hpke: any chance of supporting yubikey (or similar) signing?

[karalabe]

I've been using the HPKE lib for some stuff and figured that with Yubikeys supporting X25519, it should be possible to have the hpke.KEM_X25519_HKDF_SHA256 be completely backed by a hardware device instead of requiring the key locally. That said, the hpke package is hard coded to operate on in-memory keys.

Would it be possible (or have a desire) to expand the library to add some pluggability for external keys? I.e. even if the Yubikey code would not be part of the lib, at least make the library support calling external signers for certain operations?

[armfazh]

Do you have a pointer to some Go library, for example for ECDSA signing, that supports the functionality you are looking for?