A430

From CHDK Wiki

[edit] Powershot A430

The Powershot A430 is currently being ported and there is an alpha version of CHDK available for this camera.

See the forum thread for latest progress and for downloads.

Contents 1 Powershot A430 2 Firmware info 2.1 Version 3 For Developers 3.1 Memory map 3.2 Firmware flash 3.3 LED addresses 3.4 Blinker Firmware 3.4.1 Blinker Firmware compilation 3.5 Phototransistor active circuit 3.6 Firmware recording using audacity 3.7 Firmware dumps 3.8 Porting

[edit] Firmware info

[edit] Version

The trick with the ver.req file works on the A430 as well, with the following result:

Canon PowerShot A430
P-ID:30F8  PAL

Firmware Ver GM1.00B
E18
Dec  6 2005   09:17:55

Pressing SET+DISP buttons again results in:

Canon PowerShot A430
P-ID:30F8  PAL

Adj Ver.005.001
ZoomLensError
2007.08.31 18:54:46

Further SET+DISP pressing does not change anything if the file was ver.req. However, if the file is called vers.req, a third screen is shown:

Canon PowerShot A430
P-ID:30F8  PAL

Adj Ver.005.001
Total Shoot  :6707
Open Shutter :0
Close Shutter:0

Normally it should show "No Error". It looks like my camera got a ZoomLensError on August 31, 2007. On that date the lens was hit hard, but the camera is still okay.

The number P-ID:XXXX is a hexadecimal code for the platform version id.

Platform codes for other models can be looked up under P-ID.

[edit] For Developers

Following the example of the A530 page, everything that might be useful for a port of CHDK to A430 should be posted here.

[edit] Memory map

Following information is probably generic to other models (A5xx, A6xx, A7xx series)

[edit] Firmware flash

0xff800000: firmware flash data (probably)
0xffc00000: mirror copy of firmware flash? (to be determined)

[edit] LED addresses

0xc0220080: 0x46 enables orange focus assist LED, 0x44 disables it
0xc0220084: 0x46 enables blue print LED, 0x44 disables it

[edit] Blinker Firmware

The blinker method was used to dump the firmware.

[edit] Blinker Firmware compilation

A blinker firmware was compiled using yagarto. In the XXXX.c file, the firmware ID must be replaced by the one given obtained via ver.req (XXX). If cygwin is installed on your computer, in make.bat, replace

zero | dd bs=1k count=100 >> main

by the following two lines:

c:\cygwin\bin\dd.exe bs=1k count=100 if=/dev/zero of=main.zero

c:\cygwin\bin\cat.exe main.zero >> main 

[edit] Phototransistor active circuit

The PC's microphone input has a 2.34V rail available on one of the channels, so I tried a few powered circuit (both photodiode and phototransistor). They give a much larger signal, but the shape of the signal still differs from the ones given as example.

The test circuit uses a small piece of breadboard. Bottom side has two rows of 3 tulip sockets. This is where I plug-in my phototransistors and filter cap. Top side has three rows of 3 tulip sockets. The one away from the cable, I plug my 1k trim in. The other two are used for bridging the circuit with the computer. These can be removed and replaced by filtering caps if needed.

Active circuit

Test circuit - under

Test circuit - top side

Test circuit and audio cable

Phototransistor Active circuit

Phototransistor active test circuit (bottom)

Phototransistor active test circuit (top)

The trimmer (blue on the photo above) has one of its legs bent so that it doesn't make contact. The two legs making contact with the circuit are the one under the screw and the middle one. The red component is a 1μF ceramic cap used to filter the output (see screenshots below).

[edit] Firmware recording using audacity

I am now trying for the blue LED with slower transfer speed. I used my amplified circuit and tried both the S1226-8BQ photodiode, YY66W (IR) and SFH300-3 phototransistors. Surprisingly enough, the IR phototransistor is the one that gives the largest signal (see screenshots). With a lower transfer speed, I now get the waveform I was expecting.

The effect of the 1μF cap is shown in screenshot 2 (screenshot 1 is without). The signal amplitude is more constant and will (probably) result in fewer decoding errors.

All in all, it now looks like I should be able to get a firmware dump.

[edit] Firmware dumps

It seems that the fastest speed (AF assist LED) is not an option for dumping the firmware. At that speed, the waveform is distorted and may not be decoded (see screenshot). Instead, the blue LED at the back of the camera was used to output the firmware, and an active circuit based around the YY66W phototransistor was used to read the firmware out.

• Firmware dump A430 FW 1.00B: dl site (Forum link: http://chdk.setepontos.com/index.php/topic,288.msg33967.html#msg33967)

Alternative download location for firmware dumps: CHDKdumps @drop.io, Part 1   —   CHDKdumps2 @drop.io, Part 2

[edit] Porting

• 2009 06 21: Porting the A430 with fw 1.00b has started: Forum link (by shentey)