From 4754cdeef806f5167edc0d140b7fce52581c9aa5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 May 2019 15:56:29 +0200
Subject: [PATCH] Improve description of psa_open_key()

Remove obsolete reference to psa_make_key_persistent().
---
 include/psa/crypto.h | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index f1a290d7b..f099967a0 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -461,10 +461,17 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes);
 
 /** Open a handle to an existing persistent key.
  *
- * Open a handle to a key which was previously created with
- * psa_make_key_persistent() when setting its attributes.
- * The handle should eventually be closed with psa_close_key()
- * to release associated resources.
+ * Open a handle to a persistent key. A key is persistent if it was created
+ * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key
+ * always has a nonzero key identifier, set with psa_set_key_id() when
+ * creating the key. Implementations may provide additional pre-provisioned
+ * keys with identifiers in the range
+ * #PSA_KEY_ID_VENDOR_MIN&ndash;#PSA_KEY_ID_VENDOR_MAX.
+ *
+ * The application must eventually close the handle with psa_close_key()
+ * to release associated resources. If the application dies without calling
+ * psa_close_key(), the implementation should perform the equivalent of a
+ * call to psa_close_key().
  *
  * Implementations may provide additional keys that can be opened with
  * psa_open_key(). Such keys have a key identifier in the vendor range,