1.1 --- a/MoinMessageSupport.py Tue Aug 27 23:13:29 2013 +0200
1.2 +++ b/MoinMessageSupport.py Fri Sep 13 01:05:05 2013 +0200
1.3 @@ -63,8 +63,17 @@
1.4 # Detect PGP/GPG-encoded payloads.
1.5 # See: http://tools.ietf.org/html/rfc3156
1.6
1.7 + # Signed payloads are checked and then passed on for further processing
1.8 + # elsewhere. Verification is the last step in this base implementation,
1.9 + # even if an encrypted-then-signed payload is involved.
1.10 +
1.11 if is_signed(message):
1.12 self.handle_signed_message(message)
1.13 +
1.14 + # Encrypted payloads are decrypted and then sent back into this method
1.15 + # for signature checking as described above. Thus, signed-then-encrypted
1.16 + # payloads are first decrypted and then verified.
1.17 +
1.18 elif is_encrypted(message):
1.19 self.handle_encrypted_message(message)
1.20