Re: [Wireshark-dev] Keyboard scan codes

Mon, 16 Apr 2012 11:25:19 -0700 

On Apr 16, 2012, at 10:52 AM, Kaul wrote:

> I was wondering if there is somewhere in Wireshark code definition for 
> keyboard scan codes. I was hoping to re-use if such exists. I'm looking for 
> 101/102 AT keyboard scan codes, specifically (was hoping RDP or VNC would 
> have them, but did not find it,

For VNC, this is not surprising - as the VNC spec:

        http://www.realvnc.com/docs/rfbproto.pdf

says, VNC sends X11 keysyms, not raw keyboard scan codes, over the wire.

At least as I read the RDP spec - section 2.2.8.1.1.3.1.1.1 "Keyboard Event 
(TS_KEYBOARD_EVENT)" of "[MS-RDPBCGR]: Remote Desktop Protocol: Basic 
Connectivity and Graphics Remoting Specification" - those *do* contain scan 
codes:

        The TS_KEYBOARD_EVENT structure is a standard T.128 Keyboard Event (see 
[T128] section 8.18.2). RDP keyboard input is restricted to keyboard scancodes, 
unlike the code-point or virtual codes supported in T.128 (a scancode is an 
8-bit value specifying a key location on the keyboard). The server accepts a 
scancode value and translates it into the correct character depending on the 
language locale and keyboard layout used in the session.

but the RDP dissector doesn't appear to parse input events, so it has no table 
for PC keyboard scan codes.

> neither did Telnet).

Again, not surprising - as the TELNET specification, RFC 854:

        http://tools.ietf.org/html/rfc854

says:

        The NVT printer has an unspecified carriage width and page length and 
can produce representations of all 95 USASCII graphics (codes 32 through 126).

so it uses ASCII, not raw scan codes (not surprising, given that TELNET's 
predecessors:

        http://tools.ietf.org/html/rfc15

long antedate the IBM Personal Computer).

> I don't think what X11 uses would suite me.

No, X11's "keycodes" are not guaranteed to be PC keyboard scan codes (as X11 
servers are not guaranteed to be PCs), and are only interpretable with a 
keycode-to-keysym table from the server, and the keysyms are 
keyboard-independent and are ASCII-based.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:[email protected]?subject=unsubscribe

Reply via email to