I am trying to develop a document signing tool for our engineering process. The core of this application is an RSA signed string with identification and data to coordinate the validation of documents (mostly by checking that everyone is looking at the same version of the document). The system needs to be multi-platform (Windows, Linux, Mac).
I want to use hardware-based authentication for the private-key management, and the most secure way to do this would be to pass the message to the onlykey and have it return an RSA signature. Ideally I’d like to do this in python directly. Is this a capability of OnlyKey?
Yes, currently onlykey-agent only works with mac/linux we do have several ongoing efforts that may relate to what you are trying to do.
We are planning on adding support for GPG4win to onlykey-agent this is probably 6 months away though.
We are planning on releasing a nodejs module for OnlyKey (node-onlykey) that allows integration with 3rd party web apps and local apps for encryption/signing. This would not use RSA as ECC protocols are faster. This might work for your app if you can support ECC keys.