802.11 FCS (CRC32) [英] 802.11 FCS (CRC32)
问题描述
以下代码是否正确计算了无线 802.11 帧的 FCS 值?
因为下面代码产生的值与wireshark显示的值不匹配.
Is the below code correctly calculating the FCS value of wireless 802.11 frames?
Because the value produced by the below code does not match the value shown by wireshark.
const uint32_t crctable[] = {
0x00000000L, 0x77073096L, 0xee0e612cL, 0x990951baL, 0x076dc419L, 0x706af48fL, 0xe963a535L, 0x9e6495a3L,
0x0edb8832L, 0x79dcb8a4L, 0xe0d5e91eL, 0x97d2d988L, 0x09b64c2bL, 0x7eb17cbdL, 0xe7b82d07L, 0x90bf1d91L,
0x1db71064L, 0x6ab020f2L, 0xf3b97148L, 0x84be41deL, 0x1adad47dL, 0x6ddde4ebL, 0xf4d4b551L, 0x83d385c7L,
0x136c9856L, 0x646ba8c0L, 0xfd62f97aL, 0x8a65c9ecL, 0x14015c4fL, 0x63066cd9L, 0xfa0f3d63L, 0x8d080df5L,
0x3b6e20c8L, 0x4c69105eL, 0xd56041e4L, 0xa2677172L, 0x3c03e4d1L, 0x4b04d447L, 0xd20d85fdL, 0xa50ab56bL,
0x35b5a8faL, 0x42b2986cL, 0xdbbbc9d6L, 0xacbcf940L, 0x32d86ce3L, 0x45df5c75L, 0xdcd60dcfL, 0xabd13d59L,
0x26d930acL, 0x51de003aL, 0xc8d75180L, 0xbfd06116L, 0x21b4f4b5L, 0x56b3c423L, 0xcfba9599L, 0xb8bda50fL,
0x2802b89eL, 0x5f058808L, 0xc60cd9b2L, 0xb10be924L, 0x2f6f7c87L, 0x58684c11L, 0xc1611dabL, 0xb6662d3dL,
0x76dc4190L, 0x01db7106L, 0x98d220bcL, 0xefd5102aL, 0x71b18589L, 0x06b6b51fL, 0x9fbfe4a5L, 0xe8b8d433L,
0x7807c9a2L, 0x0f00f934L, 0x9609a88eL, 0xe10e9818L, 0x7f6a0dbbL, 0x086d3d2dL, 0x91646c97L, 0xe6635c01L,
0x6b6b51f4L, 0x1c6c6162L, 0x856530d8L, 0xf262004eL, 0x6c0695edL, 0x1b01a57bL, 0x8208f4c1L, 0xf50fc457L,
0x65b0d9c6L, 0x12b7e950L, 0x8bbeb8eaL, 0xfcb9887cL, 0x62dd1ddfL, 0x15da2d49L, 0x8cd37cf3L, 0xfbd44c65L,
0x4db26158L, 0x3ab551ceL, 0xa3bc0074L, 0xd4bb30e2L, 0x4adfa541L, 0x3dd895d7L, 0xa4d1c46dL, 0xd3d6f4fbL,
0x4369e96aL, 0x346ed9fcL, 0xad678846L, 0xda60b8d0L, 0x44042d73L, 0x33031de5L, 0xaa0a4c5fL, 0xdd0d7cc9L,
0x5005713cL, 0x270241aaL, 0xbe0b1010L, 0xc90c2086L, 0x5768b525L, 0x206f85b3L, 0xb966d409L, 0xce61e49fL,
0x5edef90eL, 0x29d9c998L, 0xb0d09822L, 0xc7d7a8b4L, 0x59b33d17L, 0x2eb40d81L, 0xb7bd5c3bL, 0xc0ba6cadL,
0xedb88320L, 0x9abfb3b6L, 0x03b6e20cL, 0x74b1d29aL, 0xead54739L, 0x9dd277afL, 0x04db2615L, 0x73dc1683L,
0xe3630b12L, 0x94643b84L, 0x0d6d6a3eL, 0x7a6a5aa8L, 0xe40ecf0bL, 0x9309ff9dL, 0x0a00ae27L, 0x7d079eb1L,
0xf00f9344L, 0x8708a3d2L, 0x1e01f268L, 0x6906c2feL, 0xf762575dL, 0x806567cbL, 0x196c3671L, 0x6e6b06e7L,
0xfed41b76L, 0x89d32be0L, 0x10da7a5aL, 0x67dd4accL, 0xf9b9df6fL, 0x8ebeeff9L, 0x17b7be43L, 0x60b08ed5L,
0xd6d6a3e8L, 0xa1d1937eL, 0x38d8c2c4L, 0x4fdff252L, 0xd1bb67f1L, 0xa6bc5767L, 0x3fb506ddL, 0x48b2364bL,
0xd80d2bdaL, 0xaf0a1b4cL, 0x36034af6L, 0x41047a60L, 0xdf60efc3L, 0xa867df55L, 0x316e8eefL, 0x4669be79L,
0xcb61b38cL, 0xbc66831aL, 0x256fd2a0L, 0x5268e236L, 0xcc0c7795L, 0xbb0b4703L, 0x220216b9L, 0x5505262fL,
0xc5ba3bbeL, 0xb2bd0b28L, 0x2bb45a92L, 0x5cb36a04L, 0xc2d7ffa7L, 0xb5d0cf31L, 0x2cd99e8bL, 0x5bdeae1dL,
0x9b64c2b0L, 0xec63f226L, 0x756aa39cL, 0x026d930aL, 0x9c0906a9L, 0xeb0e363fL, 0x72076785L, 0x05005713L,
0x95bf4a82L, 0xe2b87a14L, 0x7bb12baeL, 0x0cb61b38L, 0x92d28e9bL, 0xe5d5be0dL, 0x7cdcefb7L, 0x0bdbdf21L,
0x86d3d2d4L, 0xf1d4e242L, 0x68ddb3f8L, 0x1fda836eL, 0x81be16cdL, 0xf6b9265bL, 0x6fb077e1L, 0x18b74777L,
0x88085ae6L, 0xff0f6a70L, 0x66063bcaL, 0x11010b5cL, 0x8f659effL, 0xf862ae69L, 0x616bffd3L, 0x166ccf45L,
0xa00ae278L, 0xd70dd2eeL, 0x4e048354L, 0x3903b3c2L, 0xa7672661L, 0xd06016f7L, 0x4969474dL, 0x3e6e77dbL,
0xaed16a4aL, 0xd9d65adcL, 0x40df0b66L, 0x37d83bf0L, 0xa9bcae53L, 0xdebb9ec5L, 0x47b2cf7fL, 0x30b5ffe9L,
0xbdbdf21cL, 0xcabac28aL, 0x53b39330L, 0x24b4a3a6L, 0xbad03605L, 0xcdd70693L, 0x54de5729L, 0x23d967bfL,
0xb3667a2eL, 0xc4614ab8L, 0x5d681b02L, 0x2a6f2b94L, 0xb40bbe37L, 0xc30c8ea1L, 0x5a05df1bL, 0x2d02ef8dL
};
uint32_t crc32(uint32_t bytes_sz, const uint8_t *bytes)
{
uint32_t crc = ~0;
uint32_t i;
for(i = 0; i < bytes_sz; ++i) {
crc = crctable[(crc ^ bytes[i]) & 0xff] ^ (crc >> 8);
}
return ~crc;
}
我以下列方式调用上述函数:
I am calling the above function in the following manner:
uint32_t crc = crc32(header->len - 4, packet);
其中 header 的类型是:
where header is of type:
struct pcap_pkthdr *header;
头部信息由pcap回调处理:
The header information is handled by pcap callback:
void my_callback(u_char *args, const struct pcap_pkthdr *header, const u_char *packet)
我从 此链接
2 年后的
上述crc32()的代码是可以的;线printf("0x%x\n",crc32(sizeof(MSG)-16-4,MSG+16));
打印正确的 802.11 CRC,其中:
The above code of crc32() does work; the line
printf("0x%x\n",crc32(sizeof(MSG)-16-4,MSG+16));
prints the right 802.11 CRC, where:
MSG 是从 Wireshark 复制粘贴的消息字节数组(unsigned char[]);
MSG is an array (unsigned char[]) of message bytes copied and pasted from Wireshark;
16 是 radiotap 头大小,
16 is the radiotap header size,
4是FCS的大小(帧校验序列,crc32,little-endian=x86顺序).
4 is the size of FCS (frame check sequence, crc32, little-endian=the x86 order).
推荐答案
pcap_datalink() 为您正在捕获的 pcap_t 返回的值是什么?您正在从中读取捕获文件?
What is the value returned by pcap_datalink() for the pcap_t on which you're capturing or from which you're reading a capture file?
除非是 DLT_IEEE802_11(值为 105),否则数据包要么不是 802.11 数据包,要么不是 仅 802.11 数据包.
Unless it's DLT_IEEE802_11 (with a value of 105), the packet is either not an 802.11 packet or is not only an 802.11 packet.
例如,如果它是 DLT_EN10MB,则它是一个以太网数据包(您可能会从 802.11 适配器获得,尤其是当您不在监控模式下捕获时),并且如果它是 DLT_IEEE802_11_RADIO,它以 radiotap.org 网站 中所述的radiotap"标头开头,并且您需要跳过 radiotap 标头以到达 802.11 帧,并且只对 802.11 帧进行校验和.
If, for example, it's DLT_EN10MB, it's an Ethernet packet (which you might get from an 802.11 adapter, especially if you're not capturing in monitor mode), and if it's DLT_IEEE802_11_RADIO, it begins with a "radiotap" header as described at the radiotap.org Web site, and you need to skip past the radiotap header to get to the 802.11 frame, and checksum only the 802.11 frame.
(此外,对于某些 Atheros 适配器,802.11 帧将在 802.11 标头和 802.11 有效载荷之间添加一些填充,您在校验和时必须将其删除;如果您有 radiotap 标头,则frame has标志字段中的 802.11 标头和有效载荷之间的填充(到 32 位边界)"标志.)
(In addition, for some Atheros adapters, the 802.11 frame will have some padding added between the 802.11 header and the 802.11 payload, which you have to remove when checksumming; if you have radiotap headers, that's indicated by the "frame has padding between 802.11 header and payload (to 32-bit boundary)" flag in the flags field.)
这篇关于802.11 FCS (CRC32)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
