Revert "optimize constant_time_conditional_memxor for gcc".

This reverts commit 9b3ef1b. It seems like
the casts in the loop violate strict aliasing rules.

This may result in a performance regression when GCC is used instead of
Clang, as this code path was added specifically for GCC to address this
performance difference.

Author: briansmith

crypto/internal.h

@@ -263,17 +263,6 @@ static inline void constant_time_conditional_memxor(void *dst, const void *src,
   debug_assert_nonsecret(!buffers_alias(dst, n, src, n));
   aliasing_uint8_t *out = dst;
   const aliasing_uint8_t *in = src;
-#if defined(__GNUC__) && !defined(__clang__)
-  // gcc 13.2.0 doesn't automatically vectorize this loop regardless of barrier
-  typedef aliasing_uint8_t v32u8 __attribute__((vector_size(32), aligned(1), may_alias));
-  size_t n_vec = n&~(size_t)31;
-  v32u8 masks = ((aliasing_uint8_t)mask-(v32u8){}); // broadcast
-  for (size_t i = 0; i < n_vec; i += 32) {
-    *(v32u8*)&out[i] ^= masks & *(v32u8 const*)&in[i];
-  }
-  out += n_vec;
-  n -= n_vec;
-#endif
   for (size_t i = 0; i < n; i++) {
     out[i] ^= value_barrier_w(mask) & in[i];
   }