using an OpenPGP card with Java (keytool and jarsigner)

Sean Lynch seanl at
Fri Jan 17 02:24:45 CET 2014

On Wed, Jan 8, 2014 at 4:02 AM, Werner Koch <wk at> wrote:

> On Tue,  7 Jan 2014 15:32, hans at said:
> > OpenPGP card as a PKCS11 keystore.  It seems that things are close: Java
> can
> > use NSS as a provider of PKCS11.  I guess the question is whether opensc
> is
> > making a PKCS#11 interface to the OpenPGP card, that's the bit that I
> don't
> Scute also provides an pkcs#11 interface to NSS.  Thus you should be
> able to use it also with Java.

Scute works great with Firefox, but keep in mind it requires gpg-agent (or
at least scdaemon). AFAIK it's not intended to work with anything other
than Firefox right now. I've been meaning to try it out with wpa_supplicant
and openvpn, so please let us know if you get it to work with anything
other than Firefox!

The code seems fairly straightforward and it comes with documentation for
spying on the PKCS#11 calls to help troubleshoot the implementation, so
even if it doesn't work it may not require too much hacking to make it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140116/2caba513/attachment.html>

More information about the Gnupg-users mailing list