Resize unencrypted volume

I got new Nitrokey storage. From factory it come with 2G unencrypted storage. I want change this(expand this volume). What tools are able to do this ?

ASM and a good understanding of the firmware :smiley:
OK, no fun : it is hard coded in the FW. So to change it you need to change and build your own FW

Look here

1 Like

Jeez, I never was so deep. thx

You can find an example of the change in the following commit, from one of the forks. I have not tested it though.

Yeah, I think it is good to mention that you have tested it. I have my doubts that it will work by changing only these fields.

BTW: the label is a bit misleading: …SIZE… is not what the number is calculating: it is the NUMBER OF 512Byte BLOCKS, which result in a size of 2048 MB (2GB).
The same with the next entry …START… : these are 2GB, but now you count them as 2 Blocks ( means you step 1024Byte - which is a bit strange, but I have no time to do the full analytics)

And overall the hint you gave with the fork will not work unless the guy is not also changing the hard coded values in *.c files under …/SOFTWARE_FRAMEWORK/… gSdEndHiddenVolume_u32 and gSdEndCryptedVolume_u32 are hard coded. I assume there are some hidden trouble in that code as I also see other hard coded values in the source code. I would recommend to clearly differentiate between parameters/Const ( in *.h) and the use of them ( in *.c) . Also I am not sure if SD Cards will always return a block size of 512. So you should also read this out of the SD Interface. Anyhow, I am not the programmer … :smiley:

And overall: this should be fields to setup with your app instead of hard coded in the firmware (IMHO)

1 Like

I checked config and a little bit confused.
In header we have hardcoded values. But there are different sizes of storage. How they are able to flash with the same firmware ?

Only start is hardcoded AFAIR - SD size is detected and handled.

I am not able to chachge. Still need to investigate code.
Try to change value in conf_sd_mmc_mci.h as it was in commit. Do not work.
I try to change value in conf_sd_mmc_mci.h and in sd_mmc_mci_mem.c, but this is not sufficient. Still default value. Looking for hardcoded values.
Any nitrokey devs here? Please point where is values are.

Yes, the overall SD Size is dedicated, but the split of the SD into encrypted/non-encrypted is hard coded. Why ?
I would understand if you would need a bootstrap loader in the non-encrypted part - but then you would need that every time ( So it would not be accessible for the user to store own data ) .

So, I would recommend to allow a change by parameters of the cli-enabled ( I needed to mention that :- ) ) app.
I just found, that this is issue #39 as enhancement request in the log

1 Like