Quite often, especially when dealing with USB devices, a serial number comes really handy. One example is my TmpUsb project. If you don’t update its serial number, it will still work when only one is plugged in. But plug in two, and all kinds of shenanigans will ensue.
This is the exact reason why I already created a script to randomize its serial number. However, that script had one major fault - it didn’t work under Linux. So, it came time to rewrite the thing and maybe adjust it a bit.
The way the original script worked was as a post-build step in MPLAB X project that would patch the Intel Hex object file and that’s something I won’t change as it integrates flawlessly with programming steps.
The resulting serial number was 12 hexadecimal digits in length (48 bits or random data) and that was probably excessive. Even worse, that led to an overly complicated script that was essentially a C# program to patch hex after the modification was done since any randomization always impacted more than 1 line. As I wanted a solution that could work anywhere the Bash can run (even Windows), I wanted to make my life easier by limiting any change to a single line.
Well, first things first, to limit serial number length, I had to figure out how much of a serial number can fit in one. Looking at the Intel hex produced by MPLAB X, we can see that each line is 16 bytes, which means any serial number intended for USB consumption can be up to 8 characters. However, what if other code pushes the serial number further down the line? Well, now you get only a single character.
What we need is a way to fix the serial number location. The solution to this is in the __at
keyword. Using it, we can align our string descriptors wherever we want them. In the TmpUsb example, that would be something like this
const struct {
uint8_t bLength;
uint8_t bDscType;
uint16_t string[7];
} sd003 __at(0x1000) = {
sizeof(sd003),
USB_DESCRIPTOR_STRING,
{ '2','8','4','4','3','4','2' }
};
The whole USB descriptor structure has to fit into 16 bytes as to limit any subsequent modification to the single line. The first 2 bytes are length and type bytes, leaving us with 14 bytes for our serial. Since USB likes 16-bit unicode, this means we have 7 characters to play with. If we stay in the hexadecimal realm, this provides 28 bits of randomization. Not bad, but we can slightly improve on it by expanding character selection a bit.
That’s where base32 comes in. It’s a nice enough encoding that isn’t case sensitive and it omits most easily confused characters. And yes, it would take 40 bits to fully utilize base32 but trimming it at 7 will leave you with 35 bits which is plenty.
How do I get this serial number in an easy way? Well, getting 5 bytes using dd
and then passing it to base32
will do.
NEW_SERIAL=`dd if=/dev/urandom bs=5 count=1 2>/dev/null | base32 | cut -c 1-7`
If we pass the non-random serial number in, with some mangling to get it expanded, it is trivial to swap it with the new one using sed:
LINE=`cat "$INPUT" | grep "$SERIAL_UNICODE"`
NEW_LINE=`echo -n "$LINE" | sed "s/$SERIAL_UNICODE/$NEW_SERIAL_UNICODE/g"`
sed -i "s/$LINE/$NEW_NEW_LINE/g" "$INPUT"
But no, this is no good. Changing content of a line will invalidate checksum character that comes at the end. To make this work we need to adjust that checksum. Thankfully, checksum is just a sum of all characters preceding with a bit of inversion as a last step. Something like this:
CHECKSUM=0
for ((i = 1; i < $(( ${#NEW_LINE} - 2 )); i += 2)); do
BYTE_HEX="${NEW_LINE:$i:2}"
NEW_NEW_LINE="$NEW_NEW_LINE$BYTE_HEX"
BYTE_VALUE=$(printf "%d" 0x$BYTE_HEX)
CHECKSUM=$(( (CHECKSUM + BYTE_VALUE) % 256 ))
done
CHECKSUM_HEX=`printf "%02X" $(( (~CHECKSUM + 1) % 256 )) | tail -c 2`
Once all this is combined into a script, we can call it by giving it a few arguments, most notably, project directory (${ProjectDir}
), image path (${ImagePath}
), and our predefined serial number (2844342
):
bash "${ProjectDir}/../package/randomize-usb-serial.sh"
"${ProjectDir}"
"${ImagePath}"
"2844342"
Script is available for download here but you can also see it in action as part of TmpUsb.