Merge pull request #5041 from embhorn/zd13969

Add ability to set ECC Sign userCTX using WOLFSSL_CTX

doc/dox_comments/header_files/ssl.h

@@ -8578,7 +8578,8 @@ void  wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb);
 
     \return none No returns.
 
-    \param none No parameters.
+    \param ssl a pointer to a WOLFSSL object, created using wolfSSL_new().
+    \param ctx a pointer to the user context to be stored
 
     _Example_
     \code
@@ -8598,7 +8599,7 @@ void  wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx);
     to the context.
     \return NULL will be returned for a blank context.
 
-    \param none No parameters.
+    \param ssl a pointer to a WOLFSSL object, created using wolfSSL_new().
 
     _Example_
     \code
@@ -8610,6 +8611,47 @@ void  wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx);
 */
 void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl);
 
+/*!
+    \brief Allows caller to set the Public Key Ecc Signing Callback
+    Context to ctx.
+
+    \return none No returns.
+
+    \param ctx a pointer to a WOLFSSL_CTX structure, created
+    with wolfSSL_CTX_new().
+    \param ctx a pointer to the user context to be stored
+
+    _Example_
+    \code
+    none
+    \endcode
+
+    \sa wolfSSL_CTX_SetEccSignCb
+    \sa wolfSSL_CTX_GetEccSignCtx
+*/
+void  wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX* ctx, void *userCtx);
+
+/*!
+    \brief Allows caller to retrieve the Public Key Ecc Signing Callback
+    Context previously stored with wolfSSL_SetEccSignCtx().
+
+    \return pointer If successful the call will return a valid pointer
+    to the context.
+    \return NULL will be returned for a blank context.
+
+    \param ctx a pointer to a WOLFSSL_CTX structure, created
+    with wolfSSL_CTX_new().
+
+    _Example_
+    \code
+    none
+    \endcode
+
+    \sa wolfSSL_CTX_SetEccSignCb
+    \sa wolfSSL_CTX_SetEccSignCtx
+*/
+void* wolfSSL_CTX_GetEccSignCtx(WOLFSSL_CTX* ctx);
+
 /*!
     \brief Allows caller to set the Public Key Callback for ECC Verification.
     The callback should return 0 for success or < 0 for an error.

src/internal.c

@@ -4658,6 +4658,10 @@ int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
 #if defined(HAVE_PK_CALLBACKS)
     if (ssl->ctx->EccSignCb) {
         void* ctx = wolfSSL_GetEccSignCtx(ssl);
+        if (ctx == NULL) {
+            /* Try to get the WOLFSSL_CTX EccSignCtx*/
+            ctx = wolfSSL_CTX_GetEccSignCtx(ssl->ctx);
+        }
         ret = ssl->ctx->EccSignCb(ssl, in, inSz, out, outSz, keyBuf,
             keySz, ctx);
     }

src/ssl.c

@@ -35848,6 +35848,18 @@ void* wolfSSL_GetEccKeyGenCtx(WOLFSSL* ssl)
 
     return NULL;
 }
+void  wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX* ctx, void *userCtx)
+{
+    if (ctx)
+        ctx->EccSignCtx = userCtx;
+}
+void* wolfSSL_CTX_GetEccSignCtx(WOLFSSL_CTX* ctx)
+{
+    if (ctx)
+        return ctx->EccSignCtx;
+
+    return NULL;
+}
 
 WOLFSSL_ABI
 void  wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb)

wolfssl/internal.h

@@ -3018,6 +3018,7 @@ struct WOLFSSL_CTX {
     #ifdef HAVE_ECC
         CallbackEccKeyGen EccKeyGenCb;  /* User EccKeyGen Callback Handler */
         CallbackEccSign   EccSignCb;    /* User EccSign   Callback handler */
+        void*             EccSignCtx;   /* Ecc Sign       Callback Context */
         CallbackEccVerify EccVerifyCb;  /* User EccVerify Callback handler */
         CallbackEccSharedSecret EccSharedSecretCb; /* User EccVerify Callback handler */
     #endif /* HAVE_ECC */

wolfssl/ssl.h

@@ -3130,6 +3130,8 @@ WOLFSSL_ABI WOLFSSL_API void  wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx,
                                                                CallbackEccSign cb);
 WOLFSSL_API void  wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx);
 WOLFSSL_API void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl);
+WOLFSSL_API void  wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX* ctx, void *userCtx);
+WOLFSSL_API void* wolfSSL_CTX_GetEccSignCtx(WOLFSSL_CTX* ctx);
 
 typedef int (*CallbackEccVerify)(WOLFSSL* ssl,
        const unsigned char* sig, unsigned int sigSz,