Windows动态库hid.dll
+ -

Windows系统HidD_GetPreparsedData数据结构PHIDP_PREPARSED_DATA研究

2022-05-24 352 0

上天开了一个玩笑,研究了REACTOS的HidD_GetPreparsedData函数的数据结构(http://www.usbzh.com/article/detail-980.html ),竟然发现这和Windows体统的不兼容。所以这一节我们来研究一下Windows下的HidD_GetPreparsedData数据结构PHIDP_PREPARSED_DATA。

ReactOS来源于Windows,但并不等于Windows,但是其具有很强的借鉴意义,理论上来讲,数据结构应该差别不在,肯定还是以该COLLECTION为基础的USAG_ITEM数据结构。

这里我们以华为耳出自带的音量控制HID报告描述符进行数据分析,其HID报告描述符的内容如下:

0x05, 0x0C,        // Usage Page (Consumer)
0x09, 0x01,        // Usage (Consumer Control)
0xA1, 0x01,        // Collection (Application)
0x85, 0x01,        //   Report ID (1)

0x15, 0x00,        //   Logical Minimum (0)
0x25, 0x01,        //   Logical Maximum (1)
0x75, 0x01,        //   Report Size (1)
0x95, 0x01,        //   Report Count (1)
0x09, 0xE9,        //   Usage (Volume Increment)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)
0x09, 0xEA,        //   Usage (Volume Decrement)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)
0x09, 0xCD,        //   Usage (Play/Pause)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)
0x09, 0xB5,        //   Usage (Scan Next Track)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)
0x09, 0xB6,        //   Usage (Scan Previous Track)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)
0x09, 0xB7,        //   Usage (Stop)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)
0x09, 0xB3,        //   Usage (Fast Forward)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)
0x09, 0xB4,        //   Usage (Rewind)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)

0x05, 0x0B,        //   Usage Page (Telephony)
0x09, 0x24,        //   Usage (Redial)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)
0x09, 0x20,        //   Usage (Hook Switch)
0x81, 0x02,        //   Input (Data,Var,Abs,No Wrap,Linear,Preferred State,No Null Position)
0x09, 0x2F,        //   Usage (Phone Mute)
0x81, 0x06,        //   Input (Data,Var,Rel,No Wrap,Linear,Preferred State,No Null Position)
0x95, 0x05,        //   Report Count (5)
0x81, 0x01,        //   Input (Const,Array,Abs,No Wrap,Linear,Preferred State,No Null Position)
0xC0,              // End Collection

// 67 bytes

通过上面的分析,可以知道,该HID报告描述符描述了3个字节的输入报告,分别为ReportId=1和2字节的音控位码,具体功能我们就不研究了,大家可以参考:
Windows10 x64使用USB虚拟HID设备控制系统音频音量的播放/暂停:http://www.usbzh.com/article/detail-915.html

我们通过本站的HID调试工具也可以看到如下信息:
HID调试工具
我们使用VS调试工具查看信息如下:

0x0161A178  48 69 64 50 20 4b 44 52 01 00 0c 00 00 00 00 00 00 00 0b 00 0b 00  HidP KDR..............
0x0161A18E  03 00 0b 00 00 00 0b 00 00 00 0b 00 00 00 0b 00 00 00 78 04 01 00  ..................x...
0x0161A1A4  0c 00 01 00 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00  ......................
0x0161A1BA  01 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A1D0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e9 00 e9 00 00 00  ................?.?...
0x0161A1E6  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A1FC  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 00 01 01 01 00  ......................
0x0161A212  01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 00 00  ......................
0x0161A228  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A23E  00 00 00 00 00 00 00 00 00 00 ea 00 ea 00 00 00 00 00 00 00 00 00  ..........?.?.........
0x0161A254  01 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A26A  00 00 00 00 00 00 00 00 00 00 0c 00 01 02 01 00 01 00 01 00 01 00  ......................
0x0161A280  02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 00 00 00 00 00 00 00 00  ......................
0x0161A296  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A2AC  00 00 00 00 cd 00 cd 00 00 00 00 00 00 00 00 00 02 00 02 00 00 00  ....?.?...............
0x0161A2C2  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A2D8  00 00 00 00 0c 00 01 03 01 00 01 00 01 00 01 00 02 00 00 00 02 00  ......................
0x0161A2EE  00 00 0c 00 01 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A304  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b5 00  ....................?.
0x0161A31A  b5 00 00 00 00 00 00 00 00 00 03 00 03 00 00 00 00 00 00 00 00 00  ?.....................
0x0161A330  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 00  ......................
0x0161A346  01 04 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00  ......................
0x0161A35C  0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A372  00 00 00 00 00 00 00 00 00 00 00 00 00 00 b6 00 b6 00 00 00 00 00  ..............?.?.....
0x0161A388  00 00 00 00 04 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A39E  00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 00 01 05 01 00 01 00  ......................
0x0161A3B4  01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 00 00 00 00  ......................
0x0161A3CA  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A3E0  00 00 00 00 00 00 00 00 b7 00 b7 00 00 00 00 00 00 00 00 00 05 00  ........?.?...........
0x0161A3F6  05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A40C  00 00 00 00 00 00 00 00 0c 00 01 06 01 00 01 00 01 00 01 00 02 00  ......................
0x0161A422  00 00 02 00 00 00 0c 00 01 00 0c 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A438  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A44E  00 00 b3 00 b3 00 00 00 00 00 00 00 00 00 06 00 06 00 00 00 00 00  ..?.?.................
0x0161A464  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A47A  00 00 0c 00 01 07 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00  ......................
0x0161A490  0c 00 01 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A4A6  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b4 00 b4 00  ..................?.?.
0x0161A4BC  00 00 00 00 00 00 00 00 07 00 07 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A4D2  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0b 00 01 00  ......................
0x0161A4E8  01 00 01 00 02 00 01 00 02 00 00 00 03 00 00 00 0c 00 01 00 0c 00  ......................
0x0161A4FE  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A514  00 00 00 00 00 00 00 00 00 00 00 00 24 00 24 00 00 00 00 00 00 00  ............$.$.......
0x0161A52A  00 00 08 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A540  00 00 00 00 00 00 00 00 00 00 00 00 0b 00 01 01 01 00 01 00 02 00  ......................
0x0161A556  01 00 02 00 00 00 03 00 00 00 0c 00 01 00 0c 00 00 00 00 00 00 00  ......................
0x0161A56C  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A582  00 00 00 00 00 00 20 00 20 00 00 00 00 00 00 00 00 00 09 00 09 00  ...... . .............
0x0161A598  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A5AE  00 00 00 00 00 00 0b 00 01 02 01 00 01 00 02 00 01 00 06 00 00 00  ......................
0x0161A5C4  03 00 00 00 0c 00 01 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A5DA  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A5F0  2f 00 2f 00 00 00 00 00 00 00 00 00 0a 00 0a 00 00 00 00 00 00 00  /./...................
0x0161A606  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A61C  01 00 0c 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00  ......................
0x0161A632  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A648  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A65E  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A674  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ......................
0x0161A68A  00 00 00 00 00 00 00 00 00 00 00 00 00 00 82 f8 76 cf aa d3 00 00  ..............??v???..

可以看到,前8个字节是一个固字字符串,其实这是结构体的签名标识。
后面紧跟的是01 00 0c 00,对应我们报告描述符中的Usage Page (Consumer)和Usage (Consumer Control)。至于再后面的,就不得而知了。

其实从REACTOS中可知道,后面其实应该有大量的HID_REPORT_ITEM,所以观察数据应为,并且以104字节按行显示:

0c 00 01 00 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 ... 00 e9 00 e9 00 00 00 00 00 00 00 00 00 00 00 00 00 ...
0c 00 01 01 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 ... 00 ea 00 ea 00 00 00 00 00 00 00 00 00 01 00 01 00 ...
0c 00 01 02 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 ... 00 cd 00 cd 00 00 00 00 00 00 00 00 00 02 00 02 00 ...
0c 00 01 03 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 ... 00 b5 00 b5 00 00 00 00 00 00 00 00 00 03 00 03 00 ...
0c 00 01 04 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 ... 00 b6 00 b6 00 00 00 00 00 00 00 00 00 04 00 04 00 ...
0c 00 01 05 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 ... 00 b7 00 b7 00 00 00 00 00 00 00 00 00 05 00 05 00 ...
0c 00 01 06 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 ... 00 b3 00 b3 00 00 00 00 00 00 00 00 00 06 00 06 00 ...
0c 00 01 07 01 00 01 00 01 00 01 00 02 00 00 00 02 00 00 00 0c 00 01 00 0c 00 ... 00 b4 00 b4 00 00 00 00 00 00 00 00 00 07 00 07 00 ...
0b 00 01 00 01 00 01 00 02 00 01 00 02 00 00 00 03 00 00 00 0c 00 01 00 0c 00 ... 00 24 00 24 00 00 00 00 00 00 00 00 00 08 00 08 00 ...
0b 00 01 01 01 00 01 00 02 00 01 00 02 00 00 00 03 00 00 00 0c 00 01 00 0c 00 ... 00 20 00 20 00 00 00 00 00 00 00 00 00 09 00 09 00 ...
0b 00 01 02 01 00 01 00 02 00 01 00 06 00 00 00 03 00 00 00 0c 00 01 00 04 00 ... 00 2f 00 2f 00 00 00 00 00 00 00 00 00 0a 00 0a 00 ...
01 00 0c 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ...

可以看到USGE、USAGE_PAGEINPUT的值和字节偏移的显示:

USAGE_PATE(0) USAGE(min,max) INPUT VALUE(0x0c) 字节偏移
0c e9 02 02
0c ea 02 02
0c cd 02 02
0c b5 02 02
0c b6 02 02
0c b7 02 02
0c b3 02 02
0c b4 02 02
0b 24 02 03
0b 20 02 03
0b 2f 06 03

偏移从1开始,因为第0个是ReportId.


其实这只算是一个初步的研究,更多的是需要找不同的设备根据报告描述符来进行数据观察分析来看的。比如这里只有输入报告,那输出报告是不是也按这种方式(理论上应该是),那是放在前面还是后面呢?另外就是描述符完个USAGE的ITEM之后的数据到底是什么,还是得研究一翻。

HID人机交互QQ群:564808376    UAC音频QQ群:218581009    UVC相机QQ群:331552032    BOT&UASP大容量存储QQ群:258159197    STC-USB单片机QQ群:315457461    USB技术交流QQ群2:580684376    USB技术交流QQ群:952873936   

0 篇笔记 写笔记

Windows系统HidD_GetPreparsedData数据结构PHIDP_PREPARSED_DATA研究
上天开了一个玩笑,研究了REACTOS的HidD_GetPreparsedData函数的数据结构(http://www.usbzh.com/article/detail-980.html ),竟然发现这和Windows体统的不兼容。所以这一节我们来研究一下Windows下的HidD_GetPrepa......
HID报告描述符主项InputReport、OutputReport,FeatureReport
HID报告描述符主项除过COLLECTION项,就是输入报告InputReport,输出报告OutputReport和特性报告FeatureReport。ITEM_PREFIX的BIT2,BIT3为00,bit4-7的值为:#define ITEM_TAG_MAIN_INPUT ......
使用USB鼠标HID报告描述符分析HID_REPORT及成员HID_REPORT_ITEM关系
HID报告描述分过程比较麻烦,对于MAIN ITEM,相对来说比较简单,就是一个简单的树形结构。但对于GLOBAL ITEM和LOCAL ITEM组织的数据结构定义,还是相对比较麻烦的。每一个HID报告描述符都会有很多集合,这是由MAIN ITEM的Collection关键字定义的,无论它是Appl......
HID报告描述符INPUT ITEM,OUTPUT ITEM,FEATERU ITEM Bit 1{Array (0) | Variable (1)}和HID_REPORT_ITEM的关系
HID的MAIN ITEM的INPUT ITEM,OUTPUT ITEM,FEATERU ITEM Bit定义如下:0:代表是数组1:代表变量我们在 HID主条目input item、output item和feature item详解http://www.usbzh.com/article......
关注公众号
取消
感谢您的支持,我会继续努力的!
扫码支持
扫码打赏,你说多少就多少

打开支付宝扫一扫,即可进行扫码打赏哦

您的支持,是我们前进的动力!