diff --git a/.cirrus.yml b/.cirrus.yml
index 73d23f3e..c7b6b8bb 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -1,5 +1,5 @@
 freebsd_instance:
-  image_family: freebsd-13-2
+  image_family: freebsd-14-1
 
 freebsd_task:
   env:
@@ -14,20 +14,8 @@ freebsd_task:
     - opam env
 
   pin_packages_script:
-    - opam install -y --deps-only -t ./mirage-crypto.opam ./mirage-crypto-rng.opam ./mirage-crypto-rng-lwt.opam ./mirage-crypto-rng-mirage.opam ./mirage-crypto-rng-async.opam ./mirage-crypto-ec.opam ./mirage-crypto-pk.opam
+    - opam install -y --deps-only -t ./mirage-crypto.opam ./mirage-crypto-rng.opam ./mirage-crypto-rng-lwt.opam ./mirage-crypto-rng-mirage.opam ./mirage-crypto-ec.opam ./mirage-crypto-pk.opam
 
-  test_script: opam exec -- dune runtest -p mirage-crypto,mirage-crypto-rng,mirage-crypto-rng-lwt,mirage-crypto-rng-mirage,mirage-crypto-pk,mirage-crypto-ec,mirage-crypto-rng-async
+  test_script: opam exec -- dune runtest -p mirage-crypto,mirage-crypto-rng,mirage-crypto-rng-lwt,mirage-crypto-rng-mirage,mirage-crypto-pk,mirage-crypto-ec
 
   test_mirage_script: eval `opam env` && ./.test-mirage.sh
-
-freebsd_eio_task:
-  pkg_install_script: pkg install -y ocaml-opam gmake pkgconf bash
-
-  ocaml_script:
-    - opam init -a --comp=5.0.0
-    - opam env
-
-  pin_packages_script:
-    - opam install -y --deps-only -t ./mirage-crypto.opam ./mirage-crypto-rng.opam ./mirage-crypto-rng-eio.opam
-
-  test_script: opam exec -- dune runtest -p mirage-crypto,mirage-crypto-rng,mirage-crypto-rng-eio
diff --git a/.test-mirage.sh b/.test-mirage.sh
index c4b6652a..50ec33cc 100755
--- a/.test-mirage.sh
+++ b/.test-mirage.sh
@@ -10,6 +10,7 @@ echo $version >> mirage-crypto-rng-mirage.opam
 echo $version >> mirage-crypto-rng.opam
 echo $version >> mirage-crypto.opam
 echo $version >> mirage-crypto-pk.opam
+opam pin add -yn mirage-random.3.99 --dev
 (mirage configure -t unix -f mirage/config.ml && gmake depend && dune build --root . mirage/dist/ && mirage/dist/crypto-test) || exit 1
 (mirage configure -t hvt -f mirage/config.ml && gmake depend && dune build --root . mirage/dist/) || exit 1
 if [ $(uname -m) = "amd64" ] || [ $(uname -m) = "x86_64" ]; then
diff --git a/mirage/config.ml b/mirage/config.ml
index fdcab34c..21647e63 100644
--- a/mirage/config.ml
+++ b/mirage/config.ml
@@ -1,8 +1,6 @@
 open Mirage
 
-let main = foreign "Unikernel.Main" (random @-> job)
-
-let () =
+let main =
   let packages = [
     package "mirage-crypto-rng" ;
     package "mirage-crypto-pk" ;
@@ -11,4 +9,7 @@ let () =
     package "ohex" ;
   ]
   in
-  register ~packages "crypto-test" [main $ default_random]
+  main ~packages "Unikernel.Main" (random @-> job)
+
+let () =
+  register "crypto-test" [main $ default_random]
diff --git a/pk/rsa.ml b/pk/rsa.ml
index 5eae25b9..3e787750 100644
--- a/pk/rsa.ml
+++ b/pk/rsa.ml
@@ -325,7 +325,7 @@ module MGF1 (H : Digestif.S) = struct
 
   let mask ~seed buf =
     let mgf_data = mgf ~seed (String.length buf) in
-    xor_into buf mgf_data (String.length buf);
+    xor_into buf ~src_off:0 mgf_data ~dst_off:0 (String.length buf);
     mgf_data
 end
 
diff --git a/rng/entropy.ml b/rng/entropy.ml
index 0404acb8..8fe710be 100644
--- a/rng/entropy.ml
+++ b/rng/entropy.ml
@@ -120,7 +120,7 @@ let cpu_rng_bootstrap =
   | Some insn ->
     let cpu_rng_bootstrap id =
       let r = cpu_rng insn () in
-      if r = 0 then failwith "bad CPU RNG value";
+      if r = 0 then failwith "Mirage_crypto_rng.Entropy: 0 is a bad CPU RNG value";
       let buf = Bytes.create 10 in
       Bytes.set_int64_le buf 2 (Int64.of_int r);
       write_header id buf;
diff --git a/src/ccm.ml b/src/ccm.ml
index a8368a03..f20a792e 100644
--- a/src/ccm.ml
+++ b/src/ccm.ml
@@ -135,7 +135,7 @@ let crypto_core ~cipher ~mode ~key ~nonce ~maclen ~adata data =
 let crypto_t t nonce cipher key =
   let ctr = gen_ctr nonce 0 in
   cipher ~key (Bytes.unsafe_to_string ctr) ~src_off:0 ctr ~dst_off:0 ;
-  xor_into (Bytes.unsafe_to_string ctr) t (Bytes.length t)
+  xor_into (Bytes.unsafe_to_string ctr) ~src_off:0 t ~dst_off:0 (Bytes.length t)
 
 let valid_nonce nonce =
   let nsize = String.length nonce in
diff --git a/src/mirage_crypto.mli b/src/mirage_crypto.mli
index 440ac0f3..9605d63c 100644
--- a/src/mirage_crypto.mli
+++ b/src/mirage_crypto.mli
@@ -35,18 +35,15 @@ module Uncommon : sig
   val iter3 : 'a -> 'a -> 'a -> ('a -> unit) -> unit
 
   val xor : string -> string -> string
-  val xor_into : string -> ?src_off:int -> bytes -> ?dst_off:int -> int -> unit
+  val xor_into : string -> src_off:int -> bytes -> dst_off:int -> int -> unit
 
   val invalid_arg : ('a, Format.formatter, unit, unit, unit, 'b) format6 -> 'a
-  val failwith : ('a, Format.formatter, unit, unit, unit, 'b) format6 -> 'a
 end
 
 (**/**)
 
 (** The poly1305 message authentication code *)
 module Poly1305 : sig
-  type mac = string
-
   type 'a iter = ('a -> unit) -> unit
 
   type t
@@ -66,18 +63,18 @@ module Poly1305 : sig
   val feedi : t -> string iter -> t
   (** [feedi t iter] feeds iter into [t]. *)
 
-  val get : t -> mac
+  val get : t -> string
   (** [get t] is the mac corresponding to [t]. *)
 
-  val mac : key:string -> string -> mac
+  val mac : key:string -> string -> string
   (** [mac ~key msg] is the all-in-one mac computation:
       [get (feed (empty ~key) msg)]. *)
 
-  val maci : key:string -> string iter -> mac
+  val maci : key:string -> string iter -> string
   (** [maci ~key iter] is the all-in-one mac computation:
       [get (feedi (empty ~key) iter)]. *)
 
-  val macl : key:string -> string list -> mac
+  val macl : key:string -> string list -> string
   (** [macl ~key datas] computes the [mac] of [datas]. *)
 end
 
diff --git a/src/poly1305.ml b/src/poly1305.ml
index 8d4caef8..eb571b82 100644
--- a/src/poly1305.ml
+++ b/src/poly1305.ml
@@ -1,5 +1,4 @@
 module type S = sig
-  type mac = string
   type 'a iter = 'a Uncommon.iter
 
   type t
@@ -10,13 +9,12 @@ module type S = sig
   val feedi : t -> string iter -> t
   val get : t -> string
 
-  val mac : key:string -> string -> mac
-  val maci : key:string -> string iter -> mac
-  val macl : key:string -> string list -> mac
+  val mac : key:string -> string -> string
+  val maci : key:string -> string iter -> string
+  val macl : key:string -> string list -> string
 end
 
 module It : S = struct
-  type mac = string
   type 'a iter = 'a Uncommon.iter
 
   module P = Native.Poly1305
diff --git a/src/uncommon.ml b/src/uncommon.ml
index 0f282e53..217ee2b6 100644
--- a/src/uncommon.ml
+++ b/src/uncommon.ml
@@ -4,7 +4,6 @@ let kasprintf k fmt =
   Format.(kfprintf (fun _ -> k (flush_str_formatter ())) str_formatter fmt)
 
 let invalid_arg fmt = kasprintf invalid_arg ("Mirage_crypto: " ^^ fmt)
-let failwith fmt = kasprintf failwith ("Mirage_crypto: " ^^ fmt)
 
 let (//) x y =
   if y < 1 then raise Division_by_zero else
@@ -18,13 +17,13 @@ type 'a iter = ('a -> unit) -> unit
 let iter2 a b   f = f a; f b
 let iter3 a b c f = f a; f b; f c
 
-let xor_into src ?(src_off = 0) dst ?(dst_off = 0) n =
+let xor_into src ~src_off dst ~dst_off n =
   Native.xor_into_bytes src src_off dst dst_off n
 
 let xor a b =
   assert (String.length a = String.length b);
   let b' = Bytes.of_string b in
-  xor_into a b' (Bytes.length b');
+  xor_into a ~src_off:0 b' ~dst_off:0 (Bytes.length b');
   Bytes.unsafe_to_string b'
 
 (* revise once OCaml 4.13 is the lower bound *)