Code size reductions (check RX TSIP enables).

wolfcrypt/src/port/Renesas/renesas_tsip_aes.c

@@ -611,50 +611,56 @@ int wc_tsip_AesCtr(struct Aes* aes, byte* out, const byte* in, word32 sz)
     int ret;
     byte *iv;
 
-    if ((in == NULL) || (out == NULL) || (aes == NULL))
-      return BAD_FUNC_ARG;
-
-    /* while doing TLS handshake, TSIP driver keeps true-key and iv *
-     * on the device. iv is dummy                                   */
-    iv = (uint8_t*)aes->reg;
+    if ((in == NULL) || (out == NULL) || (aes == NULL)) {
+        return BAD_FUNC_ARG;
+    }
 
     if ((ret = tsip_hw_lock()) != 0) {
         WOLFSSL_MSG("Failed to lock");
         return ret;
     }
 
+    /* while doing TLS handshake, TSIP driver keeps true-key and iv *
+     * on the device. iv is dummy                                   */
+    iv = (uint8_t*)aes->reg;
+
     if (aes->ctx.keySize == 16) {
+    #if defined(TSIP_AES_128_CTR) && TSIP_AES_128_CTR == 1
         ret = R_TSIP_Aes128CtrInit(&_handle, &aes->ctx.tsip_keyIdx, iv);
+        if (ret == TSIP_SUCCESS) {
+            ret = R_TSIP_Aes128CtrUpdate(&_handle, (uint8_t*)in,
+                (uint8_t*)out, sz);
+            if (ret == TSIP_SUCCESS) {
+                ret = R_TSIP_Aes128CtrFinal(&_handle);
+            }
+        }
+    #else
+        ret = NOT_COMPILED_IN;
+    #endif
     }
-    else if (aes->ctx.keySize == 32) {
+    if (aes->ctx.keySize == 32) {
+    #if defined(TSIP_AES_256_CTR) && TSIP_AES_256_CTR == 1
         ret = R_TSIP_Aes256CtrInit(&_handle, &aes->ctx.tsip_keyIdx, iv);
-    }
-    else {
-        tsip_hw_unlock();
-        return -1;
+        if (ret == TSIP_SUCCESS) {
+            ret = R_TSIP_Aes256CtrUpdate(&_handle, (uint8_t*)in,
+                (uint8_t*)out, sz);
+            if (ret == TSIP_SUCCESS) {
+                ret = R_TSIP_Aes256CtrFinal(&_handle);
+            }
+        }
+    #else
+        ret = NOT_COMPILED_IN;
+    #endif
     }
 
-    if (aes->ctx.keySize == 16)
-        ret = R_TSIP_Aes128CtrUpdate(&_handle, (uint8_t*)in,
-                                (uint8_t*)out, sz);
-    else
-        ret = R_TSIP_Aes256CtrUpdate(&_handle, (uint8_t*)in,
-                                (uint8_t*)out, sz);
-
-    if (ret == TSIP_SUCCESS) {
-        if (aes->ctx.keySize == 16) {
-            ret = R_TSIP_Aes128CtrFinal(&_handle);
-        }
-        else {
-            ret = R_TSIP_Aes256CtrFinal(&_handle);
-        }
-    }
-    else {
+    if (ret != TSIP_SUCCESS) {
+        WOLFSSL_ERROR(ret);
         WOLFSSL_MSG("TSIP AES CTR failed");
         ret = -1;
     }
 
     tsip_hw_unlock();
+
     return ret;
 }
 #endif /* WOLFSSL_AES_COUNTER */
@@ -720,7 +726,7 @@ int wc_tsip_AesGcmEncrypt(
     if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
         WOLFSSL_MSG("illegal key size");
         WOLFSSL_LEAVE("wc_tsip_AesGcmEncrypt", BAD_FUNC_ARG);
-        return  BAD_FUNC_ARG;
+        return BAD_FUNC_ARG;
     }
 
     if (aes->ctx.keySize == 16) {

wolfcrypt/src/port/Renesas/renesas_tsip_util.c

@@ -72,8 +72,10 @@ extern uint32_t     s_flash[];
 extern uint32_t     s_inst1[R_TSIP_SINST_WORD_SIZE];
 #endif
 
+#ifndef SINGLE_THREADED
 wolfSSL_Mutex       tsip_mutex;
 static int          tsip_CryptHwMutexInit_ = 0;
+#endif
 static tsip_key_data g_user_key_info;
 struct WOLFSSL_HEAP_HINT*  tsip_heap_hint = NULL;
 
@@ -2476,6 +2478,7 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType)
                 tuc->keyflgs_crypt.bits.eccpub_key_set = 0;
             #endif
                 if (keyType == TSIP_KEY_TYPE_ECDSAP256) {
+                #if defined(TSIP_ECDSA_P256) && TSIP_ECDSA_P256 == 1
                     err = R_TSIP_GenerateEccP256PublicKeyIndex(
                                     provisioning_key, iv, (uint8_t*)encPubKey,
                             #if defined(WOLFSSL_RENESAS_TSIP_TLS)
@@ -2484,8 +2487,12 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType)
                                     &tuc->eccpub_keyIdx
                             #endif
                     );
+                #else
+                    err = NOT_COMPILED_IN;
+                #endif
                 }
                 else if (keyType == TSIP_KEY_TYPE_ECDSAP384) {
+                #if defined(TSIP_ECDSA_P384) && TSIP_ECDSA_P384 == 1
                     err = R_TSIP_GenerateEccP384PublicKeyIndex(
                                     provisioning_key, iv, (uint8_t*)encPubKey,
                             #if defined(WOLFSSL_RENESAS_TSIP_TLS)
@@ -2494,6 +2501,9 @@ int tsip_ImportPublicKey(TsipUserCtx* tuc, int keyType)
                                     &tuc->eccpub_keyIdx
                             #endif
                     );
+                #else
+                    err = NOT_COMPILED_IN;
+                #endif
                 }
                 if (err == TSIP_SUCCESS) {
                 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
@@ -2619,6 +2629,7 @@ int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated)
 }
 #endif /* WOLFSSL_RENESAS_TSIP_TLS */
 
+#ifndef SINGLE_THREADED
 /*
 * lock hw engine.
 * this should be called before using engine.
@@ -2654,6 +2665,7 @@ void tsip_hw_unlock(void)
 {
     tsip_CryptHwMutexUnLock(&tsip_mutex);
 }
+#endif
 
 /* open TSIP driver
  * return 0 on success.

wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h

@@ -639,13 +639,17 @@ WOLFSSL_API int wc_tsip_Sha256HmacGenerate(
         word32      sz,
         byte*       digest);
 
-WOLFSSL_LOCAL int  tsip_Open();
+WOLFSSL_LOCAL int  tsip_Open(void);
 
-WOLFSSL_LOCAL void tsip_Close();
+WOLFSSL_LOCAL void tsip_Close(void);
 
-WOLFSSL_LOCAL int  tsip_hw_lock();
-
-WOLFSSL_LOCAL void tsip_hw_unlock( void );
+#ifdef SINGLE_THREADED
+#define tsip_hw_lock() 0
+#define tsip_hw_unlock()
+#else
+WOLFSSL_LOCAL int  tsip_hw_lock(void);
+WOLFSSL_LOCAL void tsip_hw_unlock(void);
+#endif
 
 WOLFSSL_LOCAL int  tsip_usable(const struct WOLFSSL *ssl,
                                 uint8_t session_key_generated);