By Michael Vincent (michael@radicalsoft.org)
January 28, 2003

Actions of the Testguard app:
-----------------------------


The teacher's calculator sends a packet to check for a connected calculator.

The student calculator must acknowledge (0x73, 0x56, 0x00, 0x00)

Teacher calc sends program (protected) TESTASM. Upon student calc acknowledge, it then sends program EXEC. Then the student calc acknowledges.

The teacher calc sends a command to run program EXEC. This contains Asm(prgmTESTASM).

TESTASM then runs:

Note that the password is at a fixed location...9DC7h, and null terminated.

TESTASM process (on student calc):

1. It looks up TESTASM via _ChkFindSym. Note that it assumes that it exists, no check for the carry flag is made. It changes the type byte of TESTASM to TempProgObj, presumably so it's deleted by the OS automatically when done.
2. It does the same for EXEC.
3. It reads the fourth and seventh bytes of the password. It swaps the fourth and seventh bytes with each other.
4. It sends a zero out the link port when this is done.
5. It swaps the third and seventh bytes of the password.
6. It then waits to receive two bytes 0x00,0x00 over the link port.
7. It checks the bytes, if either of them has any nonzero bits it doesn't like it (I have not tested this yet though)
8. 0x04 is sent out over the link port.
9. Receives command bytes...these are:

	0x02,0x01 - Clear RAM/archive
	0x02,0x00 - Clear APPS not specified
	0x02,0x02 - Clear RAM/archive, and APPS not specified.

10. It sends 0x00 out over the link port afterwards.

Clearing the RAM, if done...is the last thing that is done. It clears all hooks when done, and B_JUMPs to 404Eh to clear it.