commit a0655c3501d4a14760da7c94b5971323c4aa45dd
author Gilles Peskine <Gilles.Peskine@arm.com> Mon Apr 30 17:06:50 2018 +0200
committer itayzafrir <itay.zafrir@arm.com> Wed Sep 05 12:10:43 2018 +0300
tree c9f0bbb7df01f0228a8f312b98346f992d25aee8
parent c63b6ba7548ae1c4ba6a7a224ca8daf556df3808
parent f0c9dd37d2b16a3d6e1e612d8a7ccf9ff208ae1a

Merge remote-tracking branch 'psa/pr/13' into feature-psa

Conflicts:
	library/psa_crypto.c
	tests/suites/test_suite_psa_crypto.data
	tests/suites/test_suite_psa_crypto.function

All the conflicts are concurrent additions where the order doesn't
matter. I put the code from feature-psa (key policy) before the code
from PR #13 (key lifetime).

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 483e1a6..7e633a3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -97,6 +97,7 @@
 typedef struct {
     psa_key_type_t type;
     psa_key_policy_t policy;
+    psa_key_lifetime_t lifetime;
     union {
         struct raw_data {
             uint8_t *data;
@@ -1288,6 +1289,7 @@
 }
 
 
+
 /****************************************************************/
 /* Key Policy */
 /****************************************************************/
@@ -1352,6 +1354,54 @@
     return( PSA_SUCCESS );
 }
 
+
+
+/****************************************************************/
+/* Key Lifetime */
+/****************************************************************/
+
+psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
+                                  psa_key_lifetime_t *lifetime)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    slot = &global_data.key_slots[key];
+    
+    *lifetime = slot->lifetime;
+
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
+                                  const psa_key_lifetime_t lifetime)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    if( lifetime != PSA_KEY_LIFETIME_VOLATILE && 
+        lifetime != PSA_KEY_LIFETIME_PERSISTENT && 
+        lifetime != PSA_KEY_LIFETIME_WRITE_ONCE)
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    slot = &global_data.key_slots[key];
+    if( slot->type != PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_OCCUPIED_SLOT );
+
+    if ( lifetime != PSA_KEY_LIFETIME_VOLATILE )
+        return( PSA_ERROR_NOT_SUPPORTED );
+        
+    slot->lifetime = lifetime;
+
+    return( PSA_SUCCESS );
+}
+
+
+
 /****************************************************************/
 /* Module setup */
 /****************************************************************/