# @hua-labs/security - AI Documentation # Version: 1.0.0-alpha.1 # Auto-generated by generate-docs — do not edit manually package: name: "@hua-labs/security" version: "1.0.0-alpha.1" description: "HUA Labs Security - Encryption, Rate Limiting, Abuse Detection, and more" license: "MIT" overview: "Unified security toolkit with Free/Pro tiers. Free tier provides encryption (AES-256-GCM, PBKDF2), rate limiting (memory + Redis), password validation, and key management with zero external dependencies. Pro tier adds KMS envelope encryption, abuse pattern detection, and token estimation." exports: main: path: "@hua-labs/security" provides: - name: "ENCRYPTION_CONSTANTS" type: "component" description: "" - name: "encryptSmart" type: "function" description: "Encrypt with best available method (KMS or PBKDF2)" - name: "decryptSmart" type: "function" description: "Decrypt with auto-format detection" - name: "getEncryptionMethod" type: "function" description: "" - name: "pbkdf2Encrypt" type: "function" description: "" - name: "pbkdf2Decrypt" type: "function" description: "" - name: "isPBKDF2Format" type: "function" description: "" - name: "generateSecureKey" type: "function" description: "" - name: "checkKeyStrength" type: "function" description: "" - name: "hashSHA256" type: "function" description: "" - name: "hashSHA512" type: "function" description: "" - name: "createHMAC" type: "function" description: "" - name: "verifyHMAC" type: "function" description: "" - name: "secureCompare" type: "function" description: "" - name: "hashUserData" type: "function" description: "" - name: "isKMSEnabled" type: "function" description: "" - name: "envelopeEncrypt" type: "function" description: "Direct KMS envelope encryption" - name: "envelopeDecrypt" type: "function" description: "Direct KMS envelope decryption" - name: "isEnvelopeFormat" type: "function" description: "" - name: "resetKMSClient" type: "function" description: "" - name: "createMemoryRateLimiter" type: "function" description: "Create in-memory rate limiter instance" - name: "RateLimitExceededError" type: "component" description: "" - name: "createStorageRateLimiter" type: "function" description: "Create storage-backed rate limiter (Redis, DB)" - name: "RATE_LIMIT_PRESETS" type: "const" description: "Built-in presets (default, auth, diary, search, analyze, sensitive)" - name: "validatePassword" type: "function" description: "Validate password strength with bilingual messages" - name: "getClientIP" type: "function" description: "Extract client IP from request headers" - name: "getUserAgent" type: "function" description: "Extract user agent from request headers" - name: "isAllowedBot" type: "function" description: "" - name: "isNormalMobileUserAgent" type: "function" description: "" - name: "isSuspiciousUserAgent" type: "function" description: "" - name: "KeyManager" type: "class" description: "Config-based encryption key manager" - name: "EncryptionConfig" type: "type" description: "" - name: "EncryptedPayload" type: "type" description: "" - name: "RateLimitResult" type: "type" description: "" - name: "MemoryRateLimiterConfig" type: "type" description: "" - name: "RateLimitPreset" type: "type" description: "" - name: "RateLimitPresetName" type: "type" description: "" - name: "RequestWithHeaders" type: "type" description: "" - name: "KeyType" type: "type" description: "" - name: "KeyInfo" type: "type" description: "" - name: "KeyManagerConfig" type: "type" description: "" subpaths: - path: "@hua-labs/security/server" description: "Server-only exports (prevents client-side import)" - path: "@hua-labs/security/pro" description: "Pro tier: KMS, abuse detection, token estimation" - path: "@hua-labs/security/client" description: "Browser-only exports (InvisibleCaptcha)" - path: "@hua-labs/security/adapters" description: "Storage adapters (StorageAdapter, RedisAdapter)" features: - "Envelope encryption — KMS-managed keys with AES-256-GCM + PBKDF2 fallback" - "Smart detection — Auto-detects KMS (v2) and legacy PBKDF2 formats" - "Rate limiting — Memory + Storage-backed (Redis), with built-in presets" - "Password validation — Strength checks with bilingual error messages" - "Client identity — Framework-agnostic IP/UA extraction and bot detection" - "Key management — Config-based key rotation without app dependencies" - "Abuse detection — Jailbreak/injection pattern matching engine" - "Token estimation — LLM operation cost estimation" - "Invisible CAPTCHA — Behavioral bot detection (browser-only)" related_packages: - "@hua-labs/hua" compatibility: node: ">=20.0.0"