Learn how to create and assign binary key instead of passphrase to LUKS key-slot on a specific device.
Generate random binary key.
$ openssl rand -out additional_key 4096
Change binary key permissions.
$ chmod 400 additional_binary_key
Inspect binary key size and permissions.
$ ls -lh additional_key -r-------- 1 milosz milosz 4.0K Dec 31 02:11 additional_binary_key
Add an additional key stored in a file to the specified key-slot.
$ sudo cryptsetup luksAddKey --key-slot 7 /dev/sdb1 ./additional_binary_key Enter any existing passphrase: **********
Additional notes
You can use additional file or a named pipe to provide current passphrase as described in how to non-interactively manage LUKS passphrases blog post.
Please read NOTES ON PASSPHRASE PROCESSING FOR LUKS in cryptsetup manual page to understand the implications of the way you provide key contents. Using a key file will ensure that the whole key is read.