The implementation of OIDC pairwise subject identifiers uses a singleton MessageDigest object to implement the salted SHA-256 hashing suggested in the spec. MessageDigest objects are stateful and not thread-safe so this could potentially cause incorrect results if called from multiple threads simultaneously.
It looks like it is currently only called from a single thread at the moment, as OpenAMClientRegistrationStore always constructs a new instance, but I don't know if the client registration instance is itself always used from a single thread. If we ever introduce any caching of client registrations then it may become multi-threaded.
Found by code inspection_._ Hard to reproduce externally.
Given that this message digest is only ever used if pairwise subject identifiers are enabled, it would be safer and more efficient to only get a MessageDigest instance when we actually need one as they are not particularly expensive to construct.