How to verify a checksum (SHA-1 digest) in Mac OS X using terminal?

http://support.apple.com
2018-09-22 08:28

Summary

Learn how to verify a SHA-1 digest (also known as a checksum). Important: Verifying the SHA-1 of a software update is optional; it is provided on Apple software updates for those individuals who want to verify the authenticity of an update.
Products Affected

Mac OS X 10.0, Mac OS X 10.3, Mac OS X 10.2, Mac OS X 10.1, Mac OS X 10.4, Mac OS X 10.6, Mac OS X 10.5, Product Security

Note: For updates delivered by Automatic Software Update, SHA-1 digest verification is performed automatically for you.

To verify a manually-downloaded software update from Apple Downloads, which contains a SHA-1 digest, perform the following steps:

    1. Open Terminal (located in /Applications/Utilities).

    2. Type the following at the Terminal prompt:

    openssl sha1 [full path to file]

    Example:

    openssl sha1 /Users/myaccount/Documents/1024SecUpd2003-03-03.dmg

    The SHA-1 digest is displayed as: SHA1 (full path to the file)= [checksum amount]

    SHA1(/Users/myaccount/Documents/1024SecUpd2003-03-03.dmg) =2eb722f340d4e57aa79bb5422b94d556888cbf38

Additional Information

About SHA-1

SHA-1 is essentially a secure checksum for a data file. The SHA-1 checksum is based on a cryptographic standard. For a given file, SHA-1 produces a 160 bit encrypted output known as a "message digest." It is highly improbable that a modified data set would produce the same message digest. If a file is changed during transit, its message digest also changes.

SHA-1 and Apple Downloads

You can download manually-installable updates from Apple Downloads. Apple uses SHA-1 digests on certain Apple Downloads so you can verify (with a high degree of probability) that the software you downloaded is the same software you intended to download (see Related documents below). When the SHA-1 digest for the file you downloaded matches the digest for the file as displayed on Apple Downloads, you can be sure that the file is authentic.

Tags: checksum, mac os x, SHA-1, terminal
Average rating: 3 (1 Vote)

You cannot comment on this entry