From d393e18f90bab4c70d00cd5e65a5a64be5c98150 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 8 Mar 2018 07:49:16 +0100
Subject: [PATCH] Add psa_set_key_lifetime

It is likely that most implementations won't support this function.
But in case an implementation wants to provide it, standardize its
interface.
---
 include/psa/crypto.h | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ffa70d5c3..5edc04fcd 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -537,9 +537,22 @@ typedef uint32_t psa_key_lifetime_t;
  */
 #define PSA_KEY_LIFETIME_WRITE_ONCE             ((psa_key_lifetime_t)0x7fffffff)
 
+/** \brief Retrieve the lifetime of a key slot.
+ *
+ * The assignment of lifetimes to slots is implementation-dependent.
+ */
 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
 
+/** \brief Change the lifetime of a key slot.
+ *
+ * Whether the lifetime of a key slot can be changed at all, and if so
+ *  whether the lifetime of an occupied key slot can be chaned, is
+ * implementation-dependent.
+ */
+psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
+                                  const psa_key_lifetime_t *lifetime);
+
 /**@}*/
 
 /** \defgroup hash Message digests