Oh yeah I forgot to test that
I just looked at the code and... erm... before importing a private key in an encrypted wallet I don't check if it's the right one (-> todo list'd)
So it makes things easier to test:
- create a dummy encrypted wallet
- pywallet.py --importhex --importprivkey 0123456789012345678901234567890123456789012345678901234567890123 --passphrase anything_that_is_not_the_correct_passphrase
That should import the address corresponding to 01234... but with the bad encrypted private key
See what then happens (I can't test right now)