This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

802.11 FCS computation and Annex G

0

Hi,

I tried to check the CRC32 computation of WLAN MAC frames by the CRC32 function in the Wireshark code. For this test, I am using the test packets in Annex G of the 802.11 2007 spec, and the vector in H.6.4 CCMP of the same spec.

However, I don't get the result as written there, and I don't understand what I am doing wrong. I used Matlab to generate the FCS as follows:

% WLAN MAC FCS % x32 + x26 + x23 + x22 + x16 + x12 + x11 + x10 + x8 + x7 + x5 + x4 + x2 + x + 1

G = [1 0 0 0 0 0 1 0 0 1 1 0 0 0 0 0 1 0 0 0 1 1 1 0 1 1 0 1 1 0 1 1 1]; %G = 0x104C11DB7

% %CRC generator object gen = crc.generator('Polynomial', G, … 'ReflectInput', false, … 'InitialSate', ones(1, 32), … %all ones initial state 'FinalXOR', ones(1, 32), … %one-complement CRC 'ReflectRemainder', false);

% % ADD CRC encoded = generate(gen, binmpdu); %binmpdu is shown partly below and is based on %the Annex G test vector

% % CHECK CRC crc = encoded(end-31:end);

The test data I am using is the following (except for the last 4 bytes, which are the CRC)

% Hex table in Annex G is as follows (read out per row)
% mpdu = ['04' '02' '00' '2e' '00'
% '60' '08' 'cd' '37' 'a6'
% '00' '20' 'd6' '01' '3c'
% 'f1' '00' '60' '08' 'ad'
% '3b' 'af' '00' '00' '4a'
% '6f' '79' '2c' '20' '62'
% '72' '69' '67' '68' '74'
% '20' '73' '70' '61' '72'
% '6b' '20' '6f' '66' '20'
% '64' '69' '76' '69' '6e'
% '69' '74' '79' '2c' '0a'
% '44' '61' '75' '67' '68'
% '74' '65' '72' '20' '6f'
% '66' '20' '45' '6c' '79'
% '73' '69' '75' '6d' '2c'
% '0a' '46' '69' '72' '65'
% '2d' '69' '6e' '73' '69'
% '72' '65' '64' '20' '77'
% '65' '20' '74' '72' '65'
% '61' 'da' '57' '99' 'ed'
% ];

In binary, this gives:

bit 0 (PHY encoded, e.g. enters scrambled first) | 00100000010000000000 …

(this is ‘04’ ‘02’` ‘00’ ‘2e’, written as ‘4’ first, the ‘0’, then ‘2’, then ‘0’, etc…

I have checked this binary sequence by successfully generating the PHY baseband signal from it which is identical to the reference in Annex G.

But I can’t get the CRC32 computation right (the last 4 bytes in the mpdu above, listed in the spec as ‘da’ ‘57’ ‘99’ ‘ed’). I tried swapping the nibbles, reversing the nibbles, … but nothing works, I just don’t get the same CRC bytes as in the spec. Can anybody tell me what I am doing so wrong?

Many thanks for your help!!!

Karen

asked 02 Aug ‘11, 18:50

Karen's gravatar image

Karen
1111
accept rate: 0%

edited 08 Aug ‘11, 22:08

helloworld's gravatar image

helloworld
3.1k42041


One Answer:

0

I suggest reading section 7.1.3.7 very carefully and then examining the Wireshark source code to see how it computes the CRC32.

In particular, have a look at the implementation of crc32_802_tvb_padded() located in packet-ieee80211.c around lines 8719-8734, as well as the implementation of crc32_802_tvb() in crc32.c around lines 252-275. Both of those functions are called in packet-ieee80211.c around lines 9412-9414.

answered 04 Aug '11, 18:53

cmaynard's gravatar image

cmaynard ♦♦
9.4k1038142
accept rate: 20%