fn verify_against_hash(
password: &SecretString,
parsed_hash: &PasswordHash,
try_legacy_raw: bool,
) -> PasswordVerifyResultExpand description
Verify a password against a stored Argon2 hash, tolerant of Unicode normalization.
When NFC normalization does not change the input (the common case, e.g. any pure-ASCII
password) this performs a single verify. Otherwise it checks the NFC form first (how hashes are
written today) and, only if try_legacy_raw is set, falls back to the raw submitted bytes (how
hashes created before normalization were written). When try_legacy_raw is false the raw form
is not checked at all.