Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

294 lines
8.3 KiB

#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
#endif // WIN32_LEAN_AND_MEAN
#define INITGUID
#include <stdio.h>
#include <windows.h>
#include <wmium.h>
#include <wmistr.h>
#include <setupapi.h>
#include <regstr.h>
#include <devguid.h>
#include <ntddkbd.h>
#include "winkeycmn.h"
void WinKeyWmiRawDataCallback(PWNODE_HEADER WnodeHeader, ULONG_PTR Context)
{
PWNODE_SINGLE_INSTANCE wNode;
LPGUID eventGuid;
wNode = (PWNODE_SINGLE_INSTANCE)WnodeHeader;
eventGuid = &WnodeHeader->Guid;
if (IsEqualGUID(eventGuid, &GUID_WMI_WINKEY_RAW_DATA)) {
PKEYBOARD_INPUT_DATA pPackets;
ULONG numPackets, i;
numPackets = wNode->SizeDataBlock / sizeof(KEYBOARD_INPUT_DATA);
pPackets = (PKEYBOARD_INPUT_DATA) (((PBYTE) wNode) + wNode->DataBlockOffset);
for (i = 0; i < numPackets; i++) {
printf("code %04x, flags %04x (",
(ULONG) pPackets[i].MakeCode, (ULONG) pPackets[i].Flags);
if (pPackets[i].Flags & KEY_BREAK) {
printf("break");
}
else {
printf("make");
}
if (pPackets[i].Flags & KEY_E0) {
printf(", E0");
}
else if (pPackets[i].Flags & KEY_E1) {
printf(", E1");
}
printf(")\n");
}
}
}
BOOL g_quit = FALSE;
BOOL WINAPI CtrlHandler(DWORD dwCtrlType)
{
switch (dwCtrlType) {
case CTRL_C_EVENT:
case CTRL_BREAK_EVENT:
case CTRL_CLOSE_EVENT:
printf("received ctrl event %d\n", dwCtrlType);
g_quit = TRUE;
return TRUE;
default:
return FALSE;
}
}
#define STR_WINKEYD TEXT("winkeyd")
BOOL AddFilter(HKEY ClassKey)
{
DWORD dwType, dwSize;
ULONG res,
filterLength,
length;
BOOLEAN added = FALSE,
addFilter;
TCHAR szFilter[] = STR_WINKEYD TEXT("\0");
PTCHAR szCurrentFilter, szOffset, szUpperFilters;
filterLength = lstrlen(szFilter);
dwSize = 0;
res = RegQueryValueEx(ClassKey,
REGSTR_VAL_UPPERFILTERS,
NULL,
&dwType,
NULL,
&dwSize);
if (res == ERROR_FILE_NOT_FOUND || dwType != REG_MULTI_SZ) {
//
// Value isn't there,
//
RegSetValueEx(ClassKey,
REGSTR_VAL_UPPERFILTERS,
0,
REG_MULTI_SZ,
(PBYTE) szFilter,
(filterLength + 2) * sizeof(TCHAR) );
added = TRUE;
}
else if (res == ERROR_SUCCESS) {
szUpperFilters = (PTCHAR)
LocalAlloc(LPTR, dwSize + (filterLength + 1) * sizeof(TCHAR));
if (!szUpperFilters)
return FALSE;
szOffset = szUpperFilters + filterLength + 1;
res = RegQueryValueEx(ClassKey,
REGSTR_VAL_UPPERFILTERS,
NULL,
&dwType,
(PBYTE) szOffset,
&dwSize);
if (res == ERROR_SUCCESS) {
addFilter = TRUE;
for (szCurrentFilter = szOffset; *szCurrentFilter; ) {
length = lstrlen(szCurrentFilter);
if (lstrcmpi(szFilter, szCurrentFilter) == 0) {
addFilter = FALSE;
break;
}
szCurrentFilter += (length + 1);
}
if (addFilter) {
length = (filterLength + 1) * sizeof(TCHAR);
memcpy(szUpperFilters, szFilter, length);
dwSize += length;
res = RegSetValueEx(ClassKey,
REGSTR_VAL_UPPERFILTERS,
0,
REG_MULTI_SZ,
(PBYTE) szUpperFilters,
dwSize);
added = (res == ERROR_SUCCESS);
}
}
LocalFree(szUpperFilters);
}
return added;
}
void RestartDevices()
{
HDEVINFO hDevInfo;
SP_DEVINFO_DATA did;
SP_DEVINSTALL_PARAMS dip;
int i;
hDevInfo = SetupDiGetClassDevs(&GUID_DEVCLASS_KEYBOARD, NULL, NULL, 0);
if (hDevInfo != INVALID_HANDLE_VALUE) {
ZeroMemory(&did, sizeof(SP_DEVINFO_DATA));
did.cbSize = sizeof(SP_DEVINFO_DATA);
for (i = 0; SetupDiEnumDeviceInfo(hDevInfo, i, &did); i++) {
//
// restart the controller so that the filter driver is in
// place
//
ZeroMemory(&dip, sizeof(SP_DEVINSTALL_PARAMS));
dip.cbSize = sizeof(SP_DEVINSTALL_PARAMS);
if (SetupDiGetDeviceInstallParams(hDevInfo, &did, &dip)) {
dip.Flags |= DI_PROPERTIES_CHANGE;
SetupDiSetDeviceInstallParams(hDevInfo, &did, &dip);
}
}
SetupDiDestroyDeviceInfoList(hDevInfo);
}
}
int
InstallService()
{
char szBin[MAX_PATH];
SC_HANDLE hSCM, hService;
strcpy(szBin, "System32\\Drivers\\winkeyd.sys");
hSCM = OpenSCManager(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_CREATE_SERVICE);
if (NULL == hSCM) {
return FALSE;
}
hService = CreateService(
hSCM, // SCManager database
STR_WINKEYD, // name of service
"WinKey keyboard filter driver", // service name to display
SERVICE_ALL_ACCESS, // desired access
SERVICE_KERNEL_DRIVER, // service type
SERVICE_DEMAND_START, // start type
SERVICE_ERROR_NORMAL, // error control type
szBin, // service's binary
NULL, // no load ordering group
NULL, // no tag identifier
NULL, // no dependencies
NULL, // LocalSystem account
NULL); // no password
CloseServiceHandle(hService);
CloseServiceHandle(hSCM);
if (NULL == hService) {
return FALSE;
}
else {
//
// Alternatively, what you can do is call SetupDiGetClassDevs, iterate over
// all the keyboards on the machine, find the one which as a service of
// "i8042prt" and install winkeyd.sys as an upper filter of just the
// ps/2 keyboard instead of an upper filter of every keyboard.
//
HKEY hKeyClass = SetupDiOpenClassRegKey(&GUID_DEVCLASS_KEYBOARD, KEY_ALL_ACCESS);
int success = FALSE;
if (hKeyClass != 0) {
if (AddFilter(hKeyClass)) {
RestartDevices();
success = TRUE;
}
RegCloseKey(hKeyClass);
}
return success;
}
}
int _cdecl main(int argc, char *argv[])
{
//
// This is an example application of how to listen for WMI events generated
// by winkeyd.sys
//
if (argc > 1 && _strcmpi(argv[1], "/install") == 0) {
//
// Make sure winkeyd.sys is copied into %windir%\system32\drivers first,
// this appliation does not copy it over!
//
return InstallService();
}
printf("registering WMI callback.\n");
if (WmiNotificationRegistration((LPGUID) &GUID_WMI_WINKEY_RAW_DATA,
TRUE,
WinKeyWmiRawDataCallback,
(ULONG_PTR) NULL, // context
NOTIFICATION_CALLBACK_DIRECT) == ERROR_SUCCESS) {
SetConsoleCtrlHandler(CtrlHandler, TRUE);
while (!g_quit) {
Sleep(5000);
}
printf("unregistering WMI callback.\n");
//
// unregister
//
WmiNotificationRegistration((LPGUID) &GUID_WMI_WINKEY_RAW_DATA,
FALSE,
WinKeyWmiRawDataCallback,
(ULONG_PTR) NULL, // context
NOTIFICATION_CALLBACK_DIRECT);
return 0;
}
else {
printf("could not register WMI callback.\n");
}
return 1;
}