Forbid passing NULL input buffers to RSA encryption routines

2025-12-24 08:16:33 +01:00 · 2018-12-18 17:04:59 +00:00 · 2018-12-18 17:04:59 +00:00 · 2f660d047d
commit 2f660d047d
parent b86e684ed4
2 changed files with 6 additions and 9 deletions
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@ -601,8 +601,7 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
 *                 #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
 * \param ilen     The length of the plaintext in Bytes.
 * \param input    The input data to encrypt. This must be a readable
- *                 buffer of size \p ilen Bytes. It may be \c NULL if
- *                 `ilen == 0`.
+ *                 buffer of size \p ilen Bytes. This must not be \c NULL.
 * \param output   The output buffer. This must be a writable buffer
 *                 of length \c ctx->len Bytes. For example, \c 256 Bytes
 *                 for an 2048-bit RSA modulus.
@ -642,8 +641,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
 *                 #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
 * \param ilen     The length of the plaintext in Bytes.
 * \param input    The input data to encrypt. This must be a readable
- *                 buffer of size \p ilen Bytes. It may be \c NULL if
- *                 `ilen == 0`.
+ *                 buffer of size \p ilen Bytes. This must not be \c NULL.
 * \param output   The output buffer. This must be a writable buffer
 *                 of length \c ctx->len Bytes. For example, \c 256 Bytes
 *                 for an 2048-bit RSA modulus.
@ -687,8 +685,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
 * \param label_len  The length of the label in Bytes.
 * \param ilen       The length of the plaintext buffer \p input in Bytes.
 * \param input      The input data to encrypt. This must be a readable
- *                   buffer of size \p ilen Bytes. It may be \c NULL if
- *                   `ilen == 0`.
+ *                   buffer of size \p ilen Bytes. This must not be \c NULL.
 * \param output     The output buffer. This must be a writable buffer
 *                   of length \c ctx->len Bytes. For example, \c 256 Bytes
 *                   for an 2048-bit RSA modulus.