From afb90dd2da1a12d2bc9a7b6878218e9238e41677 Mon Sep 17 00:00:00 2001
From: kaleb-himes <kaleb@wolfssl.com>
Date: Fri, 8 May 2026 17:08:38 -0600
Subject: [PATCH] Fix private key lock issues in master

---
 src/internal.c | 9 ++++++++-
 src/ssl_load.c | 9 ++++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 0cf378f81a2..6bb3ce94c9e 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -31059,11 +31059,18 @@ static int DecodePrivateKey_ex(WOLFSSL *ssl, byte keyType, const DerBuffer* key,
 
         /* Set start of data to beginning of buffer. */
         idx = 0;
-        /* Decode the key assuming it is a Dilithium private key. */
+        /* Decode the key assuming it is a Dilithium private key. The FIPS
+         * wrapper for wc_dilithium_import_private gates on the per-thread
+         * privateKeyReadEnable flag, which is unset by default in any
+         * thread that hasn't called PRIVATE_KEY_UNLOCK(). Without the
+         * bracket, decoding a Dilithium/ML-DSA private key from a
+         * handshake worker thread fails with FIPS_PRIVATE_KEY_LOCKED_E. */
+        PRIVATE_KEY_UNLOCK();
         ret = wc_Dilithium_PrivateKeyDecode(key->buffer,
                                             &idx,
                                             (dilithium_key*)*hsKey,
                                             key->length);
+        PRIVATE_KEY_LOCK();
         if (ret == 0) {
             WOLFSSL_MSG("Using Dilithium private key");
 
diff --git a/src/ssl_load.c b/src/ssl_load.c
index cada9e7560b..f71ccf3467e 100644
--- a/src/ssl_load.c
+++ b/src/ssl_load.c
@@ -956,10 +956,17 @@ static int ProcessBufferTryDecodeDilithium(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
     /* Initialize Dilithium key. */
     ret = wc_dilithium_init(key);
     if (ret == 0) {
-        /* Decode as a Dilithium private key. */
+        /* Decode as a Dilithium private key. The FIPS wrapper for
+         * wc_dilithium_import_private gates on the per-thread
+         * privateKeyReadEnable flag, which is unset by default in any
+         * thread that hasn't called PRIVATE_KEY_UNLOCK(). Without the
+         * bracket, loading a Dilithium/ML-DSA private key from a
+         * worker thread fails with FIPS_PRIVATE_KEY_LOCKED_E. */
         idx = 0;
+        PRIVATE_KEY_UNLOCK();
         ret = wc_Dilithium_PrivateKeyDecode(der->buffer, &idx, key,
             der->length);
+        PRIVATE_KEY_LOCK();
         if (ret == 0) {
             ret = dilithium_get_oid_sum(key, &keyFormatTemp);
             if (ret == 0) {