From 9af70e51c13372161ab3b33d3dc290a3aaa2d6d0 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 14 Feb 2024 18:38:56 +0000 Subject: [PATCH] Make multi-part AEAD operations thread-safe The setup calls are the only calls to use a key ID. The key is then copied into the operation object, all future API calls use the copy instead of the key in the slot. Simultaneous API calls on the same operation object are not thread-safe. Signed-off-by: Ryan Everett --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b16fac16f..87444e129 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4687,7 +4687,7 @@ static psa_status_t psa_aead_setup(psa_aead_operation_t *operation, operation->key_type = psa_get_key_type(&attributes); exit: - unlock_status = psa_unregister_read(slot); + unlock_status = psa_unregister_read_under_mutex(slot); if (status == PSA_SUCCESS) { status = unlock_status;