Fix ECDSA upcalls from TLS/SSL into JCA.

When BoringSSL/OpenSSL TLS/SSL stack operates on opaque private keys
(those that don't expose their key material) it upcalls (via
Conscrypt's NativeCrypto) into corresponding JCA Signature and Cipher
primitives.

This fixes a crash in the ECDSA upcall when Conscrypt is used with
BoringSSL.

Bug: 21738458
Change-Id: I51645bd93f965fe7fcabe45e87276d533513b378
diff --git a/src/main/native/org_conscrypt_NativeCrypto.cpp b/src/main/native/org_conscrypt_NativeCrypto.cpp
index 2087da2..051301d 100644
--- a/src/main/native/org_conscrypt_NativeCrypto.cpp
+++ b/src/main/native/org_conscrypt_NativeCrypto.cpp
@@ -3039,6 +3039,13 @@
     KeyExData* ex_data = new KeyExData;
     ex_data->private_key = env->NewGlobalRef(javaKey);
 
+    if (!EC_KEY_set_ex_data(ecKey.get(), g_ecdsa_exdata_index, ex_data)) {
+        env->DeleteGlobalRef(ex_data->private_key);
+        delete ex_data;
+        jniThrowRuntimeException(env, "EC_KEY_set_ex_data");
+        return 0;
+    }
+
     BIGNUM order;
     BN_init(&order);
     if (!EC_GROUP_get_order(group, &order, NULL)) {