Improve the constraints definition in the doxygen comments in CCM
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index 6210c1f..b2c57a4 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -92,7 +92,8 @@
* \brief This function initializes the CCM context set in the
* \p ctx parameter and sets the encryption key.
*
- * \param ctx The CCM context to initialize. Must not be \c NULL.
+ * \param ctx The CCM context to initialize. Must be an initialized
+ * context.
* \param cipher The 128-bit block cipher to use.
* \param key The encryption key. Must not be \c NULL.
* \param keybits The key size in bits. This must be acceptable by the cipher.
@@ -109,7 +110,7 @@
* \brief This function releases and clears the specified CCM context
* and underlying cipher sub-context.
*
- * \param ctx The CCM context to clear.
+ * \param ctx The CCM context to clear. Must be an initialized context.
*
* \note If ctx is \c NULL, the function has no effect.
*/
@@ -124,20 +125,27 @@
* \p tag = \p output + \p length, and make sure that the
* output buffer is at least \p length + \p tag_len wide.
*
- * \param ctx The CCM context to use for encryption. Must not be \c NULL.
+ * \param ctx The CCM context to use for encryption. Must be an
+ * initialized context.
* \param length The length of the input data in Bytes.
- * \param iv Initialization vector (nonce). Must not be \c NULL.
+ * \param iv Initialization vector (nonce). Must be a readable buffer of
+ * at least \p iv_len Bytes.
* \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12,
* or 13. The length L of the message length field is
* 15 - \p iv_len.
- * \param add The additional data field. Must not be \c NULL.
+ * \param add The additional data field. If \p add_len is greater than
+ * zero, \p add must be a readable buffer of at least that
+ * length.
* \param add_len The length of additional data in Bytes.
* Must be less than 2^16 - 2^8.
- * \param input The buffer holding the input data. Must not be \c NULL.
- * \param output The buffer holding the output data.
- * Must be at least \p length Bytes wide.
- * \param tag The buffer holding the authentication field. Must not be
- * \c NULL.
+ * \param input The buffer holding the input data. If \p length is greater
+ * than zero, \p input must be a readable buffer of at least
+ * that length.
+ * \param output The buffer holding the output data. If \p length is greater
+ * than zero, \p output must be a writable buffer of at least
+ * that length.
+ * \param tag The buffer holding the authentication field. Must be a
+ * readable buffer of at least \p tag_len Bytes.
* \param tag_len The length of the authentication field to generate in Bytes:
* 4, 6, 8, 10, 12, 14 or 16.
*
@@ -163,20 +171,27 @@
* the tag length has to be encoded into the \p iv passed to
* this function.
*
- * \param ctx The CCM context to use for encryption. Must not be \c NULL.
+ * \param ctx The CCM context to use for encryption. Must be an
+ * initialized context.
* \param length The length of the input data in Bytes.
- * \param iv Initialization vector (nonce). Must not be \c NULL.
+ * \param iv Initialization vector (nonce). Must be a readable buffer of
+ * at least \p iv_len Bytes.
* \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12,
* or 13. The length L of the message length field is
* 15 - \p iv_len.
- * \param add The additional data field. Must not be \c NULL.
+ * \param add The additional data field. If \p add_len is greater than
+ * zero, \p add must be a readable buffer of at least that
+ * length.
* \param add_len The length of additional data in Bytes.
* Must be less than 2^16 - 2^8.
- * \param input The buffer holding the input data. Must not be \c NULL.
- * \param output The buffer holding the output data.
- * Must be at least \p length Bytes wide.
- * \param tag The buffer holding the authentication field. Must not be
- * NULL.
+ * \param input The buffer holding the input data. If \p length is greater
+ * than zero, \p input must be a readable buffer of at least
+ * that length.
+ * \param output The buffer holding the output data. If \p length is greater
+ * than zero, \p output must be a writable buffer of at least
+ * that length.
+ * \param tag The buffer holding the authentication field. Must be a
+ * readable buffer of at least \p tag_len Bytes.
* \param tag_len The length of the authentication field to generate in Bytes:
* 0, 4, 6, 8, 10, 12, 14 or 16.
*
@@ -196,21 +211,28 @@
* \brief This function performs a CCM authenticated decryption of a
* buffer.
*
- * \param ctx The CCM context to use for decryption. Must not be \c NULL.
+ * \param ctx The CCM context to use for decryption. Must be an
+ * initialized context.
* \param length The length of the input data in Bytes.
- * \param iv Initialization vector (nonce). Must not be \c NULL.
+ * \param iv Initialization vector (nonce). Must be a readable buffer of
+ * at least \p iv_len Bytes.
* \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12,
* or 13. The length L of the message length field is
* 15 - \p iv_len.
- * \param add The additional data field. Must not be \c NULL.
+ * \param add The additional data field. If \p add_len is greater than
+ * zero, \p add must be a readable buffer of at least that
+ * length.
* \param add_len The length of additional data in Bytes.
* Must be less than 2^16 - 2^8.
- * \param input The buffer holding the input data. Must not be \c NULL.
- * \param output The buffer holding the output data.
- * Must be at least \p length Bytes wide.
- * \param tag The buffer holding the authentication field. Must not be
- * NULL.
- * \param tag_len The length of the authentication field in Bytes.
+ * \param input The buffer holding the input data. If \p length is greater
+ * than zero, \p input must be a readable buffer of at least
+ * that length.
+ * \param output The buffer holding the output data. If \p length is greater
+ * than zero, \p output must be a writable buffer of at least
+ * that length.
+ * \param tag The buffer holding the authentication field. Must be a
+ * readable buffer of at least \p tag_len Bytes.
+ * \param tag_len The length of the authentication field to generate in Bytes:
* 4, 6, 8, 10, 12, 14 or 16.
*
* \return \c 0 on success. This indicates that the message is authentic.
@@ -232,20 +254,27 @@
* this function as \p tag_len. (\p tag needs to be adjusted
* accordingly.)
*
- * \param ctx The CCM context to use for decryption. Must not be \c NULL.
+ * \param ctx The CCM context to use for decryption. Must be an
+ * initialized context.
* \param length The length of the input data in Bytes.
- * \param iv Initialization vector (nonce). Must not be \c NULL.
+ * \param iv Initialization vector (nonce). Must be a readable buffer of
+ * at least \p iv_len Bytes.
* \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12,
* or 13. The length L of the message length field is
* 15 - \p iv_len.
- * \param add The additional data field. Must not be \c NULL.
+ * \param add The additional data field. If \p add_len is greater than
+ * zero, \p add must be a readable buffer of at least that
+ * length.
* \param add_len The length of additional data in Bytes.
* Must be less than 2^16 - 2^8.
- * \param input The buffer holding the input data. Must not be \c NULL.
- * \param output The buffer holding the output data.
- * Must be at least \p length Bytes wide.
- * \param tag The buffer holding the authentication field. Must not be
- * NULL.
+ * \param input The buffer holding the input data. If \p length is greater
+ * than zero, \p input must be a readable buffer of at least
+ * that length.
+ * \param output The buffer holding the output data. If \p length is greater
+ * than zero, \p output must be a writable buffer of at least
+ * that length.
+ * \param tag The buffer holding the authentication field. Must be a
+ * readable buffer of at least \p tag_len Bytes.
* \param tag_len The length of the authentication field in Bytes.
* 0, 4, 6, 8, 10, 12, 14 or 16.
*