Import argon2-20151102 as security/argon2.

This is the reference C implementation of Argon2, the password-hashing
function that won the Password Hashing Competition (PHC).

You should use Argon2 whenever you need to hash passwords for
credential storage, key derivation, or other applications.

There are two main versions of Argon2, Argon2i and Argon2d. Argon2i
is the safest against side-channel attacks, while Argon2d provides
the highest resistance against GPU cracking attacks.

Argon2i and Argon2d are parametrized by

* A time cost, which defines the amount of computation realized
  and therefore the execution time, given in number of iterations
* A memory cost, which defines the memory usage, given in kibibytes
* A parallelism degree, which defines the number of parallel threads

6 files changed, 97 insertions, 0 deletions

diff --git a/security/argon2/DESCR b/security/argon2/DESCR
new file mode 100644
index 00000000000..7f342cf64bc
--- /dev/null
+++ b/security/argon2/DESCR
@@ -0,0 +1,16 @@
+This is the reference C implementation of Argon2, the password-hashing
+function that won the Password Hashing Competition (PHC).
+
+You should use Argon2 whenever you need to hash passwords for
+credential storage, key derivation, or other applications.
+
+There are two main versions of Argon2, Argon2i and Argon2d. Argon2i
+is the safest against side-channel attacks, while Argon2d provides
+the highest resistance against GPU cracking attacks.
+
+Argon2i and Argon2d are parametrized by
+
+* A time cost, which defines the amount of computation realized
+  and therefore the execution time, given in number of iterations
+* A memory cost, which defines the memory usage, given in kibibytes
+* A parallelism degree, which defines the number of parallel threads
diff --git a/security/argon2/Makefile b/security/argon2/Makefile
new file mode 100644
index 00000000000..06174aab824
--- /dev/null
+++ b/security/argon2/Makefile
@@ -0,0 +1,25 @@
+# $NetBSD: Makefile,v 1.1 2015/11/05 08:50:33 wiz Exp $
+
+DISTNAME=	phc-winner-argon2-20151102
+PKGNAME=	${DISTNAME:S/phc-winner-//}
+CATEGORIES=	security
+MASTER_SITES=	https://password-hashing.net/
+EXTRACT_SUFX=	.tgz
+
+MAINTAINER=	pkgsrc-users@NetBSD.org
+HOMEPAGE=	https://github.com/p-h-c/phc-winner-argon2
+COMMENT=	Password hash Argon2
+LICENSE=	cc0-1.0-universal
+
+WRKSRC=	${WRKDIR}/${DISTNAME:C/-2[0-9]*//}
+USE_TOOLS+=	gmake
+TEST_TARGET=	test
+INSTALLATION_DIRS=	bin lib share/doc/argon2
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/argon2 ${DESTDIR}${PREFIX}/bin
+	${INSTALL_LIB} ${WRKSRC}/libargon2.* ${DESTDIR}${PREFIX}/lib
+	${INSTALL_DATA} ${WRKSRC}/argon2-specs.pdf ${DESTDIR}${PREFIX}/share/doc/argon2
+	${INSTALL_DATA} ${WRKSRC}/README.md ${DESTDIR}${PREFIX}/share/doc/argon2
+
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/argon2/PLIST b/security/argon2/PLIST
new file mode 100644
index 00000000000..66d19eb8402
--- /dev/null
+++ b/security/argon2/PLIST
@@ -0,0 +1,6 @@
+@comment $NetBSD: PLIST,v 1.1 2015/11/05 08:50:33 wiz Exp $
+bin/argon2
+lib/libargon2.a
+lib/libargon2.so
+share/doc/argon2/README.md
+share/doc/argon2/argon2-specs.pdf
diff --git a/security/argon2/distinfo b/security/argon2/distinfo
new file mode 100644
index 00000000000..4799ecaa674
--- /dev/null
+++ b/security/argon2/distinfo
@@ -0,0 +1,8 @@
+$NetBSD: distinfo,v 1.1 2015/11/05 08:50:33 wiz Exp $
+
+SHA1 (phc-winner-argon2-20151102.tgz) = 424d779af4bfe666a2de0b4c71d3a53f9b44c96b
+RMD160 (phc-winner-argon2-20151102.tgz) = 76c37fc4d4903793b885a50556153a197431ff67
+SHA512 (phc-winner-argon2-20151102.tgz) = ff99736fbe9c7c7606eed5213191327a8d5855c781c4b2fd55483beb28baa8fb07c53baf258e2636ed62304e54220b49906d3723c7c42bc862ab840b84b74060
+Size (phc-winner-argon2-20151102.tgz) = 768167 bytes
+SHA1 (patch-Makefile) = 6eafa96f951f8e8120a3b26652ed4c42b53a8783
+SHA1 (patch-kats_check-sums.sh) = d91c232633e6fc8d3ab6d8cc8701997aee9c66bc
diff --git a/security/argon2/patches/patch-Makefile b/security/argon2/patches/patch-Makefile
new file mode 100644
index 00000000000..880ed24cb7b
--- /dev/null
+++ b/security/argon2/patches/patch-Makefile
@@ -0,0 +1,27 @@
+$NetBSD: patch-Makefile,v 1.1 2015/11/05 08:50:33 wiz Exp $
+
+Disable -march=native since it causes problems on NetBSD.
+Add NetBSD support.
+
+--- Makefile.orig	2015-11-02 15:20:31.000000000 +0000
++++ Makefile
+@@ -24,7 +24,6 @@ CFLAGS = -std=c89 -pthread -O3 -Wall -g
+ 
+ #OPT=TRUE
+ ifeq ($(OPT), TRUE)
+-	CFLAGS += -march=native
+ 	SRC += src/opt.c
+ else
+ 	SRC += src/ref.c
+@@ -39,6 +38,11 @@ ifeq ($(KERNEL_NAME), Linux)
+ 	LIB_CFLAGS := -shared -fPIC
+ 	LIB_PATH := -Wl,-rpath=$(BUILD_PATH)
+ endif
++ifeq ($(KERNEL_NAME), NetBSD)
++	LIB_EXT := so
++	LIB_CFLAGS := -shared -fPIC
++	LIB_PATH := -Wl,-rpath=$(BUILD_PATH)
++endif
+ ifeq ($(KERNEL_NAME), Darwin)
+ 	LIB_EXT := dylib
+ 	LIB_CFLAGS := -dynamiclib -install_name @rpath/lib$(LIB_NAME).$(LIB_EXT)
diff --git a/security/argon2/patches/patch-kats_check-sums.sh b/security/argon2/patches/patch-kats_check-sums.sh
new file mode 100644
index 00000000000..09ea8551043
--- /dev/null
+++ b/security/argon2/patches/patch-kats_check-sums.sh
@@ -0,0 +1,15 @@
+$NetBSD: patch-kats_check-sums.sh,v 1.1 2015/11/05 08:50:33 wiz Exp $
+
+Fix unportable test(1) operator.
+
+--- kats/check-sums.sh.orig	2015-10-27 19:37:07.000000000 +0000
++++ kats/check-sums.sh
+@@ -4,7 +4,7 @@ for file in `ls | grep '^[a-z2]*$' | xar
+ do
+     new=`shasum -a 256 $file`
+     old=`cat $file.shasum`
+-    if [ "$new" == "$old" ]
++    if [ "$new" = "$old" ]
+     then
+         echo $file "\t" OK
+     else