f2a.d.ts +2 -1
- package/dist/core/f2a.d.ts.map +1 -1
- package/dist/core/f2a.js +6 -2
- package/dist/core/f2a.js.map +1 -1
- package/dist/core/identity/encrypted-key-store.d.ts +19 -0
- package/dist/core/identity/encrypted-key-store.d.ts.map +1 -0
- package/dist/core/identity/encrypted-key-store.js +72 -0
- package/dist/core/identity/encrypted-key-store.js.map +1 -0
- package/dist/core/identity/identity-manager.d.ts +133 -0
- package/dist/core/identity/identity-manager.d.ts.map +1 -0
- package/dist/core/identity/identity-manager.js +454 -0
- package/dist/core/identity/identity-manager.js.map +1 -0
- package/dist/core/identity/index.d.ts +8 -0
- package/dist/core/identity/index.d.ts.map +1 -0
- package/dist/core/identity/index.js +7 -0
- package/dist/core/identity/index.js.map +1 -0
- package/dist/core/identity/types.d.ts +70 -0
- package/dist/core/identity/types.d.ts.map +1 -0
- package/dist/core/identity/types.js +17 -0
- package/dist/core/identity/types.js.map +1 -0
- package/dist/core/p2p-network.d.ts +26 -0
- package/dist/core/p2p-network.d.ts.map +1 -1
- package/dist/core/p2p-network.js +434 -105
- package/dist/core/p2p-network.js.map +1 -1
- package/dist/core/reputation-security.d.ts +15 -0
- package/dist/core/reputation-security.d.ts.map +1 -1
- package/dist/core/reputation-security.js +73 -3
- package/dist/core/reputation-security.js.map +1 -1
- package/dist/core/reputation.d.ts +129 -4
- package/dist/core/reputation.d.ts.map +1 -1
- package/dist/core/reputation.js +294 -1
- package/dist/core/reputation.js.map +1 -1
- package/dist/core/review-committee.d.ts +2 -2
- package/dist/core/review-committee.d.ts.map +1 -1
- package/dist/core/review-committee.js +17 -0
- package/dist/core/review-committee.js.map +1 -1
- package/dist/daemon/control-server.d.ts.map +1 -1
- package/dist/daemon/control-server.js +44 -1
- package/dist/daemon/control-server.js.map +1 -1
- package/dist/daemon/webhook.d.ts +3 -0
- package/dist/daemon/webhook.d.ts.map +1 -1
- package/dist/daemon/webhook.js +318 -6
- package/dist/daemon/webhook.js.map +1 -1
- package/dist/index.d.ts +3 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -3
- package/dist/index.js.map +1 -1
- package/dist/types/index.d.ts +4 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js.map +1 -1
- package/dist/types/result.d.ts +1 -1
- package/dist/types/result.d.ts.map +1 -1
- package/dist/types/result.js.map +1 -1
- package/dist/utils/crypto-utils.d.ts +17 -0
- package/dist/utils/crypto-utils.d.ts.map +1 -0
- package/dist/utils/crypto-utils.js +28 -0
- package/dist/utils/crypto-utils.js.map +1 -0
- package/dist/utils/logger.d.ts +1 -0
- package/dist/utils/logger.d.ts.map +1 -1
- package/dist/utils/logger.js +9 -3
- package/dist/utils/logger.js.map +1 -1
- package/dist/utils/rate-limiter.d.ts.map +1 -1
- package/dist/utils/rate-limiter.js +3 -1
- package/dist/utils/rate-limiter.js.map +1 -1
- package/dist/utils/signature.d.ts +47 -1
- package/dist/utils/signature.d.ts.map +1 -1
- package/dist/utils/signature.js +166 -11
- package/dist/utils/signature.js.map +1 -1
- package/package.json +2 -1
|
@@ -26,21 +26,81 @@ export interface EncryptedMessage {
|
|
|
26
26
|
/** 密钥派生使用的随机盐值(每次加密随机生成) */
|
|
27
27
|
salt: string;
|
|
28
28
|
}
|
|
29
|
+
/**
|
|
30
|
+
* P1-2 修复:密钥确认挑战
|
|
31
|
+
*/
|
|
32
|
+
export interface KeyConfirmationChallenge {
|
|
33
|
+
/** 挑战随机数 */
|
|
34
|
+
challenge: string;
|
|
35
|
+
/** 发送方标识 */
|
|
36
|
+
senderId: string;
|
|
37
|
+
/** 时间戳防止重放 */
|
|
38
|
+
timestamp: number;
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* P1-2 修复:密钥确认响应
|
|
42
|
+
*/
|
|
43
|
+
export interface KeyConfirmationResponse {
|
|
44
|
+
/** 对挑战的响应(用共享密钥加密的挑战数据) */
|
|
45
|
+
challengeResponse: string;
|
|
46
|
+
/** 反向挑战随机数 */
|
|
47
|
+
counterChallenge: string;
|
|
48
|
+
/** 发送方标识 */
|
|
49
|
+
senderId: string;
|
|
50
|
+
/** 时间戳 */
|
|
51
|
+
timestamp: number;
|
|
52
|
+
}
|
|
29
53
|
/**
|
|
30
54
|
* 密钥管理器
|
|
55
|
+
* P2-1 修复:实现 Disposable 接口
|
|
31
56
|
*/
|
|
32
|
-
export declare class E2EECrypto {
|
|
57
|
+
export declare class E2EECrypto implements Disposable {
|
|
33
58
|
private keyPair;
|
|
34
59
|
private peerPublicKeys;
|
|
35
60
|
private sharedSecrets;
|
|
36
61
|
private logger;
|
|
62
|
+
/** P2-10 修复:IV 使用记录,用于检测 IV 重用 */
|
|
63
|
+
private usedIVs;
|
|
64
|
+
/** P2-10 修复:IV 重用警告阈值 */
|
|
65
|
+
private static readonly IV_REUSE_WARN_THRESHOLD;
|
|
66
|
+
/** P1-2 修复:待处理的密钥确认挑战 */
|
|
67
|
+
private pendingChallenges;
|
|
68
|
+
/** P1-2 修复:已确认的密钥 */
|
|
69
|
+
private keyConfirmed;
|
|
70
|
+
/** P1-1 修复:挑战清理定时器 */
|
|
71
|
+
private challengeCleanupTimer;
|
|
72
|
+
/** P1-1 修复:挑战过期时间(5分钟) */
|
|
73
|
+
private static readonly CHALLENGE_EXPIRY_MS;
|
|
74
|
+
/** P1-1 修复:清理间隔(每分钟) */
|
|
75
|
+
private static readonly CHALLENGE_CLEANUP_INTERVAL_MS;
|
|
37
76
|
constructor();
|
|
77
|
+
/**
|
|
78
|
+
* P1-1 修复:启动挑战清理定时器
|
|
79
|
+
*/
|
|
80
|
+
private startChallengeCleanup;
|
|
81
|
+
/**
|
|
82
|
+
* P1-2 修复:注销对等方,清理所有相关资源
|
|
83
|
+
* P1-4 修复:删除共享密钥前先零填充
|
|
84
|
+
* @param peerId 对等方标识
|
|
85
|
+
*/
|
|
86
|
+
unregisterPeer(peerId: string): void;
|
|
87
|
+
/**
|
|
88
|
+
* P1-1 修复:停止清理定时器,释放资源
|
|
89
|
+
* P1-4 修复:清理共享密钥前先零填充
|
|
90
|
+
* R2-1 修复:零填充 privateKey,最敏感的密钥材料
|
|
91
|
+
*/
|
|
92
|
+
stop(): void;
|
|
93
|
+
/**
|
|
94
|
+
* P2-1 修复:实现 Disposable 接口
|
|
95
|
+
*/
|
|
96
|
+
[Symbol.dispose](): void;
|
|
38
97
|
/**
|
|
39
98
|
* 初始化密钥对
|
|
40
99
|
*/
|
|
41
100
|
initialize(): Promise<void>;
|
|
42
101
|
/**
|
|
43
102
|
* 从已有密钥初始化
|
|
103
|
+
* P1-2: 添加输入验证
|
|
44
104
|
*/
|
|
45
105
|
initializeWithKeyPair(privateKey: Uint8Array, publicKey: Uint8Array): void;
|
|
46
106
|
/**
|
|
@@ -49,12 +109,21 @@ export declare class E2EECrypto {
|
|
|
49
109
|
getPublicKey(): string | null;
|
|
50
110
|
/**
|
|
51
111
|
* 注册对等方的公钥
|
|
112
|
+
* P2-3 修复:使用 Uint8Array.slice() 创建不可变副本
|
|
52
113
|
*/
|
|
53
114
|
registerPeerPublicKey(peerId: string, publicKeyBase64: string): void;
|
|
54
115
|
/**
|
|
55
116
|
* 检查是否可以对等方加密通信
|
|
56
117
|
*/
|
|
57
118
|
canEncryptTo(peerId: string): boolean;
|
|
119
|
+
/**
|
|
120
|
+
* P2-13 修复:提取独立的 IV 生成方法,处理碰撞检测
|
|
121
|
+
* P1-4 修复:添加最多 10 次尝试的循环逻辑
|
|
122
|
+
* P2-2 修复:当 ivSet 不存在时,创建并记录 IV,防止重用
|
|
123
|
+
* @param peerId 对等方标识
|
|
124
|
+
* @returns 唯一的 IV,如果无法生成则抛出错误
|
|
125
|
+
*/
|
|
126
|
+
private generateUniqueIV;
|
|
58
127
|
/**
|
|
59
128
|
* 加密消息
|
|
60
129
|
*/
|
|
@@ -85,6 +154,63 @@ export declare class E2EECrypto {
|
|
|
85
154
|
* 获取已注册的对等方数量
|
|
86
155
|
*/
|
|
87
156
|
getRegisteredPeerCount(): number;
|
|
157
|
+
/**
|
|
158
|
+
* P1-2 修复:生成密钥确认挑战
|
|
159
|
+
* 在密钥交换后,用于验证双方拥有相同的共享密钥
|
|
160
|
+
* @param peerId 对等方标识
|
|
161
|
+
* @returns 挑战数据
|
|
162
|
+
*/
|
|
163
|
+
generateKeyConfirmationChallenge(peerId: string): KeyConfirmationChallenge | null;
|
|
164
|
+
/**
|
|
165
|
+
* P1-2 修复:响应密钥确认挑战
|
|
166
|
+
* 使用共享密钥加密挑战数据作为证明
|
|
167
|
+
* @param peerId 对等方标识
|
|
168
|
+
* @param challenge 收到的挑战
|
|
169
|
+
* @returns 响应数据和反向挑战
|
|
170
|
+
*/
|
|
171
|
+
respondToKeyConfirmationChallenge(peerId: string, challenge: KeyConfirmationChallenge): KeyConfirmationResponse | null;
|
|
172
|
+
/**
|
|
173
|
+
* P2-14 修复:提取公共的挑战响应验证逻辑
|
|
174
|
+
* @param peerId 对等方标识
|
|
175
|
+
* @param response 实际收到的响应
|
|
176
|
+
* @param expectedChallenge 原始挑战数据
|
|
177
|
+
* @returns 验证结果
|
|
178
|
+
*/
|
|
179
|
+
private verifyChallengeResponse;
|
|
180
|
+
/**
|
|
181
|
+
* P1-2 修复:验证密钥确认响应并响应反向挑战
|
|
182
|
+
* 完成双向密钥确认
|
|
183
|
+
* @param peerId 对等方标识
|
|
184
|
+
* @param response 收到的响应
|
|
185
|
+
* @param originalChallenge 原始挑战数据
|
|
186
|
+
* @returns 反向挑战的响应,如果验证失败返回 null
|
|
187
|
+
*/
|
|
188
|
+
verifyKeyConfirmationResponse(peerId: string, response: KeyConfirmationResponse, originalChallenge: string): {
|
|
189
|
+
success: boolean;
|
|
190
|
+
counterChallengeResponse?: string;
|
|
191
|
+
};
|
|
192
|
+
/**
|
|
193
|
+
* P1-2 修复:验证反向挑战的响应
|
|
194
|
+
* P1-5 修复:使用 HMAC 而非 Hash
|
|
195
|
+
* @param peerId 对等方标识
|
|
196
|
+
* @param counterChallengeResponse 反向挑战的响应
|
|
197
|
+
* @param originalCounterChallenge 原始反向挑战
|
|
198
|
+
* @returns 验证结果
|
|
199
|
+
*/
|
|
200
|
+
verifyCounterChallengeResponse(peerId: string, counterChallengeResponse: string, originalCounterChallenge: string): boolean;
|
|
201
|
+
/**
|
|
202
|
+
* P1-2 修复:检查与对等方的密钥是否已确认
|
|
203
|
+
*/
|
|
204
|
+
isKeyConfirmed(peerId: string): boolean;
|
|
205
|
+
/**
|
|
206
|
+
* P1-2 修复:执行完整的双向密钥确认流程
|
|
207
|
+
* 这是一个便捷方法,封装了完整的确认流程
|
|
208
|
+
* @param peerId 对等方标识
|
|
209
|
+
* @param sendChallenge 发送挑战的函数
|
|
210
|
+
* @param receiveResponse 接收响应的函数
|
|
211
|
+
* @returns 确认是否成功
|
|
212
|
+
*/
|
|
213
|
+
confirmKeyExchange(peerId: string, sendChallenge: (challenge: KeyConfirmationChallenge) => Promise<KeyConfirmationResponse | null>, receiveCounterResponse?: (counterResponse: string) => Promise<boolean>): Promise<boolean>;
|
|
88
214
|
}
|
|
89
215
|
export declare const defaultE2EECrypto: E2EECrypto;
|
|
90
216
|
//# sourceMappingURL=e2ee-crypto.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"e2ee-crypto.d.ts","sourceRoot":"","sources":["../../src/core/e2ee-crypto.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"e2ee-crypto.d.ts","sourceRoot":"","sources":["../../src/core/e2ee-crypto.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAcH;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,UAAU,CAAC;IACtB,UAAU,EAAE,UAAU,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,wBAAwB;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB;IAChB,EAAE,EAAE,MAAM,CAAC;IACX,WAAW;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,YAAY;IACZ,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,2BAA2B;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc;IACd,gBAAgB,EAAE,MAAM,CAAC;IACzB,YAAY;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU;IACV,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,qBAAa,UAAW,YAAW,UAAU;IAC3C,OAAO,CAAC,OAAO,CAAkC;IACjD,OAAO,CAAC,cAAc,CAAsC;IAC5D,OAAO,CAAC,aAAa,CAAsC;IAC3D,OAAO,CAAC,MAAM,CAAS;IAEvB,kCAAkC;IAClC,OAAO,CAAC,OAAO,CAAuC;IACtD,yBAAyB;IACzB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAAQ;IAEvD,yBAAyB;IACzB,OAAO,CAAC,iBAAiB,CAAoE;IAC7F,qBAAqB;IACrB,OAAO,CAAC,YAAY,CAAmC;IAEvD,sBAAsB;IACtB,OAAO,CAAC,qBAAqB,CAA+C;IAC5E,0BAA0B;IAC1B,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAiB;IAC5D,wBAAwB;IACxB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,6BAA6B,CAAa;;IAOlE;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAgB7B;;;;OAIG;IACH,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IA2BpC;;;;OAIG;IACH,IAAI,IAAI,IAAI;IA2BZ;;OAEG;IACH,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI;IAIxB;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAQjC;;;OAGG;IACH,qBAAqB,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,GAAG,IAAI;IA6B1E;;OAEG;IACH,YAAY,IAAI,MAAM,GAAG,IAAI;IAK7B;;;OAGG;IACH,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,IAAI;IAyBpE;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAIrC;;;;;;OAMG;IACH,OAAO,CAAC,gBAAgB;IA2CxB;;OAEG;IACH,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,gBAAgB,GAAG,IAAI;IAoDjF;;OAEG;IACH,OAAO,CAAC,SAAS,EAAE,gBAAgB,GAAG,MAAM,GAAG,IAAI;IAuEnD;;;;;OAKG;IACH,OAAO,CAAC,YAAY;IAWpB;;OAEG;IACH,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAK/C;;OAEG;IACH,aAAa,IAAI;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;IAQjE;;OAEG;IACH,sBAAsB,IAAI,MAAM;IAIhC;;;;;OAKG;IACH,gCAAgC,CAAC,MAAM,EAAE,MAAM,GAAG,wBAAwB,GAAG,IAAI;IA+BjF;;;;;;OAMG;IACH,iCAAiC,CAC/B,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,wBAAwB,GAClC,uBAAuB,GAAG,IAAI;IAyDjC;;;;;;OAMG;IACH,OAAO,CAAC,uBAAuB;IA+B/B;;;;;;;OAOG;IACH,6BAA6B,CAC3B,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,uBAAuB,EACjC,iBAAiB,EAAE,MAAM,GACxB;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,wBAAwB,CAAC,EAAE,MAAM,CAAA;KAAE;IA4C1D;;;;;;;OAOG;IACH,8BAA8B,CAC5B,MAAM,EAAE,MAAM,EACd,wBAAwB,EAAE,MAAM,EAChC,wBAAwB,EAAE,MAAM,GAC/B,OAAO;IAeV;;OAEG;IACH,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAKvC;;;;;;;OAOG;IACG,kBAAkB,CACtB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,CAAC,SAAS,EAAE,wBAAwB,KAAK,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC,EAC/F,sBAAsB,CAAC,EAAE,CAAC,eAAe,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,GACrE,OAAO,CAAC,OAAO,CAAC;CA4CpB;AAGD,eAAO,MAAM,iBAAiB,YAAmB,CAAC"}
|