The symmetric key implementations in Santuario are not thread-safe, but the API contract around them implies they are based on use of const. The DataSealer's KeyStrategy interface is returning shared const keys protected with shared locking, so the keys are ultimately getting shared by threads and stomped on during operations.
The xmlsec API is not great and I probably should be cloning there, but the expedient fix is to just clone the keys from the KeyStrategy interface here when they're used. If xmlsec ever gets touched, we could conditionally adjust where/how the cloning is done but it would stay safe either way.
The symmetric key implementations in Santuario are not thread-safe, but the API contract around them implies they are based on use of const. The DataSealer's KeyStrategy interface is returning shared const keys protected with shared locking, so the keys are ultimately getting shared by threads and stomped on during operations.
The xmlsec API is not great and I probably should be cloning there, but the expedient fix is to just clone the keys from the KeyStrategy interface here when they're used. If xmlsec ever gets touched, we could conditionally adjust where/how the cloning is done but it would stay safe either way.