From f3862d5fd96cbf27c91d5e8fd718bcffe90c870e Mon Sep 17 00:00:00 2001
From: Manuel Kasper <mk@neon1.net>
Date: Tue, 18 Aug 2015 13:27:31 +0200
Subject: [PATCH 1/2] Fix Salsa20 for inputs > 16 KB

---
 Salsa20/Salsa20.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Salsa20/Salsa20.php b/Salsa20/Salsa20.php
index a61f286..331b232 100644
--- a/Salsa20/Salsa20.php
+++ b/Salsa20/Salsa20.php
@@ -170,7 +170,7 @@ function stream($out, $m, $mlen ,$n, $k) {
 			$u = 1;
 			for ($i = 8;$i < 16;++$i) {
 				$u += $z[$i];
-				$z[$i] = $u;
+				$z[$i] = $u & 0xff;
 				$u >>= 8;
 			}
 

From 9b54590a93a181014c4db573a48f8eda2975bb74 Mon Sep 17 00:00:00 2001
From: Manuel Kasper <mk@mbpmk-3.local>
Date: Mon, 14 Mar 2016 16:05:40 +0100
Subject: [PATCH 2/2] Fix generating single random bytes

Would fail randomly if generated byte was ASCII '0'
---
 Salt.php | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/Salt.php b/Salt.php
index 809bbfd..8031bf1 100644
--- a/Salt.php
+++ b/Salt.php
@@ -73,21 +73,19 @@ public static function instance() {
 	 * @return string
 	 */
 	public static function randombytes($length = 32) {
-		$raw = '';
+		$raw = false;
 		if (is_readable('/dev/urandom')) {
-			$fp = true;
-			if ($fp === true) {
-				$fp = @fopen('/dev/urandom', 'rb');
-			}
-			if ($fp !== true && $fp !== false) {
+			$fp = @fopen('/dev/urandom', 'rb');
+			if ($fp !== false) {
 				$raw = fread($fp, $length);
+				fclose($fp);
 			}
 		} else if (function_exists('mcrypt_create_iv')) {
 			$raw = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
 		} else if (function_exists('openssl_random_pseudo_bytes')) {
 			$raw = openssl_random_pseudo_bytes($length);
 		}
-		if (!$raw || strlen($raw) !== $length) {
+		if ($raw === false || strlen($raw) !== $length) {
 			throw new SaltException('Unable to generate randombytes');
 		}
 		return $raw;