I'm trying to insert keyboard keypress events from the driver level under Windows 10 OS.
I'm using kbfiltr driver sample for my experiments. And right now I've implemented a custom IOCTL that delivers the event to the kbfiltr IRP queue handler where I'm trying to inject a KEYBOARD_INPUT_DATA entity to the KBDClass driver queue by invoking ServiceCallback routine of the KBDClass driver. And it seems to produce no errors, but it also doesn't produce any key presses.
I also tried to insert additional key press event alongside with normal keyboard events: add additional KEYBOARD_INPUT_DATA to the queue passed to the ServiceCallback routine by the keyboard driver and it worked perfectly.
I saw suggestions to use VHIDmini2 sample, but I also need to intercept certain keypresses, so it's not really an option for me.
I can compare two flows in order to understand the difference but is seems like not really trivial reverse engineering task under Windows. So, I wonder maybe there is a known solution or maybe someone might have an idea on what I'm doing wrong or maybe there is a keyboard driver with open source that I can use as reference for my experiments?
You're not calling the service callback correctly:
InputDataEnd [in]
Pointer to the keyboard input data packet that immediately follows the last data packet in the input data buffer.
You need to call it like this:
(*(PSERVICE_CALLBACK_ROUTINE)(ULONG_PTR)devExt->UpperConnectData.ClassService)(
devExt->UpperConnectData.ClassDeviceObject,
&kbd_dt,
&kbd_dt + 1,
&consumed);