From 2f381aee9a02be6b20ac30f5b8d6630ef68fe66d Mon Sep 17 00:00:00 2001
From: Martin Vrachev <mvrachev@vmware.com>
Date: Tue, 8 Feb 2022 12:18:55 +0200
Subject: [PATCH] verify_signature(): handle SerializationError

We should handle the possible SerializationError inside
Key.verify_signature(), because the user of this API is not interested
in SerializationError when he is trying to verify his signature.

Note that the SerializationError can be thrown when calling
signed_serializer.serialize() on the metadata signed part.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
---
 tuf/api/metadata.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tuf/api/metadata.py b/tuf/api/metadata.py
index d7c4e1231e..08fa43d783 100644
--- a/tuf/api/metadata.py
+++ b/tuf/api/metadata.py
@@ -60,6 +60,7 @@
 from tuf.api.serialization import (
     MetadataDeserializer,
     MetadataSerializer,
+    SerializationError,
     SignedSerializer,
 )
 
@@ -670,6 +671,7 @@ def verify_signature(
             sslib_exceptions.CryptoError,
             sslib_exceptions.FormatError,
             sslib_exceptions.UnsupportedAlgorithmError,
+            SerializationError,
         ) as e:
             raise exceptions.UnsignedMetadataError(
                 f"Failed to verify {self.keyid} signature"