The usage of OpenPGP Applet with Thunderbird - Combine JavaCard with Enigmail[3/3]

Smartcard solutions

Moderator: product

User avatar
Posts: 253
Joined: Thu Apr 30, 2015 12:00 pm
Points: 2221

The usage of OpenPGP Applet with Thunderbird - Combine JavaCard with Enigmail[3/3]

Postby JavaCardOS » Mon Apr 18, 2016 2:54 am

Firstly, make sure that OpenPGP Applet has been uploaded and installed into javacard, and you can select the applet successfully. Insert javacard into smartcard reader.

Generate Key:
There are two method to generate key.

Method 1:

In the "Enigmail Key Management" window, select File-> Manage SmartCard, Enigmail will connect the card automatically and try to select OpenPGP applet.

If successful, "OpenPGP SmartCard Details" dialog box will pop up. You can select Smartcard -> Edit Card Data to modify card information. Then select SmartCard -> Generate Key to generate key.

In "Generate OpenPGP Key" dialog box, select the mail account that you want to protect. Set the passphrase and the key expiration date. Then click Generate Key button.

Using this method, it will be failed to generate key sometimes.

So we can use the second method to do this.

Method 2:
Use console command to generate key. The following console command operations show how to generate key via this method:

The mainly used console command are: gpg --card-status, admin and generate.
    1. In the process of generating new key, you can follow the prompts to enter the admin PIN, the passphrase and the key expiration date, and so on.

    2. You can use "help" to get all the commands in current status.such as in "Admin commands are allowed" status, the help command will displays the following commands

Code: Select all

gpg/card> admin
Admin commands are allowed

gpg/card> help
quit       quit this menu
admin      show admin commands
help       show this help
list       list all available data
name       change card holder's name
url        change URL to retrieve key
fetch      fetch the key specified in the card URL
login      change the login name
lang       change the language preferences
sex        change card holder's sex
cafpr      change a CA fingerprint
forcesig   toggle the signature force PIN flag
generate   generate new keys
passwd     menu to change or unblock the PIN
verify     verify the PIN and list all data
unblock    unblock the PIN using a Reset Code


After the key is generated successfully, you can use "verify" command to verify the PIN and list all data.

1.Select Enigmail->Preferences to open the Enigmail Preferences dialog, and configure the option as following figure:

2. Select Options-> Account Settings... to open Account Setting dialog, and configure the option as following figure:

Send/Receive E-mail:
Then messages you send or receive will be encrypted and decrypted by the key your selected in above figure.

If Enigmail doesn't find the java card, it will give the prompt to insert the card.

Otherwise, you will not be able to send mail or can not view the e-mail content.
You do not have the required permissions to view the files attached to this post. Please login first.

Return to “Solutions”

Who is online

Users browsing this forum: No registered users and 1 guest

JavaCard OS : Disclaimer