WireGuard on STM32U5A5VJT6 ?

xezi · ‎2024-11-08

Hello,

I'm currently working on a project using the STM32U5A5VJT6 processor, and I'm exploring the feasibility of implementing WireGuard in a bare-metal environment. I found one mention of WireGuard in this community post [link], however afaik it is an application for an OS based ST product. So I'm looking for more detailed insights.

Is STM actively working on any initiatives to bring WireGuard support to processors like the STM32U5A5VJT6, especially for bare-metal implementations?
The WireGuard protocol was primarily designed for OS-based systems with kernel support, which makes bare-metal implementation exceptionally challenging. Given the cryptographic and networking demands, has anyone made significant progress or come across alternative approaches that could support WireGuard (or similar VPN functionality) on an STM32?
I encountered Mongoose’s library for networking on STM32, which offers some guidance on web server setups. Are there other resources or community-driven efforts that address VPNs or similar secure communication protocols for STM32 processors without an OS?

Any advice, resources, or shared experiences would be greatly appreciated!

Thank you,
Xezi

Pavel A. · ‎2024-11-08

Exactly because of difficulties of porting crypto libraries to bare metal, consider instead a [more or less] lightweight OS that is posix-compatible enough. Of course this will require more RAM and flash than typical bare metal things but should be affordable.

Crucial points for a VPN implementation: it must be

- compatible, with continued support, not vendor-locked

- easy to review, test, validate

- easy to patch / update / upgrade

All this calls for OS-based implementation. Not necessarily Linux.