From 4e42412ea244052fce5982705d6f8e533cef46ca Mon Sep 17 00:00:00 2001
From: Dominik Hofer <dominik.hofer@bfh.ch>
Date: Sat, 28 Dec 2019 14:45:55 +0100
Subject: Added checksum comparsion

---
 src/main.c | 52 +++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 49 insertions(+), 3 deletions(-)

diff --git a/src/main.c b/src/main.c
index 1ff0255..9c4edac 100644
--- a/src/main.c
+++ b/src/main.c
@@ -182,6 +182,9 @@ along with
 
 /* Reader commands */
 
+/* Reader Not Acknowledge */
+#define READER_NACK "FF"
+
 /* Config Data */
 /* Refer to the mdb interface specifications v4.2 p.288 */
 #define READER_CONFIG "01"
@@ -195,7 +198,7 @@ along with
 /* Session Commands */
 /* Refer to the mdb interface specifications v4.2 p.131 */
 #define READER_BEGIN_SESSION "03"
-#define READER_FUNDS_AVAILABLE "00A0"
+#define READER_FUNDS_AVAILABLE "000A"
 #define READER_END_SESSION "07"
 
 /* Vend Commands */
@@ -574,6 +577,10 @@ static struct MdbCommand revalueApproved;
  */
 static struct MdbCommand revalueAmount;
 
+/**
+ * Send NACK 
+ */
+static struct MdbCommand readerNACK;
 /**
  * Terminate session.
  */
@@ -1880,6 +1887,8 @@ handle_command (const char *hex,
                 size_t hex_len)
 {
   unsigned int cmd;
+	unsigned int tmp = 0;
+	uint32_t chkSum;
 
   /* if the received command is 0 or not a multiple of 2 we cannot parse it */
   if (0 == hex_len)
@@ -1894,7 +1903,7 @@ handle_command (const char *hex,
     return;
   }
   /* convert the received 2 bytes from ASCII to hex */
-  if (1 != sscanf (hex,
+	if (1 != sscanf (hex,
                    "%2X",
                    &cmd))
   {
@@ -1905,7 +1914,39 @@ handle_command (const char *hex,
     GNUNET_break_op (0);
     return;
   }
-  /* parse the first byte (cmd) and the second byte (subcmd) */
+	
+  /* Calculate the checksum and check it */
+	if (2 < hex_len)
+	{
+		chkSum = cmd;
+
+  	for( size_t offset = 1; offset < ((hex_len / 2)); offset++ ){
+			chkSum += tmp;
+			if (1 != sscanf (hex + (2 * offset),
+  	                 "%2X",
+  	                 &tmp))
+  		{
+  	  GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+  	              "Received non-HEX input `%.*s'\n",
+  	              (int) hex_len,
+  	              hex);
+  	  GNUNET_break_op (0);
+  	  return;
+  		}
+		}
+		if ( ((uint8_t) (chkSum & 0xFF)) != tmp )
+		{
+			mdb.cmd = &denyVend;
+			GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+  	              "Received command with wrong checksum `%.*s'\n",
+  	              (int) hex_len,
+  	              hex);
+  	  return;
+
+		}
+	}
+
+	  /* parse the first byte (cmd) and the second byte (subcmd) */
   switch (cmd)
   {
   case VMC_VEND:
@@ -2892,6 +2933,11 @@ main (int argc,
                                  READER_REVALUE_LIMIT,
                                  READER_REVALUE_LIMIT_AMOUNT);
 
+	readerNACK = setup_mdb_cmd ("Reader NACK",
+                                 READER_NACK,
+                                 NULL);
+
+
   ret = GNUNET_PROGRAM_run (argc,
                             argv,
                             "taler-mdb",
-- 
cgit v1.2.3