Secure Password Hash Manager

Build a password hash manager that securely processes passwords using SHA-256 hashing. The system must properly clean up sensitive data from memory after processing to prevent data leakage.

Requirements

Your implementation should:

1. Accept a password string as input and compute its SHA-256 hash
2. Support batch processing of multiple passwords efficiently
3. Ensure all internal hash state is securely wiped from memory after each operation
4. Return hash results as hexadecimal strings

Security Considerations

The system will handle sensitive password data. It is critical that no password-related information remains in memory after the hashing operation completes. Your implementation must ensure that all internal buffers and state are properly cleared.

Test Cases

• Given password "mysecret123", it computes the correct SHA-256 hash and returns it as a hex string @test
• Given an array of three passwords ["pass1", "pass2", "pass3"], it processes all passwords and returns an array of their hash hex strings @test
• After hashing a password, all internal hash state is cleared and memory does not contain residual sensitive data @test

Implementation

@generates

API

/**
 * Computes the SHA-256 hash of a password string
 * @param password - The password to hash
 * @returns The SHA-256 hash as a hexadecimal string
 */
export function hashPassword(password: string): string;

/**
 * Processes multiple passwords and returns their hashes
 * @param passwords - Array of passwords to hash
 * @returns Array of SHA-256 hashes as hexadecimal strings
 */
export function hashPasswordBatch(passwords: string[]): string[];

Dependencies { .dependencies }

@stablelib/sha256 { .dependency }

Provides SHA-256 cryptographic hashing functionality.