Silly question... why can't we use the Canon supplied update firmware ? - Firmware Dumping - CHDK Forum
supplierdeeply

Silly question... why can't we use the Canon supplied update firmware ?

  • 20 Replies
  • 30668 Views
*

linuxGuy

Advertisements
Canon supplies firmware to update these cameras, at least most of them.

Why can't that firmware be used instead of a dumped copy of the firmware ?

Encoding ?  Only a partial subset of the entire camera firmware ?

Thanks

*

Offline GrAnd

  • ****
  • 916
  • [A610, S3IS]
    • CHDK
Re: Silly question... why can't we use the Canon supplied update firmware ?
« Reply #1 on: 10 / December / 2007, 03:12:02 »
> Canon supplies firmware to update these cameras, at least most of them.
Incorrect. The Canon's philosophy is not provide such updates. Also, cameras they shipped can have a newer version of firmware than the official update.
Anyway, we uses Canon's updates as much as possible. But the problem is: Canon provides such updates very rare. Officially only three IXUS (SD##) cameras have updates. Unofficially, updates for A610/A620/S80 were also found.
So, the six files. But in my collection now I have 29 different versions. :)

> Why can't that firmware be used instead of a dumped copy of the firmware ?
It can be.

> Encoding ? 
There is a decoder.

> Only a partial subset of the entire camera firmware ?
Yes. The full update has not only 'core' of the firmware. For example, the list of files from SD400 update:
Code: [Select]
26.09.2007  23:41                 4 0x01000100
26.09.2007  23:41                 4 0x01870000
26.09.2007  23:41                 4 0x310E
26.09.2007  23:41                 4 1(Check)
26.09.2007  23:41                 4 1(Cipher)
26.09.2007  23:41            73 360 Faexe.bin
26.09.2007  23:41            62 132 ImgTbl.bin
26.09.2007  23:41         2 940 256 PRIMARY.BIN
26.09.2007  23:41           601 356 UIRes.bin
26.09.2007  23:41             8 192 UsrSet.BIN
26.09.2007  23:41           626 160 WriterInFIR.bin
              11 File(s)      4 311 476 bytes
CHDK Developer.

*

linuxGuy

Re: Silly question... why can't we use the Canon supplied update firmware ?
« Reply #2 on: 10 / December / 2007, 04:55:32 »
That answers that question.

Thanks for the reply, GrAnd.

Re: Silly question... why can't we use the Canon supplied update firmware ?
« Reply #3 on: 10 / December / 2007, 08:34:05 »
The S2 has never had an official firmware update.  Looking for one is what brought me here in the first place.


*

Offline GrAnd

  • ****
  • 916
  • [A610, S3IS]
    • CHDK
Re: Silly question... why can't we use the Canon supplied update firmware ?
« Reply #4 on: 10 / December / 2007, 08:42:45 »
The S2 has never had an official firmware update.
... but there are 4 different versions in the cameras Canon sold.
CHDK Developer.

Re: Silly question... why can't we use the Canon supplied update firmware ?
« Reply #5 on: 14 / December / 2007, 22:29:24 »
So, for most of the DSLRs (at least Canon 30D), there will not be any need for the blinking, since they have had several updates?

Re: Silly question... why can't we use the Canon supplied update firmware ?
« Reply #6 on: 23 / December / 2007, 17:40:47 »
Again, is it then correct that for a Canon 30D there won't be need for blinking, since it has had several firmware updates?

*

Offline mx3

  • ****
  • 372
Re: Silly question... why can't we use the Canon supplied update firmware ?
« Reply #7 on: 23 / December / 2007, 23:18:05 »
Again, is it then correct that for a Canon 30D there won't be need for blinking, since it has had several firmware updates?


no blinking required for 2 reasons:
 1) firmware update already contain partial dump of ROM(flash)
 2) it is impossible to do blinking with dslr ( claim based on analysis of 20d firmware )
 

bad news: encryption algorithm for "new" .fir files is unknown (30D, 400D, 40D )


you said "several firmware updates"
if someone have file with previous update before 30d00105.exe it maybe can simplify decryption
do you have it?

PS: i have 2 updates for 400D : 105 and 111
I think encryption algorithm the same as in 30D
« Last Edit: 23 / December / 2007, 23:32:28 by mx3 »
skype: max_dtc. ICQ: 125985663, email: win.drivers(at)gmail, eVB decompiler


Re: Silly question... why can't we use the Canon supplied update firmware ?
« Reply #8 on: 24 / December / 2007, 03:22:21 »
What is the problem of doing blinking? No obvious external leds? What about the backlight of both the LCD and little extra info-screen that the x0Ds has?

If these files are encrypted, and only contain partial dumps, then it might required to dump it anyway?

I will check whether I have older firmware updates when I get back from Christmas.

Thanks!

Decryption of 30D firmware is possible.
« Reply #9 on: 21 / January / 2008, 17:37:15 »
no blinking required for 2 reasons:
 1) firmware update already contain partial dump of ROM(flash)
 2) it is impossible to do blinking with dslr ( claim based on analysis of 20d firmware )
 
bad news: encryption algorithm for "new" .fir files is unknown (30D, 400D, 40D )
In fact the encryption algorithm is the same as for the IXUS cameras. The keys are different, but are known and are the same for 20D and 30D. I found a "decrypt20D.exe" somewhere on the web (the Yahoo group?) with no source. I extracted the keys from the exe and added them into a modified copy of Alex Bernstein's firmware decrypter/unpacker. The resulting program successfully decrypts a 20D firmware update.

The only difference for the 30D is that the firmware file has an extra header of 32 bytes in the beginning. Once that is skipped the rest of the files decrypts properly. It worked just fine on "30d00104.fir" and "30d00105.fir".

The source for both the 20D and 30D decrypters is attached.

you said "several firmware updates"
if someone have file with previous update before 30d00105.exe it maybe can simplify decryption
do you have it?
No need. The attached program decrypts 30d00105.fir (http://web.canon.jp/imaging/eos30d/eos30d_firmware-e.html) just fine.

I have not done any further investigation of what the file format is but I know that the early IXUS unpacker does not work.

In plain text close to the beginning of both 20D and 30 files one can see:
"Copyright 1999-2001 ARM Limited
Copyright 1999-2001 Wind River Systems, Inc."

And later in the 20D file (20d00203.fir):
"VxWorks 5.5 VxWorks5.5  May 10 2005, 09:33:59"

And in the 30D file (30d00105.fir)
"VxWorks 5.5.1   VxWorks5.5.1    Nov  2 2005, 11:47:21"

So both are definitely using VxWorks just like all other DIGICII cameras.

Now "all" that is left to do is for someone to port the CHDK ;-)

 

Related Topics


SimplePortal 2.3.6 © 2008-2014, SimplePortal