Turns out this is actually pretty interesting. The problem
is that "Puff.getContents()" uses find (with recursive flag
set to true) to determine if there is a message body. If
there is an encrypted fragment, find will just silently pass
by if the decryption of that fragment fails. I could make
find() declare that it throws AuthException, but this would
be a problem if a puff came in with two encrypted fragments,
one which we could decrypt, and the other of which we could not.
I'll attach a patch of how far I've gotten so far, but I'm
going to switch to working on something else.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Logged In: YES
user_id=11717
Turns out this is actually pretty interesting. The problem
is that "Puff.getContents()" uses find (with recursive flag
set to true) to determine if there is a message body. If
there is an encrypted fragment, find will just silently pass
by if the decryption of that fragment fails. I could make
find() declare that it throws AuthException, but this would
be a problem if a puff came in with two encrypted fragments,
one which we could decrypt, and the other of which we could not.
I'll attach a patch of how far I've gotten so far, but I'm
going to switch to working on something else.
investigative work that i've done so far.