If the key remains on the users device but under the control of the app, does that count as out of control of the app?
Maybe you'd have to force the user to export the key to an external file (and forget the path) or encrypt it with some mechanism that the app isn't in control of.
Maybe you'd have to force the user to export the key to an external file (and forget the path) or encrypt it with some mechanism that the app isn't in control of.