It shouldn’t be possible, since vaadin is a server-side based framework (and You really don’t want to send private key to the server). When we needed such functionality, we implemented it by calling hidden applet on the page, that does signing and sends result back to vaadin. I remember there were some beta versions of pure js solutions at that moment, but don’t have experience with them.
Unfortunately, no, the code belongs to our customer.
But the general idea: for signing, we were using an applet from card service provider, for communication with it - javascript. Imho, the first step would be to find such applet that works in a static page (usually card providers can help since they know what works with their cards) and then check its api and integrate with vaadin. Also note, that this will require java installed on client PC.
I don’t know any reliable solution. There are some pure-js solutions, but never used (by us) in real application. CAPICOM (now deprecated) is an option, but works only in Windows; there are flash-based options, but of course, they require flash. And in general, these type of tasks shouldn’t be easy or transparent (from user PoV) since can be very dangerous.