USB - 主机和设备之间是否有初始握手?
[英]USB - Is there an initial handshake between host and device?
问题描述
I'm capturing USB traffic using Wireshark on a smart card reader.
我正在使用智能卡读卡器上的Wireshark捕获 USB 流量。 When I connect to the reader using PyScard , some packets are sent back and forth using bulk operations before I send any APDU just by establishing the connection.当我使用PyScard连接到阅读器时,在我仅通过建立连接发送任何 APDU 之前,使用批量操作来回发送一些数据包。
I have read here that there is an initial handshake between a USB device and the host and I wonder if that is what I see while sniffing.我在这里读到 USB 设备和主机之间有一个初始握手,我想知道这是否是我在嗅探时看到的。
Using wireshark, I get the following:使用wireshark,我得到以下信息:
- Bulk out (host to device):批量输出(主机到设备):
- Bulk out (device to host):批量输出(设备到主机):
- Bulk in (host to device):批量输入(主机到设备):
- Bulk in (device to host):批量输入(设备到主机):
These four packets are sent 2-3 times and then I can sniff the messages I send using PyScard.这四个数据包发送了 2-3 次,然后我可以使用 PyScard 嗅探我发送的消息。
My goal here is to reproduce the communication between the reader and the host by using only USB communications.我的目标是仅使用 USB 通信来重现阅读器和主机之间的通信。 So:所以:
Is there an initial handshake in USB communications?
USB 通信中是否存在初始握手?Is that what I'm capturing?
这就是我要捕捉的吗?How can I reproduce this USB communications?
如何重现这种 USB 通信?
Thanks <3谢谢 <3
Edit 14/03/2018 - Additional information following David Grayson's answer编辑 2018 年 3 月 14 日 - 大卫格雷森回答后的其他信息
What I am capturing here is not the part of "Get Device Descriptor", etc. This happens when I try to print the device's details and Wireshark recognises and labels the packets as so.我在这里捕获的不是“获取设备描述符”等的一部分。当我尝试打印设备的详细信息并且 Wireshark 识别并标记数据包时会发生这种情况。
I'm aware of the weird operations but it is what I'm getting from wireshark.我知道奇怪的操作,但这是我从wireshark 得到的。 The interpretation I've been doing is that they're request-response pairs: the host sends something using bulk out endpoint and then asks to read the answer by using bulk in endpoint when it is ready to do so.我一直在做的解释是它们是请求-响应对:主机使用批量输出端点发送一些东西,然后在准备好这样做时要求通过使用批量输入端点来读取答案。 I have absolutely no idea, it's just what it looks to me.我完全不知道,这就是它对我的看法。
>> lsusb -v
Bus 001 Device 002: ID 0bda:0165 Realtek Semiconductor Corp.
Couldn't open device, some information will be missing
Device Descriptor:
bLength
bDescriptorType 1
bcdUSB 2.00
bDeviceClass 0 (Defined at Interface level)
bDeviceSubClass 0
bDeviceProtocol 0
bMaxPacketSize0 64
idVendor 0x0bda Realtek Semiconductor Corp.
idProduct 0x0165
bcdDevice 61.23
iManufacturer 1
iProduct 6
iSerial 3
bNumConfigurations 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 93
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 4
bmAttributes 0xa0
(Bus Powered)
Remote Wakeup
MaxPower 500mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 3
bInterfaceClass 11 Chip/SmartCard
bInterfaceSubClass 0
bInterfaceProtocol 0
iInterface 6
ChipCard Interface Descriptor:
bLength 54
bDescriptorType 33
bcdCCID 1.10 (Warning: Only accurate for version 1.0)
nMaxSlotIndex 0
bVoltageSupport 7 5.0V 3.0V 1.8V
dwProtocols 3 T=0 T=1
dwDefaultClock 3750
dwMaxiumumClock 7500
bNumClockSupported 0
dwDataRate 10080 bps
dwMaxDataRate 312500 bps
bNumDataRatesSupp. 0
dwMaxIFSD 254
dwSyncProtocols 00000000
dwMechanical 00000000
dwFeatures 00010030
Auto clock change
Auto baud rate change
TPDU level exchange
dwMaxCCIDMsgLen 271
bClassGetResponse 00
bClassEnvelope 00
wlcdLayout none
bPINSupport 0
bMaxCCIDBusySlots 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x83 EP 3 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 1x 64 bytes
bInterval 8
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x05 EP 5 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x0200 1x 512 bytes
bInterval 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x86 EP 6 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x0200 1x 512 bytes
bInterval 0
(The screenshots are ok, they look alike but they're not the same) (截图没问题,它们看起来很像,但它们不一样)
1 个解决方案
解决方案1
2 已采纳 2018-03-14 02:20:28
The initial handshake consists of controls transfers like "Get Device Descriptor", "Get Configuration Descriptor" and "Set Address", which are defined in Chapter 9 of the USB 2.0 specification.初始握手包括控制传输,如“获取设备描述符”、“获取配置描述符”和“设置地址”,它们在 USB 2.0 规范的第 9 章中定义。
The initial handshake usually does not have any bulk transfers, but it is possible that your device uses a driver which wants to do some bulk transfers when it gets initialized.初始握手通常没有任何批量传输,但您的设备可能使用了一个驱动程序,该驱动程序希望在初始化时进行一些批量传输。 Since it is a smart card reader, I imagine your operating system has some driver that sends commands to it in order to see if any smart cards are connected, and those commands could very well be implemented with bulk transfers instead of control transfers.由于它是智能卡读卡器,我想您的操作系统有一些驱动程序向它发送命令以查看是否连接了任何智能卡,并且这些命令很可能通过批量传输而不是控制传输来实现。 To learn more about these commands, you would need to find the documentation of the USB class that your device implements and/or the driver that is sending these commands.要了解有关这些命令的更多信息,您需要查找设备实现的 USB 类和/或发送这些命令的驱动程序的文档。
The description of your bulk traffic is confusing.您的批量流量的描述令人困惑。 The term "Out" always means "Host to device" so it cannot mean "Device to host" also.术语“Out”始终表示“主机到设备”,因此它也不能表示“设备到主机”。 The term "In" always means "Device to host" so it cannot mean "Host to device" also.术语“In”始终表示“设备到主机”,因此它也不能表示“主机到设备”。 You posted two duplicate screenshots.您发布了两个重复的屏幕截图。
To get better responses in the future, I think you should include a dump of your device's descriptors ( lsusb -v ), improve your description of the traffic, say what endpoints the traffic was seen on, and also say what operating system you are using and give any information you have about the drivers that are attached to your device.为了在未来获得更好的响应,我认为您应该包含设备描述符的转储( lsusb -v ),改进您对流量的描述,说明在哪些端点上看到了流量,并说明您正在使用什么操作系统并提供有关连接到设备的驱动程序的任何信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.