sS assertSHA256(S s) {
  if (!isSHA256(s))
    fail("Not an SHA-256 signature: " + s);
  ret s;
}