Unify the error checking of crypto::Encryptor and add WARN_UNUSED_RESULT to prevent misuse.

crypto/encryptor_win.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "crypto/encryptor.h"
 
 #include <string.h>
 
 #include "base/string_util.h"
 #include "crypto/symmetric_key.h"
@@ skipping 23 matching lines @@
       mode_(CBC),
       block_size_(0) {
 }
 
 Encryptor::~Encryptor() {
 }
 
 bool Encryptor::Init(SymmetricKey* key,
                      Mode mode,
                      const base::StringPiece& iv) {
-  DCHECK(key);
-  DCHECK_EQ(CBC, mode) << "Unsupported mode of operation";
+  DCHECK_EQ(CBC, mode);
+  if (!key)
+    return false;
 
   // In CryptoAPI, the IV, padding mode, and feedback register (for a chaining
   // mode) are properties of a key, so we have to create a copy of the key for
   // the Encryptor.  See the Remarks section of the CryptEncrypt MSDN page.
   BOOL ok = CryptDuplicateKey(key->key(), NULL, 0, capi_key_.receive());
   if (!ok)
     return false;
 
   // CRYPT_MODE_CBC is the default for Microsoft Base Cryptographic Provider,
   // but we set it anyway to be safe.
@@ skipping 19 matching lines @@
   ok = CryptSetKeyParam(capi_key_.get(), KP_PADDING,
                         reinterpret_cast<BYTE*>(&padding_method), 0);
   if (!ok)
     return false;
 
   return true;
 }
 
 bool Encryptor::Encrypt(const base::StringPiece& plaintext,
                         std::string* ciphertext) {
+  std::string result;
+  ciphertext->swap(result);
+  if (plaintext.empty() && mode_ != CBC)
+    return false;
+
   DWORD data_len = plaintext.size();
-  CHECK((data_len > 0u) || (mode_ == CBC));
   DWORD total_len = data_len + block_size_;
-  CHECK_GT(total_len, 0u);
-  CHECK_GT(total_len + 1, data_len);
+  if (total_len == 0 || total_len < data_len || total_len + 1 < data_len)
+    return false;
 
   // CryptoAPI encrypts/decrypts in place.
-  char* ciphertext_data = WriteInto(ciphertext, total_len + 1);
-  memcpy(ciphertext_data, plaintext.data(), data_len);
+  char* result_data = WriteInto(&result, total_len + 1);
+  memcpy(result_data, plaintext.data(), data_len);
 
   BOOL ok = CryptEncrypt(capi_key_.get(), NULL, TRUE, 0,
-                         reinterpret_cast<BYTE*>(ciphertext_data), &data_len,
+                         reinterpret_cast<BYTE*>(result_data), &data_len,
                          total_len);
-  if (!ok) {
-    ciphertext->clear();
+  if (!ok)
     return false;
-  }
 
-  ciphertext->resize(data_len);
+  result.resize(data_len);
+  ciphertext->swap(result);
   return true;
 }
 
 bool Encryptor::Decrypt(const base::StringPiece& ciphertext,
                         std::string* plaintext) {
+  std::string result;
+  plaintext->swap(result);
   DWORD data_len = ciphertext.size();
-  CHECK_GT(data_len, 0u);
-  CHECK_GT(data_len + 1, data_len);
+  if (data_len == 0 || data_len + 1 < data_len)
+    return false;
 
   // CryptoAPI encrypts/decrypts in place.
-  char* plaintext_data = WriteInto(plaintext, data_len + 1);
-  memcpy(plaintext_data, ciphertext.data(), data_len);
+  char* result_data = WriteInto(&result, data_len + 1);
+  memcpy(result_data, ciphertext.data(), data_len);
 
   BOOL ok = CryptDecrypt(capi_key_.get(), NULL, TRUE, 0,
-                         reinterpret_cast<BYTE*>(plaintext_data), &data_len);
-  if (!ok) {
-    plaintext->clear();
+                         reinterpret_cast<BYTE*>(result_data), &data_len);
+  if (!ok)
     return false;
-  }
 
-  plaintext->resize(data_len);
+  result.resize(data_len);
+  plaintext->swap(result);
   return true;
 }
 
 }  // namespace crypto