Avoid erroring on incoming long AIDs

Author: BryanJacobs

src/main/java/us/q3q/fido2/FIDO2Applet.java

@@ -4329,7 +4329,7 @@ private boolean streamOutgoingContinuation(APDU apdu, byte[] apduBytes, boolean
     private void handleAppletSelect(APDU apdu) {
         apdu.setIncomingAndReceive();
 
-        if (Util.arrayCompare(AID, (short) 0,
+        if (apdu.getIncomingLength() != AID.length || Util.arrayCompare(AID, (short) 0,
                 apdu.getBuffer(), apdu.getOffsetCdata(), apdu.getIncomingLength()) != 0) {
             throwException(ISO7816.SW_FILE_NOT_FOUND);
         }

src/test/java/us/q3q/fido2/AppletBasicTest.java

@@ -24,6 +24,7 @@ public class AppletBasicTest {
     CardSimulator simulator;
     AID appletAID = AIDUtil.create("A0000006472F0001");
     AID randoAID = AIDUtil.create("F100900001");
+    AID randoLongAID = AIDUtil.create("F100900001AAAAAAAAAAAA");
 
     @BeforeEach
     public void setupApplet() {
@@ -166,4 +167,15 @@ public void checkIgnoreSelectingIncorrectAID() {
         assertEquals(ISO7816.SW_FILE_NOT_FOUND, responseAPDU.getSW());
     }
 
+    @Test
+    public void checkIgnoreSelectingIncorrectLongAID() {
+        byte[] resp = simulator.selectAppletWithResult(appletAID);
+        short recvdStatus = (short) (resp[resp.length - 2] * 256 + resp[resp.length - 1]);
+
+        assertEquals(ISO7816.SW_NO_ERROR, recvdStatus);
+
+        ResponseAPDU responseAPDU = send(AIDUtil.select(randoLongAID));
+        assertEquals(ISO7816.SW_FILE_NOT_FOUND, responseAPDU.getSW());
+    }
+
 }