Help need to use truecryt + openpgp applet.

Thomas Harning Jr. harningt at
Thu Feb 19 19:50:45 CET 2015

On Thu Feb 19 2015 at 12:23:34 PM Matthias-Christian Ott <ott at>

> On 2015-02-19 09:23, Ranjini H.K wrote:
> > Yes my java card supports PKCS#11. Am not so sure about OpenPGP applet.
> > What should i do othercase To make my OpenPGP applet support PKCS#11.
> Your Java Card does probably not support PKCS #11. An applet on the card
> might implement it. To make it work, you need a PKCS #11 middleware and
> tell TrueCrypt about it (Settings > Security Tokens... > PKCS #11
> Library Path). If you are using an applet that is supported by OpenSC,
> you can use OpenSC. Otherwise you have to resort to the proprietary
> middleware supplied by the vendor. OpenPGP cards should be supported by
> OpenSC and should be usable with TrueCrypt [1]. There is also a
> proprietary PKCS #11 library that should provide a PKCS #11 interface
> for OpenPGP cards [2]. Otherwise you can try Scute [3].
> That said, it is probably better to ask on the OpenSC mailing list [4]
> about PKCS #11.
> The Java Card OpenPGP applet seems to be maintained by Yubico at the
> moment [5].
> Regards,
> Matthias-Christian
> [1]
> [2]
> [3]
> [4]
> [5]
The main issue is that TrueCrypt does not generate a key on-card, but
instead it stores pin-protected data which it reads out when it needs to
unlock the disk.

OpenPGP cards, if I recall right, have no capability to store arbitrary

Perhaps you can file a feature-request against VeraCrypt (the "current"
TrueCrypt project) to implement a mechanism where the master key (or subkey
of sorts) is encrypted with a key stored on-card.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150219/b21992e6/attachment-0001.html>

More information about the Gnupg-users mailing list