deduplicate quarter_round in xchacha, use soft backend version

Author: oxarbitrage

chacha20/src/backends/soft.rs

@@ -54,7 +54,13 @@ fn run_rounds<R: Unsigned>(state: &[u32; STATE_WORDS]) -> [u32; STATE_WORDS] {
 }
 
 /// The ChaCha20 quarter round function
-fn quarter_round(a: usize, b: usize, c: usize, d: usize, state: &mut [u32; STATE_WORDS]) {
+pub(crate) fn quarter_round(
+    a: usize,
+    b: usize,
+    c: usize,
+    d: usize,
+    state: &mut [u32; STATE_WORDS],
+) {
     state[a] = state[a].wrapping_add(state[b]);
     state[d] ^= state[a];
     state[d] = state[d].rotate_left(16);

chacha20/src/xchacha.rs

@@ -8,6 +8,8 @@ use cipher::{
     StreamCipherSeekCore, StreamClosure,
 };
 
+use crate::backends::soft::quarter_round;
+
 #[cfg(feature = "zeroize")]
 use cipher::zeroize::ZeroizeOnDrop;
 
@@ -144,26 +146,6 @@ pub fn hchacha<R: Unsigned>(key: &Key, input: &GenericArray<u8, U16>) -> Generic
     output
 }
 
-/// The ChaCha20 quarter round function
-// for simplicity this function is copied from the software backend
-fn quarter_round(a: usize, b: usize, c: usize, d: usize, state: &mut [u32; STATE_WORDS]) {
-    state[a] = state[a].wrapping_add(state[b]);
-    state[d] ^= state[a];
-    state[d] = state[d].rotate_left(16);
-
-    state[c] = state[c].wrapping_add(state[d]);
-    state[b] ^= state[c];
-    state[b] = state[b].rotate_left(12);
-
-    state[a] = state[a].wrapping_add(state[b]);
-    state[d] ^= state[a];
-    state[d] = state[d].rotate_left(8);
-
-    state[c] = state[c].wrapping_add(state[d]);
-    state[b] ^= state[c];
-    state[b] = state[b].rotate_left(7);
-}
-
 #[cfg(test)]
 mod hchacha20_tests {
     use super::*;