Your analysis is correct, but it's not only about mbedtls, but also
about the library code itself. See
- it says that
the library is not thread-safe and the user needs to ensure proper
Whether it should or not be thread-safe: I don't know, so far we didn't
have any use-case where someone would call it from multiple threads, but
this maybe something to consider...