Description: Fix GPG signature verification to wrap all GPGMEError exceptions
 The GPGSignatureVendor.verify() method only caught gpg.errors.BadSignatures,
 but invalid signature data causes a different GPGMEError subclass to be raised.
 .
 This patch catches all GPGMEError exceptions (not just BadSignatures) and wraps
 them in BadSignature exceptions, and updates the test accordingly.
Author: Jelmer Vernooĳ <jelmer@jelmer.uk>
Bug-Debian: https://bugs.debian.org/1126635
Bug-Debian: https://bugs.debian.org/1127667
Forwarded: not-needed
Last-Update: 2026-03-17

Index: dulwich-debian/dulwich/signature.py
===================================================================
--- dulwich-debian.orig/dulwich/signature.py
+++ dulwich-debian/dulwich/signature.py
@@ -306,7 +306,7 @@ class GPGSignatureVendor(SignatureSigner
                         signing_keys=signing_fprs,
                         trusted_keys=list(self.keyids),
                     )
-        except gpg.errors.BadSignatures as e:
+        except gpg.errors.GPGMEError as e:
             raise BadSignature(f"GPG signature verification failed: {e}") from e
 
 
Index: dulwich-debian/tests/test_signature.py
===================================================================
--- dulwich-debian.orig/tests/test_signature.py
+++ dulwich-debian/tests/test_signature.py
@@ -142,11 +142,13 @@ class GPGSignatureVendorTests(unittest.T
 
     def test_verify_invalid_signature(self) -> None:
         """Test that verify raises an error for invalid signatures."""
+        from dulwich.signature import BadSignature
+
         vendor = GPGSignatureVendor()
         test_data = b"test data"
         invalid_signature = b"this is not a valid signature"
 
-        with self.assertRaises(gpg.errors.GPGMEError):
+        with self.assertRaises(BadSignature):
             vendor.verify(test_data, invalid_signature)
 
     def test_sign_with_keyid(self) -> None:
