Hi, On 1/20/20 12:27 AM, Ralph Little wrote: > Hi, > Some basic analysis, in case someone recognises a pattern: > > bRequest either 4 or 12. > wValue one of 0x82 (OUT), 0x83 (OUT), 0x84 (IN), 0x85 (OUT), 0x8e (IN) > > 0x8e looks like a status response request and nearly always returns 0x01. > > 0x83 and 0x85 usually seen in pairs. (i.e. 0x83, 0x85, 0x83, 0x85...) > and might be set register, set value pairs. (?) >
The wValue values are very similar to what genesys backend uses. Maybe this scanner is yet another genesys chip? It could be that genesys chips are used unmarket. Regards, Povilas > bRequest of 4 > =============== > OUT commands are accompanied by data fragments of up to 8 bytes, 8 byte > args being the most common. > Examples: > 00000000b83b0000 (very common) > 00000000dc1d0000 > 9385a880b000 > b100b200 - these look like pair sequences (e.g. reg/val pairs) > 850084008494 - also here > > bRequest of 12 > ================ > OUT commands only ever have a single byte data fragment. > > Receiving bulk scan data > ===================== > A typical bulk reading sequence for a package of scan data looks like this: > > CONTROL OUT bRequest=4, wValue=0x82, wIndex=0, wLength=8 > fragment=00000000b83b0000 > CONTROL IN bRequest=12, wValue=0x8e, wIndex=32, wLength=1 (returns 0x01 > in response) > BULK IN 14848 bytes > BULK IN 440 bytes > > I'm guessing that the 8 byte arg encodes a max request buffer size somehow. > > Ah yes, 14848+440=0x3bb8, so that would be a little-endian size starting > from the third byte. > Another example confirms it: > > 00000000dc1d0000 > Bytes in=7168+476=0x1ddc :) > > --------------------------------------- > > Does this look familiar to anyone? > > Cheers, > Ralph > >
