{"id":16238768,"url":"https://github.com/trombik/esp_wireguard","last_synced_at":"2025-04-04T09:08:12.096Z","repository":{"id":37091464,"uuid":"443236238","full_name":"trombik/esp_wireguard","owner":"trombik","description":"WireGuard Implementation for ESP-IDF.","archived":false,"fork":false,"pushed_at":"2024-10-10T09:44:01.000Z","size":134,"stargazers_count":216,"open_issues_count":12,"forks_count":42,"subscribers_count":13,"default_branch":"main","last_synced_at":"2025-03-28T08:08:58.495Z","etag":null,"topics":["esp-idf","esp32","esp8266","wireguard"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trombik.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-12-31T02:47:01.000Z","updated_at":"2025-03-17T15:11:12.000Z","dependencies_parsed_at":"2024-02-07T12:40:17.211Z","dependency_job_id":"a40c6f71-1a79-439c-9bea-8c31188f7ff3","html_url":"https://github.com/trombik/esp_wireguard","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trombik%2Fesp_wireguard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trombik%2Fesp_wireguard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trombik%2Fesp_wireguard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trombik%2Fesp_wireguard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trombik","download_url":"https://codeload.github.com/trombik/esp_wireguard/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247149501,"owners_count":20891954,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["esp-idf","esp32","esp8266","wireguard"],"created_at":"2024-10-10T13:41:19.508Z","updated_at":"2025-04-04T09:08:12.075Z","avatar_url":"https://github.com/trombik.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# `esp_wireguard`, WireGuard Implementation for ESP-IDF\n\nThis is an implementation of the [WireGuard\u0026reg;](https://www.wireguard.com/)\nfor ESP-IDF, based on\n[WireGuard Implementation for lwIP](https://github.com/smartalock/wireguard-lwip).\n\n[![Build examples](https://github.com/trombik/esp_wireguard/actions/workflows/build.yml/badge.svg)](https://github.com/trombik/esp_wireguard/actions/workflows/build.yml)\n\n## Status\n\nThe code is alpha.\n\nA single tunnel to a WireGuard peer has been working.\n\n## Supported ESP-IDF versions and targets\n\nThe following ESP-IDF versions are supported:\n\n* `esp-idf` `master`\n* `esp-idf` `v4.2.x`\n* `esp-idf` `v4.3.x`\n* `esp-idf` `v4.4.x`\n* ESP8266 RTOS SDK `v3.4`\n\nThe following targets are supported:\n\n* `esp32`\n* `esp32s2`\n* `esp32c3`\n* `esp8266`\n\n## Usage\n\nIn `menuconfig` under `WireGuard`, choose a TCP/IP adapter. The default is\n`ESP-NETIF`. SDKs older than `esp-idf` `v4.1`, including ESP8266 RTOS SDK v3.4\nrequires `TCP/IP Adapter`.\n\nBoth peers must have synced time. The library does not sync time.\n\nA working network interface is required.\n\nCreate WireGuard configuration, `wireguard_config_t`. Use\n`ESP_WIREGUARD_CONFIG_DEFAULT` to initialize `wireguard_config_t` variable.\nCreate `wireguard_ctx_t`.  Pass the variables to `esp_wireguard_init()`. Then,\ncall `esp_wireguard_connect()`. Call `esp_wireguard_disconnect()` to\ndisconnect from the peer (and destroy the WireGuard interface).\n\n```c\n#include \u003cesp_wireguard.h\u003e\n\nesp_err_t err = ESP_FAIL;\n\nwireguard_config_t wg_config = ESP_WIREGUARD_CONFIG_DEFAULT();\n\nwg_config.private_key = CONFIG_WG_PRIVATE_KEY;\nwg_config.listen_port = CONFIG_WG_LOCAL_PORT;\nwg_config.public_key = CONFIG_WG_PEER_PUBLIC_KEY;\nwg_config.allowed_ip = CONFIG_WG_LOCAL_IP_ADDRESS;\nwg_config.allowed_ip_mask = CONFIG_WG_LOCAL_IP_NETMASK;\nwg_config.endpoint = CONFIG_WG_PEER_ADDRESS;\nwg_config.port = CONFIG_WG_PEER_PORT;\n\n/* If the device is behind NAT or stateful firewall, set persistent_keepalive.\n   persistent_keepalive is disabled by default */\n// wg_config.persistent_keepalive = 10;\n\nwireguard_ctx_t ctx = {0};\nerr = esp_wireguard_init(\u0026wg_config, \u0026ctx);\n\n/* start establishing the link. after this call, esp_wireguard start\n   establishing connection. */\nerr = esp_wireguard_connect(\u0026ctx);\n\n/* after some time, see if the link is up. note that it takes some time to\n   establish the link */\nerr = esp_wireguardif_peer_is_up(\u0026ctx);\nif (err == ESP_OK) {\n    /* the link is up */\nelse {\n    /* the link is not up */\n}\n\n/* do something */\n\nerr = esp_wireguard_disconnect(\u0026ctx);\n```\n\nSee examples at [examples](examples).\n\n## IPv6 support\n\nEnable `CONFIG_LWIP_IPV6` under `lwip` component in `menuconfig`.\n\nIPv6 support is alpha and probably broken. See also Known issues.\n\n## Driver configuration\n\nThe driver configuration is under `[Component config]` -\u003e `[WireGuard]`.\n\nUnder `WIREGUARD_x25519_IMPLEMENTATION`, you may choose an implementation of\nscalar multiplication. The default is\n`WIREGUARD_x25519_IMPLEMENTATION_DEFAULT`, which is derived from\n[WireGuard Implementation for lwIP](https://github.com/smartalock/wireguard-lwip).\n`WIREGUARD_x25519_IMPLEMENTATION_NACL` uses\n[crypto_scalarmult()](https://nacl.cr.yp.to/scalarmult.html) from NaCL. Note\nthat, with `WIREGUARD_x25519_IMPLEMENTATION_NACL`,\nsome stack sizes must be increased.  In my test, 5KB for both\n`CONFIG_LWIP_TCPIP_TASK_STACK_SIZE`, and `CONFIG_MAIN_TASK_STACK_SIZE` is\nknown to work on `ESP32-D0WD-V3`.\n\n## Known issues\n\nThe implementation uses `LwIP` as TCP/IP protocol stack.\n\nIPv6 support is not tested.  Dual stack (IPv4 and IPv6) is not supported (see\nIssue #5). The first address of `endpoint` is used to choose IPv4 or IPv6 as a\ntransport. The chosen transport must be available and usable.\n\nThe library assumes the interface is WiFi interface. Ethernet is not\nsupported.\n\nOlder `esp-idf` versions with `TCP/IP Adapter`, such as v4.1.x, should work,\nbut there are others issues, not directly related to the library.\n\n## License\n\nBSD 3-Clause \"New\" or \"Revised\" License (SPDX ID: BSD-3-Clause).\nSee [LICENSE](LICENSE) for details.\n\n[src/nacl/crypto_scalarmult/curve25519/ref/smult.c] is Public domain.\n\n## Authors\n\n* Daniel Hope (daniel.hope@smartalock.com)\n* Kenta Ida (fuga@fugafuga.org)\n* Matthew Dempsky\n* D. J. Bernstein\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrombik%2Fesp_wireguard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrombik%2Fesp_wireguard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrombik%2Fesp_wireguard/lists"}