JNI: return NULL from getAvailableCipherSuitesIana when no ciphers available

Author: cconlon

native/com_wolfssl_WolfSSL.c

@@ -2237,6 +2237,11 @@ JNIEXPORT jstring JNICALL Java_com_wolfssl_WolfSSL_getAvailableCipherSuitesIana
     }
 
     numCiphers = sk_num(supportedCiphers);
+    if (numCiphers == 0) {
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return NULL;
+    }
 
     for (i = 0; i < numCiphers; i++) {
         cipher = (const WOLFSSL_CIPHER*)sk_value(supportedCiphers, i);

src/test/com/wolfssl/test/WolfSSLTest.java

@@ -214,6 +214,32 @@ public void testGetCiphersAvailableIana() {
             fail("available ciphers array length was zero");
         }
 
+        /* Test all protocol versions. For each, if a non-null list is returned
+         * it must not be empty and must not contain empty strings. A null
+         * return is acceptable for protocol versions not compiled into native
+         * wolfSSL. */
+        for (WolfSSL.TLS_VERSION ver : WolfSSL.TLS_VERSION.values()) {
+            if (ver == WolfSSL.TLS_VERSION.INVALID) {
+                continue;
+            }
+            String[] verCiphers = WolfSSL.getCiphersAvailableIana(ver);
+            if (verCiphers != null) {
+                if (verCiphers.length == 0) {
+                    System.out.println("\t... failed");
+                    fail("getCiphersAvailableIana(" + ver +
+                        ") returned empty array");
+                }
+                for (int i = 0; i < verCiphers.length; i++) {
+                    if (verCiphers[i] == null ||
+                        verCiphers[i].isEmpty()) {
+                        System.out.println("\t... failed");
+                        fail("getCiphersAvailableIana(" + ver +
+                            ") contains null/empty cipher at index " + i);
+                    }
+                }
+            }
+        }
+
         System.out.println("\t... passed");
     }