salsa20: remove the SSE2 backend (#446)

Closes #445

Author: newpavlov

salsa20/src/backends.rs

@@ -1,3 +1 @@
 pub(crate) mod soft;
-#[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
-pub(crate) mod sse2;

salsa20/src/backends/sse2.rs

@@ -73,8 +73,6 @@
     html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg"
 )]
 #![warn(missing_docs, rust_2018_idioms, trivial_casts, unused_qualifications)]
-
-use cfg_if::cfg_if;
 pub use cipher;
 
 use cipher::{
@@ -178,17 +176,6 @@ impl<R: Unsigned> KeyIvInit for SalsaCore<R> {
 
         state[15] = CONSTANTS[3];
 
-        cfg_if! {
-            if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
-                state = [
-                    state[0], state[5], state[10], state[15],
-                    state[4], state[9], state[14], state[3],
-                    state[8], state[13], state[2], state[7],
-                    state[12], state[1], state[6], state[11],
-                ];
-            }
-        }
-
         Self {
             state,
             rounds: PhantomData,
@@ -203,15 +190,7 @@ impl<R: Unsigned> StreamCipherCore for SalsaCore<R> {
         rem.try_into().ok()
     }
     fn process_with_backend(&mut self, f: impl StreamCipherClosure<BlockSize = Self::BlockSize>) {
-        cfg_if! {
-            if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
-                unsafe {
-                    backends::sse2::inner::<R, _>(&mut self.state, f);
-                }
-            } else {
-                f.call(&mut backends::soft::Backend(self));
-            }
-        }
+        f.call(&mut backends::soft::Backend(self));
     }
 }
 
@@ -220,28 +199,13 @@ impl<R: Unsigned> StreamCipherSeekCore for SalsaCore<R> {
 
     #[inline(always)]
     fn get_block_pos(&self) -> u64 {
-        cfg_if! {
-            if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
-                (self.state[8] as u64) + ((self.state[5] as u64) << 32)
-            }
-            else {
-                (self.state[8] as u64) + ((self.state[9] as u64) << 32)
-            }
-        }
+        (self.state[8] as u64) + ((self.state[9] as u64) << 32)
     }
 
     #[inline(always)]
     fn set_block_pos(&mut self, pos: u64) {
-        cfg_if! {
-            if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
-                self.state[8] = (pos & 0xffff_ffff) as u32;
-                self.state[5] = ((pos >> 32) & 0xffff_ffff) as u32;
-            }
-            else {
-                self.state[8] = (pos & 0xffff_ffff) as u32;
-                self.state[9] = ((pos >> 32) & 0xffff_ffff) as u32;
-            }
-        }
+        self.state[8] = (pos & 0xffff_ffff) as u32;
+        self.state[9] = ((pos >> 32) & 0xffff_ffff) as u32;
     }
 }
 

salsa20/src/lib.rs

@@ -176,6 +176,34 @@ fn xsalsa20_encrypt_hello_world() {
     assert_eq!(buf, EXPECTED_XSALSA20_HELLO_WORLD);
 }
 
+// Regression test for https://github.com/RustCrypto/stream-ciphers/issues/445
+#[test]
+fn salsa20_big_offset() {
+    let mut cipher = Salsa20::new(&KEY1.into(), &IV1.into());
+
+    let pos = 1u64 << 40;
+
+    let mut buf1 = [0u8; 1000];
+    cipher.seek(pos - 500);
+
+    cipher.write_keystream(&mut buf1);
+
+    let cur_pos: u64 = cipher.current_pos();
+    assert_eq!(cur_pos, pos + 500);
+
+    let mut buf2 = [0u8; 1000];
+    let (buf2l, buf2r) = buf2.split_at_mut(500);
+
+    cipher.seek(pos);
+    cipher.write_keystream(buf2r);
+    cipher.seek(pos - 500);
+    cipher.write_keystream(buf2l);
+
+    assert_eq!(buf1, buf2);
+    let cur_pos: u64 = cipher.current_pos();
+    assert_eq!(cur_pos, pos);
+}
+
 #[test]
 fn salsa20_regression_2024_03() {
     use salsa20::{