Megolm export: Clear bit 63 of the salt

src/utils/MegolmExportEncryption.js

@@ -106,6 +106,12 @@ export function encryptMegolmKeyFile(data, password, options) {
 
     const salt = new Uint8Array(16);
     window.crypto.getRandomValues(salt);
+
+    // clear bit 63 of the salt to stop us hitting the 64-bit counter boundary
+    // (which would mean we wouldn't be able to decrypt on Android). The loss
+    // of a single bit of salt is a price we have to pay.
+    salt[9] &= 0x7f;
+
     const iv = new Uint8Array(16);
     window.crypto.getRandomValues(iv);