Update digest to version 20160216, as proposed on tech-pkg.

Changes since previous version:

+ add Taylor Campbell's implementation of SHA3 digests.  This includes
code to calculate 224, 256, 384 and 512bit length digests.

+ change the license on all the code I wrote to be 2-clause BSD

+ modify license years for things that have been changed

+ add self-test command line option to digest(1) via the -t switch

pkgsrc changes

+ derive version number for the package automatically from the source
code

12 files changed, 1463 insertions, 128 deletions

diff --git a/pkgtools/digest/files/COPYING b/pkgtools/digest/files/COPYING
index 222b0f91010..9475f227008 100644
--- a/pkgtools/digest/files/COPYING
+++ b/pkgtools/digest/files/COPYING
@@ -1,5 +1,6 @@
-/*
- * Copyright (c) 2001 Alistair G. Crooks.  All rights reserved.
+/*-
+ * Copyright (c) 2001-2016 Alistair Crooks <agc@NetBSD.org>
+ * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -9,22 +10,15 @@
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by Alistair G. Crooks.
- * 4. The name of the author may not be used to endorse or promote
- *    products derived from this software without specific prior written
- *    permission.
  *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
- * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
diff --git a/pkgtools/digest/files/Makefile.in b/pkgtools/digest/files/Makefile.in
index ff3af5b9a95..cb11e762c5b 100644
--- a/pkgtools/digest/files/Makefile.in
+++ b/pkgtools/digest/files/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.5 2007/07/03 18:54:02 joerg Exp $
+# $Id: Makefile.in,v 1.6 2016/03/03 22:11:07 agc Exp $
 
 @SET_MAKE@
 SHELL = @SHELL@
@@ -42,12 +42,14 @@ LDFLAGS= @LDFLAGS@
 LINK= $(CCLD) $(CFLAGS) $(LDFLAGS) -o $@
 COMPILE= $(CC) $(DEFS) $(CPPFLAGS) $(CFLAGS)
 
-digest_OBJS = digest.o md5c.o rmd160.o rmd160hl.o sha2.o sha2hl.o \
-md5hl.o sha1.o sha1hl.o tiger.o whirlpool.o
+digest_OBJS = digest.o keccak.o md5c.o md5hl.o rmd160.o \
+rmd160hl.o sha1.o sha1hl.o sha2.o sha2hl.o sha3.o sha3hl.o \
+tiger.o whirlpool.o
 
-SRCS= digest.c md5c.c rmd160.c rmd160hl.c sha2.c sha2hl.c md5hl.c sha1.c \
-sha1hl.c md5.h rmd160.h sha1.h sha2.h tiger.c tiger.h whirlpool.c \
-whirlpool.h
+SRCS= digest.c keccak.c md5c.c md5hl.c rmd160.c \
+rmd160hl.c sha1.c sha1hl.c sha2.c sha2hl.c sha3.c sha3hl.c \
+tiger.c whirlpool.c \
+md5.h rmd160.h sha1.h sha2.h sha3.h tiger.h whirlpool.h
 
 DISTFILES= $(SRCS) AUTHORS COPYING DESCR INSTALL Makefile.in NEWS aclocal.m4 \
 config.guess config.h.in config.sub configure configure.ac install-sh \
diff --git a/pkgtools/digest/files/configure b/pkgtools/digest/files/configure
index 2d76c50e06d..eef6946dc48 100755
--- a/pkgtools/digest/files/configure
+++ b/pkgtools/digest/files/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for nbsd-digest 20121220.
+# Generated by GNU Autoconf 2.69 for nbsd-digest 20160216.
 #
 # Report bugs to <agc@netbsd.org>.
 #
@@ -580,8 +580,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='nbsd-digest'
 PACKAGE_TARNAME='nbsd-digest'
-PACKAGE_VERSION='20121220'
-PACKAGE_STRING='nbsd-digest 20121220'
+PACKAGE_VERSION='20160216'
+PACKAGE_STRING='nbsd-digest 20160216'
 PACKAGE_BUGREPORT='agc@netbsd.org'
 PACKAGE_URL=''
 
@@ -1242,7 +1242,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures nbsd-digest 20121220 to adapt to many kinds of systems.
+\`configure' configures nbsd-digest 20160216 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1312,7 +1312,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of nbsd-digest 20121220:";;
+     short | recursive ) echo "Configuration of nbsd-digest 20160216:";;
    esac
   cat <<\_ACEOF
 
@@ -1392,7 +1392,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-nbsd-digest configure 20121220
+nbsd-digest configure 20160216
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1937,7 +1937,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by nbsd-digest $as_me 20121220, which was
+It was created by nbsd-digest $as_me 20160216, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -4707,7 +4707,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by nbsd-digest $as_me 20121220, which was
+This file was extended by nbsd-digest $as_me 20160216, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -4769,7 +4769,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-nbsd-digest config.status 20121220
+nbsd-digest config.status 20160216
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff --git a/pkgtools/digest/files/configure.ac b/pkgtools/digest/files/configure.ac
index 1f513677758..2a80ebf6330 100644
--- a/pkgtools/digest/files/configure.ac
+++ b/pkgtools/digest/files/configure.ac
@@ -1,7 +1,7 @@
-dnl $Id: configure.ac,v 1.18 2013/01/03 10:20:31 dholland Exp $
+dnl $Id: configure.ac,v 1.19 2016/03/03 22:11:07 agc Exp $
 dnl Process this file with autoconf to produce a configure script.
 AC_PREREQ(2.57)
-AC_INIT([nbsd-digest],[20121220],[agc@netbsd.org])
+AC_INIT([nbsd-digest],[20160216],[agc@netbsd.org])
 AC_CONFIG_SRCDIR([digest.c])
 AC_CONFIG_HEADER(config.h)
 AC_ARG_PROGRAM
diff --git a/pkgtools/digest/files/digest.1 b/pkgtools/digest/files/digest.1
index c9ae36fa819..50674f8c8bd 100644
--- a/pkgtools/digest/files/digest.1
+++ b/pkgtools/digest/files/digest.1
@@ -1,7 +1,7 @@
-.\" $NetBSD: digest.1,v 1.7 2013/07/20 21:50:52 wiz Exp $
+.\" $NetBSD: digest.1,v 1.8 2016/03/03 22:11:07 agc Exp $
 .\"
-.\"
-.\" Copyright (c) 2001 Alistair G. Crooks.  All rights reserved.
+.\" Copyright (c) 2001-2016 Alistair Crooks <agc@NetBSD.org>
+.\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
@@ -11,27 +11,19 @@
 .\" 2. Redistributions in binary form must reproduce the above copyright
 .\"    notice, this list of conditions and the following disclaimer in the
 .\"    documentation and/or other materials provided with the distribution.
-.\" 3. All advertising materials mentioning features or use of this software
-.\"    must display the following acknowledgement:
-.\"	This product includes software developed by Alistair G. Crooks.
-.\" 4. The name of the author may not be used to endorse or promote
-.\"    products derived from this software without specific prior written
-.\"    permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
-.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
-.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
-.\" GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-.\" WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-.\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-.\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd March 23, 2005
+.Dd February 16, 2016
 .Dt DIGEST 1
 .Os
 .Sh NAME
@@ -39,15 +31,30 @@
 .Nd calculate message digests
 .Sh SYNOPSIS
 .Nm
+.Op Fl "Vt"
 .Ar algorithm
-.Op file ...
+.Op Ar
 .Sh DESCRIPTION
 The
 .Nm
 utility calculates message digests of files or,
 if no file is specified, standard input.
+.Pp
+It can also run self tests via the
+.Fl t
+command line option; the only self tests currently defined are
+for the
+.Dv SHA3
+set of digests.
+.Pp
+The
+.Fl V
+command line option prints the version number of
+.Nm
+and exits successfully.
+.Pp
 The list of possible algorithms is:
-.Bl -tag -width Ds
+.Bl -tag -width SHA3_512xxx
 .It md5
 the
 .Xr md5 3
@@ -68,6 +75,22 @@ algorithm will be used.
 the
 sha384
 algorithm will be used.
+.It sha3_224
+the
+sha3_224
+algorithm will be used.
+.It sha3_256
+the
+sha3_256
+algorithm will be used.
+.It sha3_384
+the
+sha3_384
+algorithm will be used.
+.It sha3_512
+the
+sha3_512
+algorithm will be used.
 .It sha512
 the
 sha512
diff --git a/pkgtools/digest/files/digest.c b/pkgtools/digest/files/digest.c
index 4b9100c0055..c2ccf456172 100644
--- a/pkgtools/digest/files/digest.c
+++ b/pkgtools/digest/files/digest.c
@@ -1,7 +1,8 @@
-/*	$NetBSD: digest.c,v 1.15 2007/09/21 18:44:36 joerg Exp $ */
+/*	$NetBSD: digest.c,v 1.16 2016/03/03 22:11:07 agc Exp $ */
 
-/*
- * Copyright (c) 2001-2005 Alistair G. Crooks.  All rights reserved.
+/*-
+ * Copyright (c) 2001-2016 Alistair Crooks <agc@NetBSD.org>
+ * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -11,36 +12,22 @@
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by Alistair G. Crooks.
- * 4. The name of the author may not be used to endorse or promote
- *    products derived from this software without specific prior written
- *    permission.
  *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
- * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
 
-#ifndef lint
-__COPYRIGHT("@(#) Copyright (c) 2001-2005 \
-	        The NetBSD Foundation, Inc.  All rights reserved.");
-__RCSID("$NetBSD: digest.c,v 1.15 2007/09/21 18:44:36 joerg Exp $");
-#endif
-
-
 #ifdef HAVE_ERRNO_H
 #include <errno.h>
 #endif
@@ -51,6 +38,7 @@ __RCSID("$NetBSD: digest.c,v 1.15 2007/09/21 18:44:36 joerg Exp $");
 #include <rmd160.h>
 #include <sha1.h>
 #include <sha2.h>
+#include <sha3.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -79,6 +67,10 @@ typedef struct alg_t {
 		RMD160_CTX		rmd;
 		SHA256_CTX		sha256;
 		SHA384_CTX		sha384;
+		SHA3_224_CTX		sha3_224;
+		SHA3_256_CTX		sha3_256;
+		SHA3_384_CTX		sha3_384;
+		SHA3_512_CTX		sha3_512;
 		SHA512_CTX		sha512;
 		tiger_context_t		tiger;
 		whirlpool_context_t	whirlpool;
@@ -99,6 +91,18 @@ static alg_t algorithms[] = {
 	{ "SHA256",	SHA256_DIGEST_LENGTH,
 	  (HASH_init) SHA256_Init,	(HASH_update) SHA256_Update,
 	  (HASH_end) SHA256_End,	(HASH_file) SHA256_File },
+	{ "SHA3_224",	SHA3_224_DIGEST_LENGTH,
+	  (HASH_init) SHA3_224_Init,	(HASH_update) SHA3_224_Update,
+	  (HASH_end) SHA3_224_End,	(HASH_file) SHA3_224_File },
+	{ "SHA3_256",	SHA3_256_DIGEST_LENGTH,
+	  (HASH_init) SHA3_256_Init,	(HASH_update) SHA3_256_Update,
+	  (HASH_end) SHA3_256_End,	(HASH_file) SHA3_256_File },
+	{ "SHA3_384",	SHA3_384_DIGEST_LENGTH,
+	  (HASH_init) SHA3_384_Init,	(HASH_update) SHA3_384_Update,
+	  (HASH_end) SHA3_384_End,	(HASH_file) SHA3_384_File },
+	{ "SHA3_512",	SHA3_512_DIGEST_LENGTH,
+	  (HASH_init) SHA3_512_Init,	(HASH_update) SHA3_512_Update,
+	  (HASH_end) SHA3_512_End,	(HASH_file) SHA3_512_File },
 	{ "SHA384",	SHA384_DIGEST_LENGTH,
 	  (HASH_init) SHA384_Init,	(HASH_update) SHA384_Update,
 	  (HASH_end) SHA384_End,	(HASH_file) SHA384_File },
@@ -161,46 +165,58 @@ int
 main(int argc, char **argv)
 {
 	alg_t  *alg;
-	int	rval;
+	int	test;
+	int	ok;
 	int	i;
 
 #ifdef HAVE_SETLOCALE
 	(void) setlocale(LC_ALL, "");
 #endif
-	while ((i = getopt(argc, argv, "V")) != -1) {
+	test = 0;
+	while ((i = getopt(argc, argv, "Vt")) != -1) {
 		switch(i) {
 		case 'V':
 			printf("%s\n", VERSION);
 			return EXIT_SUCCESS;
+		case 't':
+			test = 1;
+			break;
+		}
+	}
+	if (test) {
+		/* there's room for other tests here -- agc */
+		printf("self test mode starting\n");
+		ok = 1;
+		if (SHA3_Selftest() != 0) {
+			ok = 0;
 		}
+		printf("self test mode completed\n");
+		return (ok) ? EXIT_SUCCESS : EXIT_FAILURE;
 	}
-	argc -= optind;
-	argv += optind;
-	
-	if (argc == 0) {
+	/* check for correct usage */
+	if (argc == optind) {
 		(void) fprintf(stderr, "Usage: %s algorithm [file...]\n",
-		    argv[-optind]);
+		    argv[0]);
 		return EXIT_FAILURE;
 	}
-	if ((alg = find_algorithm(argv[0])) == NULL) {
-		(void) fprintf(stderr, "No such algorithm `%s'\n", argv[0]);
+	/* check we know the digest algorithm */
+	if ((alg = find_algorithm(argv[optind])) == NULL) {
+		(void) fprintf(stderr, "No such algorithm `%s'\n", argv[optind]);
 		exit(EXIT_FAILURE);
 	}
-	argc--;
-	argv++;
-	rval = EXIT_SUCCESS;
-	if (argc == 0) {
+	ok = 1;
+	if (argc == optind + 1) {
 		if (!digest_file(NULL, alg)) {
-			(void) fprintf(stderr, "stdin\n");
-			rval = EXIT_FAILURE;
+			fprintf(stderr, "stdin\n");
+			ok = 0;
 		}
 	} else {
-		for (i = 0 ; i < argc ; i++) {
+		for (i = optind + 1 ; i < argc ; i++) {
 			if (!digest_file(argv[i], alg)) {
-				(void) fprintf(stderr, "%s\n", argv[i]);
-				rval = EXIT_FAILURE;
+				fprintf(stderr, "%s\n", argv[i]);
+				ok = 0;
 			}
 		}
 	}
-	return rval;
+	return (ok) ? EXIT_SUCCESS : EXIT_FAILURE;
 }
diff --git a/pkgtools/digest/files/keccak.c b/pkgtools/digest/files/keccak.c
new file mode 100644
index 00000000000..3d36793c13c
--- /dev/null
+++ b/pkgtools/digest/files/keccak.c
@@ -0,0 +1,178 @@
+/*-
+ * Copyright (c) 2015 Taylor R. Campbell
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#define	_POSIX_C_SOURCE	200809L
+
+#include <stdint.h>
+
+#include "keccak.h"
+
+#define	secret	/* can't use in variable-time operations, should zero */
+
+#define	FOR5(X, STMT) do						      \
+{									      \
+	(X) = 0; (STMT);						      \
+	(X) = 1; (STMT);						      \
+	(X) = 2; (STMT);						      \
+	(X) = 3; (STMT);						      \
+	(X) = 4; (STMT);						      \
+} while (0)
+
+static inline secret uint64_t
+rol64(secret uint64_t v, unsigned c)
+{
+
+	return ((v << c) | (v >> (64 - c)));
+}
+
+static inline void
+keccakf1600_theta(secret uint64_t A[25])
+{
+	secret uint64_t C0, C1, C2, C3, C4;
+	unsigned y;
+
+	C0 = C1 = C2 = C3 = C4 = 0;
+	FOR5(y, {
+		C0 ^= A[0 + 5*y];
+		C1 ^= A[1 + 5*y];
+		C2 ^= A[2 + 5*y];
+		C3 ^= A[3 + 5*y];
+		C4 ^= A[4 + 5*y];
+	});
+	FOR5(y, {
+		A[0 + 5*y] ^= C4 ^ rol64(C1, 1);
+		A[1 + 5*y] ^= C0 ^ rol64(C2, 1);
+		A[2 + 5*y] ^= C1 ^ rol64(C3, 1);
+		A[3 + 5*y] ^= C2 ^ rol64(C4, 1);
+		A[4 + 5*y] ^= C3 ^ rol64(C0, 1);
+	});
+}
+
+static inline void
+keccakf1600_rho_pi(secret uint64_t A[25])
+{
+	secret uint64_t T, U;
+
+	/*
+	 * Permute by (x,y) |---> (y, 2x + 3y mod 5) starting at (1,0),
+	 * rotate the ith element by (i + 1)(i + 2)/2 mod 64.
+	 */
+	U = A[ 1];                       T = U;
+	U = A[10]; A[10] = rol64(T,  1); T = U;
+	U = A[ 7]; A[ 7] = rol64(T,  3); T = U;
+	U = A[11]; A[11] = rol64(T,  6); T = U;
+	U = A[17]; A[17] = rol64(T, 10); T = U;
+	U = A[18]; A[18] = rol64(T, 15); T = U;
+	U = A[ 3]; A[ 3] = rol64(T, 21); T = U;
+	U = A[ 5]; A[ 5] = rol64(T, 28); T = U;
+	U = A[16]; A[16] = rol64(T, 36); T = U;
+	U = A[ 8]; A[ 8] = rol64(T, 45); T = U;
+	U = A[21]; A[21] = rol64(T, 55); T = U;
+	U = A[24]; A[24] = rol64(T,  2); T = U;
+	U = A[ 4]; A[ 4] = rol64(T, 14); T = U;
+	U = A[15]; A[15] = rol64(T, 27); T = U;
+	U = A[23]; A[23] = rol64(T, 41); T = U;
+	U = A[19]; A[19] = rol64(T, 56); T = U;
+	U = A[13]; A[13] = rol64(T,  8); T = U;
+	U = A[12]; A[12] = rol64(T, 25); T = U;
+	U = A[ 2]; A[ 2] = rol64(T, 43); T = U;
+	U = A[20]; A[20] = rol64(T, 62); T = U;
+	U = A[14]; A[14] = rol64(T, 18); T = U;
+	U = A[22]; A[22] = rol64(T, 39); T = U;
+	U = A[ 9]; A[ 9] = rol64(T, 61); T = U;
+	U = A[ 6]; A[ 6] = rol64(T, 20); T = U;
+	           A[ 1] = rol64(T, 44);
+}
+
+static inline void
+keccakf1600_chi(secret uint64_t A[25])
+{
+	secret uint64_t B0, B1, B2, B3, B4;
+	unsigned y;
+
+	FOR5(y, {
+		B0 = A[0 + 5*y];
+		B1 = A[1 + 5*y];
+		B2 = A[2 + 5*y];
+		B3 = A[3 + 5*y];
+		B4 = A[4 + 5*y];
+		A[0 + 5*y] ^= ~B1 & B2;
+		A[1 + 5*y] ^= ~B2 & B3;
+		A[2 + 5*y] ^= ~B3 & B4;
+		A[3 + 5*y] ^= ~B4 & B0;
+		A[4 + 5*y] ^= ~B0 & B1;
+	});
+}
+
+static void
+keccakf1600_round(secret uint64_t A[25])
+{
+
+	keccakf1600_theta(A);
+	keccakf1600_rho_pi(A);
+	keccakf1600_chi(A);
+}
+
+void
+keccakf1600(secret uint64_t A[25])
+{
+	/*
+	 * RC[i] = \sum_{j = 0,...,6} rc(j + 7i) 2^(2^j - 1),
+	 * rc(t) = (x^t mod x^8 + x^6 + x^5 + x^4 + 1) mod x in GF(2)[x]
+	 */
+	static const uint64_t RC[24] = {
+		0x0000000000000001ULL,
+		0x0000000000008082ULL,
+		0x800000000000808aULL,
+		0x8000000080008000ULL,
+		0x000000000000808bULL,
+		0x0000000080000001ULL,
+		0x8000000080008081ULL,
+		0x8000000000008009ULL,
+		0x000000000000008aULL,
+		0x0000000000000088ULL,
+		0x0000000080008009ULL,
+		0x000000008000000aULL,
+		0x000000008000808bULL,
+		0x800000000000008bULL,
+		0x8000000000008089ULL,
+		0x8000000000008003ULL,
+		0x8000000000008002ULL,
+		0x8000000000000080ULL,
+		0x000000000000800aULL,
+		0x800000008000000aULL,
+		0x8000000080008081ULL,
+		0x8000000000008080ULL,
+		0x0000000080000001ULL,
+		0x8000000080008008ULL,
+	};
+	unsigned i;
+
+	for (i = 0; i < 24; i++) {
+		keccakf1600_round(A);
+		A[0] ^= RC[i];
+	}
+}
diff --git a/pkgtools/digest/files/keccak.h b/pkgtools/digest/files/keccak.h
new file mode 100644
index 00000000000..51a8e02131f
--- /dev/null
+++ b/pkgtools/digest/files/keccak.h
@@ -0,0 +1,34 @@
+/*-
+ * Copyright (c) 2015 Taylor R. Campbell
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef	KECCAK_H
+#define	KECCAK_H
+
+#include <stdint.h>
+
+void	keccakf1600(uint64_t A[25]);
+
+#endif	/* KECCAK_H */
diff --git a/pkgtools/digest/files/sha3.c b/pkgtools/digest/files/sha3.c
new file mode 100644
index 00000000000..5442c6e164a
--- /dev/null
+++ b/pkgtools/digest/files/sha3.c
@@ -0,0 +1,638 @@
+/*-
+ * Copyright (c) 2015 Taylor R. Campbell
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * SHA-3: FIPS-202, Permutation-Based Hash and Extendable-Ouptut Functions
+ */
+
+#define	_POSIX_C_SOURCE	200809L
+
+#include <assert.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <string.h>
+
+#include "keccak.h"
+
+#include "sha3.h"
+
+#define	MIN(a,b)	((a) < (b) ? (a) : (b))
+
+void *(*volatile sha3_explicit_memset_impl)(void *, int, size_t) = &memset;
+static void *
+explicit_memset(void *buf, int c, size_t n)
+{
+
+	return (*sha3_explicit_memset_impl)(buf, c, n);
+}
+
+static inline uint64_t
+le64dec(const void *buf)
+{
+	const uint8_t *p = buf;
+
+	return (((uint64_t)p[0]) |
+	    ((uint64_t)p[1] << 8) |
+	    ((uint64_t)p[2] << 16) |
+	    ((uint64_t)p[3] << 24) |
+	    ((uint64_t)p[4] << 32) |
+	    ((uint64_t)p[5] << 40) |
+	    ((uint64_t)p[6] << 48) |
+	    ((uint64_t)p[7] << 56));
+}
+
+static inline void
+le64enc(void *buf, uint64_t v)
+{
+	uint8_t *p = buf;
+
+	*p++ = v; v >>= 8;
+	*p++ = v; v >>= 8;
+	*p++ = v; v >>= 8;
+	*p++ = v; v >>= 8;
+	*p++ = v; v >>= 8;
+	*p++ = v; v >>= 8;
+	*p++ = v; v >>= 8;
+	*p++ = v;
+}
+
+/*
+ * Common body.  All the SHA-3 functions share code structure.  They
+ * differ only in the size of the chunks they split the message into:
+ * for digest size d, they are split into chunks of 200 - d bytes.
+ */
+
+static inline unsigned
+sha3_rate(unsigned d)
+{
+	const unsigned cw = 2*d/8;	/* capacity in words */
+
+	return 25 - cw;
+}
+
+static void
+sha3_init(struct sha3 *C, unsigned rw)
+{
+	unsigned iw;
+
+	C->nb = 8*rw;
+	for (iw = 0; iw < 25; iw++)
+		C->A[iw] = 0;
+}
+
+static void
+sha3_update(struct sha3 *C, const uint8_t *data, size_t len, unsigned rw)
+{
+	uint64_t T;
+	unsigned ib, iw;		/* index of byte/word */
+
+	assert(0 < C->nb);
+
+	/* If there's a partial word, try to fill it.  */
+	if ((C->nb % 8) != 0) {
+		T = 0;
+		for (ib = 0; ib < MIN(len, C->nb % 8); ib++)
+			T |= (uint64_t)data[ib] << (8*ib);
+		C->A[rw - (C->nb + 7)/8] ^= T << (8*(8 - (C->nb % 8)));
+		C->nb -= ib;
+		data += ib;
+		len -= ib;
+
+		/* If we filled the buffer, permute now.  */
+		if (C->nb == 0) {
+			keccakf1600(C->A);
+			C->nb = 8*rw;
+		}
+
+		/* If that exhausted the input, we're done.  */
+		if (len == 0)
+			return;
+	}
+
+	/* At a word boundary.  Fill any partial buffer.  */
+	assert((C->nb % 8) == 0);
+	if (C->nb < 8*rw) {
+		for (iw = 0; iw < MIN(len, C->nb)/8; iw++)
+			C->A[rw - C->nb/8 + iw] ^= le64dec(data + 8*iw);
+		C->nb -= 8*iw;
+		data += 8*iw;
+		len -= 8*iw;
+
+		/* If we filled the buffer, permute now.  */
+		if (C->nb == 0) {
+			keccakf1600(C->A);
+			C->nb = 8*rw;
+		} else {
+			/* Otherwise, less than a word left.  */
+			assert(len < 8);
+			goto partial;
+		}
+	}
+
+	/* At a buffer boundary.  Absorb input one buffer at a time.  */
+	assert(C->nb == 8*rw);
+	while (8*rw <= len) {
+		for (iw = 0; iw < rw; iw++)
+			C->A[iw] ^= le64dec(data + 8*iw);
+		keccakf1600(C->A);
+		data += 8*rw;
+		len -= 8*rw;
+	}
+
+	/* Partially fill the buffer with as many words as we can.  */
+	for (iw = 0; iw < len/8; iw++)
+		C->A[rw - C->nb/8 + iw] ^= le64dec(data + 8*iw);
+	C->nb -= 8*iw;
+	data += 8*iw;
+	len -= 8*iw;
+
+partial:
+	/* Partially fill the last word with as many bytes as we can.  */
+	assert(len < 8);
+	assert(0 < C->nb);
+	assert((C->nb % 8) == 0);
+	T = 0;
+	for (ib = 0; ib < len; ib++)
+		T |= (uint64_t)data[ib] << (8*ib);
+	C->A[rw - C->nb/8] ^= T;
+	C->nb -= ib;
+	assert(0 < C->nb);
+}
+
+static void
+sha3_final(uint8_t *h, unsigned d, struct sha3 *C, unsigned rw)
+{
+	unsigned nw, iw;
+
+	assert(d <= 8*25);
+	assert(0 < C->nb);
+
+	/* Append 01, pad with 10*1 up to buffer boundary, LSB first.  */
+	nw = (C->nb + 7)/8;
+	assert(0 < nw);
+	assert(nw <= rw);
+	C->A[rw - nw] ^= (uint64_t)0x06 << (8*(8*nw - C->nb));
+	C->A[rw - 1] ^= 0x8000000000000000ULL;
+
+	/* Permute one last time.  */
+	keccakf1600(C->A);
+
+	/* Reveal the first 8d bits of state, forget 1600-8d of them.  */
+	for (iw = 0; iw < d/8; iw++)
+		le64enc(h + 8*iw, C->A[iw]);
+	h += 8*iw;
+	d -= 8*iw;
+	if (0 < d) {
+		/* For SHA3-224, we need to expose a partial word.  */
+		uint64_t T = C->A[iw];
+		do {
+			*h++ = T & 0xff;
+			T >>= 8;
+		} while (--d);
+	}
+	(void)explicit_memset(C->A, 0, sizeof C->A);
+	C->nb = 0;
+}
+
+static void
+shake_final(uint8_t *h, unsigned d, struct sha3 *C, unsigned rw)
+{
+	unsigned nw, iw;
+
+	assert(0 < C->nb);
+
+	/* Append 1111, pad with 10*1 up to buffer boundary, LSB first.  */
+	nw = (C->nb + 7)/8;
+	assert(0 < nw);
+	assert(nw <= rw);
+	C->A[rw - nw] ^= (uint64_t)0x1f << (8*(8*nw - C->nb));
+	C->A[rw - 1] ^= 0x8000000000000000ULL;
+
+	/* Permute, reveal first rw words of state, repeat.  */
+	while (8*rw <= d) {
+		keccakf1600(C->A);
+		for (iw = 0; iw < rw; iw++)
+			le64enc(h + 8*iw, C->A[iw]);
+		h += 8*iw;
+		d -= 8*iw;
+	}
+
+	/*
+	 * If 8*rw (the output rate in bytes) does not divide d, more
+	 * words are wanted: permute again and reveal a little more.
+	 */
+	if (0 < d) {
+		keccakf1600(C->A);
+		for (iw = 0; iw < d/8; iw++)
+			le64enc(h + 8*iw, C->A[iw]);
+		h += 8*iw;
+		d -= 8*iw;
+
+		/*
+		 * If 8 does not divide d, more bytes are wanted:
+		 * reveal them.
+		 */
+		if (0 < d) {
+			uint64_t T = C->A[iw];
+			do {
+				*h++ = T & 0xff;
+				T >>= 8;
+			} while (--d);
+		}
+	}
+
+	(void)explicit_memset(C->A, 0, sizeof C->A);
+	C->nb = 0;
+}
+
+void
+SHA3_224_Init(SHA3_224_CTX *C)
+{
+
+	sha3_init(&C->C224, sha3_rate(SHA3_224_DIGEST_LENGTH));
+}
+
+void
+SHA3_224_Update(SHA3_224_CTX *C, const uint8_t *data, size_t len)
+{
+
+	sha3_update(&C->C224, data, len, sha3_rate(SHA3_224_DIGEST_LENGTH));
+}
+
+void
+SHA3_224_Final(uint8_t h[SHA3_224_DIGEST_LENGTH], SHA3_224_CTX *C)
+{
+
+	sha3_final(h, SHA3_224_DIGEST_LENGTH, &C->C224,
+	    sha3_rate(SHA3_224_DIGEST_LENGTH));
+}
+
+void
+SHA3_256_Init(SHA3_256_CTX *C)
+{
+
+	sha3_init(&C->C256, sha3_rate(SHA3_256_DIGEST_LENGTH));
+}
+
+void
+SHA3_256_Update(SHA3_256_CTX *C, const uint8_t *data, size_t len)
+{
+
+	sha3_update(&C->C256, data, len, sha3_rate(SHA3_256_DIGEST_LENGTH));
+}
+
+void
+SHA3_256_Final(uint8_t h[SHA3_256_DIGEST_LENGTH], SHA3_256_CTX *C)
+{
+
+	sha3_final(h, SHA3_256_DIGEST_LENGTH, &C->C256,
+	    sha3_rate(SHA3_256_DIGEST_LENGTH));
+}
+
+void
+SHA3_384_Init(SHA3_384_CTX *C)
+{
+
+	sha3_init(&C->C384, sha3_rate(SHA3_384_DIGEST_LENGTH));
+}
+
+void
+SHA3_384_Update(SHA3_384_CTX *C, const uint8_t *data, size_t len)
+{
+
+	sha3_update(&C->C384, data, len, sha3_rate(SHA3_384_DIGEST_LENGTH));
+}
+
+void
+SHA3_384_Final(uint8_t h[SHA3_384_DIGEST_LENGTH], SHA3_384_CTX *C)
+{
+
+	sha3_final(h, SHA3_384_DIGEST_LENGTH, &C->C384,
+	    sha3_rate(SHA3_384_DIGEST_LENGTH));
+}
+
+void
+SHA3_512_Init(SHA3_512_CTX *C)
+{
+
+	sha3_init(&C->C512, sha3_rate(SHA3_512_DIGEST_LENGTH));
+}
+
+void
+SHA3_512_Update(SHA3_512_CTX *C, const uint8_t *data, size_t len)
+{
+
+	sha3_update(&C->C512, data, len, sha3_rate(SHA3_512_DIGEST_LENGTH));
+}
+
+void
+SHA3_512_Final(uint8_t h[SHA3_512_DIGEST_LENGTH], SHA3_512_CTX *C)
+{
+
+	sha3_final(h, SHA3_512_DIGEST_LENGTH, &C->C512,
+	    sha3_rate(SHA3_512_DIGEST_LENGTH));
+}
+
+void
+SHAKE128_Init(SHAKE128_CTX *C)
+{
+
+	sha3_init(&C->C128, sha3_rate(128/8));
+}
+
+void
+SHAKE128_Update(SHAKE128_CTX *C, const uint8_t *data, size_t len)
+{
+
+	sha3_update(&C->C128, data, len, sha3_rate(128/8));
+}
+
+void
+SHAKE128_Final(uint8_t *h, size_t d, SHAKE128_CTX *C)
+{
+
+	shake_final(h, d, &C->C128, sha3_rate(128/8));
+}
+
+void
+SHAKE256_Init(SHAKE256_CTX *C)
+{
+
+	sha3_init(&C->C256, sha3_rate(256/8));
+}
+
+void
+SHAKE256_Update(SHAKE256_CTX *C, const uint8_t *data, size_t len)
+{
+
+	sha3_update(&C->C256, data, len, sha3_rate(256/8));
+}
+
+void
+SHAKE256_Final(uint8_t *h, size_t d, SHAKE256_CTX *C)
+{
+
+	shake_final(h, d, &C->C256, sha3_rate(256/8));
+}
+
+static void
+sha3_selftest_prng(void *buf, size_t len, uint32_t seed)
+{
+	uint8_t *p = buf;
+	size_t n = len;
+	uint32_t t, a, b;
+
+	a = 0xdead4bad * seed;
+	b = 1;
+
+	while (n--) {
+		t = a + b;
+		*p++ = t >> 24;
+		a = b;
+		b = t;
+	}
+}
+
+int
+SHA3_Selftest(void)
+{
+	const uint8_t d224_0[] = { /* SHA3-224(0-bit) */
+		0x6b,0x4e,0x03,0x42,0x36,0x67,0xdb,0xb7,
+		0x3b,0x6e,0x15,0x45,0x4f,0x0e,0xb1,0xab,
+		0xd4,0x59,0x7f,0x9a,0x1b,0x07,0x8e,0x3f,
+		0x5b,0x5a,0x6b,0xc7,
+	};
+	const uint8_t d256_0[] = { /* SHA3-256(0-bit) */
+		0xa7,0xff,0xc6,0xf8,0xbf,0x1e,0xd7,0x66,
+		0x51,0xc1,0x47,0x56,0xa0,0x61,0xd6,0x62,
+		0xf5,0x80,0xff,0x4d,0xe4,0x3b,0x49,0xfa,
+		0x82,0xd8,0x0a,0x4b,0x80,0xf8,0x43,0x4a,
+	};
+	const uint8_t d384_0[] = { /* SHA3-384(0-bit) */
+		0x0c,0x63,0xa7,0x5b,0x84,0x5e,0x4f,0x7d,
+		0x01,0x10,0x7d,0x85,0x2e,0x4c,0x24,0x85,
+		0xc5,0x1a,0x50,0xaa,0xaa,0x94,0xfc,0x61,
+		0x99,0x5e,0x71,0xbb,0xee,0x98,0x3a,0x2a,
+		0xc3,0x71,0x38,0x31,0x26,0x4a,0xdb,0x47,
+		0xfb,0x6b,0xd1,0xe0,0x58,0xd5,0xf0,0x04,
+	};
+	const uint8_t d512_0[] = { /* SHA3-512(0-bit) */
+		0xa6,0x9f,0x73,0xcc,0xa2,0x3a,0x9a,0xc5,
+		0xc8,0xb5,0x67,0xdc,0x18,0x5a,0x75,0x6e,
+		0x97,0xc9,0x82,0x16,0x4f,0xe2,0x58,0x59,
+		0xe0,0xd1,0xdc,0xc1,0x47,0x5c,0x80,0xa6,
+		0x15,0xb2,0x12,0x3a,0xf1,0xf5,0xf9,0x4c,
+		0x11,0xe3,0xe9,0x40,0x2c,0x3a,0xc5,0x58,
+		0xf5,0x00,0x19,0x9d,0x95,0xb6,0xd3,0xe3,
+		0x01,0x75,0x85,0x86,0x28,0x1d,0xcd,0x26,
+	};
+	const uint8_t shake128_0_41[] = { /* SHAKE128(0-bit, 41) */
+		0x7f,0x9c,0x2b,0xa4,0xe8,0x8f,0x82,0x7d,
+		0x61,0x60,0x45,0x50,0x76,0x05,0x85,0x3e,
+		0xd7,0x3b,0x80,0x93,0xf6,0xef,0xbc,0x88,
+		0xeb,0x1a,0x6e,0xac,0xfa,0x66,0xef,0x26,
+		0x3c,0xb1,0xee,0xa9,0x88,0x00,0x4b,0x93,0x10,
+	};
+	const uint8_t shake256_0_73[] = { /* SHAKE256(0-bit, 73) */
+		0x46,0xb9,0xdd,0x2b,0x0b,0xa8,0x8d,0x13,
+		0x23,0x3b,0x3f,0xeb,0x74,0x3e,0xeb,0x24,
+		0x3f,0xcd,0x52,0xea,0x62,0xb8,0x1b,0x82,
+		0xb5,0x0c,0x27,0x64,0x6e,0xd5,0x76,0x2f,
+		0xd7,0x5d,0xc4,0xdd,0xd8,0xc0,0xf2,0x00,
+		0xcb,0x05,0x01,0x9d,0x67,0xb5,0x92,0xf6,
+		0xfc,0x82,0x1c,0x49,0x47,0x9a,0xb4,0x86,
+		0x40,0x29,0x2e,0xac,0xb3,0xb7,0xc4,0xbe,
+		0x14,0x1e,0x96,0x61,0x6f,0xb1,0x39,0x57,0x69,
+	};
+	const uint8_t d224_1600[] = { /* SHA3-224(200 * 0xa3) */
+		0x93,0x76,0x81,0x6a,0xba,0x50,0x3f,0x72,
+		0xf9,0x6c,0xe7,0xeb,0x65,0xac,0x09,0x5d,
+		0xee,0xe3,0xbe,0x4b,0xf9,0xbb,0xc2,0xa1,
+		0xcb,0x7e,0x11,0xe0,
+	};
+	const uint8_t d256_1600[] = { /* SHA3-256(200 * 0xa3) */
+		0x79,0xf3,0x8a,0xde,0xc5,0xc2,0x03,0x07,
+		0xa9,0x8e,0xf7,0x6e,0x83,0x24,0xaf,0xbf,
+		0xd4,0x6c,0xfd,0x81,0xb2,0x2e,0x39,0x73,
+		0xc6,0x5f,0xa1,0xbd,0x9d,0xe3,0x17,0x87,
+	};
+	const uint8_t d384_1600[] = { /* SHA3-384(200 * 0xa3) */
+		0x18,0x81,0xde,0x2c,0xa7,0xe4,0x1e,0xf9,
+		0x5d,0xc4,0x73,0x2b,0x8f,0x5f,0x00,0x2b,
+		0x18,0x9c,0xc1,0xe4,0x2b,0x74,0x16,0x8e,
+		0xd1,0x73,0x26,0x49,0xce,0x1d,0xbc,0xdd,
+		0x76,0x19,0x7a,0x31,0xfd,0x55,0xee,0x98,
+		0x9f,0x2d,0x70,0x50,0xdd,0x47,0x3e,0x8f,
+	};
+	const uint8_t d512_1600[] = { /* SHA3-512(200 * 0xa3) */
+		0xe7,0x6d,0xfa,0xd2,0x20,0x84,0xa8,0xb1,
+		0x46,0x7f,0xcf,0x2f,0xfa,0x58,0x36,0x1b,
+		0xec,0x76,0x28,0xed,0xf5,0xf3,0xfd,0xc0,
+		0xe4,0x80,0x5d,0xc4,0x8c,0xae,0xec,0xa8,
+		0x1b,0x7c,0x13,0xc3,0x0a,0xdf,0x52,0xa3,
+		0x65,0x95,0x84,0x73,0x9a,0x2d,0xf4,0x6b,
+		0xe5,0x89,0xc5,0x1c,0xa1,0xa4,0xa8,0x41,
+		0x6d,0xf6,0x54,0x5a,0x1c,0xe8,0xba,0x00,
+	};
+	const uint8_t shake128_1600_41[] = { /* SHAKE128(200 * 0xa3, 41) */
+		0x13,0x1a,0xb8,0xd2,0xb5,0x94,0x94,0x6b,
+		0x9c,0x81,0x33,0x3f,0x9b,0xb6,0xe0,0xce,
+		0x75,0xc3,0xb9,0x31,0x04,0xfa,0x34,0x69,
+		0xd3,0x91,0x74,0x57,0x38,0x5d,0xa0,0x37,
+		0xcf,0x23,0x2e,0xf7,0x16,0x4a,0x6d,0x1e,0xb4,
+	};
+	const uint8_t shake256_1600_73[] = { /* SHAKE256(200 * 0xa3, 73) */
+		0xcd,0x8a,0x92,0x0e,0xd1,0x41,0xaa,0x04,
+		0x07,0xa2,0x2d,0x59,0x28,0x86,0x52,0xe9,
+		0xd9,0xf1,0xa7,0xee,0x0c,0x1e,0x7c,0x1c,
+		0xa6,0x99,0x42,0x4d,0xa8,0x4a,0x90,0x4d,
+		0x2d,0x70,0x0c,0xaa,0xe7,0x39,0x6e,0xce,
+		0x96,0x60,0x44,0x40,0x57,0x7d,0xa4,0xf3,
+		0xaa,0x22,0xae,0xb8,0x85,0x7f,0x96,0x1c,
+		0x4c,0xd8,0xe0,0x6f,0x0a,0xe6,0x61,0x0b,
+		0x10,0x48,0xa7,0xf6,0x4e,0x10,0x74,0xcd,0x62,
+	};
+	const uint8_t d0[] = {
+		0x6c,0x02,0x1a,0xc6,0x65,0xaf,0x80,0xfb,
+		0x52,0xe6,0x2d,0x27,0xe5,0x02,0x88,0x84,
+		0xec,0x1c,0x0c,0xe7,0x0b,0x94,0x55,0x83,
+		0x19,0xf2,0xbf,0x09,0x86,0xeb,0x1a,0xbb,
+		0xc3,0x0d,0x1c,0xef,0x22,0xfe,0xc5,0x4c,
+		0x45,0x90,0x66,0x14,0x00,0x6e,0xc8,0x79,
+		0xdf,0x1e,0x02,0xbd,0x75,0xe9,0x60,0xd8,
+		0x60,0x39,0x85,0xc9,0xc4,0xee,0x33,0xab,
+	};
+	const unsigned mlen[6] = { 0, 3, 128, 129, 255, 1024 };
+	uint8_t m[1024], d[73];
+	SHA3_224_CTX sha3224;
+	SHA3_256_CTX sha3256;
+	SHA3_384_CTX sha3384;
+	SHA3_512_CTX sha3512;
+	SHAKE128_CTX shake128;
+	SHAKE256_CTX shake256;
+	SHA3_512_CTX ctx;
+	unsigned mi;
+
+	/*
+	 * NIST test vectors from
+	 * <http://csrc.nist.gov/groups/ST/toolkit/examples.html#aHashing>:
+	 * 0-bit, 1600-bit repeated 0xa3 (= 0b10100011).
+	 */
+	SHA3_224_Init(&sha3224);
+	SHA3_224_Final(d, &sha3224);
+	if (memcmp(d, d224_0, 28) != 0)
+		return -1;
+	SHA3_256_Init(&sha3256);
+	SHA3_256_Final(d, &sha3256);
+	if (memcmp(d, d256_0, 32) != 0)
+		return -1;
+	SHA3_384_Init(&sha3384);
+	SHA3_384_Final(d, &sha3384);
+	if (memcmp(d, d384_0, 48) != 0)
+		return -1;
+	SHA3_512_Init(&sha3512);
+	SHA3_512_Final(d, &sha3512);
+	if (memcmp(d, d512_0, 64) != 0)
+		return -1;
+	SHAKE128_Init(&shake128);
+	SHAKE128_Final(d, 41, &shake128);
+	if (memcmp(d, shake128_0_41, 41) != 0)
+		return -1;
+	SHAKE256_Init(&shake256);
+	SHAKE256_Final(d, 73, &shake256);
+	if (memcmp(d, shake256_0_73, 73) != 0)
+		return -1;
+
+	(void)memset(m, 0xa3, 200);
+	SHA3_224_Init(&sha3224);
+	SHA3_224_Update(&sha3224, m, 200);
+	SHA3_224_Final(d, &sha3224);
+	if (memcmp(d, d224_1600, 28) != 0)
+		return -1;
+	SHA3_256_Init(&sha3256);
+	SHA3_256_Update(&sha3256, m, 200);
+	SHA3_256_Final(d, &sha3256);
+	if (memcmp(d, d256_1600, 32) != 0)
+		return -1;
+	SHA3_384_Init(&sha3384);
+	SHA3_384_Update(&sha3384, m, 200);
+	SHA3_384_Final(d, &sha3384);
+	if (memcmp(d, d384_1600, 48) != 0)
+		return -1;
+	SHA3_512_Init(&sha3512);
+	SHA3_512_Update(&sha3512, m, 200);
+	SHA3_512_Final(d, &sha3512);
+	if (memcmp(d, d512_1600, 64) != 0)
+		return -1;
+	SHAKE128_Init(&shake128);
+	SHAKE128_Update(&shake128, m, 200);
+	SHAKE128_Final(d, 41, &shake128);
+	if (memcmp(d, shake128_1600_41, 41) != 0)
+		return -1;
+	SHAKE256_Init(&shake256);
+	SHAKE256_Update(&shake256, m, 200);
+	SHAKE256_Final(d, 73, &shake256);
+	if (memcmp(d, shake256_1600_73, 73) != 0)
+		return -1;
+
+	/*
+	 * Hand-crufted test vectors with unaligned message lengths.
+	 */
+	SHA3_512_Init(&ctx);
+	for (mi = 0; mi < 6; mi++) {
+		sha3_selftest_prng(m, mlen[mi], (224/8)*mlen[mi]);
+		SHA3_224_Init(&sha3224);
+		SHA3_224_Update(&sha3224, m, mlen[mi]);
+		SHA3_224_Final(d, &sha3224);
+		SHA3_512_Update(&ctx, d, 224/8);
+	}
+	for (mi = 0; mi < 6; mi++) {
+		sha3_selftest_prng(m, mlen[mi], (256/8)*mlen[mi]);
+		SHA3_256_Init(&sha3256);
+		SHA3_256_Update(&sha3256, m, mlen[mi]);
+		SHA3_256_Final(d, &sha3256);
+		SHA3_512_Update(&ctx, d, 256/8);
+	}
+	for (mi = 0; mi < 6; mi++) {
+		sha3_selftest_prng(m, mlen[mi], (384/8)*mlen[mi]);
+		SHA3_384_Init(&sha3384);
+		SHA3_384_Update(&sha3384, m, mlen[mi]);
+		SHA3_384_Final(d, &sha3384);
+		SHA3_512_Update(&ctx, d, 384/8);
+	}
+	for (mi = 0; mi < 6; mi++) {
+		sha3_selftest_prng(m, mlen[mi], (512/8)*mlen[mi]);
+		SHA3_512_Init(&sha3512);
+		SHA3_512_Update(&sha3512, m, mlen[mi]);
+		SHA3_512_Final(d, &sha3512);
+		SHA3_512_Update(&ctx, d, 512/8);
+	}
+	SHA3_512_Final(d, &ctx);
+	if (memcmp(d, d0, 64) != 0)
+		return -1;
+
+	return 0;
+}
diff --git a/pkgtools/digest/files/sha3.h b/pkgtools/digest/files/sha3.h
new file mode 100644
index 00000000000..8dd6d431f1c
--- /dev/null
+++ b/pkgtools/digest/files/sha3.h
@@ -0,0 +1,141 @@
+/*-
+ * Copyright (c) 2015 Taylor R. Campbell
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef	SHA3_H
+#define	SHA3_H
+
+#include <stddef.h>
+#include <stdint.h>
+
+struct sha3 {
+	uint64_t A[25];
+	unsigned nb;		/* number of bytes remaining to fill buffer */
+};
+
+typedef struct { struct sha3 C224; } SHA3_224_CTX;
+typedef struct { struct sha3 C256; } SHA3_256_CTX;
+typedef struct { struct sha3 C384; } SHA3_384_CTX;
+typedef struct { struct sha3 C512; } SHA3_512_CTX;
+typedef struct { struct sha3 C128; } SHAKE128_CTX;
+typedef struct { struct sha3 C256; } SHAKE256_CTX;
+
+#define	SHA3_224_DIGEST_LENGTH	28
+#define	SHA3_256_DIGEST_LENGTH	32
+#define	SHA3_384_DIGEST_LENGTH	48
+#define	SHA3_512_DIGEST_LENGTH	64
+
+#define	SHA3_224_DIGEST_STRING_LENGTH	((2 * SHA3_224_DIGEST_LENGTH) + 1)
+#define	SHA3_256_DIGEST_STRING_LENGTH	((2 * SHA3_256_DIGEST_LENGTH) + 1)
+#define	SHA3_384_DIGEST_STRING_LENGTH	((2 * SHA3_384_DIGEST_LENGTH) + 1)
+#define	SHA3_512_DIGEST_STRING_LENGTH	((2 * SHA3_512_DIGEST_LENGTH) + 1)
+
+#ifdef SHA3_PROTECT_NAMESPACE
+#define	SHA3_224_Init	digest_SHA3_224_Init
+#define	SHA3_224_Update	digest_SHA3_224_Update
+#define	SHA3_224_Final	digest_SHA3_224_Final
+#define	SHA3_224_End	digest_SHA3_224_End
+#define	SHA3_224_Data	digest_SHA3_224_Data
+#define	SHA3_224_File	digest_SHA3_224_File
+
+#define	SHA3_256_Init	digest_SHA3_256_Init
+#define	SHA3_256_Update	digest_SHA3_256_Update
+#define	SHA3_256_Final	digest_SHA3_256_Final
+#define	SHA3_256_End	digest_SHA3_256_End
+#define	SHA3_256_Data	digest_SHA3_256_Data
+#define	SHA3_256_File	digest_SHA3_256_File
+
+#define	SHA3_384_Init	digest_SHA3_384_Init
+#define	SHA3_384_Update	digest_SHA3_384_Update
+#define	SHA3_384_Final	digest_SHA3_384_Final
+#define	SHA3_384_End	digest_SHA3_384_End
+#define	SHA3_384_Data	digest_SHA3_384_Data
+#define	SHA3_384_File	digest_SHA3_384_File
+
+#define	SHA3_512_Init	digest_SHA3_512_Init
+#define	SHA3_512_Update	digest_SHA3_512_Update
+#define	SHA3_512_Final	digest_SHA3_512_Final
+#define	SHA3_512_End	digest_SHA3_512_End
+#define	SHA3_512_Data	digest_SHA3_512_Data
+#define	SHA3_512_File	digest_SHA3_512_File
+#endif /* SHA3_PROTECT_NAMESPACE */
+
+#ifndef __BEGIN_DECLS
+#  if defined(__cplusplus)
+#  define __BEGIN_DECLS           extern "C" {
+#  define __END_DECLS             }
+#  else
+#  define __BEGIN_DECLS
+#  define __END_DECLS
+#  endif
+#endif
+
+__BEGIN_DECLS
+
+void	SHA3_224_Init(SHA3_224_CTX *);
+void	SHA3_224_Update(SHA3_224_CTX *, const uint8_t *, size_t);
+void	SHA3_224_Final(uint8_t[SHA3_224_DIGEST_LENGTH], SHA3_224_CTX *);
+
+void	SHA3_256_Init(SHA3_256_CTX *);
+void	SHA3_256_Update(SHA3_256_CTX *, const uint8_t *, size_t);
+void	SHA3_256_Final(uint8_t[SHA3_256_DIGEST_LENGTH], SHA3_256_CTX *);
+
+void	SHA3_384_Init(SHA3_384_CTX *);
+void	SHA3_384_Update(SHA3_384_CTX *, const uint8_t *, size_t);
+void	SHA3_384_Final(uint8_t[SHA3_384_DIGEST_LENGTH], SHA3_384_CTX *);
+
+void	SHA3_512_Init(SHA3_512_CTX *);
+void	SHA3_512_Update(SHA3_512_CTX *, const uint8_t *, size_t);
+void	SHA3_512_Final(uint8_t[SHA3_512_DIGEST_LENGTH], SHA3_512_CTX *);
+
+void	SHAKE128_Init(SHAKE128_CTX *);
+void	SHAKE128_Update(SHAKE128_CTX *, const uint8_t *, size_t);
+void	SHAKE128_Final(uint8_t *, size_t, SHAKE128_CTX *);
+
+void	SHAKE256_Init(SHAKE256_CTX *);
+void	SHAKE256_Update(SHAKE256_CTX *, const uint8_t *, size_t);
+void	SHAKE256_Final(uint8_t *, size_t, SHAKE256_CTX *);
+
+int	SHA3_Selftest(void);
+
+char *SHA3_224_End(SHA3_224_CTX*, char[SHA3_224_DIGEST_STRING_LENGTH]);
+char *SHA3_224_Data(const uint8_t*, size_t, unsigned char *);
+char *SHA3_224_File(char *, char *);
+
+char *SHA3_256_End(SHA3_256_CTX*, char[SHA3_256_DIGEST_STRING_LENGTH]);
+char *SHA3_256_Data(const uint8_t*, size_t, unsigned char *);
+char *SHA3_256_File(char *, char *);
+
+char *SHA3_384_End(SHA3_384_CTX*, char[SHA3_384_DIGEST_STRING_LENGTH]);
+char *SHA3_384_Data(const uint8_t*, size_t, unsigned char *);
+char *SHA3_384_File(char *, char *);
+
+char *SHA3_512_End(SHA3_512_CTX*, char[SHA3_512_DIGEST_STRING_LENGTH]);
+char *SHA3_512_Data(const uint8_t*, size_t, unsigned char *);
+char *SHA3_512_File(char *, char *);
+
+__END_DECLS
+
+#endif	/* SHA3_H */
diff --git a/pkgtools/digest/files/sha3hl.c b/pkgtools/digest/files/sha3hl.c
new file mode 100644
index 00000000000..396fd9d59b9
--- /dev/null
+++ b/pkgtools/digest/files/sha3hl.c
@@ -0,0 +1,316 @@
+/* $NetBSD: sha3hl.c,v 1.1 2016/03/03 22:11:07 agc Exp $	 */
+
+/*
+ * sha3hl.c
+ * This code is derived from sha2hl.c, hence the following licence
+ * reproduction.
+ *
+ * This code is not a verbatim copy, since some routines have been added,
+ * and some bugs have been fixed.
+ *
+ * Version 1.0.0beta1
+ *
+ * Written by Aaron D. Gifford <me@aarongifford.com>
+ *
+ * Copyright 2000 Aaron D. Gifford.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the copyright holder nor the names of contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTOR(S) BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifdef HAVE_ERRNO_H
+#include <errno.h>
+#endif
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+#include "sha3.h"
+#include <assert.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#ifndef _DIAGASSERT
+#define _DIAGASSERT(cond)	assert(cond)
+#endif
+
+#ifndef MEMSET_BZERO
+#define MEMSET_BZERO(p,l)	memset((p), 0, (l))
+#endif
+
+/*
+ * Constant used by SHA3_224/256/384/512_End() functions for converting the
+ * digest to a readable hexadecimal character string:
+ */
+static const char sha3_hex_digits[] = "0123456789abcdef";
+
+char           *
+SHA3_224_File(char *filename, char *buf)
+{
+	unsigned char          buffer[BUFSIZ * 20];
+	SHA3_224_CTX      ctx;
+	int             fd, num, oerrno;
+
+	_DIAGASSERT(filename != NULL);
+	/* XXX: buf may be NULL ? */
+
+	SHA3_224_Init(&ctx);
+
+	if ((fd = open(filename, O_RDONLY)) < 0)
+		return (0);
+
+	while ((num = read(fd, buffer, sizeof(buffer))) > 0)
+		SHA3_224_Update(&ctx, buffer, (size_t) num);
+
+	oerrno = errno;
+	close(fd);
+	errno = oerrno;
+	return (num < 0 ? 0 : SHA3_224_End(&ctx, buf));
+}
+
+
+char           *
+SHA3_224_End(SHA3_224_CTX *ctx, char buffer[])
+{
+	unsigned char          digest[SHA3_224_DIGEST_LENGTH], *d = digest;
+	unsigned char	       *ret;
+	int             i;
+
+	/* Sanity check: */
+	assert(ctx != NULL);
+
+	if ((ret = buffer) != NULL) {
+		SHA3_224_Final(digest, ctx);
+
+		for (i = 0; i < SHA3_224_DIGEST_LENGTH; i++) {
+			*buffer++ = sha3_hex_digits[(*d & 0xf0) >> 4];
+			*buffer++ = sha3_hex_digits[*d & 0x0f];
+			d++;
+		}
+		*buffer = (char) 0;
+	} else {
+		(void) MEMSET_BZERO(ctx, sizeof(SHA3_224_CTX));
+	}
+	(void) MEMSET_BZERO(digest, SHA3_224_DIGEST_LENGTH);
+	return ret;
+}
+
+char           *
+SHA3_224_Data(const uint8_t * data, size_t len, unsigned char *digest)
+{
+	SHA3_224_CTX      ctx;
+
+	SHA3_224_Init(&ctx);
+	SHA3_224_Update(&ctx, data, len);
+	return SHA3_224_End(&ctx, digest);
+}
+
+char           *
+SHA3_256_File(char *filename, char *buf)
+{
+	unsigned char          buffer[BUFSIZ * 20];
+	SHA3_256_CTX      ctx;
+	int             fd, num, oerrno;
+
+	_DIAGASSERT(filename != NULL);
+	/* XXX: buf may be NULL ? */
+
+	SHA3_256_Init(&ctx);
+
+	if ((fd = open(filename, O_RDONLY)) < 0)
+		return (0);
+
+	while ((num = read(fd, buffer, sizeof(buffer))) > 0)
+		SHA3_256_Update(&ctx, buffer, (size_t) num);
+
+	oerrno = errno;
+	close(fd);
+	errno = oerrno;
+	return (num < 0 ? 0 : SHA3_256_End(&ctx, buf));
+}
+
+
+char           *
+SHA3_256_End(SHA3_256_CTX *ctx, char buffer[])
+{
+	unsigned char          digest[SHA3_256_DIGEST_LENGTH], *d = digest;
+	unsigned char	       *ret;
+	int             i;
+
+	/* Sanity check: */
+	assert(ctx != NULL);
+
+	if ((ret = buffer) != NULL) {
+		SHA3_256_Final(digest, ctx);
+
+		for (i = 0; i < SHA3_256_DIGEST_LENGTH; i++) {
+			*buffer++ = sha3_hex_digits[(*d & 0xf0) >> 4];
+			*buffer++ = sha3_hex_digits[*d & 0x0f];
+			d++;
+		}
+		*buffer = (char) 0;
+	} else {
+		(void) MEMSET_BZERO(ctx, sizeof(SHA3_256_CTX));
+	}
+	(void) MEMSET_BZERO(digest, SHA3_256_DIGEST_LENGTH);
+	return ret;
+}
+
+char           *
+SHA3_256_Data(const uint8_t * data, size_t len, unsigned char *digest)
+{
+	SHA3_256_CTX      ctx;
+
+	SHA3_256_Init(&ctx);
+	SHA3_256_Update(&ctx, data, len);
+	return SHA3_256_End(&ctx, digest);
+}
+
+char           *
+SHA3_384_File(char *filename, char *buf)
+{
+	unsigned char          buffer[BUFSIZ * 20];
+	SHA3_384_CTX      ctx;
+	int             fd, num, oerrno;
+
+	_DIAGASSERT(filename != NULL);
+	/* XXX: buf may be NULL ? */
+
+	SHA3_384_Init(&ctx);
+
+	if ((fd = open(filename, O_RDONLY)) < 0)
+		return (0);
+
+	while ((num = read(fd, buffer, sizeof(buffer))) > 0)
+		SHA3_384_Update(&ctx, buffer, (size_t) num);
+
+	oerrno = errno;
+	close(fd);
+	errno = oerrno;
+	return (num < 0 ? 0 : SHA3_384_End(&ctx, buf));
+}
+
+
+char           *
+SHA3_384_End(SHA3_384_CTX *ctx, char buffer[])
+{
+	unsigned char          digest[SHA3_384_DIGEST_LENGTH], *d = digest;
+	unsigned char	       *ret;
+	int             i;
+
+	/* Sanity check: */
+	assert(ctx != NULL);
+
+	if ((ret = buffer) != NULL) {
+		SHA3_384_Final(digest, ctx);
+
+		for (i = 0; i < SHA3_384_DIGEST_LENGTH; i++) {
+			*buffer++ = sha3_hex_digits[(*d & 0xf0) >> 4];
+			*buffer++ = sha3_hex_digits[*d & 0x0f];
+			d++;
+		}
+		*buffer = (char) 0;
+	} else {
+		(void) MEMSET_BZERO(ctx, sizeof(SHA3_384_CTX));
+	}
+	(void) MEMSET_BZERO(digest, SHA3_384_DIGEST_LENGTH);
+	return ret;
+}
+
+char           *
+SHA3_384_Data(const uint8_t * data, size_t len, unsigned char *digest)
+{
+	SHA3_384_CTX      ctx;
+
+	SHA3_384_Init(&ctx);
+	SHA3_384_Update(&ctx, data, len);
+	return SHA3_384_End(&ctx, digest);
+}
+
+char           *
+SHA3_512_File(char *filename, char *buf)
+{
+	unsigned char          buffer[BUFSIZ * 20];
+	SHA3_512_CTX      ctx;
+	int             fd, num, oerrno;
+
+	_DIAGASSERT(filename != NULL);
+	/* XXX: buf may be NULL ? */
+
+	SHA3_512_Init(&ctx);
+
+	if ((fd = open(filename, O_RDONLY)) < 0)
+		return (0);
+
+	while ((num = read(fd, buffer, sizeof(buffer))) > 0)
+		SHA3_512_Update(&ctx, buffer, (size_t) num);
+
+	oerrno = errno;
+	close(fd);
+	errno = oerrno;
+	return (num < 0 ? 0 : SHA3_512_End(&ctx, buf));
+}
+
+
+char           *
+SHA3_512_End(SHA3_512_CTX *ctx, char buffer[])
+{
+	unsigned char          digest[SHA3_512_DIGEST_LENGTH], *d = digest;
+	unsigned char	       *ret;
+	int             i;
+
+	/* Sanity check: */
+	assert(ctx != NULL);
+
+	if ((ret = buffer) != NULL) {
+		SHA3_512_Final(digest, ctx);
+
+		for (i = 0; i < SHA3_512_DIGEST_LENGTH; i++) {
+			*buffer++ = sha3_hex_digits[(*d & 0xf0) >> 4];
+			*buffer++ = sha3_hex_digits[*d & 0x0f];
+			d++;
+		}
+		*buffer = (char) 0;
+	} else {
+		(void) MEMSET_BZERO(ctx, sizeof(SHA3_512_CTX));
+	}
+	(void) MEMSET_BZERO(digest, SHA3_512_DIGEST_LENGTH);
+	return ret;
+}
+
+char           *
+SHA3_512_Data(const uint8_t * data, size_t len, unsigned char *digest)
+{
+	SHA3_512_CTX      ctx;
+
+	SHA3_512_Init(&ctx);
+	SHA3_512_Update(&ctx, data, len);
+	return SHA3_512_End(&ctx, digest);
+}
+
diff --git a/pkgtools/digest/files/tiger.h b/pkgtools/digest/files/tiger.h
index e00ab5576d3..cf1ca901b0a 100644
--- a/pkgtools/digest/files/tiger.h
+++ b/pkgtools/digest/files/tiger.h
@@ -1,7 +1,8 @@
-/* $NetBSD: tiger.h,v 1.6 2010/01/23 13:25:12 obache Exp $ */
+/* $NetBSD: tiger.h,v 1.7 2016/03/03 22:11:07 agc Exp $ */
 
-/*
- * Copyright © 2005 Alistair Crooks.  All rights reserved.
+/*-
+ * Copyright (c) 2005-2016 Alistair Crooks <agc@NetBSD.org>
+ * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -11,25 +12,17 @@
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by Alistair Crooks
- *	for the NetBSD project.
- * 4. The name of the author may not be used to endorse or promote
- *    products derived from this software without specific prior written
- *    permission.
  *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
- * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #ifndef TIGER_H_
 #define TIGER_H_
@@ -48,7 +41,7 @@
 
 typedef struct tiger_context_t {
 	uint64_t	ctx[3];
-	int first_time;
+	int		first_time;
 } tiger_context_t;
 
 void TIGERInit(tiger_context_t *);