How to decode LTE RRC/SIB/ASN1 messages by lameditor and asn1c

| Categories lte  | Tags asn1c  ASN1  LTE  SIB  decoding  RRC  HACKRF  rtl-sdr  LTE-Cell-Scanner 

This is an further explanation on SIB parsing of my blog: Whole 20MHz config LTE signal is decoded by HACKRF 19.2Msps with ASN1 SIB parsed

This method’s main reference is:

This doc is used to explain how parse_SIB() of Matlab/LTE_DL_receiver.m works ( .m file is in , which is an open source OpenCL accelerated TDD/FDD LTE Cell Scanner – from A/D samples to RRC messages (PDSCH) out for 20MHz LTE. )

1. generate LTE RRC spec’s ASN1 description

download 36.331 spec from

unzip: –> 36331-ac0.doc

save 36331-ac0.doc as 36331-ac0.txt.

get lameditor from

compile and install lameditor.

	cd lameditor-1.0/src/getasn/

copy 36331-ac0.txt here, and

	./getasn 36331-ac0.txt

now we have 36331-ac0.asn

2. generate ASN1 decoding program for LTE RRC message

get asn1c from

compile and install asn1c.

	cd asn1c/examples/

	mkdir sample.source.LTERRC

	cd sample.source.LTERRC

copy 36331-ac0.asn here, and

	asn1c  -S /usr/local/share/asn1c -fcompound-names -fskeletons-copy -gen-PER -pdu=auto 36331-ac0.asn

2.1 modify converter-sample.c:


	#define PDU BCCH_DL_SCH_Message



	#include <asn_internal.h>

2.2 modify per_opentype.c:


	padding = padding % 8;


	ASN_DEBUG("Too large padding %d in open type", (int)padding);

and comment out following:


2.3 compile the decoding program

	make -f

here we get LTE RRC ASN1 decoding program: progname

3. usage of LTE RRC ASN1 decoding program: progname

	./progname recv_bits.per -p BCCH-DL-SCH-Message

where recv_bits.per is a binary file which contains received RRC message bits (some examples can be gotten by HACKRF and ) . “-p” specify message type. For example, SIB is carried on PDSCH, and its type is BCCH-DL-SCH-Message.

4. Some SIBs I decoded

4.0 some binary per files for you to verify






4.1 some decoded SIB messages

2360MHz at Beijing, China

2585MHz at Beijing, China

2585MHz at Beijing-1, China

Prev     Next