diff --git a/nkms/crypto/encrypting_keypair.py b/nkms/crypto/encrypting_keypair.py
index f8f644758..b90c17c64 100644
--- a/nkms/crypto/encrypting_keypair.py
+++ b/nkms/crypto/encrypting_keypair.py
@@ -156,12 +156,12 @@ class EncryptingKeypair(object):
                     ekey=ec.deserialize(self.pre.ecgroup, share[0][0][0]),
                     re_id=share[0][0][1])
                  for share in shares]
-        ekey = self.pre.combine(shares)
+        ekey = self.pre.combine(ekeys)
         ekey = (ec.serialize(ekey.ekey), ekey.re_id)
 
         # Everything except ekey is the same for all shares!
         # TODO instead of trusting the first share, trust the majority
-        return (ekey, ekeys[0][0][1]), ekeys[0][1]
+        return (ekey, shares[0][0][1]), shares[0][1]
 
     def split_rekey(self,
                     pubkey: bytes,
diff --git a/tests/crypto/test_encrypting_keypair.py b/tests/crypto/test_encrypting_keypair.py
index 0d0d2da8e..eb55726f1 100644
--- a/tests/crypto/test_encrypting_keypair.py
+++ b/tests/crypto/test_encrypting_keypair.py
@@ -40,7 +40,7 @@ def test_reencrypt_m_n(num_shares, min_shares):
     data = b'Hello Bob'
     alice = EncryptingKeypair()
     bob = EncryptingKeypair()
-    ursulas = [EncryptingKeypair() for i in min_shares]
+    ursulas = [EncryptingKeypair() for i in range(min_shares)]
 
     e = alice.encrypt(data)
     re_ab = alice.split_rekey(bob.pub_key, min_shares, num_shares)