Android phone appear as OpenPGP smart card in card reader to desktop

[GoogleCodeExporter]

On:
http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html
the GnuPG developers discuss how to use an OpenPGP smart card in a USB card 
reader with GnuPG. 

It would be excellent if the SEEK project not only added hardware cryptography 
for Android applications, but presented the attached cryptographic hardware as 
a standard card reader and (OpenPGP) smart card when plugged into a PC by USB 
(and maybe other standards, such as Bluetooth if possible).

Use case for having this feature implemented:
At the moment, the most practical option for two-factor authentication is to 
buy a smart card reader and smart card. It would be excellent if an Android 
phone could fulfil that role instead for a number of reasons:
* lower cost, if the user already has the phone;
* more convenient, as a lot of users will have their phones with them (as 
opposed to having to carry a card and often a reader); 
* more powerful, as an Android phone has the potential to provide a much more 
complete (and hardware accelerated) implementation than any one smart card; and
* potential for on-device PIN entry.

If the device can pretend to be a standard smart card/reader, the potential is 
quite impressive, as it could nearly-instantly have support in GnuPG, log-ins, 
website authentication etc. I assume that you would want to make sure that the 
device readable by OpenSC:
http://www.opensc-project.org/opensc/wiki/OverView and the Linux kernel Crypto 
API.

To clarify, what I am looking to do is buy a 
http://www.gd-sfs.com/the-mobile-security-card/ put it into my Android phone, 
plug my Android phone into my Ubuntu Linux computer and have Ubuntu (and GnuPG) 
see the mobile security card and phone as a standard smart card that I can use 
to log on, sign emails etc.

I would have thought that adding this capability to Android would help your 
other aims, as cryptography on the Android currently suffers the chicken-egg 
problem. With users using the Android as a smart card reader, there will 
quickly be a large demand on the cryptographic functions of the device (as a 
large number of desktop applications can use cryptography), which will 
encourage the hardware acceleration sufficient to encourage adoption by Android 
applications.

Original issue reported on code.google.com by lunatick...@gmail.com on 4 Aug 2010 at 3:57

[GoogleCodeExporter]

Different solutions for an implementation possible - needs further 
investigation...

- Mount Mobile Security Card on PC
When the Android phone is connected via USB and the Mobile Security Card is 
mounted on the PC, a PC/SC IFD Handler on the host could access the smartcard 
directly.

- Proprietary 'APDU-bridge' in Android
The APK on Android is forwarding all APDU commands from the host to the secure 
element and returns the response (over bluetooth).

- Implement a new USB device class CCID
When the Android phone is connected via USB the PC will see a CCID compliant 
card terminal in addition to the mass storage or ADB class.

- Implement SAP/rSAP in Anroid
The SIM Access Profile could be implemented in Android and extended with access 
to the Mobile Security Card. Implementation on the host?

Original comment by Daniel.A...@gi-de.com on 9 Aug 2010 at 4:11

• Changed state: Accepted
• Added labels: Priority-Medium, Type-Enhancement

[GoogleCodeExporter]

Bluetooth IFD Handler for PCSC (Linux & Windows) with access to an Android 
application is developed

Original comment by Daniel.A...@gi-de.com on 4 Oct 2010 at 11:48

• Changed state: Started

[GoogleCodeExporter]

Initial version for Linux finished.

Original comment by manueleb...@googlemail.com on 5 Oct 2010 at 3:10

[GoogleCodeExporter]

I know this is years later, but does this work?  I now have a Asus Transformer 
T101.  It has two 2.0 USB ports on the keyboard.  I can tell that it powers 
devices and reads HDD's and thumb drives just fine.  But my CAC card reader 
fails to work.  I'm guessing it's something to do with drivers.  Good luck!

Original comment by ghost0...@gmail.com on 5 Mar 2012 at 6:38