Force use of FIDO AID

BryanJacobs · BryanJacobs · commit 8a7e18a79c21 · 2024-07-14T03:35:53.000+10:00
Some cards apparently don't support checking their own applet ID...
diff --git a/src/main/java/us/q3q/fido2/FIDO2Applet.java b/src/main/java/us/q3q/fido2/FIDO2Applet.java
@@ -15,6 +15,15 @@ public final class FIDO2Applet extends Applet implements ExtendedLength {
      * The version of this applet in use
      */
     private static final byte FIRMWARE_VERSION = 0x04;
+
+    /**
+     * The AID to which this applet should respond (ignoring any other AIDs sent to it)
+     */
+    private static final byte[] AID = {
+            (byte) 0xA0, 0x00, 0x00, 0x06, 0x47,
+            0x2F, 0x00, 0x01
+    };
+
     // Configurable parameters
     /**
      * If set, use low-security keys for everything, to fully comply with the FIDO standards without alwaysUv
@@ -4320,7 +4329,8 @@ private boolean streamOutgoingContinuation(APDU apdu, byte[] apduBytes, boolean
     private void handleAppletSelect(APDU apdu) {
         apdu.setIncomingAndReceive();
 
-        if (!JCSystem.getAID().equals(apdu.getBuffer(), apdu.getOffsetCdata(), (byte) apdu.getIncomingLength())) {
+        if (Util.arrayCompare(AID, (short) 0,
+                apdu.getBuffer(), apdu.getOffsetCdata(), apdu.getIncomingLength()) != 0) {
             throwException(ISO7816.SW_FILE_NOT_FOUND);
         }
 
diff --git a/src/test/java/us/q3q/fido2/AppletBasicTest.java b/src/test/java/us/q3q/fido2/AppletBasicTest.java
@@ -22,7 +22,7 @@
 public class AppletBasicTest {
 
     CardSimulator simulator;
-    AID appletAID = AIDUtil.create("F000000001");
+    AID appletAID = AIDUtil.create("A0000006472F0001");
     AID randoAID = AIDUtil.create("F100900001");
 
     @BeforeEach
