Adjust crypto_apply function callbacks for OCF.

- crypto_apply() is only used for reading a buffer to compute a
  digest, so change the data pointer to a const pointer.

- To better match m_apply(), change the data pointer type to void *
  and the length from uint16_t to u_int.  The length field in
  particular matters as none of the apply logic was splitting requests
  larger than UINT16_MAX.

- Adjust the auth_xform Update callback to match the function
  prototype passed to crypto_apply() and crypto_apply_buf().  This
  removes the needs for casts when using the Update callback.

- Change the Reinit and Setkey callbacks to also use a u_int length
  instead of uint16_t.

- Update auth transforms for the changes.  While here, use C99
  initializers for auth_hash structures and avoid casts on callbacks.

Reviewed by:	cem
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D25171

16 files changed, 147 insertions, 110 deletions

diff --git a/sys/opencrypto/cbc_mac.c b/sys/opencrypto/cbc_mac.c
index 3c07f73063dba..40afae5373bf2 100644
--- a/sys/opencrypto/cbc_mac.c
+++ b/sys/opencrypto/cbc_mac.c
@@ -56,14 +56,20 @@ xor_and_encrypt(struct aes_cbc_mac_ctx *ctx,
 }
 
 void
-AES_CBC_MAC_Init(struct aes_cbc_mac_ctx *ctx)
+AES_CBC_MAC_Init(void *vctx)
 {
+	struct aes_cbc_mac_ctx *ctx;
+
+	ctx = vctx;
 	bzero(ctx, sizeof(*ctx));
 }
 
 void
-AES_CBC_MAC_Setkey(struct aes_cbc_mac_ctx *ctx, const uint8_t *key, uint16_t klen)
+AES_CBC_MAC_Setkey(void *vctx, const uint8_t *key, u_int klen)
 {
+	struct aes_cbc_mac_ctx *ctx;
+
+	ctx = vctx;
 	ctx->rounds = rijndaelKeySetupEnc(ctx->keysched, key, klen * 8);
 }
 
@@ -76,8 +82,9 @@ AES_CBC_MAC_Setkey(struct aes_cbc_mac_ctx *ctx, const uint8_t *key, uint16_t kle
  * nonce, as well as information about the sizes and lengths involved.
  */
 void
-AES_CBC_MAC_Reinit(struct aes_cbc_mac_ctx *ctx, const uint8_t *nonce, uint16_t nonceLen)
+AES_CBC_MAC_Reinit(void *vctx, const uint8_t *nonce, u_int nonceLen)
 {
+	struct aes_cbc_mac_ctx *ctx = vctx;
 	uint8_t b0[CCM_CBC_BLOCK_LEN];
 	uint8_t *bp = b0, flags = 0;
 	uint8_t L = 0;
@@ -150,11 +157,15 @@ AES_CBC_MAC_Reinit(struct aes_cbc_mac_ctx *ctx, const uint8_t *nonce, uint16_t n
 }
 
 int
-AES_CBC_MAC_Update(struct aes_cbc_mac_ctx *ctx, const uint8_t *data,
-    uint16_t length)
+AES_CBC_MAC_Update(void *vctx, const void *vdata, u_int length)
 {
+	struct aes_cbc_mac_ctx *ctx;
+	const uint8_t *data;
 	size_t copy_amt;
 	
+	ctx = vctx;
+	data = vdata;
+
 	/*
 	 * This will be called in one of two phases:
 	 * (1)  Applying authentication data, or
@@ -241,10 +252,13 @@ AES_CBC_MAC_Update(struct aes_cbc_mac_ctx *ctx, const uint8_t *data,
 }
 
 void
-AES_CBC_MAC_Final(uint8_t *buf, struct aes_cbc_mac_ctx *ctx)
+AES_CBC_MAC_Final(uint8_t *buf, void *vctx)
 {
+	struct aes_cbc_mac_ctx *ctx;
 	uint8_t s0[CCM_CBC_BLOCK_LEN];
-	
+
+	ctx = vctx;
+
 	/*
 	 * We first need to check to see if we've got any data
 	 * left over to encrypt.
diff --git a/sys/opencrypto/cbc_mac.h b/sys/opencrypto/cbc_mac.h
index 33e61cc1a1236..51833a212f6c5 100644
--- a/sys/opencrypto/cbc_mac.h
+++ b/sys/opencrypto/cbc_mac.h
@@ -58,10 +58,10 @@ struct aes_cbc_mac_ctx {
 	uint32_t	keysched[4*(RIJNDAEL_MAXNR+1)];
 };
 
-void AES_CBC_MAC_Init(struct aes_cbc_mac_ctx *);
-void AES_CBC_MAC_Setkey(struct aes_cbc_mac_ctx *, const uint8_t *, uint16_t);
-void AES_CBC_MAC_Reinit(struct aes_cbc_mac_ctx *, const uint8_t *, uint16_t);
-int AES_CBC_MAC_Update(struct aes_cbc_mac_ctx *, const uint8_t *, uint16_t);
-void AES_CBC_MAC_Final(uint8_t *, struct aes_cbc_mac_ctx *);
+void AES_CBC_MAC_Init(void *);
+void AES_CBC_MAC_Setkey(void *, const uint8_t *, u_int);
+void AES_CBC_MAC_Reinit(void *, const uint8_t *, u_int);
+int AES_CBC_MAC_Update(void *, const void *, u_int);
+void AES_CBC_MAC_Final(uint8_t *, void *);
 
 #endif /* _CBC_CCM_H */
diff --git a/sys/opencrypto/criov.c b/sys/opencrypto/criov.c
index 636ca9a4a4d5c..0ef39eac1eb2f 100644
--- a/sys/opencrypto/criov.c
+++ b/sys/opencrypto/criov.c
@@ -385,8 +385,8 @@ crypto_cursor_copydata_noadv(struct crypto_buffer_cursor *cc, int size,
  * the beginning, continuing for "len" bytes.
  */
 static int
-cuio_apply(struct uio *uio, int off, int len, int (*f)(void *, void *, u_int),
-    void *arg)
+cuio_apply(struct uio *uio, int off, int len,
+    int (*f)(void *, const void *, u_int), void *arg)
 {
 	struct iovec *iov = uio->uio_iov;
 	int iol = uio->uio_iovcnt;
@@ -461,13 +461,14 @@ crypto_copydata(struct cryptop *crp, int off, int size, void *dst)
 
 int
 crypto_apply_buf(struct crypto_buffer *cb, int off, int len,
-    int (*f)(void *, void *, u_int), void *arg)
+    int (*f)(void *, const void *, u_int), void *arg)
 {
 	int error;
 
 	switch (cb->cb_type) {
 	case CRYPTO_BUF_MBUF:
-		error = m_apply(cb->cb_mbuf, off, len, f, arg);
+		error = m_apply(cb->cb_mbuf, off, len,
+		    (int (*)(void *, void *, u_int))f, arg);
 		break;
 	case CRYPTO_BUF_UIO:
 		error = cuio_apply(cb->cb_uio, off, len, f, arg);
@@ -488,7 +489,7 @@ crypto_apply_buf(struct crypto_buffer *cb, int off, int len,
 
 int
 crypto_apply(struct cryptop *crp, int off, int len,
-    int (*f)(void *, void *, u_int), void *arg)
+    int (*f)(void *, const void *, u_int), void *arg)
 {
 	return (crypto_apply_buf(&crp->crp_buf, off, len, f, arg));
 }
diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h
index 836cb3b38acda..8a28da44a332b 100644
--- a/sys/opencrypto/cryptodev.h
+++ b/sys/opencrypto/cryptodev.h
@@ -668,12 +668,12 @@ void	crypto_copyback(struct cryptop *crp, int off, int size,
 	    const void *src);
 void	crypto_copydata(struct cryptop *crp, int off, int size, void *dst);
 int	crypto_apply(struct cryptop *crp, int off, int len,
-	    int (*f)(void *, void *, u_int), void *arg);
+	    int (*f)(void *, const void *, u_int), void *arg);
 void	*crypto_contiguous_subsegment(struct cryptop *crp, size_t skip,
 	    size_t len);
 
 int	crypto_apply_buf(struct crypto_buffer *cb, int off, int len,
-	    int (*f)(void *, void *, u_int), void *arg);
+	    int (*f)(void *, const void *, u_int), void *arg);
 void	*crypto_buffer_contiguous_subsegment(struct crypto_buffer *cb,
 	    size_t skip, size_t len);
 size_t	crypto_buffer_len(struct crypto_buffer *cb);
diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c
index b29161b130ace..8cdabfa7c37f1 100644
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@@ -336,7 +336,7 @@ swcr_authcompute(struct swcr_session *ses, struct cryptop *crp)
 	bcopy(sw->sw_ictx, &ctx, axf->ctxsize);
 
 	err = crypto_apply(crp, crp->crp_aad_start, crp->crp_aad_length,
-	    (int (*)(void *, void *, unsigned int))axf->Update, &ctx);
+	    axf->Update, &ctx);
 	if (err)
 		return err;
 
@@ -344,11 +344,10 @@ swcr_authcompute(struct swcr_session *ses, struct cryptop *crp)
 	    CRYPTO_OP_IS_ENCRYPT(crp->crp_op))
 		err = crypto_apply_buf(&crp->crp_obuf,
 		    crp->crp_payload_output_start, crp->crp_payload_length,
-		    (int (*)(void *, void *, unsigned int))axf->Update, &ctx);
+		    axf->Update, &ctx);
 	else
 		err = crypto_apply(crp, crp->crp_payload_start,
-		    crp->crp_payload_length,
-		    (int (*)(void *, void *, unsigned int))axf->Update, &ctx);
+		    crp->crp_payload_length, axf->Update, &ctx);
 	if (err)
 		return err;
 
diff --git a/sys/opencrypto/gmac.c b/sys/opencrypto/gmac.c
index 402092c18fda4..656977acf3e62 100644
--- a/sys/opencrypto/gmac.c
+++ b/sys/opencrypto/gmac.c
@@ -36,19 +36,23 @@
 #include <opencrypto/gmac.h>
 
 void
-AES_GMAC_Init(struct aes_gmac_ctx *agc)
+AES_GMAC_Init(void *ctx)
 {
+	struct aes_gmac_ctx *agc;
 
+	agc = ctx;
 	bzero(agc, sizeof *agc);
 }
 
 void
-AES_GMAC_Setkey(struct aes_gmac_ctx *agc, const uint8_t *key, uint16_t klen)
+AES_GMAC_Setkey(void *ctx, const uint8_t *key, u_int klen)
 {
+	struct aes_gmac_ctx *agc;
 	const uint8_t zeros[GMAC_BLOCK_LEN] = {};
 	struct gf128 h;
 	uint8_t hbuf[GMAC_BLOCK_LEN];
 
+	agc = ctx;
 	agc->rounds = rijndaelKeySetupEnc(agc->keysched, key, klen * 8);
 
 	rijndaelEncrypt(agc->keysched, agc->rounds, zeros, hbuf);
@@ -61,20 +65,26 @@ AES_GMAC_Setkey(struct aes_gmac_ctx *agc, const uint8_t *key, uint16_t klen)
 }
 
 void
-AES_GMAC_Reinit(struct aes_gmac_ctx *agc, const uint8_t *iv, uint16_t ivlen)
+AES_GMAC_Reinit(void *ctx, const uint8_t *iv, u_int ivlen)
 {
+	struct aes_gmac_ctx *agc;
 
+	agc = ctx;
 	KASSERT(ivlen <= sizeof agc->counter, ("passed ivlen too large!"));
 	bcopy(iv, agc->counter, ivlen);
 }
 
 int
-AES_GMAC_Update(struct aes_gmac_ctx *agc, const uint8_t *data, uint16_t len)
+AES_GMAC_Update(void *ctx, const void *vdata, u_int len)
 {
+	struct aes_gmac_ctx *agc;
+	const uint8_t *data;
 	struct gf128 v;
 	uint8_t buf[GMAC_BLOCK_LEN] = {};
 	int i;
 
+	agc = ctx;
+	data = vdata;
 	v = agc->hash;
 
 	while (len > 0) {
@@ -103,12 +113,14 @@ AES_GMAC_Update(struct aes_gmac_ctx *agc, const uint8_t *data, uint16_t len)
 }
 
 void
-AES_GMAC_Final(uint8_t digest[GMAC_DIGEST_LEN], struct aes_gmac_ctx *agc)
+AES_GMAC_Final(uint8_t *digest, void *ctx)
 {
+	struct aes_gmac_ctx *agc;
 	uint8_t enccntr[GMAC_BLOCK_LEN];
 	struct gf128 a;
 
 	/* XXX - zero additional bytes? */
+	agc = ctx;
 	agc->counter[GMAC_BLOCK_LEN - 1] = 1;
 
 	rijndaelEncrypt(agc->keysched, agc->rounds, agc->counter, enccntr);
diff --git a/sys/opencrypto/gmac.h b/sys/opencrypto/gmac.h
index 909b78c76f3cd..9de8e381ddb45 100644
--- a/sys/opencrypto/gmac.h
+++ b/sys/opencrypto/gmac.h
@@ -47,10 +47,10 @@ struct aes_gmac_ctx {
 	int			rounds;
 };
 
-void AES_GMAC_Init(struct aes_gmac_ctx *);
-void AES_GMAC_Setkey(struct aes_gmac_ctx *, const uint8_t *, uint16_t);
-void AES_GMAC_Reinit(struct aes_gmac_ctx *, const uint8_t *, uint16_t);
-int AES_GMAC_Update(struct aes_gmac_ctx *, const uint8_t *, uint16_t);
-void AES_GMAC_Final(uint8_t [GMAC_DIGEST_LEN], struct aes_gmac_ctx *);
+void AES_GMAC_Init(void *);
+void AES_GMAC_Setkey(void *, const uint8_t *, u_int);
+void AES_GMAC_Reinit(void *, const uint8_t *, u_int);
+int AES_GMAC_Update(void *, const void *, u_int);
+void AES_GMAC_Final(uint8_t *, void *);
 
 #endif /* _GMAC_H_ */
diff --git a/sys/opencrypto/xform_auth.h b/sys/opencrypto/xform_auth.h
index 0233b23df4ce8..676ea6e7c4f6c 100644
--- a/sys/opencrypto/xform_auth.h
+++ b/sys/opencrypto/xform_auth.h
@@ -57,9 +57,9 @@ struct auth_hash {
 	u_int16_t ctxsize;
 	u_int16_t blocksize;
 	void (*Init) (void *);
-	void (*Setkey) (void *, const u_int8_t *, u_int16_t);
-	void (*Reinit) (void *, const u_int8_t *, u_int16_t);
-	int  (*Update) (void *, const u_int8_t *, u_int16_t);
+	void (*Setkey) (void *, const uint8_t *, u_int);
+	void (*Reinit) (void *, const uint8_t *, u_int);
+	int  (*Update) (void *, const void *, u_int);
 	void (*Final) (u_int8_t *, void *);
 };
 
diff --git a/sys/opencrypto/xform_cbc_mac.c b/sys/opencrypto/xform_cbc_mac.c
index 60afe9501547a..755dd51d9517c 100644
--- a/sys/opencrypto/xform_cbc_mac.c
+++ b/sys/opencrypto/xform_cbc_mac.c
@@ -12,14 +12,11 @@ struct auth_hash auth_hash_ccm_cbc_mac_128 = {
 	.hashsize = AES_CBC_MAC_HASH_LEN,
 	.ctxsize = sizeof(struct aes_cbc_mac_ctx),
 	.blocksize = CCM_CBC_BLOCK_LEN,
-	.Init = (void (*)(void *)) AES_CBC_MAC_Init,
-	.Setkey =
-	    (void (*)(void *, const u_int8_t *, u_int16_t))AES_CBC_MAC_Setkey,
-	.Reinit =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Reinit,
-	.Update =
-	    (int  (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Update,
-	.Final = (void (*)(u_int8_t *, void *)) AES_CBC_MAC_Final,
+	.Init = AES_CBC_MAC_Init,
+	.Setkey = AES_CBC_MAC_Setkey,
+	.Reinit = AES_CBC_MAC_Reinit,
+	.Update = AES_CBC_MAC_Update,
+	.Final = AES_CBC_MAC_Final,
 };
 struct auth_hash auth_hash_ccm_cbc_mac_192 = {
 	.type = CRYPTO_AES_CCM_CBC_MAC,
@@ -28,14 +25,11 @@ struct auth_hash auth_hash_ccm_cbc_mac_192 = {
 	.hashsize = AES_CBC_MAC_HASH_LEN,
 	.ctxsize = sizeof(struct aes_cbc_mac_ctx),
 	.blocksize = CCM_CBC_BLOCK_LEN,
-	.Init = (void (*)(void *)) AES_CBC_MAC_Init,
-	.Setkey =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Setkey,
-	.Reinit =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Reinit,
-	.Update =
-	    (int  (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Update,
-	.Final = (void (*)(u_int8_t *, void *)) AES_CBC_MAC_Final,
+	.Init = AES_CBC_MAC_Init,
+	.Setkey = AES_CBC_MAC_Setkey,
+	.Reinit = AES_CBC_MAC_Reinit,
+	.Update = AES_CBC_MAC_Update,
+	.Final = AES_CBC_MAC_Final,
 };
 struct auth_hash auth_hash_ccm_cbc_mac_256 = {
 	.type = CRYPTO_AES_CCM_CBC_MAC,
@@ -44,12 +38,9 @@ struct auth_hash auth_hash_ccm_cbc_mac_256 = {
 	.hashsize = AES_CBC_MAC_HASH_LEN,
 	.ctxsize = sizeof(struct aes_cbc_mac_ctx),
 	.blocksize = CCM_CBC_BLOCK_LEN,
-	.Init = (void (*)(void *)) AES_CBC_MAC_Init,
-	.Setkey =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Setkey,
-	.Reinit =
-	    (void (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Reinit,
-	.Update =
-	    (int  (*)(void *, const u_int8_t *, u_int16_t)) AES_CBC_MAC_Update,
-	.Final = (void (*)(u_int8_t *, void *)) AES_CBC_MAC_Final,
+	.Init = AES_CBC_MAC_Init,
+	.Setkey = AES_CBC_MAC_Setkey,
+	.Reinit = AES_CBC_MAC_Reinit,
+	.Update = AES_CBC_MAC_Update,
+	.Final = AES_CBC_MAC_Final,
 };
diff --git a/sys/opencrypto/xform_gmac.c b/sys/opencrypto/xform_gmac.c
index 30bb53eccd854..0b981f2c95c31 100644
--- a/sys/opencrypto/xform_gmac.c
+++ b/sys/opencrypto/xform_gmac.c
@@ -65,34 +65,43 @@ struct enc_xform enc_xform_aes_nist_gmac = {
 
 /* Authentication instances */
 struct auth_hash auth_hash_nist_gmac_aes_128 = {
-	CRYPTO_AES_NIST_GMAC, "GMAC-AES-128",
-	AES_128_GMAC_KEY_LEN, AES_GMAC_HASH_LEN, sizeof(struct aes_gmac_ctx),
-	GMAC_BLOCK_LEN,
-	(void (*)(void *)) AES_GMAC_Init,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
-	(int  (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Update,
-	(void (*)(u_int8_t *, void *)) AES_GMAC_Final
+	.type = CRYPTO_AES_NIST_GMAC,
+	.name = "GMAC-AES-128",
+	.keysize = AES_128_GMAC_KEY_LEN,
+	.hashsize = AES_GMAC_HASH_LEN,
+	.ctxsize = sizeof(struct aes_gmac_ctx),
+	.blocksize = GMAC_BLOCK_LEN,
+	.Init = AES_GMAC_Init,
+	.Setkey = AES_GMAC_Setkey,
+	.Reinit = AES_GMAC_Reinit,
+	.Update = AES_GMAC_Update,
+	.Final = AES_GMAC_Final,
 };
 
 struct auth_hash auth_hash_nist_gmac_aes_192 = {
-	CRYPTO_AES_NIST_GMAC, "GMAC-AES-192",
-	AES_192_GMAC_KEY_LEN, AES_GMAC_HASH_LEN, sizeof(struct aes_gmac_ctx),
-	GMAC_BLOCK_LEN,
-	(void (*)(void *)) AES_GMAC_Init,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
-	(int  (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Update,
-	(void (*)(u_int8_t *, void *)) AES_GMAC_Final
+	.type = CRYPTO_AES_NIST_GMAC,
+	.name = "GMAC-AES-192",
+	.keysize = AES_192_GMAC_KEY_LEN,
+	.hashsize = AES_GMAC_HASH_LEN,
+	.ctxsize = sizeof(struct aes_gmac_ctx),
+	.blocksize = GMAC_BLOCK_LEN,
+	.Init = AES_GMAC_Init,
+	.Setkey = AES_GMAC_Setkey,
+	.Reinit = AES_GMAC_Reinit,
+	.Update = AES_GMAC_Update,
+	.Final = AES_GMAC_Final,
 };
 
 struct auth_hash auth_hash_nist_gmac_aes_256 = {
-	CRYPTO_AES_NIST_GMAC, "GMAC-AES-256",
-	AES_256_GMAC_KEY_LEN, AES_GMAC_HASH_LEN, sizeof(struct aes_gmac_ctx),
-	GMAC_BLOCK_LEN,
-	(void (*)(void *)) AES_GMAC_Init,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey,
-	(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
-	(int  (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Update,
-	(void (*)(u_int8_t *, void *)) AES_GMAC_Final
+	.type = CRYPTO_AES_NIST_GMAC,
+	.name = "GMAC-AES-256",
+	.keysize = AES_256_GMAC_KEY_LEN,
+	.hashsize = AES_GMAC_HASH_LEN,
+	.ctxsize = sizeof(struct aes_gmac_ctx),
+	.blocksize = GMAC_BLOCK_LEN,
+	.Init = AES_GMAC_Init,
+	.Setkey = AES_GMAC_Setkey,
+	.Reinit = AES_GMAC_Reinit,
+	.Update = AES_GMAC_Update,
+	.Final = AES_GMAC_Final,
 };
diff --git a/sys/opencrypto/xform_null.c b/sys/opencrypto/xform_null.c
index 16361380c08f0..498ee7d3cd23d 100644
--- a/sys/opencrypto/xform_null.c
+++ b/sys/opencrypto/xform_null.c
@@ -57,8 +57,8 @@ static	int null_setkey(void *, const u_int8_t *, int);
 static	void null_crypt(void *, const uint8_t *, uint8_t *);
 
 static	void null_init(void *);
-static	void null_reinit(void *ctx, const u_int8_t *buf, u_int16_t len);
-static	int null_update(void *, const u_int8_t *, u_int16_t);
+static	void null_reinit(void *ctx, const uint8_t *buf, u_int len);
+static	int null_update(void *, const void *, u_int);
 static	void null_final(u_int8_t *, void *);
 
 /* Encryption instances */
@@ -114,12 +114,12 @@ null_init(void *ctx)
 }
 
 static void
-null_reinit(void *ctx, const u_int8_t *buf, u_int16_t len)
+null_reinit(void *ctx, const uint8_t *buf, u_int len)
 {
 }
 
 static int
-null_update(void *ctx, const u_int8_t *buf, u_int16_t len)
+null_update(void *ctx, const void *buf, u_int len)
 {
 	return 0;
 }
diff --git a/sys/opencrypto/xform_poly1305.c b/sys/opencrypto/xform_poly1305.c
index 79c2d0505a325..bddbb572d6822 100644
--- a/sys/opencrypto/xform_poly1305.c
+++ b/sys/opencrypto/xform_poly1305.c
@@ -17,7 +17,7 @@ CTASSERT(POLY1305_KEY_LEN == crypto_onetimeauth_poly1305_KEYBYTES);
 CTASSERT(POLY1305_HASH_LEN == crypto_onetimeauth_poly1305_BYTES);
 
 void
-Poly1305_Init(struct poly1305_xform_ctx *polyctx)
+Poly1305_Init(void *polyctx)
 {
 	/* Nop */
 }
@@ -37,7 +37,7 @@ Poly1305_Setkey(struct poly1305_xform_ctx *polyctx,
 }
 
 static void
-xform_Poly1305_Setkey(void *ctx, const uint8_t *key, uint16_t klen)
+xform_Poly1305_Setkey(void *ctx, const uint8_t *key, u_int klen)
 {
 	Poly1305_Setkey(ctx, key, klen);
 }
@@ -55,7 +55,7 @@ Poly1305_Update(struct poly1305_xform_ctx *polyctx, const void *data,
 }
 
 static int
-xform_Poly1305_Update(void *ctx, const uint8_t *data, uint16_t len)
+xform_Poly1305_Update(void *ctx, const void *data, u_int len)
 {
 	return (Poly1305_Update(ctx, data, len));
 }
@@ -84,7 +84,7 @@ struct auth_hash auth_hash_poly1305 = {
 	.hashsize = POLY1305_HASH_LEN,
 	.ctxsize = sizeof(struct poly1305_xform_ctx),
 	.blocksize = crypto_onetimeauth_poly1305_BYTES,
-	.Init = (void *)Poly1305_Init,
+	.Init = Poly1305_Init,
 	.Setkey = xform_Poly1305_Setkey,
 	.Update = xform_Poly1305_Update,
 	.Final = xform_Poly1305_Final,
diff --git a/sys/opencrypto/xform_poly1305.h b/sys/opencrypto/xform_poly1305.h
index 7364ecdef1177..cca1c6af9395b 100644
--- a/sys/opencrypto/xform_poly1305.h
+++ b/sys/opencrypto/xform_poly1305.h
@@ -6,7 +6,7 @@
 
 struct poly1305_xform_ctx;
 
-void Poly1305_Init(struct poly1305_xform_ctx *);
+void Poly1305_Init(void *);
 
 void Poly1305_Setkey(struct poly1305_xform_ctx *,
     const uint8_t [__min_size(32)], size_t);
diff --git a/sys/opencrypto/xform_rmd160.c b/sys/opencrypto/xform_rmd160.c
index 98297308e0240..b4a845a7b323f 100644
--- a/sys/opencrypto/xform_rmd160.c
+++ b/sys/opencrypto/xform_rmd160.c
@@ -53,7 +53,9 @@ __FBSDID("$FreeBSD$");
 #include <opencrypto/rmd160.h>
 #include <opencrypto/xform_auth.h>
 
-static	int RMD160Update_int(void *, const u_int8_t *, u_int16_t);
+static	void RMD160Init_int(void *);
+static	int RMD160Update_int(void *, const void *, u_int);
+static	void RMD160Final_int(uint8_t *, void *);
 
 /* Authentication instances */
 struct auth_hash auth_hash_hmac_ripemd_160 = {
@@ -63,17 +65,26 @@ struct auth_hash auth_hash_hmac_ripemd_160 = {
 	.hashsize = RIPEMD160_HASH_LEN,
 	.ctxsize = sizeof(RMD160_CTX),
 	.blocksize = RIPEMD160_BLOCK_LEN,
-	.Init = (void (*)(void *)) RMD160Init,
+	.Init = RMD160Init_int,
 	.Update = RMD160Update_int,
-	.Final = (void (*)(u_int8_t *, void *)) RMD160Final,
+	.Final = RMD160Final_int,
 };
 
-/*
- * And now for auth.
- */
+static void
+RMD160Init_int(void *ctx)
+{
+	RMD160Init(ctx);
+}
+
 static int
-RMD160Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+RMD160Update_int(void *ctx, const void *buf, u_int len)
 {
 	RMD160Update(ctx, buf, len);
 	return 0;
 }
+
+static void
+RMD160Final_int(uint8_t *digest, void *ctx)
+{
+	RMD160Final(digest, ctx);
+}
diff --git a/sys/opencrypto/xform_sha1.c b/sys/opencrypto/xform_sha1.c
index e6becf03d36ca..26e7a70ac39d3 100644
--- a/sys/opencrypto/xform_sha1.c
+++ b/sys/opencrypto/xform_sha1.c
@@ -54,7 +54,7 @@ __FBSDID("$FreeBSD$");
 #include <opencrypto/xform_auth.h>
 
 static	void SHA1Init_int(void *);
-static	int SHA1Update_int(void *, const u_int8_t *, u_int16_t);
+static	int SHA1Update_int(void *, const void *, u_int);
 static	void SHA1Final_int(u_int8_t *, void *);
 
 /* Plain hash */
@@ -92,7 +92,7 @@ SHA1Init_int(void *ctx)
 }
 
 static int
-SHA1Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA1Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA1Update(ctx, buf, len);
 	return 0;
diff --git a/sys/opencrypto/xform_sha2.c b/sys/opencrypto/xform_sha2.c
index 0775247acb11b..a1662f1f3a1be 100644
--- a/sys/opencrypto/xform_sha2.c
+++ b/sys/opencrypto/xform_sha2.c
@@ -56,10 +56,10 @@ __FBSDID("$FreeBSD$");
 #include <crypto/sha2/sha512.h>
 #include <opencrypto/xform_auth.h>
 
-static	int SHA224Update_int(void *, const u_int8_t *, u_int16_t);
-static	int SHA256Update_int(void *, const u_int8_t *, u_int16_t);
-static	int SHA384Update_int(void *, const u_int8_t *, u_int16_t);
-static	int SHA512Update_int(void *, const u_int8_t *, u_int16_t);
+static	int SHA224Update_int(void *, const void *, u_int);
+static	int SHA256Update_int(void *, const void *, u_int);
+static	int SHA384Update_int(void *, const void *, u_int);
+static	int SHA512Update_int(void *, const void *, u_int);
 
 /* Plain hashes */
 struct auth_hash auth_hash_sha2_224 = {
@@ -162,28 +162,28 @@ struct auth_hash auth_hash_hmac_sha2_512 = {
  * And now for auth.
  */
 static int
-SHA224Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA224Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA224_Update(ctx, buf, len);
 	return 0;
 }
 
 static int
-SHA256Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA256Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA256_Update(ctx, buf, len);
 	return 0;
 }
 
 static int
-SHA384Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA384Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA384_Update(ctx, buf, len);
 	return 0;
 }
 
 static int
-SHA512Update_int(void *ctx, const u_int8_t *buf, u_int16_t len)
+SHA512Update_int(void *ctx, const void *buf, u_int len)
 {
 	SHA512_Update(ctx, buf, len);
 	return 0;