Forbid passing NULL input buffers to RSA encryption routines
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 5171fc9..bec74a9 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -601,8 +601,7 @@
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
* \param ilen The length of the plaintext in Bytes.
* \param input The input data to encrypt. This must be a readable
- * buffer of size \p ilen Bytes. It may be \c NULL if
- * `ilen == 0`.
+ * buffer of size \p ilen Bytes. This must not be \c NULL.
* \param output The output buffer. This must be a writable buffer
* of length \c ctx->len Bytes. For example, \c 256 Bytes
* for an 2048-bit RSA modulus.
@@ -642,8 +641,7 @@
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
* \param ilen The length of the plaintext in Bytes.
* \param input The input data to encrypt. This must be a readable
- * buffer of size \p ilen Bytes. It may be \c NULL if
- * `ilen == 0`.
+ * buffer of size \p ilen Bytes. This must not be \c NULL.
* \param output The output buffer. This must be a writable buffer
* of length \c ctx->len Bytes. For example, \c 256 Bytes
* for an 2048-bit RSA modulus.
@@ -687,8 +685,7 @@
* \param label_len The length of the label in Bytes.
* \param ilen The length of the plaintext buffer \p input in Bytes.
* \param input The input data to encrypt. This must be a readable
- * buffer of size \p ilen Bytes. It may be \c NULL if
- * `ilen == 0`.
+ * buffer of size \p ilen Bytes. This must not be \c NULL.
* \param output The output buffer. This must be a writable buffer
* of length \c ctx->len Bytes. For example, \c 256 Bytes
* for an 2048-bit RSA modulus.