feat(firmware): implement ECDSA P-256 signature verification in OTA library

Replaces placeholder ota_verify_signature_with_key with real mbedtls ECDSA verify; adds 4-case native test suite with generated P-256 vectors. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-05-11 11:15:52 -07:00
parent 8b1fd10db7
commit 66e6808e13
2 changed files with 88 additions and 3 deletions
--- a/firmware/lib/ota_updater/ota_updater.cpp
+++ b/firmware/lib/ota_updater/ota_updater.cpp
@@ -2,6 +2,9 @@
 #include "ota_updater.h"
 #include <stdio.h>
 #include <string.h>
+#include <mbedtls/ecdsa.h>
+#include <mbedtls/ecp.h>
+#include <mbedtls/bignum.h>

 // ── version comparison ─────────────────────────────────────────────────────

@@ -16,11 +19,31 @@ bool ota_version_newer(const char* current, const char* remote) {
 }

 // ── signature verification ─────────────────────────────────────────────────
-// (real implementation added in Task 7)
 bool ota_verify_signature_with_key(const uint8_t hash32[32], const uint8_t sig64[64],
                                    const uint8_t pubkey65[65]) {
-    (void)hash32; (void)sig64; (void)pubkey65;
-    return false; // placeholder — filled in Task 7
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point Q;
+    mbedtls_mpi       r, s;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&Q);
+    mbedtls_mpi_init(&r);
+    mbedtls_mpi_init(&s);
+
+    bool ok = false;
+    if (mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_SECP256R1) == 0 &&
+        mbedtls_ecp_point_read_binary(&grp, &Q, pubkey65, 65) == 0 &&
+        mbedtls_mpi_read_binary(&r, sig64,      32) == 0 &&
+        mbedtls_mpi_read_binary(&s, sig64 + 32, 32) == 0 &&
+        mbedtls_ecdsa_verify(&grp, hash32, 32, &Q, &r, &s) == 0) {
+        ok = true;
+    }
+
+    mbedtls_ecp_group_free(&grp);
+    mbedtls_ecp_point_free(&Q);
+    mbedtls_mpi_free(&r);
+    mbedtls_mpi_free(&s);
+    return ok;
 }

 // ── device-only code ───────────────────────────────────────────────────────