Recommend command-line tool for offline signing ethereum transactions?

I'm looking for a command-line tool that will allow me to use a separate, offline computer for signing and verifying transactions, and then use my normal, online computer for submitting the raw transactions to the rest of the world. I want to manage my own keys and keep the dependencies used as simple as possible.

Really only need it to do 4 operations:

1. make_transaction: This would take three inputs - the from_address_in_hex, the to_address_in_hex, and the amount - and output an unsigned_transaction_in_hex.
2. submit_transaction: This would take an input of a signed_transaction_in_hex and output details on which block it was included in.
3. print_transaction: This would take either an unsigned_transaction_in_hex or a signed_transaction_in_hex as input and output a human-readable ASCII version of all transaction fields.
4. sign_transaction: This wold take a unsigned_transaction_hex and a private_key_hex as inputs and output a hex_signed_transaction.

Operations 3 and 4 need to be able to run disconnected from the internet. Operation 1 and 2 need the internet, the former so it can look up the correct nounce and choose parameters related to gas prices for the transaction.

I'm looking for a solution that will keep my funds safe, even if the code I'm running is malicious, as long as I verify the transaction being signed is the intended one and keep my offline computer disconnected. In the past, it seems like web3.js from a node console would have been the solution, but now that the web3.js API has been promisified, that seems more error prone. I bought a ledger hardware wallet, but am concerned about the risk of the manufacturer being hacked and shipping out malicious firmware and libraries, so have decided to go the offline PC route.