From 5cc2d88ab9dff0c7f4bc5e8575ee9f860470228f Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <look@my.amazin.horse>
Date: Sun, 18 Feb 2024 14:11:08 +0100
Subject: [PATCH] Fix selection of signing or auth subkey if there are multiple
 candidates

Fixes #2879
---
 .../keychain/daos/KeyRepository.java             | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/daos/KeyRepository.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/daos/KeyRepository.java
index 5e5f7ddba..d47c5a4e6 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/daos/KeyRepository.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/daos/KeyRepository.java
@@ -264,11 +264,23 @@ public class KeyRepository extends AbstractDao {
     }
 
     public long getSecretSignId(long masterKeyId) throws NotFoundException {
-        return keysQueries.selectEffectiveSignKeyIdByMasterKeyId(masterKeyId).executeAsOneOrNull();
+        List<Long> candidates =
+                keysQueries.selectEffectiveSignKeyIdByMasterKeyId(masterKeyId).executeAsList();
+        if (candidates.isEmpty()) {
+            throw new NotFoundException();
+        }
+        // If there are multiple candidates for authentication, pick an arbitrary one
+        return candidates.get(0);
     }
 
     public long getEffectiveAuthenticationKeyId(long masterKeyId) throws NotFoundException {
-        return keysQueries.selectEffectiveAuthKeyIdByMasterKeyId(masterKeyId).executeAsOneOrNull();
+        List<Long> candidates =
+                keysQueries.selectEffectiveAuthKeyIdByMasterKeyId(masterKeyId).executeAsList();
+        if (candidates.isEmpty()) {
+            throw new NotFoundException();
+        }
+        // If there are multiple candidates for authentication, pick an arbitrary one
+        return candidates.get(0);
     }
 
     public List<Long> getPublicEncryptionIds(long masterKeyId) {