using an OpenPGP card with Java (keytool and jarsigner)

Hans-Christoph Steiner hans at
Fri Jan 17 16:44:10 CET 2014

On 01/17/2014 03:05 AM, Werner Koch wrote:
> On Fri, 17 Jan 2014 02:24, seanl at said:
>> Scute works great with Firefox, but keep in mind it requires gpg-agent (or
> Sure.  That is the whole point of the exercise.
>> at least scdaemon). AFAIK it's not intended to work with anything other
>> than Firefox right now. I've been meaning to try it out with wpa_supplicant
> Well, it has not been tested with anything else.  However, it implements
> the pkcs#11 interface properly for signature keys and Marcus even came
> up with a free and readable implementation of the pkcs11 header file.
>> The code seems fairly straightforward and it comes with documentation for
>> spying on the PKCS#11 calls to help troubleshoot the implementation, so
>> even if it doesn't work it may not require too much hacking to make it
> Right.  I would love to see a new maintainer for it.  If there are any
> GnuPG related problems I will for sure help with it.

How does scute's PKCS#11 support differ from OpenSC's?  If the OpenPGP card is
supported by opensc, is that providing the same thing as scute?  I already
have Java's keytool talking to the OpenPGP card via OpenSC, I just can't get
it to sign something yet.


PGP fingerprint: 5E61 C878 0F86 295C E17D  8677 9F0F E587 374B BE81

More information about the Gnupg-users mailing list