Hi all, I've removed the replies, for shortness. Thank you very much for them, they have been very enlightning. I think I've found my solution. What I wanted to do is make sure that the software only runs on a system that has a smartcard connected to it that the software owner has sent the customer. Next to that, I want the configuration file to also only have been created by the software owner. Therefore I think I need to sign the configuration twice.
My theory (please correct me if I'm wrong): there are two ways to verify that a signature on a piece of data is correct: 1) Creating the digest of that data and verifying it with the corresponding public key to see if the signature was created with that private key; 2) Recreate the signature with the private key (assuming I have it) and see if it matches the signature. I know 2) is not really a common option, but in this case it should be worthwhile. My plan is: - sign the configuration with the smartcard; - sign the resulting signature with the private key of the software owner. To check, I can now: - re-sign the configuration file with the smartcard (method 2); - make a digest of the resulting signature and check wether the "signed signature" was actually signed by the software owner's private key by validating the digest with the software owner's public key (method 1). David Schwartz told me it was not easy and I agree. But to me it looks like this could do the trick. Please bear in mind that the software user has control over the smartcard but not over the software owner's public key. So, is this safe? Any comments? Thanks in advance :-) Kind regards, Simon de Hartog ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]