crypto:Sync version differences

1.fix type warning for compile 2.hamc key can less than specified length 3.add new version algorithms to cryptodev sha256hmac sha384hmac sha512hmac aes128gmac Signed-off-by: anjiahao <anjiahao@xiaomi.com>
2026-05-29 20:56:47 +08:00 · 2022-10-22 15:50:43 +08:00
parent c7d347c7f0
commit acd3350554
13 changed files with 128 additions and 200 deletions
@@ -28,8 +28,7 @@
 #include <sys/types.h>
 #include <sys/systm.h>
 #include <sys/stdint.h>
-
+#include <crypto/aes.h>
 #include "aes.h"
 static inline void
 enc32le(void *dst, uint32_t x)
@@ -10,7 +10,7 @@
 #include <sys/types.h>
 #include <sys/systm.h>
 #include <crypto/cast.h>
-#include <crypto/castsb.h>
+#include "castsb.h"
 /* Macros to access 8-bit bytes out of a 32-bit word */
 #define U_INT8_Ta(x) ( (u_int8_t) (x>>24) )
@@ -19,7 +19,6 @@
 #include <sys/systm.h>
 #include <lib/libkern/libkern.h>
 #include <crypto/chacha_private.h>
 #include <crypto/poly1305.h>
 #include <crypto/chachapoly.h>
@@ -90,7 +89,7 @@ Chacha20_Poly1305_Reinit(void *xctx, const uint8_t *iv, uint16_t ivlen)
 int
 Chacha20_Poly1305_Update(void *xctx, const uint8_t *data, uint16_t len)
 {
-	static const char zeroes[POLY1305_BLOCK_LEN];
+	static const unsigned char zeroes[POLY1305_BLOCK_LEN];
 	CHACHA20_POLY1305_CTX *ctx = xctx;
 	size_t rem;
@@ -126,22 +125,22 @@ chacha20poly1305_encrypt(
    const uint8_t key[CHACHA20POLY1305_KEY_SIZE]
 ) {
 	poly1305_state poly1305_ctx;
-	chacha_ctx chacha_ctx;
+	chacha_ctx ctx;
 	union {
 		uint8_t b0[CHACHA20POLY1305_KEY_SIZE];
 		uint64_t lens[2];
 	} b = { { 0 } };
 	uint64_t le_nonce = htole64(nonce);
-	chacha_keysetup(&chacha_ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
+	chacha_keysetup(&ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
-	chacha_ivsetup(&chacha_ctx, (uint8_t *) &le_nonce, NULL);
+	chacha_ivsetup(&ctx, (uint8_t *) &le_nonce, NULL);
-	chacha_encrypt_bytes(&chacha_ctx, b.b0, b.b0, sizeof(b.b0));
+	chacha_encrypt_bytes(&ctx, b.b0, b.b0, sizeof(b.b0));
 	poly1305_init(&poly1305_ctx, b.b0);
 	poly1305_update(&poly1305_ctx, ad, ad_len);
 	poly1305_update(&poly1305_ctx, pad0, (0x10 - ad_len) & 0xf);
-	chacha_encrypt_bytes(&chacha_ctx, (uint8_t *) src, dst, src_len);
+	chacha_encrypt_bytes(&ctx, (uint8_t *) src, dst, src_len);
 	poly1305_update(&poly1305_ctx, dst, src_len);
 	poly1305_update(&poly1305_ctx, pad0, (0x10 - src_len) & 0xf);
@@ -152,7 +151,7 @@ chacha20poly1305_encrypt(
 	poly1305_finish(&poly1305_ctx, dst + src_len);
-	explicit_bzero(&chacha_ctx, sizeof(chacha_ctx));
+	explicit_bzero(&ctx, sizeof(chacha_ctx));
 	explicit_bzero(&b, sizeof(b));
 }
@@ -167,7 +166,7 @@ chacha20poly1305_decrypt(
    const uint8_t key[CHACHA20POLY1305_KEY_SIZE]
 ) {
 	poly1305_state poly1305_ctx;
-	chacha_ctx chacha_ctx;
+	chacha_ctx ctx;
 	int ret;
 	size_t dst_len;
 	union {
@@ -180,9 +179,9 @@ chacha20poly1305_decrypt(
 	if (src_len < CHACHA20POLY1305_AUTHTAG_SIZE)
 		return 0;
-	chacha_keysetup(&chacha_ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
+	chacha_keysetup(&ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
-	chacha_ivsetup(&chacha_ctx, (uint8_t *) &le_nonce, NULL);
+	chacha_ivsetup(&ctx, (uint8_t *) &le_nonce, NULL);
-	chacha_encrypt_bytes(&chacha_ctx, b.b0, b.b0, sizeof(b.b0));
+	chacha_encrypt_bytes(&ctx, b.b0, b.b0, sizeof(b.b0));
 	poly1305_init(&poly1305_ctx, b.b0);
 	poly1305_update(&poly1305_ctx, ad, ad_len);
@@ -200,9 +199,9 @@ chacha20poly1305_decrypt(
 	ret = timingsafe_bcmp(b.mac, src + dst_len, CHACHA20POLY1305_AUTHTAG_SIZE);
 	if (!ret)
-		chacha_encrypt_bytes(&chacha_ctx, (uint8_t *) src, dst, dst_len);
+		chacha_encrypt_bytes(&ctx, (uint8_t *) src, dst, dst_len);
-	explicit_bzero(&chacha_ctx, sizeof(chacha_ctx));
+	explicit_bzero(&ctx, sizeof(ctx));
 	explicit_bzero(&b, sizeof(b));
 	return !ret;
@@ -59,9 +59,9 @@ struct csession {
 	u_int32_t	ses;
 	u_int32_t	cipher;
-	struct enc_xform *txform;
+	const struct enc_xform *txform;
 	u_int32_t	mac;
-	struct auth_hash *thash;
+	const struct auth_hash *thash;
 	caddr_t		key;
 	int		keylen;
@@ -105,8 +105,8 @@ struct	csession *csefind(struct fcrypt *, u_int);
 int	csedelete(struct fcrypt *, struct csession *);
 struct	csession *cseadd(struct fcrypt *, struct csession *);
 struct	csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, u_int64_t,
-    caddr_t, u_int64_t, u_int32_t, u_int32_t, struct enc_xform *,
+    caddr_t, u_int64_t, u_int32_t, u_int32_t, const struct enc_xform *,
-    struct auth_hash *);
+    const struct auth_hash *);
 int	csefree(struct csession *);
 int	cryptodev_op(struct csession *, struct crypt_op *, struct proc *);
@@ -143,8 +143,8 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
 	struct csession *cse;
 	struct session_op *sop;
 	struct crypt_op *cop;
-	struct enc_xform *txform = NULL;
+	const struct enc_xform *txform = NULL;
-	struct auth_hash *thash = NULL;
+	const struct auth_hash *thash = NULL;
 	u_int64_t sid;
 	u_int32_t ses;
 	int error = 0;
@@ -155,9 +155,6 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
 		switch (sop->cipher) {
 		case 0:
 			break;
 		case CRYPTO_DES_CBC:
 			txform = &enc_xform_des;
 			break;
 		case CRYPTO_3DES_CBC:
 			txform = &enc_xform_3des;
 			break;
@@ -168,7 +165,7 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
 			txform = &enc_xform_cast5;
 			break;
 		case CRYPTO_AES_CBC:
-			txform = &enc_xform_rijndael128;
+			txform = &enc_xform_aes;
 			break;
 		case CRYPTO_AES_CTR:
 			txform = &enc_xform_aes_ctr;
@@ -176,9 +173,6 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
 		case CRYPTO_AES_XTS:
 			txform = &enc_xform_aes_xts;
 			break;
 		case CRYPTO_ARC4:
 			txform = &enc_xform_arc4;
 			break;
 		case CRYPTO_NULL:
 			txform = &enc_xform_null;
 			break;
@@ -189,7 +183,6 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
 		switch (sop->mac) {
 		case 0:
 			break;
 #if 0
 		case CRYPTO_MD5_HMAC:
 			thash = &auth_hash_hmac_md5_96;
 			break;
@@ -199,13 +192,18 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
 		case CRYPTO_RIPEMD160_HMAC:
 			thash = &auth_hash_hmac_ripemd_160_96;
 			break;
-		case CRYPTO_MD5:
+		case CRYPTO_SHA2_256_HMAC:
-			thash = &auth_hash_md5;
+			thash = &auth_hash_hmac_sha2_256_128;
 			break;
-		case CRYPTO_SHA1:
+		case CRYPTO_SHA2_384_HMAC:
-			thash = &auth_hash_sha1;
+			thash = &auth_hash_hmac_sha2_384_192;
 			break;
 		case CRYPTO_SHA2_512_HMAC:
 			thash = &auth_hash_hmac_sha2_512_256;
 			break;
 		case CRYPTO_AES_128_GMAC:
 			thash = &auth_hash_gmac_aes_128;
 			break;
 #endif
 		default:
 			return (EINVAL);
 		}
@@ -234,7 +232,7 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
 		if (thash) {
 			cria.cri_alg = thash->type;
 			cria.cri_klen = sop->mackeylen * 8;
-			if (sop->mackeylen != thash->keysize) {
+			if (sop->mackeylen > thash->keysize) {
 				error = EINVAL;
 				goto bail;
 			}
@@ -660,7 +658,8 @@ cryptoioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p)
 {
 	struct file *f;
 	struct fcrypt *fcr;
-	int fd, error;
+	int fd;
 	int error = 0;
 	switch (cmd) {
 	case CRIOGET:
@@ -725,7 +724,7 @@ cseadd(struct fcrypt *fcr, struct csession *cse)
 struct csession *
 csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen,
    caddr_t mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac,
-    struct enc_xform *txform, struct auth_hash *thash)
+    const struct enc_xform *txform, const struct auth_hash *thash)
 {
 	struct csession *cse;
@@ -741,6 +740,7 @@ csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen,
 	cse->mac = mac;
 	cse->txform = txform;
 	cse->thash = thash;
 	cse->error = 0;
 	cseadd(fcr, cse);
 	return (cse);
 }
@@ -103,7 +103,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
 {
 	unsigned char iv[EALG_MAX_BLOCK_LEN], blk[EALG_MAX_BLOCK_LEN], *idat;
 	unsigned char *ivp, *nivp, iv2[EALG_MAX_BLOCK_LEN];
-	struct enc_xform *exf;
+	const struct enc_xform *exf;
 	int i, k, j, blks, ind, count, ivlen;
 	struct mbuf *m = NULL;
 	struct uio *uio = NULL;
@@ -150,7 +150,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
 	 * handling themselves.
 	 */
 	if (exf->reinit)
-		exf->reinit(sw->sw_kschedule, iv);
+		exf->reinit((caddr_t)sw->sw_kschedule, iv);
 	if (outtype == CRYPTO_BUF_MBUF) {
 		/* Find beginning of data */
@@ -171,10 +171,10 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
 				/* Actual encryption/decryption */
 				if (exf->reinit) {
 					if (crd->crd_flags & CRD_F_ENCRYPT) {
-						exf->encrypt(sw->sw_kschedule,
+						exf->encrypt((caddr_t)sw->sw_kschedule,
 						    blk);
 					} else {
-						exf->decrypt(sw->sw_kschedule,
+						exf->decrypt((caddr_t)sw->sw_kschedule,
 						    blk);
 					}
 				} else if (crd->crd_flags & CRD_F_ENCRYPT) {
@@ -182,7 +182,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
 					for (j = 0; j < blks; j++)
 						blk[j] ^= ivp[j];
-					exf->encrypt(sw->sw_kschedule, blk);
+					exf->encrypt((caddr_t)sw->sw_kschedule, blk);
 					/*
 					 * Keep encrypted block for XOR'ing
@@ -198,7 +198,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
 					nivp = (ivp == iv) ? iv2 : iv;
 					bcopy(blk, nivp, blks);
-					exf->decrypt(sw->sw_kschedule, blk);
+					exf->decrypt((caddr_t)sw->sw_kschedule, blk);
 					/* XOR with previous block */
 					for (j = 0; j < blks; j++)
@@ -422,7 +422,7 @@ swcr_authcompute(struct cryptop *crp, struct cryptodesc *crd,
    struct swcr_data *sw, caddr_t buf, int outtype)
 {
 	unsigned char aalg[AALG_MAX_RESULT_LEN];
-	struct auth_hash *axf;
+	const struct auth_hash *axf;
 	union authctx ctx;
 	int err;
@@ -464,27 +464,13 @@ swcr_authcompute(struct cryptop *crp, struct cryptodesc *crd,
 		axf->Update(&ctx, aalg, axf->hashsize);
 		axf->Final(aalg, &ctx);
 		break;
 	case CRYPTO_MD5_KPDK:
 	case CRYPTO_SHA1_KPDK:
 		if (sw->sw_octx == NULL)
 			return EINVAL;
 		axf->Update(&ctx, sw->sw_octx, sw->sw_klen);
 		axf->Final(aalg, &ctx);
 		break;
 	case CRYPTO_MD5:
 	case CRYPTO_SHA1:
 		axf->Final(aalg, &ctx);
 		break;
 	}
 	/* Inject the authentication data */
 	if (outtype == CRYPTO_BUF_MBUF)
-		COPYBACK(outtype, buf, crd->crd_inject, axf->authsize, aalg);
+		COPYBACK(outtype, buf, crd->crd_inject, axf->hashsize, aalg);
 	else
-		bcopy(aalg, crp->crp_mac, axf->authsize);
+		bcopy(aalg, crp->crp_mac, axf->hashsize);
 	return 0;
 }
@@ -502,8 +488,8 @@ swcr_authenc(struct cryptop *crp)
 	union authctx ctx;
 	struct cryptodesc *crd, *crda = NULL, *crde = NULL;
 	struct swcr_data *sw, *swa, *swe = NULL;
-	struct auth_hash *axf = NULL;
+	const struct auth_hash *axf = NULL;
-	struct enc_xform *exf = NULL;
+	const struct enc_xform *exf = NULL;
 	struct mbuf *m = NULL;
 	struct uio *uio = NULL;
 	caddr_t buf = (caddr_t)crp->crp_buf;
@@ -523,6 +509,7 @@ swcr_authenc(struct cryptop *crp)
 		switch (sw->sw_alg) {
 		case CRYPTO_AES_GCM_16:
 		case CRYPTO_AES_GMAC:
 		case CRYPTO_CHACHA20_POLY1305:
 			swe = sw;
 			crde = crd;
 			exf = swe->sw_exf;
@@ -531,6 +518,7 @@ swcr_authenc(struct cryptop *crp)
 		case CRYPTO_AES_128_GMAC:
 		case CRYPTO_AES_192_GMAC:
 		case CRYPTO_AES_256_GMAC:
 		case CRYPTO_CHACHA20_POLY1305_MAC:
 			swa = sw;
 			crda = crd;
 			axf = swa->sw_axf;
@@ -609,7 +597,7 @@ swcr_authenc(struct cryptop *crp)
 	}
 	if (exf->reinit)
-		exf->reinit(swe->sw_kschedule, iv);
+		exf->reinit((caddr_t)swe->sw_kschedule, iv);
 	/* Do encryption/decryption with MAC */
 	for (i = 0; i < crde->crd_len; i += blksz) {
@@ -618,11 +606,11 @@ swcr_authenc(struct cryptop *crp)
 			bzero(blk, blksz);
 		COPYDATA(outtype, buf, crde->crd_skip + i, len, blk);
 		if (crde->crd_flags & CRD_F_ENCRYPT) {
-			exf->encrypt(swe->sw_kschedule, blk);
+			exf->encrypt((caddr_t)swe->sw_kschedule, blk);
 			axf->Update(&ctx, blk, len);
 		} else {
 			axf->Update(&ctx, blk, len);
-			exf->decrypt(swe->sw_kschedule, blk);
+			exf->decrypt((caddr_t)swe->sw_kschedule, blk);
 		}
 		COPYBACK(outtype, buf, crde->crd_skip + i, len, blk);
 	}
@@ -640,6 +628,15 @@ swcr_authenc(struct cryptop *crp)
 			*blkp = htobe32(crde->crd_len * 8);
 			axf->Update(&ctx, blk, blksz);
 			break;
 		case CRYPTO_CHACHA20_POLY1305_MAC:
 			/* length block */
 			bzero(blk, axf->hashsize);
 			blkp = (uint32_t *)blk;
 			*blkp = htole32(aadlen);
 			blkp = (uint32_t *)blk + 2;
 			*blkp = htole32(crde->crd_len);
 			axf->Update(&ctx, blk, axf->hashsize);
 			break;
 	}
 	/* Finalize MAC */
@@ -662,7 +659,7 @@ swcr_compdec(struct cryptodesc *crd, struct swcr_data *sw,
    caddr_t buf, int outtype)
 {
 	u_int8_t *data, *out;
-	struct comp_algo *cxf;
+	const struct comp_algo *cxf;
 	int adj;
 	u_int32_t result;
@@ -737,9 +734,9 @@ int
 swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 {
 	struct swcr_data **swd;
-	struct auth_hash *axf;
+	const struct auth_hash *axf;
-	struct enc_xform *txf;
+	const struct enc_xform *txf;
-	struct comp_algo *cxf;
+	const struct comp_algo *cxf;
 	u_int32_t i;
 	int k;
@@ -792,9 +789,6 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 		}
 		switch (cri->cri_alg) {
 		case CRYPTO_DES_CBC:
 			txf = &enc_xform_des;
 			goto enccommon;
 		case CRYPTO_3DES_CBC:
 			txf = &enc_xform_3des;
 			goto enccommon;
@@ -804,8 +798,8 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 		case CRYPTO_CAST_CBC:
 			txf = &enc_xform_cast5;
 			goto enccommon;
-		case CRYPTO_RIJNDAEL128_CBC:
+		case CRYPTO_AES_CBC:
-			txf = &enc_xform_rijndael128;
+			txf = &enc_xform_aes;
 			goto enccommon;
 		case CRYPTO_AES_CTR:
 			txf = &enc_xform_aes_ctr;
@@ -820,6 +814,9 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 			txf = &enc_xform_aes_gmac;
 			(*swd)->sw_exf = txf;
 			break;
 		case CRYPTO_CHACHA20_POLY1305:
 			txf = &enc_xform_chacha20_poly1305;
 			goto enccommon;
 		case CRYPTO_NULL:
 			txf = &enc_xform_null;
 			goto enccommon;
@@ -832,8 +829,9 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 					return EINVAL;
 				}
 			}
-			if (txf->setkey((*swd)->sw_kschedule, cri->cri_key,
+			if (txf->setkey((*swd)->sw_kschedule,
-			    cri->cri_klen / 8) < 0) {
+							(uint8_t *)cri->cri_key,
 							cri->cri_klen / 8) < 0) {
 				swcr_freesession(i);
 				return EINVAL;
 			}
@@ -876,7 +874,7 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 				cri->cri_key[k] ^= HMAC_IPAD_VAL;
 			axf->Init((*swd)->sw_ictx);
-			axf->Update((*swd)->sw_ictx, cri->cri_key,
+			axf->Update((*swd)->sw_ictx, (uint8_t *)cri->cri_key,
 			    cri->cri_klen / 8);
 			axf->Update((*swd)->sw_ictx, hmac_ipad_buffer,
 			    axf->blocksize - (cri->cri_klen / 8));
@@ -885,7 +883,7 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 				cri->cri_key[k] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL);
 			axf->Init((*swd)->sw_octx);
-			axf->Update((*swd)->sw_octx, cri->cri_key,
+			axf->Update((*swd)->sw_octx, (uint8_t *)cri->cri_key,
 			    cri->cri_klen / 8);
 			axf->Update((*swd)->sw_octx, hmac_opad_buffer,
 			    axf->blocksize - (cri->cri_klen / 8));
@@ -895,55 +893,6 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 			(*swd)->sw_axf = axf;
 			break;
 		case CRYPTO_MD5_KPDK:
 			axf = &auth_hash_key_md5;
 			goto auth2common;
 		case CRYPTO_SHA1_KPDK:
 			axf = &auth_hash_key_sha1;
 		auth2common:
 			(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
 			    M_NOWAIT);
 			if ((*swd)->sw_ictx == NULL) {
 				swcr_freesession(i);
 				return ENOBUFS;
 			}
 			/* Store the key so we can "append" it to the payload */
 			(*swd)->sw_octx = malloc(cri->cri_klen / 8, M_CRYPTO_DATA,
 			    M_NOWAIT);
 			if ((*swd)->sw_octx == NULL) {
 				swcr_freesession(i);
 				return ENOBUFS;
 			}
 			(*swd)->sw_klen = cri->cri_klen / 8;
 			bcopy(cri->cri_key, (*swd)->sw_octx, cri->cri_klen / 8);
 			axf->Init((*swd)->sw_ictx);
 			axf->Update((*swd)->sw_ictx, cri->cri_key,
 			    cri->cri_klen / 8);
 			axf->Final(NULL, (*swd)->sw_ictx);
 			(*swd)->sw_axf = axf;
 			break;
 		case CRYPTO_MD5:
 			axf = &auth_hash_md5;
 			goto auth3common;
 		case CRYPTO_SHA1:
 			axf = &auth_hash_sha1;
 		auth3common:
 			(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
 			    M_NOWAIT);
 			if ((*swd)->sw_ictx == NULL) {
 				swcr_freesession(i);
 				return ENOBUFS;
 			}
 			axf->Init((*swd)->sw_ictx);
 			(*swd)->sw_axf = axf;
 			break;
 		case CRYPTO_AES_128_GMAC:
 			axf = &auth_hash_gmac_aes_128;
 			goto auth4common;
@@ -954,6 +903,11 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 		case CRYPTO_AES_256_GMAC:
 			axf = &auth_hash_gmac_aes_256;
 			goto auth4common;
 		case CRYPTO_CHACHA20_POLY1305_MAC:
 			axf = &auth_hash_chacha20_poly1305;
 		auth4common:
 			(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
 			    M_NOWAIT);
@@ -962,7 +916,7 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 				return ENOBUFS;
 			}
 			axf->Init((*swd)->sw_ictx);
-			axf->Setkey((*swd)->sw_ictx, cri->cri_key,
+			axf->Setkey((*swd)->sw_ictx, (uint8_t *)cri->cri_key,
 			    cri->cri_klen / 8);
 			(*swd)->sw_axf = axf;
 			break;
@@ -993,8 +947,8 @@ int
 swcr_freesession(u_int64_t tid)
 {
 	struct swcr_data *swd;
-	struct enc_xform *txf;
+	const struct enc_xform *txf;
-	struct auth_hash *axf;
+	const struct auth_hash *axf;
 	u_int32_t sid = ((u_int32_t) tid) & 0xffffffff;
 	if (sid > swcr_sesnum || swcr_sessions == NULL ||
@@ -1009,7 +963,6 @@ swcr_freesession(u_int64_t tid)
 		swcr_sessions[sid] = swd->sw_next;
 		switch (swd->sw_alg) {
 		case CRYPTO_DES_CBC:
 		case CRYPTO_3DES_CBC:
 		case CRYPTO_BLF_CBC:
 		case CRYPTO_CAST_CBC:
@@ -1018,6 +971,7 @@ swcr_freesession(u_int64_t tid)
 		case CRYPTO_AES_XTS:
 		case CRYPTO_AES_GCM_16:
 		case CRYPTO_AES_GMAC:
 		case CRYPTO_CHACHA20_POLY1305:
 		case CRYPTO_NULL:
 			txf = swd->sw_exf;
@@ -1045,25 +999,10 @@ swcr_freesession(u_int64_t tid)
 			}
 			break;
 		case CRYPTO_MD5_KPDK:
 		case CRYPTO_SHA1_KPDK:
 			axf = swd->sw_axf;
 			if (swd->sw_ictx) {
 				explicit_bzero(swd->sw_ictx, axf->ctxsize);
 				free(swd->sw_ictx, M_CRYPTO_DATA, 0);
 			}
 			if (swd->sw_octx) {
 				explicit_bzero(swd->sw_octx, swd->sw_klen);
 				free(swd->sw_octx, M_CRYPTO_DATA, 0);
 			}
 			break;
 		case CRYPTO_AES_128_GMAC:
 		case CRYPTO_AES_192_GMAC:
 		case CRYPTO_AES_256_GMAC:
-		case CRYPTO_MD5:
+		case CRYPTO_CHACHA20_POLY1305_MAC:
 		case CRYPTO_SHA1:
 			axf = swd->sw_axf;
 			if (swd->sw_ictx) {
@@ -1135,7 +1074,6 @@ swcr_process(struct cryptop *crp)
 		switch (sw->sw_alg) {
 		case CRYPTO_NULL:
 			break;
 		case CRYPTO_DES_CBC:
 		case CRYPTO_3DES_CBC:
 		case CRYPTO_BLF_CBC:
 		case CRYPTO_CAST_CBC:
@@ -1152,10 +1090,6 @@ swcr_process(struct cryptop *crp)
 		case CRYPTO_SHA2_256_HMAC:
 		case CRYPTO_SHA2_384_HMAC:
 		case CRYPTO_SHA2_512_HMAC:
 		case CRYPTO_MD5_KPDK:
 		case CRYPTO_SHA1_KPDK:
 		case CRYPTO_MD5:
 		case CRYPTO_SHA1:
 			if ((crp->crp_etype = swcr_authcompute(crp, crd, sw,
 			    crp->crp_buf, type)) != 0)
 				goto done;
@@ -1166,6 +1100,8 @@ swcr_process(struct cryptop *crp)
 		case CRYPTO_AES_128_GMAC:
 		case CRYPTO_AES_192_GMAC:
 		case CRYPTO_AES_256_GMAC:
 		case CRYPTO_CHACHA20_POLY1305:
 		case CRYPTO_CHACHA20_POLY1305_MAC:
 			crp->crp_etype = swcr_authenc(crp);
 			goto done;
@@ -1207,17 +1143,12 @@ swcr_init(void)
 	bzero(algs, sizeof(algs));
 	algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_BLF_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_CAST_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_RIPEMD160_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_MD5_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_SHA1_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_RIJNDAEL128_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_AES_XTS] = CRYPTO_ALG_FLAG_SUPPORTED;
@@ -1231,6 +1162,8 @@ swcr_init(void)
 	algs[CRYPTO_AES_128_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_AES_192_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_AES_256_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_CHACHA20_POLY1305] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_CHACHA20_POLY1305_MAC] = CRYPTO_ALG_FLAG_SUPPORTED;
 	algs[CRYPTO_ESN] = CRYPTO_ALG_FLAG_SUPPORTED;
 	crypto_register(swcr_id, algs, swcr_newsession,
@@ -68,7 +68,7 @@ typedef struct des_ks_struct
 #define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
-void des_encrypt2(u_int32_t *data,des_key_schedule ks, int enc);
+void des_encrypt2(u_int32_t *data,caddr_t ks, int enc);
 #define ITERATIONS 16
@@ -50,8 +50,8 @@
 #include "des_locl.h"
 void
-des_ecb3_encrypt(des_cblock (*input), des_cblock (*output),
+des_ecb3_encrypt(caddr_t (*input), caddr_t (*output),
-    des_key_schedule ks1, des_key_schedule ks2, des_key_schedule ks3,
+    caddr_t ks1, caddr_t ks2, caddr_t ks3,
    int encrypt)
 {
 	register u_int32_t l0, l1;
@@ -51,7 +51,7 @@
 #include "spr.h"
 void
-des_encrypt2(u_int32_t *data, des_key_schedule ks, int encrypt)
+des_encrypt2(u_int32_t *data, caddr_t ks, int encrypt)
 {
 	register u_int32_t l, r, t, u;
 #ifdef DES_USE_PTR
@@ -61,7 +61,7 @@ aes_key_wrap(aes_key_wrap_ctx *ctx, const u_int8_t *P, size_t n, u_int8_t *C)
 			memcpy(&B[0], A, 8);
 			memcpy(&B[1], R, 8);
 			/* B = AES(K, B) */
-			AES_Encrypt(&ctx->ctx, (caddr_t)B, (caddr_t)B);
+			AES_Encrypt(&ctx->ctx, (uint8_t *)B, (uint8_t *)B);
 			/* MSB(64, B) = MSB(64, B) ^ t */
 			B[0] ^= htobe64(t);
 			/* A = MSB(64, B) */
@@ -96,7 +96,7 @@ aes_key_unwrap(aes_key_wrap_ctx *ctx, const u_int8_t *C, u_int8_t *P, size_t n)
 			/* B = MSB(64, B) | R[i] */
 			memcpy(&B[1], R, 8);
 			/* B = AES-1(K, B) */
-			AES_Decrypt(&ctx->ctx, (caddr_t)B, (caddr_t)B);
+			AES_Decrypt(&ctx->ctx, (uint8_t *)B, (uint8_t *)B);
 			/* A = MSB(64, B) */
 			memcpy(A, &B[0], 8);
 			/* R[i] = LSB(64, B) */
@@ -8,7 +8,7 @@
 #include <sys/types.h>
 #include <sys/systm.h>
-#include "poly1305.h"
+#include <crypto/poly1305.h>
 /*
 * poly1305 implementation using 32 bit * 32 bit = 64 bit multiplication
@@ -66,6 +66,8 @@
 #include <crypto/gmac.h>
 #include <crypto/chachapoly.h>
 #include "des_locl.h"
 extern void des_ecb3_encrypt(caddr_t, caddr_t, caddr_t, caddr_t, caddr_t, int);
 int  des_set_key(void *, caddr_t);
@@ -311,13 +313,13 @@ const struct comp_algo comp_algo_deflate = {
 void
 des3_encrypt(caddr_t key, u_int8_t *blk)
 {
-	des_ecb3_encrypt(blk, blk, key, key + 128, key + 256, 1);
+	des_ecb3_encrypt((caddr_t)blk, (caddr_t)blk, key, key + 128, key + 256, 1);
 }
 void
 des3_decrypt(caddr_t key, u_int8_t *blk)
 {
-	des_ecb3_encrypt(blk, blk, key + 256, key + 128, key, 0);
+	des_ecb3_encrypt((caddr_t)blk, (caddr_t)blk, key + 256, key + 128, key, 0);
 }
 int
@@ -82,35 +82,30 @@
 /* Maximum hash algorithm result length */
 #define AALG_MAX_RESULT_LEN	64 /* Keep this updated */
-#define CRYPTO_DES_CBC		1
+#define CRYPTO_3DES_CBC		1
-#define CRYPTO_3DES_CBC		2
+#define CRYPTO_BLF_CBC		2
-#define CRYPTO_BLF_CBC		3
+#define CRYPTO_CAST_CBC		3
-#define CRYPTO_CAST_CBC		4
+#define CRYPTO_MD5_HMAC		4
-#define CRYPTO_MD5_HMAC		6
+#define CRYPTO_SHA1_HMAC	5
-#define CRYPTO_SHA1_HMAC	7
+#define CRYPTO_RIPEMD160_HMAC	6
-#define CRYPTO_RIPEMD160_HMAC	8
+#define CRYPTO_RIJNDAEL128_CBC	7 /* 128 bit blocksize */
-#define CRYPTO_MD5_KPDK		9
+#define CRYPTO_AES_CBC		7 /* 128 bit blocksize -- the same as above */
-#define CRYPTO_SHA1_KPDK	10
+#define CRYPTO_DEFLATE_COMP	8 /* Deflate compression algorithm */
-#define CRYPTO_RIJNDAEL128_CBC	11 /* 128 bit blocksize */
+#define CRYPTO_NULL		9
-#define CRYPTO_AES_CBC		11 /* 128 bit blocksize -- the same as above */
+#define CRYPTO_SHA2_256_HMAC	11
-#define CRYPTO_ARC4		12
+#define CRYPTO_SHA2_384_HMAC	12
-#define CRYPTO_MD5		13
+#define CRYPTO_SHA2_512_HMAC	13
-#define CRYPTO_SHA1		14
+#define CRYPTO_AES_CTR		14
-#define CRYPTO_DEFLATE_COMP	15 /* Deflate compression algorithm */
+#define CRYPTO_AES_XTS		15
-#define CRYPTO_NULL		16
+#define CRYPTO_AES_GCM_16	16
-#define CRYPTO_LZS_COMP		17 /* LZS compression algorithm */
+#define CRYPTO_AES_128_GMAC	17
-#define CRYPTO_SHA2_256_HMAC	18
+#define CRYPTO_AES_192_GMAC	18
-#define CRYPTO_SHA2_384_HMAC	19
+#define CRYPTO_AES_256_GMAC	19
-#define CRYPTO_SHA2_512_HMAC	20
+#define CRYPTO_AES_GMAC		20
-#define CRYPTO_AES_CTR		21
+#define CRYPTO_CHACHA20_POLY1305	21
-#define CRYPTO_AES_XTS		22
+#define CRYPTO_CHACHA20_POLY1305_MAC	22
-#define CRYPTO_AES_GCM_16	23
+#define CRYPTO_ESN		23 /* Support for Extended Sequence Numbers */
-#define CRYPTO_AES_128_GMAC	24
+#define CRYPTO_ALGORITHM_MAX	23 /* Keep updated */
 #define CRYPTO_AES_192_GMAC	25
 #define CRYPTO_AES_256_GMAC	26
 #define CRYPTO_AES_GMAC		27
 #define CRYPTO_ESN		28 /* Support for Extended Sequence Numbers */
 #define CRYPTO_ALGORITHM_MAX	28 /* Keep updated */
 /* Algorithm flags */
 #define	CRYPTO_ALG_FLAG_SUPPORTED	0x01 /* Algorithm is supported */
@@ -32,15 +32,15 @@ struct swcr_data {
 			u_int8_t	 *SW_ictx;
 			u_int8_t	 *SW_octx;
 			u_int32_t	 SW_klen;
-			struct auth_hash *SW_axf;
+			const struct auth_hash *SW_axf;
 		} SWCR_AUTH;
 		struct {
 			u_int8_t	 *SW_kschedule;
-			struct enc_xform *SW_exf;
+			const struct enc_xform *SW_exf;
 		} SWCR_ENC;
 		struct {
 			u_int32_t	 SW_size;
-			struct comp_algo *SW_cxf;
+			const struct comp_algo *SW_cxf;
 		} SWCR_COMP;
 	} SWCR_UN;