securityd — Security context daemon for Authorization and cryptographic
securityd maintains security contexts and arbitrates cryptographic opera-
tions and Security Authorizations. Access to keychain items is routed
through securityd to enforce access controls and to keep private keys out
of user process address space. Authorization calls also communicate with
securityd to enforce rules contained in the /etc/authorization database.
All user interaction with securityd is mediated through the Security
This command is not intended to be invoked directly.
securityd was first introduced in Mac OS X version 10.0 (Cheetah) as the
« Security Server » and was renamed in 10.4 (Panther).
SHA1, SHA1_Init, SHA1_Update, SHA1_Final – Secure Hash Algorithm
unsigned char *SHA1(const unsigned char *d, unsigned long n,
unsigned char *md);
void SHA1_Init(SHA_CTX *c);
void SHA1_Update(SHA_CTX *c, const void *data,
unsigned long len);
void SHA1_Final(unsigned char *md, SHA_CTX *c);
SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a
160 bit output.
SHA1() computes the SHA-1 message digest of the n bytes at d and places
it in md (which must have space for SHA_DIGEST_LENGTH == 20 bytes of
output). If md is NULL, the digest is placed in a static array.
The following functions may be used if the message is not completely
stored in memory:
SHA1_Init() initializes a SHA_CTX structure.
SHA1_Update() can be called repeatedly with chunks of the message to be
hashed (len bytes at data).
SHA1_Final() places the message digest in md, which must have space for
SHA_DIGEST_LENGTH == 20 bytes of output, and erases the SHA_CTX.
Applications should use the higher level functions EVP_DigestInit(3)
etc. instead of calling the hash functions directly.
The predecessor of SHA-1, SHA, is also implemented, but it should be
used only when backward compatibility is required.
SHA1() returns a pointer to the hash value.
SHA1_Init(), SHA1_Update() and SHA1_Final() do not return values.
SHA: US Federal Information Processing Standard FIPS PUB 180 (Secure
Hash Standard), SHA-1: US Federal Information Processing Standard FIPS
PUB 180-1 (Secure Hash Standard), ANSI X9.30
closelog, openlog, syslog – send messages to the system
void openlog( char *ident, int option, int facility)
void syslog( int priority, char *format, …)
void closelog( void )
closelog() closes the descriptor being used to write to
the system logger. The use of closelog() is optional.
openlog() opens a connection to the system logger for a
program. The string pointed to by ident is added to each
message, and is typically set to the program name. Values
for option and facility are given in the next section.
The use of openlog() is optional; It will automatically be
called by syslog() if necessary, in which case ident will
default to NULL.
syslog() generates a log message, which will be dis-
tributed by syslogd(8). priority is a combination of the
facility and the level, values for which are given in the
next section. The remaining arguments are a format, as in
printf(3) and any arguments required by the format, except
that the two character %m will be replaced by the error
message string (strerror) corresponding to the present
value of errno.
This section lists the parameters used to set the values
of option, facility, and priority.
The option argument to openlog() is an OR of any of these:
write directly to system console if there is an
error while sending to system logger
open the connection immediately (normally, the con-
nection is opened when the first message is logged)
print to stderr as well
include PID with each message
The facility argument is used to specify what type of pro-
gram is logging the message. This lets the configuration
file specify that messages from different facilities will
be handled differently.
security/authorization messages (DEPRECATED Use
security/authorization messages (private)
clock daemon (cron and at)
other system daemons
LOG_LOCAL0 through LOG_LOCAL7
reserved for local use
line printer subsystem
USENET news subsystem
messages generated internally by syslogd
generic user-level messages
This determines the importance of the message. The levels
are, in order of decreasing importance:
system is unusable
action must be taken immediately
normal, but significant, condition
A syslog function call appeared in BSD 4.2.
logger(1), syslog(5), syslogd(8)