Adjust crypto_apply function callbacks for OCF.

- crypto_apply() is only used for reading a buffer to compute a
  digest, so change the data pointer to a const pointer.

- To better match m_apply(), change the data pointer type to void *
  and the length from uint16_t to u_int.  The length field in
  particular matters as none of the apply logic was splitting requests
  larger than UINT16_MAX.

- Adjust the auth_xform Update callback to match the function
  prototype passed to crypto_apply() and crypto_apply_buf().  This
  removes the needs for casts when using the Update callback.

- Change the Reinit and Setkey callbacks to also use a u_int length
  instead of uint16_t.

- Update auth transforms for the changes.  While here, use C99
  initializers for auth_hash structures and avoid casts on callbacks.

Reviewed by:	cem
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D25171

sys/crypto/aesni/aesni.c

@@ -388,7 +388,7 @@ MODULE_VERSION(aesni, 1);
 MODULE_DEPEND(aesni, crypto, 1, 1, 1);
 
 static int
-intel_sha1_update(void *vctx, void *vdata, u_int datalen)
+intel_sha1_update(void *vctx, const void *vdata, u_int datalen)
 {
 	struct sha1_ctxt *ctx = vctx;
 	const char *data = vdata;
@@ -437,7 +437,7 @@ SHA1_Finalize_fn(void *digest, void *ctx)
 }
 
 static int
-intel_sha256_update(void *vctx, void *vdata, u_int len)
+intel_sha256_update(void *vctx, const void *vdata, u_int len)
 {
 	SHA256_CTX *ctx = vctx;
 	uint64_t bitlen;

sys/crypto/aesni/aesni.h

@@ -63,7 +63,7 @@ struct aesni_session {
 	int mlen;
 	int hash_len;
 	void (*hash_init)(void *);
-	int (*hash_update)(void *, void *, unsigned);
+	int (*hash_update)(void *, const void *, u_int);
 	void (*hash_finalize)(void *, void *);
 	bool hmac;
 };

sys/crypto/blake2/blake2-sw.c

@@ -49,7 +49,7 @@ blake2b_xform_init(void *vctx)
 }
 
 static void
-blake2b_xform_setkey(void *vctx, const uint8_t *key, uint16_t klen)
+blake2b_xform_setkey(void *vctx, const uint8_t *key, u_int klen)
 {
 	struct blake2b_xform_ctx *ctx = vctx;
 
@@ -60,7 +60,7 @@ blake2b_xform_setkey(void *vctx, const uint8_t *key, uint16_t klen)
 }
 
 static int
-blake2b_xform_update(void *vctx, const uint8_t *data, uint16_t len)
+blake2b_xform_update(void *vctx, const void *data, u_int len)
 {
 	struct blake2b_xform_ctx *ctx = vctx;
 	int rc;
@@ -117,7 +117,7 @@ blake2s_xform_init(void *vctx)
 }
 
 static void
-blake2s_xform_setkey(void *vctx, const uint8_t *key, uint16_t klen)
+blake2s_xform_setkey(void *vctx, const uint8_t *key, u_int klen)
 {
 	struct blake2s_xform_ctx *ctx = vctx;
 
@@ -128,7 +128,7 @@ blake2s_xform_setkey(void *vctx, const uint8_t *key, uint16_t klen)
 }
 
 static int
-blake2s_xform_update(void *vctx, const uint8_t *data, uint16_t len)
+blake2s_xform_update(void *vctx, const void *data, u_int len)
 {
 	struct blake2s_xform_ctx *ctx = vctx;
 	int rc;

sys/crypto/blake2/blake2_cryptodev.c

@@ -304,7 +304,7 @@ blake2_cipher_setup(struct blake2_session *ses,
 }
 
 static int
-blake2b_applicator(void *state, void *buf, u_int len)
+blake2b_applicator(void *state, const void *buf, u_int len)
 {
 	int rc;
 
@@ -315,7 +315,7 @@ blake2b_applicator(void *state, void *buf, u_int len)
 }
 
 static int
-blake2s_applicator(void *state, void *buf, u_int len)
+blake2s_applicator(void *state, const void *buf, u_int len)
 {
 	int rc;
 

sys/crypto/via/padlock_hash.c

@@ -73,11 +73,10 @@ struct padlock_sha_ctx {
 };
 CTASSERT(sizeof(struct padlock_sha_ctx) <= sizeof(union authctx));
 
-static void padlock_sha_init(struct padlock_sha_ctx *ctx);
-static int padlock_sha_update(struct padlock_sha_ctx *ctx, const uint8_t *buf,
-    uint16_t bufsize);
-static void padlock_sha1_final(uint8_t *hash, struct padlock_sha_ctx *ctx);
-static void padlock_sha256_final(uint8_t *hash, struct padlock_sha_ctx *ctx);
+static void padlock_sha_init(void *vctx);
+static int padlock_sha_update(void *vctx, const void *buf, u_int bufsize);
+static void padlock_sha1_final(uint8_t *hash, void *vctx);
+static void padlock_sha256_final(uint8_t *hash, void *vctx);
 
 static struct auth_hash padlock_hmac_sha1 = {
 	.type = CRYPTO_SHA1_HMAC,
@@ -86,9 +85,9 @@ static struct auth_hash padlock_hmac_sha1 = {
 	.hashsize = SHA1_HASH_LEN,
 	.ctxsize = sizeof(struct padlock_sha_ctx),
 	.blocksize = SHA1_BLOCK_LEN,
-        .Init = (void (*)(void *))padlock_sha_init,
-	.Update = (int (*)(void *, const uint8_t *, uint16_t))padlock_sha_update,
-	.Final = (void (*)(uint8_t *, void *))padlock_sha1_final,
+        .Init = padlock_sha_init,
+	.Update = padlock_sha_update,
+	.Final = padlock_sha1_final,
 };
 
 static struct auth_hash padlock_hmac_sha256 = {
@@ -98,9 +97,9 @@ static struct auth_hash padlock_hmac_sha256 = {
 	.hashsize = SHA2_256_HASH_LEN,
 	.ctxsize = sizeof(struct padlock_sha_ctx),
 	.blocksize = SHA2_256_BLOCK_LEN,
-        .Init = (void (*)(void *))padlock_sha_init,
-	.Update = (int (*)(void *, const uint8_t *, uint16_t))padlock_sha_update,
-	.Final = (void (*)(uint8_t *, void *))padlock_sha256_final,
+        .Init = padlock_sha_init,
+	.Update = padlock_sha_update,
+	.Final = padlock_sha256_final,
 };
 
 MALLOC_DECLARE(M_PADLOCK);
@@ -165,18 +164,22 @@ padlock_do_sha256(const char *in, char *out, int count)
 }
 
 static void
-padlock_sha_init(struct padlock_sha_ctx *ctx)
+padlock_sha_init(void *vctx)
 {
+	struct padlock_sha_ctx *ctx;
 
+	ctx = vctx;
 	ctx->psc_buf = NULL;
 	ctx->psc_offset = 0;
 	ctx->psc_size = 0;
 }
 
 static int
-padlock_sha_update(struct padlock_sha_ctx *ctx, const uint8_t *buf, uint16_t bufsize)
+padlock_sha_update(void *vctx, const void *buf, u_int bufsize)
 {
+	struct padlock_sha_ctx *ctx;
 
+	ctx = vctx;
 	if (ctx->psc_size - ctx->psc_offset < bufsize) {
 		ctx->psc_size = MAX(ctx->psc_size * 2, ctx->psc_size + bufsize);
 		ctx->psc_buf = realloc(ctx->psc_buf, ctx->psc_size, M_PADLOCK,
@@ -190,9 +193,11 @@ padlock_sha_update(struct padlock_sha_ctx *ctx, const uint8_t *buf, uint16_t buf
 }
 
 static void
-padlock_sha_free(struct padlock_sha_ctx *ctx)
+padlock_sha_free(void *vctx)
 {
+	struct padlock_sha_ctx *ctx;
 
+	ctx = vctx;
 	if (ctx->psc_buf != NULL) {
 		//bzero(ctx->psc_buf, ctx->psc_size);
 		free(ctx->psc_buf, M_PADLOCK);
@@ -203,17 +208,21 @@ padlock_sha_free(struct padlock_sha_ctx *ctx)
 }
 
 static void
-padlock_sha1_final(uint8_t *hash, struct padlock_sha_ctx *ctx)
+padlock_sha1_final(uint8_t *hash, void *vctx)
 {
+	struct padlock_sha_ctx *ctx;
 
+	ctx = vctx;
 	padlock_do_sha1(ctx->psc_buf, hash, ctx->psc_offset);
 	padlock_sha_free(ctx);
 }
 
 static void
-padlock_sha256_final(uint8_t *hash, struct padlock_sha_ctx *ctx)
+padlock_sha256_final(uint8_t *hash, void *vctx)
 {
+	struct padlock_sha_ctx *ctx;
 
+	ctx = vctx;
 	padlock_do_sha256(ctx->psc_buf, hash, ctx->psc_offset);
 	padlock_sha_free(ctx);
 }
@@ -282,14 +291,13 @@ padlock_authcompute(struct padlock_session *ses, struct cryptop *crp)
 
 	padlock_copy_ctx(axf, ses->ses_ictx, &ctx);
 	error = crypto_apply(crp, crp->crp_aad_start, crp->crp_aad_length,
-	    (int (*)(void *, void *, unsigned int))axf->Update, (caddr_t)&ctx);
+	    axf->Update, &ctx);
 	if (error != 0) {
 		padlock_free_ctx(axf, &ctx);
 		return (error);
 	}
 	error = crypto_apply(crp, crp->crp_payload_start,
-	    crp->crp_payload_length,
-	    (int (*)(void *, void *, unsigned int))axf->Update, (caddr_t)&ctx);
+	    crp->crp_payload_length, axf->Update, &ctx);
 	if (error != 0) {
 		padlock_free_ctx(axf, &ctx);
 		return (error);

sys/dev/glxsb/glxsb_hash.c

@@ -73,12 +73,11 @@ glxsb_authcompute(struct glxsb_session *ses, struct cryptop *crp)
 	axf = ses->ses_axf;
 	bcopy(ses->ses_ictx, &ctx, axf->ctxsize);
 	error = crypto_apply(crp, crp->crp_aad_start, crp->crp_aad_length,
-	    (int (*)(void *, void *, unsigned int))axf->Update, (caddr_t)&ctx);
+	    axf->Update, &ctx);
 	if (error != 0)
 		return (error);
 	error = crypto_apply(crp, crp->crp_payload_start,
-	    crp->crp_payload_length, 
-	    (int (*)(void *, void *, unsigned int))axf->Update, (caddr_t)&ctx);
+	    crp->crp_payload_length, axf->Update, &ctx);
 	if (error != 0)
 		return (error);
 	

sys/opencrypto/cbc_mac.c

@@ -56,14 +56,20 @@ xor_and_encrypt(struct aes_cbc_mac_ctx *ctx,
 }
 
 void
-AES_CBC_MAC_Init(struct aes_cbc_mac_ctx *ctx)
+AES_CBC_MAC_Init(void *vctx)
 {
+	struct aes_cbc_mac_ctx *ctx;
+
+	ctx = vctx;
 	bzero(ctx, sizeof(*ctx));
 }
 
 void
-AES_CBC_MAC_Setkey(struct aes_cbc_mac_ctx *ctx, const uint8_t *key, uint16_t klen)
+AES_CBC_MAC_Setkey(void *vctx, const uint8_t *key, u_int klen)
 {
+	struct aes_cbc_mac_ctx *ctx;
+
+	ctx = vctx;
 	ctx->rounds = rijndaelKeySetupEnc(ctx->keysched, key, klen * 8);
 }
 
@@ -76,8 +82,9 @@ AES_CBC_MAC_Setkey(struct aes_cbc_mac_ctx *ctx, const uint8_t *key, uint16_t kle
  * nonce, as well as information about the sizes and lengths involved.
  */
 void
-AES_CBC_MAC_Reinit(struct aes_cbc_mac_ctx *ctx, const uint8_t *nonce, uint16_t nonceLen)
+AES_CBC_MAC_Reinit(void *vctx, const uint8_t *nonce, u_int nonceLen)
 {
+	struct aes_cbc_mac_ctx *ctx = vctx;
 	uint8_t b0[CCM_CBC_BLOCK_LEN];
 	uint8_t *bp = b0, flags = 0;
 	uint8_t L = 0;
@@ -150,11 +157,15 @@ AES_CBC_MAC_Reinit(struct aes_cbc_mac_ctx *ctx, const uint8_t *nonce, uint16_t n
 }
 
 int
-AES_CBC_MAC_Update(struct aes_cbc_mac_ctx *ctx, const uint8_t *data,
-    uint16_t length)
+AES_CBC_MAC_Update(void *vctx, const void *vdata, u_int length)
 {
+	struct aes_cbc_mac_ctx *ctx;
+	const uint8_t *data;
 	size_t copy_amt;
 	
+	ctx = vctx;
+	data = vdata;
+
 	/*
 	 * This will be called in one of two phases:
 	 * (1)  Applying authentication data, or
@@ -241,10 +252,13 @@ AES_CBC_MAC_Update(struct aes_cbc_mac_ctx *ctx, const uint8_t *data,
 }
 
 void
-AES_CBC_MAC_Final(uint8_t *buf, struct aes_cbc_mac_ctx *ctx)
+AES_CBC_MAC_Final(uint8_t *buf, void *vctx)
 {
+	struct aes_cbc_mac_ctx *ctx;
 	uint8_t s0[CCM_CBC_BLOCK_LEN];
-	
+
+	ctx = vctx;
+
 	/*
 	 * We first need to check to see if we've got any data
 	 * left over to encrypt.

sys/opencrypto/cbc_mac.h

@@ -58,10 +58,10 @@ struct aes_cbc_mac_ctx {
 	uint32_t	keysched[4*(RIJNDAEL_MAXNR+1)];
 };
 
-void AES_CBC_MAC_Init(struct aes_cbc_mac_ctx *);
-void AES_CBC_MAC_Setkey(struct aes_cbc_mac_ctx *, const uint8_t *, uint16_t);
-void AES_CBC_MAC_Reinit(struct aes_cbc_mac_ctx *, const uint8_t *, uint16_t);
-int AES_CBC_MAC_Update(struct aes_cbc_mac_ctx *, const uint8_t *, uint16_t);
-void AES_CBC_MAC_Final(uint8_t *, struct aes_cbc_mac_ctx *);
+void AES_CBC_MAC_Init(void *);
+void AES_CBC_MAC_Setkey(void *, const uint8_t *, u_int);
+void AES_CBC_MAC_Reinit(void *, const uint8_t *, u_int);
+int AES_CBC_MAC_Update(void *, const void *, u_int);
+void AES_CBC_MAC_Final(uint8_t *, void *);
 
 #endif /* _CBC_CCM_H */

sys/opencrypto/criov.c

@@ -385,8 +385,8 @@ crypto_cursor_copydata_noadv(struct crypto_buffer_cursor *cc, int size,
  * the beginning, continuing for "len" bytes.
  */
 static int
-cuio_apply(struct uio *uio, int off, int len, int (*f)(void *, void *, u_int),
-    void *arg)
+cuio_apply(struct uio *uio, int off, int len,
+    int (*f)(void *, const void *, u_int), void *arg)
 {
 	struct iovec *iov = uio->uio_iov;
 	int iol = uio->uio_iovcnt;
@@ -461,13 +461,14 @@ crypto_copydata(struct cryptop *crp, int off, int size, void *dst)
 
 int
 crypto_apply_buf(struct crypto_buffer *cb, int off, int len,
-    int (*f)(void *, void *, u_int), void *arg)
+    int (*f)(void *, const void *, u_int), void *arg)
 {
 	int error;
 
 	switch (cb->cb_type) {
 	case CRYPTO_BUF_MBUF:
-		error = m_apply(cb->cb_mbuf, off, len, f, arg);
+		error = m_apply(cb->cb_mbuf, off, len,
+		    (int (*)(void *, void *, u_int))f, arg);
 		break;
 	case CRYPTO_BUF_UIO:
 		error = cuio_apply(cb->cb_uio, off, len, f, arg);
@@ -488,7 +489,7 @@ crypto_apply_buf(struct crypto_buffer *cb, int off, int len,
 
 int
 crypto_apply(struct cryptop *crp, int off, int len,
-    int (*f)(void *, void *, u_int), void *arg)
+    int (*f)(void *, const void *, u_int), void *arg)
 {
 	return (crypto_apply_buf(&crp->crp_buf, off, len, f, arg));
 }

sys/opencrypto/cryptodev.h

@@ -668,12 +668,12 @@ void	crypto_copyback(struct cryptop *crp, int off, int size,
 	    const void *src);
 void	crypto_copydata(struct cryptop *crp, int off, int size, void *dst);
 int	crypto_apply(struct cryptop *crp, int off, int len,
-	    int (*f)(void *, void *, u_int), void *arg);
+	    int (*f)(void *, const void *, u_int), void *arg);
 void	*crypto_contiguous_subsegment(struct cryptop *crp, size_t skip,
 	    size_t len);
 
 int	crypto_apply_buf(struct crypto_buffer *cb, int off, int len,
-	    int (*f)(void *, void *, u_int), void *arg);
+	    int (*f)(void *, const void *, u_int), void *arg);
 void	*crypto_buffer_contiguous_subsegment(struct crypto_buffer *cb,
 	    size_t skip, size_t len);
 size_t	crypto_buffer_len(struct crypto_buffer *cb);

sys/opencrypto/cryptosoft.c

@@ -336,7 +336,7 @@ swcr_authcompute(struct swcr_session *ses, struct cryptop *crp)
 	bcopy(sw->sw_ictx, &ctx, axf->ctxsize);
 
 	err = crypto_apply(crp, crp->crp_aad_start, crp->crp_aad_length,
-	    (int (*)(void *, void *, unsigned int))axf->Update, &ctx);
+	    axf->Update, &ctx);
 	if (err)
 		return err;
 
@@ -344,11 +344,10 @@ swcr_authcompute(struct swcr_session *ses, struct cryptop *crp)
 	    CRYPTO_OP_IS_ENCRYPT(crp->crp_op))
 		err = crypto_apply_buf(&crp->crp_obuf,
 		    crp->crp_payload_output_start, crp->crp_payload_length,
-		    (int (*)(void *, void *, unsigned int))axf->Update, &ctx);
+		    axf->Update, &ctx);
 	else
 		err = crypto_apply(crp, crp->crp_payload_start,
-		    crp->crp_payload_length,
-		    (int (*)(void *, void *, unsigned int))axf->Update, &ctx);
+		    crp->crp_payload_length, axf->Update, &ctx);
 	if (err)
 		return err;
 

sys/opencrypto/gmac.c

@@ -36,19 +36,23 @@
 #include <opencrypto/gmac.h>
 
 void
-AES_GMAC_Init(struct aes_gmac_ctx *agc)
+AES_GMAC_Init(void *ctx)
 {
+	struct aes_gmac_ctx *agc;
 
+	agc = ctx;
 	bzero(agc, sizeof *agc);
 }
 
 void
-AES_GMAC_Setkey(struct aes_gmac_ctx *agc, const uint8_t *key, uint16_t klen)
+AES_GMAC_Setkey(void *ctx, const uint8_t *key, u_int klen)
 {
+	struct aes_gmac_ctx *agc;
 	const uint8_t zeros[GMAC_BLOCK_LEN] = {};
 	struct gf128 h;
 	uint8_t hbuf[GMAC_BLOCK_LEN];
 
+	agc = ctx;
 	agc->rounds = rijndaelKeySetupEnc(agc->keysched, key, klen * 8);
 
 	rijndaelEncrypt(agc->keysched, agc->rounds, zeros, hbuf);
@@ -61,20 +65,26 @@ AES_GMAC_Setkey(struct aes_gmac_ctx *agc, const uint8_t *key, uint16_t klen)
 }
 
 void
-AES_GMAC_Reinit(struct aes_gmac_ctx *agc, const uint8_t *iv, uint16_t ivlen)
+AES_GMAC_Reinit(void *ctx, const uint8_t *iv, u_int ivlen)
 {
+	struct aes_gmac_ctx *agc;
 
+	agc = ctx;
 	KASSERT(ivlen <= sizeof agc->counter, ("passed ivlen too large!"));
 	bcopy(iv, agc->counter, ivlen);
 }
 
 int
-AES_GMAC_Update(struct aes_gmac_ctx *agc, const uint8_t *data, uint16_t len)
+AES_GMAC_Update(void *ctx, const void *vdata, u_int len)
 {
+	struct aes_gmac_ctx *agc;
+	const uint8_t *data;
 	struct gf128 v;
 	uint8_t buf[GMAC_BLOCK_LEN] = {};
 	int i;
 
+	agc = ctx;
+	data = vdata;
 	v = agc->hash;
 
 	while (len > 0) {
@@ -103,12 +113,14 @@ AES_GMAC_Update(struct aes_gmac_ctx *agc, const uint8_t *data, uint16_t len)
 }
 
 void
-AES_GMAC_Final(uint8_t digest[GMAC_DIGEST_LEN], struct aes_gmac_ctx *agc)
+AES_GMAC_Final(uint8_t *digest, void *ctx)
 {
+	struct aes_gmac_ctx *agc;
 	uint8_t enccntr[GMAC_BLOCK_LEN];
 	struct gf128 a;
 
 	/* XXX - zero additional bytes? */
+	agc = ctx;
 	agc->counter[GMAC_BLOCK_LEN - 1] = 1;
 
 	rijndaelEncrypt(agc->keysched, agc->rounds, agc->counter, enccntr);

sys/opencrypto/gmac.h

@@ -47,10 +47,10 @@ struct aes_gmac_ctx {
 	int			rounds;
 };
 
-void AES_GMAC_Init(struct aes_gmac_ctx *);
-void AES_GMAC_Setkey(struct aes_gmac_ctx *, const uint8_t *, uint16_t);
-void AES_GMAC_Reinit(struct aes_gmac_ctx *, const uint8_t *, uint16_t);
-int AES_GMAC_Update(struct aes_gmac_ctx *, const uint8_t *, uint16_t);
-void AES_GMAC_Final(uint8_t [GMAC_DIGEST_LEN], struct aes_gmac_ctx *);
+void AES_GMAC_Init(void *);
+void AES_GMAC_Setkey(void *, const uint8_t *, u_int);
+void AES_GMAC_Reinit(void *, const uint8_t *, u_int);
+int AES_GMAC_Update(void *, const void *, u_int);
+void AES_GMAC_Final(uint8_t *, void *);
 
 #endif /* _GMAC_H_ */

sys/opencrypto/xform_auth.h

@@ -57,9 +57,9 @@ struct auth_hash {
 	u_int16_t ctxsize;
 	u_int16_t blocksize;
 	void (*Init) (void *);
-	void (*Setkey) (void *, const u_int8_t *, u_int16_t);
-	void (*Reinit) (void *, const u_int8_t *, u_int16_t);
-	int  (*Update) (void *, const u_int8_t *, u_int16_t);
+	void (*Setkey) (void *, const uint8_t *, u_int);
+	void (*Reinit) (void *, const uint8_t *, u_int);
+	int  (*Update) (void *, const void *, u_int);
 	void (*Final) (u_int8_t *, void *);
 };
 

sys/opencrypto/xform_cbc_mac.c

@@ -12,14 +12,11 @@ struct auth_hash auth_hash_ccm_cbc_mac_128 = {
 	.hashsize = AES_CBC_MAC_HASH_LEN,
 	.ctxsize = sizeof(struct aes_cbc_mac_ctx),
 	.blocksize = CCM_CBC_BLOCK_LEN,
-	.Init = (void (*)(void *)) AES_CBC_MAC_Init,
-	.Setkey =
-	    (void (*)(void *, const u_int8_t *, u_int16_t))AES_CBC_MAC_Setkey,
-	.Reinit =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Reinit,
-	.Update =
-	    (int  (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Update,
-	.Final = (void (*)(u_int8_t *, void *)) AES_CBC_MAC_Final,
+	.Init = AES_CBC_MAC_Init,
+	.Setkey = AES_CBC_MAC_Setkey,
+	.Reinit = AES_CBC_MAC_Reinit,
+	.Update = AES_CBC_MAC_Update,
+	.Final = AES_CBC_MAC_Final,
 };
 struct auth_hash auth_hash_ccm_cbc_mac_192 = {
 	.type = CRYPTO_AES_CCM_CBC_MAC,
@@ -28,14 +25,11 @@ struct auth_hash auth_hash_ccm_cbc_mac_192 = {
 	.hashsize = AES_CBC_MAC_HASH_LEN,
 	.ctxsize = sizeof(struct aes_cbc_mac_ctx),
 	.blocksize = CCM_CBC_BLOCK_LEN,
-	.Init = (void (*)(void *)) AES_CBC_MAC_Init,
-	.Setkey =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Setkey,
-	.Reinit =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Reinit,
-	.Update =
-	    (int  (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Update,
-	.Final = (void (*)(u_int8_t *, void *)) AES_CBC_MAC_Final,
+	.Init = AES_CBC_MAC_Init,
+	.Setkey = AES_CBC_MAC_Setkey,
+	.Reinit = AES_CBC_MAC_Reinit,
+	.Update = AES_CBC_MAC_Update,
+	.Final = AES_CBC_MAC_Final,
 };
 struct auth_hash auth_hash_ccm_cbc_mac_256 = {
 	.type = CRYPTO_AES_CCM_CBC_MAC,
@@ -44,12 +38,9 @@ struct auth_hash auth_hash_ccm_cbc_mac_256 = {
 	.hashsize = AES_CBC_MAC_HASH_LEN,
 	.ctxsize = sizeof(struct aes_cbc_mac_ctx),
 	.blocksize = CCM_CBC_BLOCK_LEN,
-	.Init = (void (*)(void *)) AES_CBC_MAC_Init,
-	.Setkey =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Setkey,
-	.Reinit =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Reinit,
-	.Update =
-	    (int  (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Update,
-	.Final = (void (*)(u_int8_t *, void *)) AES_CBC_MAC_Final,
+	.Init = AES_CBC_MAC_Init,
+	.Setkey = AES_CBC_MAC_Setkey,
+	.Reinit = AES_CBC_MAC_Reinit,
+	.Update = AES_CBC_MAC_Update,
+	.Final = AES_CBC_MAC_Final,
 };

sys/opencrypto/xform_gmac.c

@@ -65,34 +65,43 @@ struct enc_xform enc_xform_aes_nist_gmac = {
 
 /* Authentication instances */
 struct auth_hash auth_hash_nist_gmac_aes_128 = {
-	CRYPTO_AES_NIST_GMAC, "GMAC-AES-128",
-	AES_128_GMAC_KEY_LEN, AES_GMAC_HASH_LEN, sizeof(struct aes_gmac_ctx),
-	GMAC_BLOCK_LEN,
-	(void (*)(void *)) AES_GMAC_Init,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
-	(int  (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Update,
-	(void (*)(u_int8_t *, void *)) AES_GMAC_Final
+	.type = CRYPTO_AES_NIST_GMAC,
+	.name = "GMAC-AES-128",
+	.keysize = AES_128_GMAC_KEY_LEN,
+	.hashsize = AES_GMAC_HASH_LEN,
+	.ctxsize = sizeof(struct aes_gmac_ctx),
+	.blocksize = GMAC_BLOCK_LEN,
+	.Init = AES_GMAC_Init,
+	.Setkey = AES_GMAC_Setkey,
+	.Reinit = AES_GMAC_Reinit,
+	.Update = AES_GMAC_Update,
+	.Final = AES_GMAC_Final,
 };
 
 struct auth_hash auth_hash_nist_gmac_aes_192 = {
-	CRYPTO_AES_NIST_GMAC, "GMAC-AES-192",
-	AES_192_GMAC_KEY_LEN, AES_GMAC_HASH_LEN, sizeof(struct aes_gmac_ctx),
-	GMAC_BLOCK_LEN,
-	(void (*)(void *)) AES_GMAC_Init,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
-	(int  (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Update,
-	(void (*)(u_int8_t *, void *)) AES_GMAC_Final
+	.type = CRYPTO_AES_NIST_GMAC,
+	.name = "GMAC-AES-192",
+	.keysize = AES_192_GMAC_KEY_LEN,
+	.hashsize = AES_GMAC_HASH_LEN,
+	.ctxsize = sizeof(struct aes_gmac_ctx),
+	.blocksize = GMAC_BLOCK_LEN,
+	.Init = AES_GMAC_Init,
+	.Setkey = AES_GMAC_Setkey,
+	.Reinit = AES_GMAC_Reinit,
+	.Update = AES_GMAC_Update,
+	.Final = AES_GMAC_Final,
 };
 
 struct auth_hash auth_hash_nist_gmac_aes_256 = {
-	CRYPTO_AES_NIST_GMAC, "GMAC-AES-256",
-	AES_256_GMAC_KEY_LEN, AES_GMAC_HASH_LEN, sizeof(struct aes_gmac_ctx),
-	GMAC_BLOCK_LEN,
-	(void (*)(void *)) AES_GMAC_Init,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
-	(int  (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Update,
-	(void (*)(u_int8_t *, void *)) AES_GMAC_Final
+	.type = CRYPTO_AES_NIST_GMAC,
+	.name = "GMAC-AES-256",
+	.keysize = AES_256_GMAC_KEY_LEN,
+	.hashsize = AES_GMAC_HASH_LEN,
+	.ctxsize = sizeof(struct aes_gmac_ctx),
+	.blocksize = GMAC_BLOCK_LEN,
+	.Init = AES_GMAC_Init,
+	.Setkey = AES_GMAC_Setkey,
+	.Reinit = AES_GMAC_Reinit,
+	.Update = AES_GMAC_Update,
+	.Final = AES_GMAC_Final,
 };

sys/opencrypto/xform_null.c

@@ -57,8 +57,8 @@ static	int null_setkey(void *, const u_int8_t *, int);
 static	void null_crypt(void *, const uint8_t *, uint8_t *);
 
 static	void null_init(void *);
-static	void null_reinit(void *ctx, const u_int8_t *buf, u_int16_t len);
-static	int null_update(void *, const u_int8_t *, u_int16_t);
+static	void null_reinit(void *ctx, const uint8_t *buf, u_int len);
+static	int null_update(void *, const void *, u_int);
 static	void null_final(u_int8_t *, void *);
 
 /* Encryption instances */
@@ -114,12 +114,12 @@ null_init(void *ctx)
 }
 
 static void
-null_reinit(void *ctx, const u_int8_t *buf, u_int16_t len)
+null_reinit(void *ctx, const uint8_t *buf, u_int len)
 {
 }
 
 static int
-null_update(void *ctx, const u_int8_t *buf, u_int16_t len)
+null_update(void *ctx, const void *buf, u_int len)
 {
 	return 0;
 }

sys/opencrypto/xform_poly1305.c

@@ -17,7 +17,7 @@ CTASSERT(POLY1305_KEY_LEN == crypto_onetimeauth_poly1305_KEYBYTES);
 CTASSERT(POLY1305_HASH_LEN == crypto_onetimeauth_poly1305_BYTES);
 
 void
-Poly1305_Init(struct poly1305_xform_ctx *polyctx)
+Poly1305_Init(void *polyctx)
 {
 	/* Nop */
 }
@@ -37,7 +37,7 @@ Poly1305_Setkey(struct poly1305_xform_ctx *polyctx,
 }
 
 static void
-xform_Poly1305_Setkey(void *ctx, const uint8_t *key, uint16_t klen)
+xform_Poly1305_Setkey(void *ctx, const uint8_t *key, u_int klen)
 {
 	Poly1305_Setkey(ctx, key, klen);
 }
@@ -55,7 +55,7 @@ Poly1305_Update(struct poly1305_xform_ctx *polyctx, const void *data,
 }
 
 static int
-xform_Poly1305_Update(void *ctx, const uint8_t *data, uint16_t len)
+xform_Poly1305_Update(void *ctx, const void *data, u_int len)
 {
 	return (Poly1305_Update(ctx, data, len));
 }
@@ -84,7 +84,7 @@ struct auth_hash auth_hash_poly1305 = {
 	.hashsize = POLY1305_HASH_LEN,
 	.ctxsize = sizeof(struct poly1305_xform_ctx),
 	.blocksize = crypto_onetimeauth_poly1305_BYTES,
-	.Init = (void *)Poly1305_Init,
+	.Init = Poly1305_Init,
 	.Setkey = xform_Poly1305_Setkey,
 	.Update = xform_Poly1305_Update,
 	.Final = xform_Poly1305_Final,

sys/opencrypto/xform_poly1305.h

@@ -6,7 +6,7 @@
 
 struct poly1305_xform_ctx;
 
-void Poly1305_Init(struct poly1305_xform_ctx *);
+void Poly1305_Init(void *);
 
 void Poly1305_Setkey(struct poly1305_xform_ctx *,
     const uint8_t [__min_size(32)], size_t);

sys/opencrypto/xform_rmd160.c

@@ -53,7 +53,9 @@ __FBSDID("$FreeBSD$");
 #include <opencrypto/rmd160.h>
 #include <opencrypto/xform_auth.h>
 
-static	int RMD160Update_int(void *, const u_int8_t *, u_int16_t);
+static	void RMD160Init_int(void *);
+static	int RMD160Update_int(void *, const void *, u_int);
+static	void RMD160Final_int(uint8_t *, void *);
 
 /* Authentication instances */
 struct auth_hash auth_hash_hmac_ripemd_160 = {
@@ -63,17 +65,26 @@ struct auth_hash auth_hash_hmac_ripemd_160 = {
 	.hashsize = RIPEMD160_HASH_LEN,
 	.ctxsize = sizeof(RMD160_CTX),
 	.blocksize = RIPEMD160_BLOCK_LEN,
-	.Init = (void (*)(void *)) RMD160Init,
+	.Init = RMD160Init_int,
 	.Update = RMD160Update_int,
-	.Final = (void (*)(u_int8_t *, void *)) RMD160Final,
+	.Final = RMD160Final_int,
 };
 
-/*
- * And now for auth.
- */
+static void
+RMD160Init_int(void *ctx)
+{
+	RMD160Init(ctx);
+}
+
 static int
-RMD160Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+RMD160Update_int(void *ctx, const void *buf, u_int len)
 {
 	RMD160Update(ctx, buf, len);
 	return 0;
 }
+
+static void
+RMD160Final_int(uint8_t *digest, void *ctx)
+{
+	RMD160Final(digest, ctx);
+}

sys/opencrypto/xform_sha1.c

@@ -54,7 +54,7 @@ __FBSDID("$FreeBSD$");
 #include <opencrypto/xform_auth.h>
 
 static	void SHA1Init_int(void *);
-static	int SHA1Update_int(void *, const u_int8_t *, u_int16_t);
+static	int SHA1Update_int(void *, const void *, u_int);
 static	void SHA1Final_int(u_int8_t *, void *);
 
 /* Plain hash */
@@ -92,7 +92,7 @@ SHA1Init_int(void *ctx)
 }
 
 static int
-SHA1Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA1Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA1Update(ctx, buf, len);
 	return 0;

sys/opencrypto/xform_sha2.c

@@ -56,10 +56,10 @@ __FBSDID("$FreeBSD$");
 #include <crypto/sha2/sha512.h>
 #include <opencrypto/xform_auth.h>
 
-static	int SHA224Update_int(void *, const u_int8_t *, u_int16_t);
-static	int SHA256Update_int(void *, const u_int8_t *, u_int16_t);
-static	int SHA384Update_int(void *, const u_int8_t *, u_int16_t);
-static	int SHA512Update_int(void *, const u_int8_t *, u_int16_t);
+static	int SHA224Update_int(void *, const void *, u_int);
+static	int SHA256Update_int(void *, const void *, u_int);
+static	int SHA384Update_int(void *, const void *, u_int);
+static	int SHA512Update_int(void *, const void *, u_int);
 
 /* Plain hashes */
 struct auth_hash auth_hash_sha2_224 = {
@@ -162,28 +162,28 @@ struct auth_hash auth_hash_hmac_sha2_512 = {
  * And now for auth.
  */
 static int
-SHA224Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA224Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA224_Update(ctx, buf, len);
 	return 0;
 }
 
 static int
-SHA256Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA256Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA256_Update(ctx, buf, len);
 	return 0;
 }
 
 static int
-SHA384Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA384Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA384_Update(ctx, buf, len);
 	return 0;
 }
 
 static int
-SHA512Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA512Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA512_Update(ctx, buf, len);
 	return 0;