diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 6210c1f8c..b2c57a4ae 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -92,7 +92,8 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); * \brief This function initializes the CCM context set in the * \p ctx parameter and sets the encryption key. * - * \param ctx The CCM context to initialize. Must not be \c NULL. + * \param ctx The CCM context to initialize. Must be an initialized + * context. * \param cipher The 128-bit block cipher to use. * \param key The encryption key. Must not be \c NULL. * \param keybits The key size in bits. This must be acceptable by the cipher. @@ -109,7 +110,7 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, * \brief This function releases and clears the specified CCM context * and underlying cipher sub-context. * - * \param ctx The CCM context to clear. + * \param ctx The CCM context to clear. Must be an initialized context. * * \note If ctx is \c NULL, the function has no effect. */ @@ -124,20 +125,27 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); * \p tag = \p output + \p length, and make sure that the * output buffer is at least \p length + \p tag_len wide. * - * \param ctx The CCM context to use for encryption. Must not be \c NULL. + * \param ctx The CCM context to use for encryption. Must be an + * initialized context. * \param length The length of the input data in Bytes. - * \param iv Initialization vector (nonce). Must not be \c NULL. + * \param iv Initialization vector (nonce). Must be a readable buffer of + * at least \p iv_len Bytes. * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. Must not be \c NULL. + * \param add The additional data field. If \p add_len is greater than + * zero, \p add must be a readable buffer of at least that + * length. * \param add_len The length of additional data in Bytes. * Must be less than 2^16 - 2^8. - * \param input The buffer holding the input data. Must not be \c NULL. - * \param output The buffer holding the output data. - * Must be at least \p length Bytes wide. - * \param tag The buffer holding the authentication field. Must not be - * \c NULL. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. Must be a + * readable buffer of at least \p tag_len Bytes. * \param tag_len The length of the authentication field to generate in Bytes: * 4, 6, 8, 10, 12, 14 or 16. * @@ -163,20 +171,27 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * the tag length has to be encoded into the \p iv passed to * this function. * - * \param ctx The CCM context to use for encryption. Must not be \c NULL. + * \param ctx The CCM context to use for encryption. Must be an + * initialized context. * \param length The length of the input data in Bytes. - * \param iv Initialization vector (nonce). Must not be \c NULL. + * \param iv Initialization vector (nonce). Must be a readable buffer of + * at least \p iv_len Bytes. * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. Must not be \c NULL. + * \param add The additional data field. If \p add_len is greater than + * zero, \p add must be a readable buffer of at least that + * length. * \param add_len The length of additional data in Bytes. * Must be less than 2^16 - 2^8. - * \param input The buffer holding the input data. Must not be \c NULL. - * \param output The buffer holding the output data. - * Must be at least \p length Bytes wide. - * \param tag The buffer holding the authentication field. Must not be - * NULL. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. Must be a + * readable buffer of at least \p tag_len Bytes. * \param tag_len The length of the authentication field to generate in Bytes: * 0, 4, 6, 8, 10, 12, 14 or 16. * @@ -196,21 +211,28 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * \brief This function performs a CCM authenticated decryption of a * buffer. * - * \param ctx The CCM context to use for decryption. Must not be \c NULL. + * \param ctx The CCM context to use for decryption. Must be an + * initialized context. * \param length The length of the input data in Bytes. - * \param iv Initialization vector (nonce). Must not be \c NULL. + * \param iv Initialization vector (nonce). Must be a readable buffer of + * at least \p iv_len Bytes. * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. Must not be \c NULL. + * \param add The additional data field. If \p add_len is greater than + * zero, \p add must be a readable buffer of at least that + * length. * \param add_len The length of additional data in Bytes. * Must be less than 2^16 - 2^8. - * \param input The buffer holding the input data. Must not be \c NULL. - * \param output The buffer holding the output data. - * Must be at least \p length Bytes wide. - * \param tag The buffer holding the authentication field. Must not be - * NULL. - * \param tag_len The length of the authentication field in Bytes. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. Must be a + * readable buffer of at least \p tag_len Bytes. + * \param tag_len The length of the authentication field to generate in Bytes: * 4, 6, 8, 10, 12, 14 or 16. * * \return \c 0 on success. This indicates that the message is authentic. @@ -232,20 +254,27 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * this function as \p tag_len. (\p tag needs to be adjusted * accordingly.) * - * \param ctx The CCM context to use for decryption. Must not be \c NULL. + * \param ctx The CCM context to use for decryption. Must be an + * initialized context. * \param length The length of the input data in Bytes. - * \param iv Initialization vector (nonce). Must not be \c NULL. + * \param iv Initialization vector (nonce). Must be a readable buffer of + * at least \p iv_len Bytes. * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. Must not be \c NULL. + * \param add The additional data field. If \p add_len is greater than + * zero, \p add must be a readable buffer of at least that + * length. * \param add_len The length of additional data in Bytes. * Must be less than 2^16 - 2^8. - * \param input The buffer holding the input data. Must not be \c NULL. - * \param output The buffer holding the output data. - * Must be at least \p length Bytes wide. - * \param tag The buffer holding the authentication field. Must not be - * NULL. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. Must be a + * readable buffer of at least \p tag_len Bytes. * \param tag_len The length of the authentication field in Bytes. * 0, 4, 6, 8, 10, 12, 14 or 16. *