small changes in aesxcbcmac.c

[Alexander Nasonov <alnsn%yandex.ru@localhost>]

The first change shrinks aes_xcbc_mac_init by 183 bytes on amd64
(from 562 to 379 bytes).
The second change avoids a comparison with an address that may
point beyond the end of a buffer.
The third change is stylistic.
Alex

--- sys/opencrypto/aesxcbcmac.c.orig	2016-09-25 21:44:25.344941650 +0100
+++ sys/opencrypto/aesxcbcmac.c	2016-09-25 13:21:43.364224984 +0100
@@ -41,9 +41,12 @@
 int
 aes_xcbc_mac_init(void *vctx, const u_int8_t *key, u_int16_t keylen)
 {
-	u_int8_t k1seed[AES_BLOCKSIZE] = { 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 };
-	u_int8_t k2seed[AES_BLOCKSIZE] = { 2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2 };
-	u_int8_t k3seed[AES_BLOCKSIZE] = { 3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3 };
+	static const u_int8_t k1seed[AES_BLOCKSIZE] =
+	    { 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 };
+	static const u_int8_t k2seed[AES_BLOCKSIZE] =
+	    { 2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2 };
+	static const u_int8_t k3seed[AES_BLOCKSIZE] =
+	    { 3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3 };
 	u_int32_t r_ks[(RIJNDAEL_MAXNR+1)*4];
 	aesxcbc_ctx *ctx;
 	u_int8_t k1[AES_BLOCKSIZE];
@@ -98,7 +101,7 @@
 		ctx->buflen = 0;
 	}
 	/* due to the special processing for M[n], "=" case is not included */
-	while (addr + AES_BLOCKSIZE < ep) {
+	while (ep - addr > AES_BLOCKSIZE) {
 		memcpy(buf, addr, AES_BLOCKSIZE);
 		for (i = 0; i < sizeof(buf); i++)
 			buf[i] ^= ctx->e[i];
@@ -115,7 +118,7 @@
 void
 aes_xcbc_mac_result(u_int8_t *addr, void *vctx)
 {
-	u_char digest[AES_BLOCKSIZE];
+	u_int8_t digest[AES_BLOCKSIZE];
 	aesxcbc_ctx *ctx;
 	int i;