2024-11-08 03:31 AM
Hello,
I'm currently working on a project using the STM32U5A5VJT6 processor, and I'm exploring the feasibility of implementing WireGuard in a bare-metal environment. I found one mention of WireGuard in this community post [link], however afaik it is an application for an OS based ST product. So I'm looking for more detailed insights.
Any advice, resources, or shared experiences would be greatly appreciated!
Thank you,
Xezi
2024-11-08 04:03 AM - edited 2024-11-08 04:10 AM
Exactly because of difficulties of porting crypto libraries to bare metal, consider instead a [more or less] lightweight OS that is posix-compatible enough. Of course this will require more RAM and flash than typical bare metal things but should be affordable.
Crucial points for a VPN implementation: it must be
- compatible, with continued support, not vendor-locked
- easy to review, test, validate
- easy to patch / update / upgrade
All this calls for OS-based implementation. Not necessarily Linux.
2024-11-11 09:53 AM
Thank you for your input.
For this project, we are committed to using ThreadX, which brings its own set of challenges for implementing WireGuard. While there is a WireGuard implementation in C [link], it depends on lwIP, and as a community-driven project, it doesn’t fully align with the robustness and warranties our requirements demand. From my initial research, it appears that porting lwIP functionalities to ThreadX would be quite complex and might require significant adaptation to achieve compatibility, especially for low-level networking operations.
If anyone has experience with similar ports or alternative secure communication protocols that integrate more seamlessly with ThreadX and NetX Duo, I’d greatly appreciate any insights.
2024-11-11 09:57 AM
> as a community-driven project, it doesn’t fully align with the robustness and warranties our requirements demand.
And ThreadX? It is no longer backed by Microsoft.