// I guess if you really want to try a Verify that might fail and catch // the exception, then the AssumeValidToken won't happen in that case. public void Verify(TParams theParams, string tokenValue) { RawVerifyWrapper(theParams, tokenValue); // I'm not sure this is necessary; hopefully it won't hurt. VProgram_API.Assert(tokenValue != null); VProgram_API.AssumeValidToken(tokenValue, theParams); }
// I guess if you really want to try a Verify that might fail and catch // the exception, then the AssumeValidSecret won't happen in that case. public void Verify(TParams theParams, Secret secret) { RawVerifyWrapper(theParams, secret); // I'm not sure this is necessary; hopefully it won't hurt. VProgram_API.Assert(secret.secretValue != null); VProgram_API.AssumeValidSecret(secret.secretValue, theParams, GetReaders(theParams)); }
// To prevent a secret value from being leaked by passing it to a // PayloadSecretGenerator for the wrong secret format, which thinks the // secret part is a public part and extracts it, these methods are // restricted to be called only via a MessageStructure on import. TBD // what to do if this doesn't end up meeting our needs. internal void ExtractUnverified(PayloadSecret <TMessage> secret) { secret.theParams = RawExtractUnverified(secret.secretValue); VProgram_API.Assert(secret.theParams != null); }