It is absolutely easy to create a key inside the "trusted" keyring and then export/import it (keyctl pipe/keyctl load).
However, is there a way where I can seal a known key once? I.e., I know the key: "aabbccddeeff00112233445566778899" and I want to inject it into the trusted keyring, so that it will only ever be exported back in sealed form?
I am absolutely aware about the security implications of having an explicit key copy outside of the trusted keyring and, in my scneario, that is acceptable.
