WireGuard on STM32U5A5VJT6 ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
‎2024-11-08 3:31 AM
Hello,
I'm currently working on a project using the STM32U5A5VJT6 processor, and I'm exploring the feasibility of implementing WireGuard in a bare-metal environment. I found one mention of WireGuard in this community post [link], however afaik it is an application for an OS based ST product. So I'm looking for more detailed insights.
- Is STM actively working on any initiatives to bring WireGuard support to processors like the STM32U5A5VJT6, especially for bare-metal implementations?
- The WireGuard protocol was primarily designed for OS-based systems with kernel support, which makes bare-metal implementation exceptionally challenging. Given the cryptographic and networking demands, has anyone made significant progress or come across alternative approaches that could support WireGuard (or similar VPN functionality) on an STM32?
- I encountered Mongoose’s library for networking on STM32, which offers some guidance on web server setups. Are there other resources or community-driven efforts that address VPNs or similar secure communication protocols for STM32 processors without an OS?
Any advice, resources, or shared experiences would be greatly appreciated!
Thank you,
Xezi
- Labels:
-
STM32 Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
‎2024-11-08 4:03 AM - edited ‎2024-11-08 4:10 AM
Exactly because of difficulties of porting crypto libraries to bare metal, consider instead a [more or less] lightweight OS that is posix-compatible enough. Of course this will require more RAM and flash than typical bare metal things but should be affordable.
Crucial points for a VPN implementation: it must be
- compatible, with continued support, not vendor-locked
- easy to review, test, validate
- easy to patch / update / upgrade
All this calls for OS-based implementation. Not necessarily Linux.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
‎2024-11-11 9:53 AM
Thank you for your input.
For this project, we are committed to using ThreadX, which brings its own set of challenges for implementing WireGuard. While there is a WireGuard implementation in C [link], it depends on lwIP, and as a community-driven project, it doesn’t fully align with the robustness and warranties our requirements demand. From my initial research, it appears that porting lwIP functionalities to ThreadX would be quite complex and might require significant adaptation to achieve compatibility, especially for low-level networking operations.
If anyone has experience with similar ports or alternative secure communication protocols that integrate more seamlessly with ThreadX and NetX Duo, I’d greatly appreciate any insights.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
‎2024-11-11 9:57 AM
> as a community-driven project, it doesn’t fully align with the robustness and warranties our requirements demand.
And ThreadX? It is no longer backed by Microsoft.
