From 1a3573e2261431d89650b56f6497a4985f98583a Mon Sep 17 00:00:00 2001
From: Ryan Everett <ryan.everett@arm.com>
Date: Mon, 29 Apr 2024 18:29:48 +0100
Subject: [PATCH] Clarify psa_get_and_lock_key_slot return behaviour

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
---
 library/psa_crypto_slot_management.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index fbcb26ebc8..9986a44969 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -424,6 +424,8 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key,
     if (status != PSA_SUCCESS) {
         psa_wipe_key_slot(*p_slot);
 
+        /* If the key does not exist, we need to return
+         * PSA_ERROR_INVALID_HANDLE. */
         if (status == PSA_ERROR_DOES_NOT_EXIST) {
             status = PSA_ERROR_INVALID_HANDLE;
         }