📄 whusb20dispatch.c
字号:
BytesTxd = size;
if( BytesTxd>OutputLength)
BytesTxd = OutputLength;
RtlCopyMemory(Irp->AssociatedIrp.SystemBuffer,Descriptor,BytesTxd);
}
FreeIfAllocated(Descriptor);
}
break;
}
/////// Get Statuses
case IOCTL_WHCEB01_GET_STATUSES:
{
UCHAR Statuses[6];
ULONG size = sizeof(Statuses);
NTSTATUS status = UsbGetStatuses( dx, Statuses, size);
if( NT_SUCCESS(status))
{
BytesTxd = size;
if( BytesTxd>OutputLength)
BytesTxd = OutputLength;
RtlCopyMemory(Irp->AssociatedIrp.SystemBuffer,Statuses,BytesTxd);
}
break;
}
/////// Get Frame info
case IOCTL_WHCEB01_GET_FRAME_INFO:
{
ULONG Info[3];
NTSTATUS status ;
status = UsbGetFrameInfo( dx, &Info[0], &Info[1], &Info[2]);
if( NT_SUCCESS(status))
{
BytesTxd = sizeof(Info);
if( BytesTxd>OutputLength)
BytesTxd = OutputLength;
RtlCopyMemory(Irp->AssociatedIrp.SystemBuffer,Info,BytesTxd);
}
break;
}
///////BULK host-to-device传输
case IOCTL_WHCEB01_TRANSFER_HOST_TO_DEVICE:
{
#ifdef DEBUG_INTERFACE
TRACE1 ("-----开始进行bulk OUT数据传输,长度%d字节-----", InputLength);
#endif//DEBUG_INTERFACE
status = Whceb01InterruptTransferHtD( dx, pChannel , Irp->AssociatedIrp.SystemBuffer,
InputLength);
break;
}
///////BULK device-to-host传输
case IOCTL_WHCEB01_TRANSFER_DEVICE_TO_HOST:
{
ULONG i=0;
TRACE1 ("-----开始进行bulk IN数据传输,长度%d字节-----", OutputLength);
status = Whceb01InterruptTransferDtH( dx, pChannel , Irp->AssociatedIrp.SystemBuffer,
OutputLength);
DebugPrintMsg( "bulk device-to-host传输数据:" );
for(i=0;i<OutputLength;i++)
TRACE1( "%x", *(tempBuf+i));
BytesTxd = OutputLength;
break;
}
///////复位管道
case IOCTL_WHCEB01_RESET_PIPE:
{
status = Whceb01ResetPipe( dx, dx->hWhceb01InterruptInHandle);
#ifdef DEBUG_INTERFACE
if(NT_SUCCESS(status))
TRACE1("*****成功复位中断IN管道,status=%d*****",status);
#endif//DEBUG_INTERFACE
break;
}
//////复位IC卡
case IOCTL_WHCEB01_RESET_ICC:
{
//发送复位IC卡PDU
dx->PduHead.Cmd = WHCEB01_CMD_RESET_ICC;
dx->PduHead.InBuffLen = 0;
dx->PduHead.OutBuffLen = 0;
status = Whceb01InterruptTransferHtD( dx, pChannel , &(dx->PduHead), WHCEB01_PDU_HEAD_LEN );
break;
}
//////复位IC卡并读取ATR信息
case IOCTL_WHCEB01_READ_ATR:
{
PUCHAR TempAtrBuffer ;
ULONG i=0;
//发送读取ATR的PDU
dx->PduHead.Cmd = WHCEB01_CMD_READ_ATR;
dx->PduHead.InBuffLen = 0;
dx->PduHead.OutBuffLen = (UCHAR)OutputLength;
TRACE1( "ATR长度=%d", dx->PduHead.OutBuffLen );
status = Whceb01InterruptTransferHtD( dx, pChannel , &(dx->PduHead), WHCEB01_PDU_HEAD_LEN );
//延时
//Whceb01DelaySpecifiedNumberOfMs( 500 );
//读取ATR
status = Whceb01InterruptTransferDtH( dx, pChannel , Irp->AssociatedIrp.SystemBuffer,
OutputLength);
#ifdef DEBUG_INTERFACE
TRACE0("ATR内容:");
TempAtrBuffer = (PUCHAR)(Irp->AssociatedIrp.SystemBuffer);
for(i=0;i<OutputLength;i++)
TRACE1( "%x", *(TempAtrBuffer+i));
#endif//DEBUG_INTERFACE
BytesTxd = OutputLength;
break;
}
//////写IC卡
case IOCTL_WHCEB01_WRITE_ICC:
{
PUCHAR tempCmdBuf = (PUCHAR)Irp->AssociatedIrp.SystemBuffer;
ULONG j=0;
dx->PduHead.Cmd = WHCEB01_CMD_WRITE_ICC;
dx->PduHead.InBuffLen = (UCHAR)InputLength;
if( dx->PduHead.InBuffLen>WHCEB01_MAXIMUM_IC_CMD_LEN )
{
status = STATUS_UNSUCCESSFUL;
break;
}
dx->PduHead.OutBuffLen = (UCHAR)OutputLength;
TRACE0( "-----写入IC卡的协议内容:-----" );
TRACE1( "%x", dx->PduHead.Cmd );
TRACE1( "%x", dx->PduHead.InBuffLen );
TRACE1( "%x", dx->PduHead.OutBuffLen );
TRACE1( "%x", dx->PduHead.Reserved );
TRACE0( "-----写入IC卡的数据:-----" );
for(j=0;j<InputLength;j++ )
TRACE1( "%x", *(tempCmdBuf+j) );
TRACE1("***写IC卡命令:期望IC卡返回的数据长度 = %d***", dx->PduHead.OutBuffLen );
//发送写IC卡PDU
status = Whceb01InterruptTransferHtD( dx, pChannel , &(dx->PduHead), WHCEB01_PDU_HEAD_LEN );
//延时
// Whceb01DelaySpecifiedNumberOfMs( 500 );
//写IC卡
status = Whceb01InterruptTransferHtD( dx, pChannel , Irp->AssociatedIrp.SystemBuffer,
InputLength );
break;
}
//////读IC卡
case IOCTL_WHCEB01_READ_ICC:
{
PUCHAR tempResponseBuf;
ULONG k=0;
///////////////////////////////////////////////////
//次处发送读IC卡的协议头代码已经去掉
///////////////////////////////////////////////////
//读IC卡
status = Whceb01InterruptTransferDtH( dx, pChannel , Irp->AssociatedIrp.SystemBuffer, OutputLength );
#ifdef DEBUG_INTERFACE
tempResponseBuf = (PUCHAR)Irp->AssociatedIrp.SystemBuffer;
TRACE0( "-----IC卡返回响应:-----" );
for(k=0;k<OutputLength;k++ )
{
TRACE1( "%x", *(tempResponseBuf+k) );
}
#endif//DEBUG_INTERFACE
BytesTxd = OutputLength;
break;
}
//////写EEPROM
case IOCTL_WHCEB01_WRITE_EEPROM:
{
dx->PduHead.Cmd = WHCEB01_CMD_WRITE_EEPROM;
dx->PduHead.InBuffLen = (UCHAR)InputLength;
dx->PduHead.OutBuffLen = 0;
//发送写EEPROM的PDU
status = Whceb01InterruptTransferHtD( dx, pChannel , &(dx->PduHead), WHCEB01_PDU_HEAD_LEN );
//延时
Whceb01DelaySpecifiedNumberOfMs( 500 );
//写EEPROM
status = Whceb01InterruptTransferHtD( dx, pChannel , Irp->AssociatedIrp.SystemBuffer,
InputLength );
break;
}
//////读EEPROM
case IOCTL_WHCEB01_READ_EEPROM:
{
dx->PduHead.Cmd = WHCEB01_CMD_READ_EEPROM;
dx->PduHead.InBuffLen = 0;
dx->PduHead.OutBuffLen = (UCHAR)OutputLength;
//发送读EEPROM的PDU
status = Whceb01InterruptTransferHtD( dx, pChannel , &(dx->PduHead), WHCEB01_PDU_HEAD_LEN );
//延时
Whceb01DelaySpecifiedNumberOfMs( 500 );
//读EEPROM
status = Whceb01InterruptTransferDtH( dx, pChannel , Irp->AssociatedIrp.SystemBuffer,
OutputLength );
BytesTxd = OutputLength;
break;
}
//////系统热复位
case IOCTL_WHCEB01_SYSTEM_SOFT_RESET:
{
dx->PduHead.Cmd = WHCEB01_CMD_SYSTEM_SOFT_RESET;
dx->PduHead.InBuffLen = 0;
dx->PduHead.OutBuffLen = 0;
//发送系统热复位PDU
status = Whceb01InterruptTransferHtD( dx, pChannel , &(dx->PduHead), WHCEB01_PDU_HEAD_LEN );
break;
}
//////系统冷复位
case IOCTL_WHCEB01_SYSTEM_HARD_RESET:
{
dx->PduHead.Cmd = WHCEB01_CMD_SYSTEM_HARD_RESET;
dx->PduHead.InBuffLen = 0;
dx->PduHead.OutBuffLen = 0;
//发送系统冷复位PDU
status = Whceb01InterruptTransferHtD( dx, pChannel , &(dx->PduHead), WHCEB01_PDU_HEAD_LEN );
break;
}
case IOCTL_WHCEB01_ENCRYPTDE:
{
LARGE_INTEGER timeout;
timeout.QuadPart = WHCEB01_TIMEOUT*3;
pOutputBuffer = MmGetSystemAddressForMdlSafe( Irp->MdlAddress , NormalPagePriority );
TRACE0( "EncryptDE after MMGet!" );
if(NULL == pOutputBuffer)
{
status=STATUS_UNSUCCESSFUL;
break;
}
TRACE1( "LiuSF: before H to D , channel = 0x%x" , pChannel->ChannelNum );
status = KeWaitForSingleObject( &dx->FrameMutex ,
Executive,
KernelMode,
FALSE,
&timeout
//NULL
);
//发送
status = Whceb01InterruptTransferHtD( dx, pChannel , tempBuf , InputLength );
if( !NT_SUCCESS( status ) )
{
TRACE0( "!!!!!!!!!!!!!!!!Sending Data Failed!!!" );
*(ULONG*)pOutputBuffer = status;
BytesTxd = 4;
break;
}
TRACE1( "LiuSF: after H to D , channel = 0x%x" , pChannel->ChannelNum );
///OutputValue( tempBuf , InputLength );
//延时
//Whceb01DelaySpecifiedNumberOfMs( 500 );
TRACE1( "LiuSF: before D to H , channel = 0x%x" , pChannel->ChannelNum );
//接收
// status = Whceb01InterruptTransferDtH( dx, pChannel , (BYTE*)pOutputBuffer, 20 );
status = Whceb01InterruptTransferDtH( dx, pChannel , (BYTE*)pOutputBuffer+4,
OutputLength-4 );
KeReleaseMutex( &dx->FrameMutex , FALSE );
TRACE1( "LiuSF: after D to H , channel = 0x%x" , pChannel->ChannelNum );
*(ULONG*)pOutputBuffer = status;
if( !NT_SUCCESS( status ) )
{
BytesTxd = 4;
}
else
//BytesTxd = *(USHORT*)( (BYTE*)pOutputBuffer + 8 );
BytesTxd = OutputLength;
}
break;
/////// Invalid request
default:
status = STATUS_INVALID_DEVICE_REQUEST;
}
#ifdef DEBUG_INTERFACE
TRACE1("DeviceIoControl: %d bytes written",(int)BytesTxd);
TRACE1("***** status = %x *****",status);
#endif//DEBUG_INTERFACE
// Complete IRP
CompleteIrp(Irp,status,BytesTxd);
UnlockDevice(dx);
TRACE0( "Exit DeviceControl" );
return status;
}
/////////////////////////////////////////////////////////////////////////////
// Whceb01SystemControl:
//
// Description:
// Handle IRP_MJ_SYSTEM_CONTROL requests
//
// Arguments:
// Pointer to our FDO
// Pointer to the IRP
// Various minor parameters
// IrpStack->Parameters.WMI.xxx has WMI parameters
//
// Return Value:
// This function returns STATUS_XXX
NTSTATUS Whceb01SystemControl( IN PDEVICE_OBJECT fdo,
IN PIRP Irp)
{
NTSTATUS status;
PWHCEB01_DEVICE_EXTENSION dx = (PWHCEB01_DEVICE_EXTENSION)fdo->DeviceExtension;
TRACE0( "SystemControl" );
if( dx->IODisabled)
return CompleteIrp( Irp, STATUS_DEVICE_NOT_CONNECTED, 0);
if (!LockDevice(dx))
return CompleteIrp( Irp, STATUS_DELETE_PENDING, 0);
//DebugPrintMsg("SystemControl");
// Just pass to lower driver
IoSkipCurrentIrpStackLocation(Irp);
status = IoCallDriver( dx->NextStackDevice, Irp);
UnlockDevice(dx);
return status;
}
/////////////////////////////////////////////////////////////////////////////
// Whceb01Cleanup:
//
// Description:
// Handle IRP_MJ_CLEANUP requests
// Cancel queued IRPs which match given FileObject
//
// Arguments:
// Pointer to our FDO
// Pointer to the IRP
// IrpStack->FileObject has handle to file
//
// Return Value:
// This function returns STATUS_XXX
// Not needed for Whceb01
/////////////////////////////////////////////////////////////////////////////
// CompleteIrp: Sets IoStatus and completes the IRP
NTSTATUS CompleteIrp( IN PIRP Irp, IN NTSTATUS status, IN ULONG info)
{
Irp->IoStatus.Status = status;
Irp->IoStatus.Information = info;
IoCompleteRequest(Irp,IO_NO_INCREMENT);
return status;
}
/////////////////////////////////////////////////////////////////////////////
//函数名称:Whceb01DelaySpecifiedNumberOfMs
//函数功能:延时函数
//入口参数:要延时的毫秒数
//返回值 :无
/////////////////////////////////////////////////////////////////////////////
VOID Whceb01DelaySpecifiedNumberOfMs( IN ULONG NumberOfMs)
{
ULONG loopCount;
ULONG i=0;
#ifdef DEBUG_INTERFACE
TRACE1( "Whceb01DelaySpecifiedNumberOfMs,Delay %d ", NumberOfMs );
#endif//DEBUG_INTERFACE
loopCount = NumberOfMs*1000/50;
for(i=0;i<loopCount;i++)
KeStallExecutionProcessor( 50 );
}
/////////////////////////////////////////////////////////////////////////////
//函数名称:Whceb01DelaySpecifiedNumberOfUs
//函数功能:延时函数
//入口参数:要延时的微秒数
//返回值 :无
/////////////////////////////////////////////////////////////////////////////
VOID Whceb01DelaySpecifiedNumberOfUs( IN ULONG NumberOfUs)
{
KeStallExecutionProcessor( NumberOfUs );
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -