Would there be any possibility that you develop / produce some keys for the following trust model: the host computer is not completely trusted. I think that this is the only “reasonable” trust model for modern computers. Developing such a key would make sure that the only thing the host computer can access, for example in the case of decrypting a file with RSA, is the file that has been decrypted, and that the computer cannot take advantage of an unlocked key. To me, that would mean:
1: the pin protecting the key should be entered on the key itself, not on the computer; that would mean, adding a keypad
2: to avoid that the computer exploits an unlocked key to decrypt more files than intended, the user should touch a capacitive button each time the key should be used to perform some decryption, even after the key has been unlocked with a pin code. This way, the computer cannot start decrypting files without the user explicitly accepting it, even if the key is unlocked by having entered the pin.