diff --git a/card-functionality/src/tests.rs b/card-functionality/src/tests.rs
index f8c835d..f7e1f10 100644
--- a/card-functionality/src/tests.rs
+++ b/card-functionality/src/tests.rs
@@ -7,6 +7,7 @@ use std::string::FromUtf8Error;
 use thiserror;
 
 use sequoia_openpgp::parse::Parse;
+use sequoia_openpgp::policy::{NullPolicy, StandardPolicy};
 use sequoia_openpgp::serialize::SerializeInto;
 use sequoia_openpgp::Cert;
 
@@ -192,7 +193,9 @@ pub fn test_upload_keys(
 
     let cert = Cert::from_file(param[0])?;
 
-    let meta = util::upload_subkeys(ca, &cert)
+    let p = StandardPolicy::new();
+
+    let meta = util::upload_subkeys(ca, &cert, &p)
         .map_err(|e| TestError::KeyUploadError(param[0].to_string(), e))?;
 
     check_key_upload_metadata(ca, &meta)?;
diff --git a/card-functionality/src/util.rs b/card-functionality/src/util.rs
index c3a201f..2c8d6bb 100644
--- a/card-functionality/src/util.rs
+++ b/card-functionality/src/util.rs
@@ -10,7 +10,7 @@ use sequoia_openpgp::parse::stream::{
     VerificationHelper,
 };
 use sequoia_openpgp::parse::Parse;
-use sequoia_openpgp::policy::StandardPolicy;
+use sequoia_openpgp::policy::{Policy, StandardPolicy};
 use sequoia_openpgp::serialize::stream::{
     Armorer, Encryptor, LiteralWriter, Message,
 };
@@ -26,6 +26,7 @@ pub const SP: &StandardPolicy = &StandardPolicy::new();
 pub(crate) fn upload_subkeys(
     ca: &mut CardApp,
     cert: &Cert,
+    policy: &dyn Policy,
 ) -> Result<Vec<(String, KeyGenerationTime)>> {
     let mut out = vec![];
 
@@ -34,8 +35,7 @@ pub(crate) fn upload_subkeys(
         KeyType::Decryption,
         KeyType::Authentication,
     ] {
-        let sp = StandardPolicy::new();
-        let vka = get_subkey(cert, &sp, *kt)?;
+        let vka = get_subkey(cert, policy, *kt)?;
 
         // store fingerprint as return-value
         let fp = vka.fingerprint().to_hex();