|
Title: DSG CRC calculation Post by: razon on March 06, 2024, 03:48:27 PM Trying to figure out the CRC algo used at the end of the flash procedure for an older DQ250 (02E300051R 1967) KWP protocol (lot number: F)
I tried CRC-32, JAMCRC and other checksum types... nothing so far gives me the correct CRC for the data block: 0x030000 - 0x0DFFFF I also tried running the CRC on everything except the last 4 bytes of the data block... I still don't get the correct answer. Any hints on what type of CRC is used on this transmission? 255310 760 8 29 00 0A 31 C5 03 00 00 255311 760 6 1A 0D FF FF 89 15 Title: Re: DSG CRC calculation Post by: Howelley on March 08, 2024, 03:26:19 AM Well CRC32 would be a bit of a silly guess considering it's a 16bit result. It's CRC16 with poly 0x8408 and an initial value of 0xFFFF.
Not too difficult to find with a bit of disassembly ;) Title: Re: DSG CRC calculation Post by: prj on March 08, 2024, 03:40:34 AM Well CRC32 would be a bit of a silly guess considering it's a 16bit result. It's CRC16 with poly 0x8408 and an initial value of 0xFFFF. Not too difficult to find with a bit of disassembly ;) You are assuming he knows assembly. All he did was a sniff and copy paste, otherwise it would not have been difficult. Title: Re: DSG CRC calculation Post by: razon on March 11, 2024, 01:42:42 PM Thanks Howelley,
yeah, I know some assembly; To be precise, it's: CRC-16/MCRF4XX I tried CRC32 because I thought it's similar process to MED17 and yes I should of found it a lot sooner but I think I was running it on a corrupted file because I wasn't getting the proper crc. All good now! Thanks Guys! |