diff --git a/Assignment 7 - SGX Hands-on/src/enclave/enclave.c b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c
index fba4b4d..e0cb745 100644
--- a/Assignment 7 - SGX Hands-on/src/enclave/enclave.c	
+++ b/Assignment 7 - SGX Hands-on/src/enclave/enclave.c	
@@ -3,6 +3,42 @@
 #include <sgx_error.h>
 #include <sgx_tcrypto.h>
 
+sgx_status_t seal_key_pair(sgx_ec256_private_t *private, sgx_ec256_public_t *public, uint8_t *sealed, uint32_t *sealed_size) {
+    // handle missing keypair
+    if((private == NULL) || (public == NULL))
+        return SGX_ERROR_UNEXPECTED;
+
+    // allocate temporary buffers on stack
+    uint8_t pk[2*SGX_ECP256_KEY_SIZE] = {0};
+    uint8_t sk[SGX_ECP256_KEY_SIZE] = {0};
+
+    // copy keypair into buffers
+    memcpy(pk, public->gx, SGX_ECP256_KEY_SIZE);
+    memcpy(pk + SGX_ECP256_KEY_SIZE, public->gy, SGX_ECP256_KEY_SIZE);
+    memcpy(sk, private->r, SGX_ECP256_KEY_SIZE);
+
+    // calculate needed size
+    *sealed_size = sgx_calc_sealed_data_size((uint32_t)(2*SGX_ECP256_KEY_SIZE), (uint32_t)SGX_ECP256_KEY_SIZE);
+    if(*sealed_size == UINT32_MAX)
+        return SGX_ERROR_UNEXPECTED;
+
+    // allocate buffer on heap
+    sealed = (uint8_t *)malloc(*sealed_size);
+    if(sealed == NULL) {
+        free(sealed);
+        return SGX_ERROR_OUT_OF_MEMORY;
+    }
+
+    // seal keypair
+    sgx_status_t status = sgx_seal_data((uint32_t)2*SGX_ECP256_KEY_SIZE, (const uint8_t *)pk, (uint32_t)SGX_ECP256_KEY_SIZE, (uint8_t *)sk, *sealed_size, (sgx_sealed_data_t *) sealed);
+    if(status != SGX_SUCCESS) {
+        free(sealed);
+        return SGX_ERROR_UNEXPECTED;
+    }
+
+    return SGX_SUCCESS;
+}
+
 sgx_status_t public_key(const uint8_t *sealed, const size_t sealed_size, uint8_t *gx, uint8_t *gy) {
     // return if no sealed data provided
     if(sealed == NULL)