Unify the error checking of crypto::Encryptor and add WARN_UNUSED_RESULT to prevent misuse.

crypto/encryptor_nss.cc

Index: crypto/encryptor_nss.cc
diff --git a/crypto/encryptor_nss.cc b/crypto/encryptor_nss.cc
index cf4fa2a78d4ca04486940ca5d5ec8c27d85df9ef..320931e178ec70b48d03908489356b875bec749a 100644
--- a/crypto/encryptor_nss.cc
+++ b/crypto/encryptor_nss.cc
@@ -8,6 +8,7 @@
 #include <vector>
 
 #include "base/logging.h"
+#include "base/string_util.h"
 #include "crypto/nss_util.h"
 #include "crypto/symmetric_key.h"
 
@@ -44,8 +45,9 @@ Encryptor::~Encryptor() {
 bool Encryptor::Init(SymmetricKey* key,
                      Mode mode,
                      const base::StringPiece& iv) {
-  DCHECK(key);
-  DCHECK(CBC == mode || CTR == mode) << "Unsupported mode of operation";
+  DCHECK(CBC == mode || CTR == mode);
+  if (!key)
+    return false;
 
   key_ = key;
   mode_ = mode;
@@ -77,7 +79,9 @@ bool Encryptor::Init(SymmetricKey* key,
 
 bool Encryptor::Encrypt(const base::StringPiece& plaintext,
                         std::string* ciphertext) {
-  CHECK(!plaintext.empty() || (mode_ == CBC));
+  if (plaintext.empty() && mode_ != CBC)
+    return false;
+
   ScopedPK11Context context(PK11_CreateContextBySymKey(GetMechanism(mode_),
                                                        CKA_ENCRYPT,
                                                        key_->key(),
@@ -92,7 +96,9 @@ bool Encryptor::Encrypt(const base::StringPiece& plaintext,
 
 bool Encryptor::Decrypt(const base::StringPiece& ciphertext,
                         std::string* plaintext) {
-  CHECK(!ciphertext.empty());
+  if (ciphertext.empty())
+    return false;
+
   ScopedPK11Context context(PK11_CreateContextBySymKey(
       GetMechanism(mode_), (mode_ == CTR ? CKA_ENCRYPT : CKA_DECRYPT),
       key_->key(), param_.get()));
@@ -108,38 +114,26 @@ bool Encryptor::Crypt(PK11Context* context,
                       const base::StringPiece& input,
                       std::string* output) {
   size_t output_len = input.size() + AES_BLOCK_SIZE;
-  CHECK_GT(output_len, input.size());
-
-  output->resize(output_len);
-  uint8* output_data =
-      reinterpret_cast<uint8*>(const_cast<char*>(output->data()));
+  if (output_len == 0 || output_len + 1 < input.size())
+    return false;
 
   int input_len = input.size();
   uint8* input_data =
       reinterpret_cast<uint8*>(const_cast<char*>(input.data()));
+  uint8* output_data =
+      reinterpret_cast<uint8*>(WriteInto(output, output_len + 1));
 
   int op_len;
-  SECStatus rv = PK11_CipherOp(context,
-                               output_data,
-                               &op_len,
-                               output_len,
-                               input_data,
-                               input_len);
-
-  if (SECSuccess != rv) {
-    output->clear();
+  SECStatus rv = PK11_CipherOp(context, output_data, &op_len, output_len,
+                               input_data, input_len);
+  if (SECSuccess != rv)
     return false;
-  }
 
   unsigned int digest_len;
-  rv = PK11_DigestFinal(context,
-                        output_data + op_len,
-                        &digest_len,
+  rv = PK11_DigestFinal(context, output_data + op_len, &digest_len,
                         output_len - op_len);
-  if (SECSuccess != rv) {
-    output->clear();
+  if (SECSuccess != rv)
     return false;
-  }
 
   output->resize(op_len + digest_len);
   return true;
@@ -155,10 +149,11 @@ bool Encryptor::CryptCTR(PK11Context* context,
 
   size_t output_len = ((input.size() + AES_BLOCK_SIZE - 1) / AES_BLOCK_SIZE) *
       AES_BLOCK_SIZE;
-  CHECK_GE(output_len, input.size());
-  output->resize(output_len);
+  if (output_len == 0 || output_len + 1 < input.size())
+    return false;
+
   uint8* output_data =
-      reinterpret_cast<uint8*>(const_cast<char*>(output->data()));
+      reinterpret_cast<uint8*>(WriteInto(output, output_len + 1));
 
   size_t mask_len;
   bool ret = GenerateCounterMask(input.size(), output_data, &mask_len);
@@ -167,30 +162,22 @@ bool Encryptor::CryptCTR(PK11Context* context,
 
   CHECK_EQ(mask_len, output_len);
   int op_len;
-  SECStatus rv = PK11_CipherOp(context,
-                               output_data,
-                               &op_len,
-                               output_len,
-                               output_data,
-                               mask_len);
+  SECStatus rv = PK11_CipherOp(context, output_data, &op_len, output_len,
+                               output_data, mask_len);
   if (SECSuccess != rv)
     return false;
   CHECK_EQ(static_cast<int>(mask_len), op_len);
 
   unsigned int digest_len;
-  rv = PK11_DigestFinal(context,
-                        NULL,
-                        &digest_len,
-                        0);
+  rv = PK11_DigestFinal(context, NULL, &digest_len, 0);
   if (SECSuccess != rv)
     return false;
   CHECK(!digest_len);
 
   // Use |output_data| to mask |input|.
-  MaskMessage(
-      reinterpret_cast<uint8*>(const_cast<char*>(input.data())),
-      input.length(), output_data, output_data);
-  output->resize(input.length());
+  MaskMessage(reinterpret_cast<uint8*>(const_cast<char*>(input.data())),
+              input.size(), output_data, output_data);
+  output->resize(input.size());
   return true;
 }