Make all parameter validation tests optional
diff --git a/library/cipher.c b/library/cipher.c
index d2078f6..c45a1a4 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -181,8 +181,8 @@
 
 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info )
 {
-    if( NULL == cipher_info || NULL == ctx )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    CIPHER_VALIDATE_RET( ctx != NULL );
+    CIPHER_VALIDATE_RET( cipher_info != NULL );
 
     memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
 
@@ -210,12 +210,12 @@
                            int key_bitlen,
                            const mbedtls_operation_t operation )
 {
+    CIPHER_VALIDATE_RET( ctx != NULL );
+    CIPHER_VALIDATE_RET( ctx->cipher_info != NULL );
+    CIPHER_VALIDATE_RET( key != NULL );
     CIPHER_VALIDATE_RET( operation == MBEDTLS_ENCRYPT ||
                          operation == MBEDTLS_DECRYPT );
 
-    if( NULL == ctx || NULL == ctx->cipher_info )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
     if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
         (int) ctx->cipher_info->key_bitlen != key_bitlen )
     {
@@ -250,10 +250,9 @@
 {
     size_t actual_iv_size;
 
-    if( NULL == ctx || NULL == ctx->cipher_info )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    else if( NULL == iv && iv_len != 0  )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    CIPHER_VALIDATE_RET( ctx != NULL );
+    CIPHER_VALIDATE_RET( ctx->cipher_info != NULL );
+    CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
 
     if( NULL == iv && iv_len == 0 )
         ctx->iv_size = 0;
@@ -296,8 +295,8 @@
 
 int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx )
 {
-    if( NULL == ctx || NULL == ctx->cipher_info )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    CIPHER_VALIDATE_RET( ctx != NULL );
+    CIPHER_VALIDATE_RET( ctx->cipher_info != NULL );
 
     ctx->unprocessed_len = 0;
 
@@ -308,11 +307,10 @@
 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
                       const unsigned char *ad, size_t ad_len )
 {
+    CIPHER_VALIDATE_RET( ctx != NULL );
+    CIPHER_VALIDATE_RET( ctx->cipher_info != NULL );
     CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
 
-    if( NULL == ctx || NULL == ctx->cipher_info )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
 #if defined(MBEDTLS_GCM_C)
     if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
     {
@@ -352,15 +350,12 @@
     int ret;
     size_t block_size;
 
+    CIPHER_VALIDATE_RET( ctx != NULL );
+    CIPHER_VALIDATE_RET( ctx->cipher_info != NULL );
     CIPHER_VALIDATE_RET( input != NULL );
     CIPHER_VALIDATE_RET( output != NULL );
     CIPHER_VALIDATE_RET( olen != NULL );
 
-    if( NULL == ctx || NULL == ctx->cipher_info )
-    {
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    }
-
     *olen = 0;
     block_size = mbedtls_cipher_get_block_size( ctx );
 
@@ -764,12 +759,11 @@
 int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
                    unsigned char *output, size_t *olen )
 {
+    CIPHER_VALIDATE_RET( ctx != NULL );
+    CIPHER_VALIDATE_RET( ctx->cipher_info != NULL );
     CIPHER_VALIDATE_RET( output != NULL );
     CIPHER_VALIDATE_RET( olen != NULL );
 
-    if( NULL == ctx || NULL == ctx->cipher_info )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
     *olen = 0;
 
     if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
@@ -906,11 +900,10 @@
 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
                       unsigned char *tag, size_t tag_len )
 {
+    CIPHER_VALIDATE_RET( ctx != NULL );
+    CIPHER_VALIDATE_RET( ctx->cipher_info != NULL );
     CIPHER_VALIDATE_RET( tag != NULL );
 
-    if( NULL == ctx || NULL == ctx->cipher_info )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
     if( MBEDTLS_ENCRYPT != ctx->operation )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
@@ -940,10 +933,11 @@
     unsigned char check_tag[16];
     int ret;
 
+    CIPHER_VALIDATE_RET( ctx != NULL );
+    CIPHER_VALIDATE_RET( ctx->cipher_info != NULL );
     CIPHER_VALIDATE_RET( tag != NULL );
 
-    if( NULL == ctx || NULL == ctx->cipher_info ||
-        MBEDTLS_DECRYPT != ctx->operation )
+    if( MBEDTLS_DECRYPT != ctx->operation )
     {
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
     }
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 3d559a3..dd997b0 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -25,9 +25,6 @@
 void cipher_null_args(  )
 {
     mbedtls_cipher_context_t ctx;
-    const mbedtls_cipher_info_t *info = mbedtls_cipher_info_from_type( *( mbedtls_cipher_list() ) );
-    unsigned char buf[1] = { 0 };
-    size_t olen;
 
     mbedtls_cipher_init( &ctx );
 
@@ -41,53 +38,6 @@
     TEST_ASSERT( mbedtls_cipher_get_iv_size( &ctx ) == 0 );
 
     TEST_ASSERT( mbedtls_cipher_info_from_string( NULL ) == NULL );
-
-    TEST_ASSERT( mbedtls_cipher_setup( &ctx, NULL )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_cipher_setup( NULL, info )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_setkey( NULL, buf, 0, MBEDTLS_ENCRYPT )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_cipher_setkey( &ctx, buf, 0, MBEDTLS_ENCRYPT )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_set_iv( NULL, buf, 0 )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, buf, 0 )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_reset( NULL ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_cipher_reset( &ctx ) == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( mbedtls_cipher_update_ad( NULL, buf, 0 )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_cipher_update_ad( &ctx, buf, 0 )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-#endif
-
-    TEST_ASSERT( mbedtls_cipher_update( NULL, buf, 0, buf, &olen )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_cipher_update( &ctx, buf, 0, buf, &olen )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_finish( NULL, buf, &olen )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_cipher_finish( &ctx, buf, &olen )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
-    TEST_ASSERT( mbedtls_cipher_write_tag( NULL, buf, olen )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_cipher_write_tag( &ctx, buf, olen )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
-    TEST_ASSERT( mbedtls_cipher_check_tag( NULL, buf, olen )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-    TEST_ASSERT( mbedtls_cipher_check_tag( &ctx, buf, olen )
-                 == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-#endif
 }
 /* END_CASE */
 
@@ -97,11 +47,15 @@
     mbedtls_cipher_context_t invalid_ctx;
     mbedtls_cipher_context_t valid_ctx;
 
+    mbedtls_operation_t valid_operation = MBEDTLS_ENCRYPT;
     mbedtls_operation_t invalid_operation = 100;
     mbedtls_cipher_padding_t valid_mode = MBEDTLS_PADDING_ZEROS;
     unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
     int valid_size = sizeof(valid_buffer);
     int valid_bitlen = valid_size * 8;
+    const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type(
+        *( mbedtls_cipher_list() ) );
+
     size_t size_t_var;
 
     /* mbedtls_cipher_init() */
@@ -110,24 +64,108 @@
 
     TEST_INVALID_PARAM( mbedtls_cipher_init( NULL ) );
 
+    /* mbedtls_cipher_setup() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_setup( NULL, valid_info ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_setup( &valid_ctx, NULL ) );
+
     /* mbedtls_cipher_setkey() */
     TEST_INVALID_PARAM_RET(
         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_setkey( NULL,
+                               valid_buffer,
+                               valid_bitlen,
+                               valid_operation ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_setkey( &invalid_ctx,
+                               valid_buffer,
+                               valid_bitlen,
+                               valid_operation ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_setkey( &valid_ctx,
+                               NULL,
+                               valid_bitlen,
+                               valid_operation ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
         mbedtls_cipher_setkey( &valid_ctx,
                                valid_buffer,
                                valid_bitlen,
                                invalid_operation ) );
 
+    /* mbedtls_cipher_set_iv() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_set_iv( NULL,
+                               valid_buffer,
+                               valid_size ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_set_iv( &invalid_ctx,
+                               valid_buffer,
+                               valid_size ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_set_iv( &valid_ctx,
+                               NULL,
+                               valid_size ) );
+
+    /* mbedtls_cipher_reset() */
+    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+                            mbedtls_cipher_reset( NULL ) );
+    TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+                            mbedtls_cipher_reset( &invalid_ctx ) );
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
+    /* mbedtls_cipher_update_ad() */
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update_ad( NULL,
+                                  valid_buffer,
+                                  valid_size ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update_ad( &invalid_ctx,
+                                  valid_buffer,
+                                  valid_size ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update_ad( &valid_ctx,
+                                  NULL,
+                                  valid_size ) );
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
     /* mbedtls_cipher_set_padding_mode() */
     TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
                             mbedtls_cipher_set_padding_mode( NULL, valid_mode ) );
     TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
                             mbedtls_cipher_set_padding_mode( &invalid_ctx,
                                                              valid_mode ) );
+#endif
 
     /* mbedtls_cipher_update() */
     TEST_INVALID_PARAM_RET(
         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update( NULL,
+                               valid_buffer,
+                               valid_size,
+                               valid_buffer,
+                               &size_t_var ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_update( &invalid_ctx,
+                               valid_buffer,
+                               valid_size,
+                               valid_buffer,
+                               &size_t_var ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
         mbedtls_cipher_update( &valid_ctx,
                                NULL, valid_size,
                                valid_buffer,
@@ -148,6 +186,16 @@
     /* mbedtls_cipher_finish() */
     TEST_INVALID_PARAM_RET(
         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_finish( NULL,
+                               valid_buffer,
+                               &size_t_var ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_finish( &invalid_ctx,
+                               valid_buffer,
+                               &size_t_var ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
         mbedtls_cipher_finish( &valid_ctx,
                                NULL,
                                &size_t_var ) );
@@ -157,9 +205,20 @@
                                valid_buffer,
                                NULL ) );
 
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
     /* mbedtls_cipher_write_tag() */
     TEST_INVALID_PARAM_RET(
         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_write_tag( NULL,
+                                  valid_buffer,
+                                  valid_size ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_write_tag( &invalid_ctx,
+                                  valid_buffer,
+                                  valid_size ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
         mbedtls_cipher_write_tag( &valid_ctx,
                                   NULL,
                                   valid_size ) );
@@ -167,9 +226,20 @@
     /* mbedtls_cipher_check_tag() */
     TEST_INVALID_PARAM_RET(
         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_check_tag( NULL,
+                                  valid_buffer,
+                                  valid_size ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+        mbedtls_cipher_check_tag( &invalid_ctx,
+                                  valid_buffer,
+                                  valid_size ) );
+    TEST_INVALID_PARAM_RET(
+        MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
         mbedtls_cipher_check_tag( &valid_ctx,
                                   NULL,
                                   valid_size ) );
+#endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */
 
     /* mbedtls_cipher_crypt() */
     TEST_INVALID_PARAM_RET(
@@ -209,6 +279,7 @@
                               valid_buffer, valid_size,
                               valid_buffer, NULL ) );
 
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
     /* mbedtls_cipher_auth_encrypt() */
     TEST_INVALID_PARAM_RET(
         MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
@@ -340,6 +411,7 @@
                                      valid_buffer, valid_size,
                                      valid_buffer, &size_t_var,
                                      NULL, valid_size ) );
+#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */
 
     /* mbedtls_cipher_free() */
     TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) );