Calling verify from stdext/crypto/hash with argon2 without a hashed value panics #10
Description
When using @stdext/crypto/hash's verify function with the argon2 algo, a RuntimeError occurs due to a Rust panic when providing the hash parameter a string that isn't a hashed value.
Run this script with Deno:
import { verify } from "jsr:@stdext/crypto/hash";
verify("argon2", "foo", "bar");The result is:
$ deno run -A stdext_argon2_panic.ts
error: Uncaught (in promise) RuntimeError: unreachable
at rust_panic (wasm://wasm/crypto_hash_argon2.wasm-0007c5a2:1:92672)
at std::panicking::rust_panic_with_hook::h33fe77d38d305ca3 (wasm://wasm/crypto_hash_argon2.wasm-0007c5a2:1:85188)
at std::panicking::begin_panic_handler::{{closure}}::h98de848d678bad07 (wasm://wasm/crypto_hash_argon2.wasm-0007c5a2:1:83642)
at std::sys::backtrace::__rust_end_short_backtrace::h2bcfc60c3cf0a312 (wasm://wasm/crypto_hash_argon2.wasm-0007c5a2:1:92658)
at rust_begin_unwind (wasm://wasm/crypto_hash_argon2.wasm-0007c5a2:1:87323)
at core::panicking::panic_fmt::hde8b7aa66e2831e1 (wasm://wasm/crypto_hash_argon2.wasm-0007c5a2:1:87634)
at core::result::unwrap_failed::h472431483d5eea7f (wasm://wasm/crypto_hash_argon2.wasm-0007c5a2:1:84089)
at core::result::Result<T,E>::expect::hcfa2060d935d911a (wasm://wasm/crypto_hash_argon2.wasm-0007c5a2:1:87710)
at verify (wasm://wasm/crypto_hash_argon2.wasm-0007c5a2:1:26667)
at Module.verify (https://jsr.io/@stdext/crypto/0.0.6/_wasm/crypto_hash_argon2.generated.mjs:263:20)I would expect a more descriptive error to occur and the Rust code to not panic.
What if a new error like InvalidHashError was returned with a message like "The hash provided to verify is not a hash using the provided algorithm"?
Thanks for building and maintaining these extensions to the std library, they've been helpful!