Align EVP return values with BoringSSL convention.
Where possible, functions should return one for success and zero for
error. The use of additional negative values to indicate an error is,
itself, error prone.
This change fixes many EVP functions to remove the possibility of
negative return values. Existing code that is testing for <= 0 will
continue to function, although there is the possibility that some code
was differentiating between negative values (error) and zero (invalid
signature) for the verify functions and will now show the wrong error
message.
Change-Id: I982512596bb18a82df65861394dbd7487783bd3d
Reviewed-on: https://boringssl-review.googlesource.com/1333
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 821bb1b..9cc465d 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h
@@ -93,7 +93,9 @@
* for |e|. If |cb| is not NULL then it is called during the key generation
* process. In addition to the calls documented for |BN_generate_prime_ex|, it
* is called with event=2 when the n'th prime is rejected as unsuitable and
- * with event=3 when a suitable value for |p| is found. */
+ * with event=3 when a suitable value for |p| is found.
+ *
+ * It returns one on success or zero on error. */
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
