Thread Safety

Themis as a library is safe to use from multiple threads for non-interactive cryptosystems (Secure Cell and Secure Message) and isn't thread safe for interactive protocols (Secure Comparator and Secure Session). However, access to individual shared objects may need to be synchronized by your application locks.

Particular cryptographic backends and language wrappers may impose additional safety considerations described below.

Themis objects

Secure Message, Secure Cell

Secure Message and Secure Cell objects are generally immutable. They can be safely used from multiple threads concurrently. However, some language wrappers have specific exceptions, see details below.

Secure Comparator, Secure Session

Secure Comparator and Secure Session objects implement stateful interactive protocols. Therefore you must never share them between multiple threads. You may create a handle in one thread and then pass it to another, but you must never use a single object from more than one thread at any given time.

Shared Secure Session transport objects

If you use Secure Session in wrap/unwrap mode, you may share the transport callbacks between multiple Secure Session objects and between multiple threads, provided that your callback implementation is correctly synchronized internally.

Secure Sessions in send/receive mode requires individual transport objects that must never be shared between multiple Secure Sessions (and by extension, between multiple threads).

Crypto backends

OpenSSL

Modern OpenSSL 1.1.0+ can be safely used in multi-threaded applications, provided that support for the underlying OS threading API is built-in. This is usually the case with distribution-provided packages for OpenSSL.

Older OpenSSL 1.0.2 requires developers to install several callbacks in order to be used safely in multithreaded environment. Note that you always have to install these callbacks, regardless of synchronization for individual Themis objects and function calls (unless all Themis and OpenSSL usage throughout the application is restricted to a single thread).

LibreSSL

Themis uses LibreSSL in a way that is fully thread-safe.

BoringSSL

Themis uses BoringSSL in a way that is fully thread-safe.

Language wrappers

ThemisPP (C++)

Secure Cell and Secure Message objects are not thread-safe in C++, contrary to other language wrappers. You must never use the same object from multiple threads.