feat(tf-psa-crypto): Expose persistent key storage blob-size helper

Add psa_persistent_key_storage_blob_size() so callers outside tf-psa-crypto
can size the output buffer for psa_format_key_data_for_storage() without
needing to know the internal psa_persistent_key_storage_format struct.

tf-psa-crypto/core/psa_crypto_storage.c

@@ -233,6 +233,11 @@ typedef struct {
     uint8_t key_data[];
 } psa_persistent_key_storage_format;
 
+size_t psa_persistent_key_storage_blob_size(size_t key_data_length)
+{
+    return sizeof(psa_persistent_key_storage_format) + key_data_length;
+}
+
 void psa_format_key_data_for_storage(const uint8_t *data,
                                      const size_t data_length,
                                      const psa_key_attributes_t *attr,

tf-psa-crypto/core/psa_crypto_storage.h

@@ -158,6 +158,21 @@ psa_status_t psa_destroy_persistent_key(const mbedtls_svc_key_id_t key);
  */
 void psa_free_persistent_key_data(uint8_t *key_data, size_t key_data_length);
 
+/**
+ * \brief Return the on-disk size of the PSA persistent key storage blob that
+ *        psa_format_key_data_for_storage() will produce for a given key data
+ *        length.
+ *
+ * Custom PSA ITS backends that synthesize blobs on read (rather than
+ * persisting them through psa_its_set()) can use this to size the output
+ * buffer without knowing the internal storage format layout.
+ *
+ * \param key_data_length  Length of the key_data payload that will be passed
+ *                         to psa_format_key_data_for_storage().
+ * \return Total blob size in bytes (storage header + key_data).
+ */
+size_t psa_persistent_key_storage_blob_size(size_t key_data_length);
+
 /**
  * \brief Formats key data and metadata for persistent storage
  *