Ignore selection of other applets

Fixes #32

Author: BryanJacobs

requirements.txt

@@ -1,4 +1,4 @@
 fido2[pcsc]==1.1.2
-JPype1==1.4.1
+JPype1==1.5.0
 parameterized==0.9.0
 uhid==0.0.1

src/main/java/us/q3q/fido2/FIDO2Applet.java

@@ -4318,9 +4318,13 @@ private boolean streamOutgoingContinuation(APDU apdu, byte[] apduBytes, boolean
      * @param apdu Request/response context object
      */
     private void handleAppletSelect(APDU apdu) {
-        if (bufferManager == null) {
-            apdu.setIncomingAndReceive();
+        apdu.setIncomingAndReceive();
+
+        if (!JCSystem.getAID().equals(apdu.getBuffer(), apdu.getOffsetCdata(), (byte) apdu.getIncomingLength())) {
+            throwException(ISO7816.SW_FILE_NOT_FOUND);
+        }
 
+        if (bufferManager == null) {
             // There also might not be enough RAM, quite, if we allocate this during install while the app install
             // parameters array is held in memory...
             initTransientStorage(apdu);
@@ -4358,7 +4362,6 @@ private void handleAppletSelect(APDU apdu) {
         } else {
             sendByteArray(apdu, CannedCBOR.U2F_V2_RESPONSE, (short) CannedCBOR.U2F_V2_RESPONSE.length);
         }
-
     }
 
     /**

src/test/java/us/q3q/fido2/AppletBasicTest.java

@@ -23,6 +23,7 @@ public class AppletBasicTest {
 
     CardSimulator simulator;
     AID appletAID = AIDUtil.create("F000000001");
+    AID randoAID = AIDUtil.create("F100900001");
 
     @BeforeEach
     public void setupApplet() {
@@ -42,15 +43,10 @@ private ResponseAPDU sendCTAP(String hexCommand) {
         return sendCTAP(bparams);
     }
 
-    private ResponseAPDU send(int... params) {
-        byte[] bparams = new byte[params.length];
-        for (int i = 0; i < params.length; i++) {
-            bparams[i] = (byte) params[i];
-        }
+    private ResponseAPDU send(byte[] bparams) {
         CommandAPDU commandAPDU = new CommandAPDU(bparams);
         ResponseAPDU response = simulator.transmitCommand(commandAPDU);
 
-
         ArrayList<ResponseAPDU> prevResponses = new ArrayList<>();
         int totalResponseLen = response.getNr();
         prevResponses.add(response);
@@ -79,6 +75,15 @@ private ResponseAPDU send(int... params) {
         return new ResponseAPDU(combinedBB);
     }
 
+    private ResponseAPDU send(int... params) {
+        byte[] bparams = new byte[params.length];
+        for (int i = 0; i < params.length; i++) {
+            bparams[i] = (byte) params[i];
+        }
+
+        return send(bparams);
+    }
+
     private ResponseAPDU sendCTAP(int... vals) {
         boolean shortLen = vals.length <= 255;
         int[] framedVals = new int[vals.length + (shortLen ? 6 : 7)]; // Hmm, why isn't this 8 for extended length?
@@ -150,4 +155,15 @@ public void checkVersionInSelectionResponse() {
         assertEquals("FIDO_2_0", new String(respWithoutStatus));
     }
 
+    @Test
+    public void checkIgnoreSelectingIncorrectAID() {
+        byte[] resp = simulator.selectAppletWithResult(appletAID);
+        short recvdStatus = (short) (resp[resp.length - 2] * 256 + resp[resp.length - 1]);
+
+        assertEquals(ISO7816.SW_NO_ERROR, recvdStatus);
+
+        ResponseAPDU responseAPDU = send(AIDUtil.select(randoAID));
+        assertEquals(ISO7816.SW_FILE_NOT_FOUND, responseAPDU.getSW());
+    }
+
 }