From 290ca2acd076747ae390d488f49f054a458f2459 Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Tue, 5 Sep 2023 17:45:20 +0200
Subject: [PATCH] openpgp-card-sequoia: add set_user_pin_signing_validity()

---
 openpgp-card-sequoia/src/lib.rs | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/openpgp-card-sequoia/src/lib.rs b/openpgp-card-sequoia/src/lib.rs
index 25a9c8d..52a5f52 100644
--- a/openpgp-card-sequoia/src/lib.rs
+++ b/openpgp-card-sequoia/src/lib.rs
@@ -1104,6 +1104,19 @@ impl Card<Admin<'_, '_>> {
         self.card().set_pw_status_bytes(pw_status, long)
     }
 
+    /// Configure the "only valid for one PSO:CDS" setting in PW Status Bytes.
+    ///
+    /// If `once` is `true`, the User PIN must be verified before each
+    /// signing operation on the card.
+    /// If `once` is `false`, one User PIN verification is good for an
+    /// unlimited number of signing operations.
+    pub fn set_user_pin_signing_validity(&mut self, once: bool) -> Result<(), Error> {
+        let mut pws = self.as_transaction().pw_status_bytes()?;
+        pws.set_pw1_cds_valid_once(once);
+
+        self.set_pw_status_bytes(&pws, false)
+    }
+
     /// Set the touch policy for a key slot (if the card supports this
     /// feature).
     ///