From 543b5ad0686f130501cf86d40ad926f857933d00 Mon Sep 17 00:00:00 2001
From: Jakob Rieck <jakobrieck@gmail.com>
Date: Mon, 27 Aug 2018 11:42:49 +0200
Subject: [PATCH] Fixes padding for blocksizes > 256

---
 src/libsodium/sodium/utils.c | 3 ++-
 test/default/sodium_utils.c  | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/libsodium/sodium/utils.c b/src/libsodium/sodium/utils.c
index 3a5f835b..eb10154e 100644
--- a/src/libsodium/sodium/utils.c
+++ b/src/libsodium/sodium/utils.c
@@ -695,7 +695,8 @@ sodium_pad(size_t *padded_buflen_p, unsigned char *buf,
     }
     mask = 0U;
     for (i = 0; i < blocksize; i++) {
-        barrier_mask = (unsigned char) (((i ^ xpadlen) - 1U) >> 8);
+        barrier_mask = (unsigned char)(((i ^ xpadlen) - 1U)
+           >> ((sizeof(size_t) - 1) * CHAR_BIT));
         tail[-i] = (tail[-i] & mask) | (0x80 & barrier_mask);
         mask |= barrier_mask;
     }
diff --git a/test/default/sodium_utils.c b/test/default/sodium_utils.c
index db760cb1..24073f7a 100644
--- a/test/default/sodium_utils.c
+++ b/test/default/sodium_utils.c
@@ -144,7 +144,7 @@ main(void)
 
     for (i = 0; i < 2000U; i++) {
         bin_len = randombytes_uniform(200U);
-        blocksize = 1U + randombytes_uniform(100U);
+        blocksize = 1U + randombytes_uniform(500U);
         bin_padded_maxlen = bin_len + (blocksize - bin_len % blocksize);
         bin_padded = (unsigned char *) sodium_malloc(bin_padded_maxlen);
         randombytes_buf(bin_padded, bin_padded_maxlen);