Certificates on smart cards are usually available through the PKCS # 11 API (cross-platform method), and on Windows they can be accessed through the Windows certificate store. As mentioned in the comments, Java supports both methods natively, although there are some limitations / errors in Java providers.
However, access to the certificates themselves is not sufficient for signing PDF or Word documents - both of these formats include signing as an integral part, and you need to either write code to sign documents in these formats, or use existing libraries. For PDF it can be iText (see license!) Or our SecureBlackbox. Both support PKCS # 11. For Office documents, I donβt know an alternative to SecureBlackbox. Our library supports both Java interfaces for PKCS11 and Windows CertStore and our own JNI modules for them.
About "import certificates into the keystore" - this is done to list and search for certificates. These keystores are "virtual" because they display smart card certificates. In addition, when such a mapping is performed, the private key remains on the hardware device and is not copied (in most cases, this is technically impossible). Therefore, cryptographic operations that require a private key are performed on the device in any case.