Do not hide errors from keyrings in verify.

- Fixes #492.

Signed-off-by: Julian Andres Klode <jak@debian.org>

src/commands/verify.rs

@@ -474,7 +474,7 @@ impl<'c, 'store, 'rstore> VerificationHelper for VHelper<'c, 'store, 'rstore>
         // Avoid initializing the certificate store if we don't actually
         // need to.
         if ! ids.is_empty() {
-            if let Ok(Some(cert_store)) = self.sq.cert_store() {
+            if let Some(cert_store) = self.sq.cert_store()? {
                 for id in ids.iter() {
                     for c in cert_store.lookup_by_cert_or_subkey(id)
                         .unwrap_or_default()

tests/integration/sq_verify.rs

@@ -75,6 +75,39 @@ fn sq_verify_bad() -> Result<()> {
     Ok(())
 }
 
+// Ensure bad/missing keyring produce errors
+#[test]
+fn sq_verify_bad_keyring() -> Result<()> {
+    let sq = Sq::new();
+    let msg = artifact("examples/document.pgp");
+
+    let error_doesnotexist = sq.verify_maybe(
+        &["--keyring", "doesnotexist"],
+        Verify::Message,
+        &msg,
+        None
+    );
+
+    assert!(format!("{error_doesnotexist:?}").contains("Open"));
+    assert!(format!("{error_doesnotexist:?}").contains("doesnotexist"));
+
+    // Just use the readme as an invalid keyring
+    let error_invalid = sq.verify_maybe(
+        &[
+            "--keyring",
+            &artifact("examples/README.md").display().to_string(),
+        ],
+        Verify::Message,
+        &msg,
+        None,
+    );
+
+    assert!(format!("{error_invalid:?}").contains("Parsing"));
+    assert!(format!("{error_invalid:?}").contains("examples/README.md"));
+
+    Ok(())
+}
+
 // Make sure --policy-as-of works
 #[test]
 fn sq_verify_policy_as_of() -> Result<()> {