WolfGuard: WireGuard with FIPS 140-3 cryptography

Summary

WolfGuard VPN with FIPS 140-3 cryptography WolfGuard is the wolfSSL FIPS-compliant refactor of Linux kernel-based WireGuard, originally designed and authored by Jason Donenfeld. Usage is essentially identical. There are two principal components to WolfGuard, the wolfguard.ko kernel module and the wg-fips configuration tool. wolfguard.ko depends on the libwolfssl.ko kernel module, and wg-fips depends on the libwolfssl.so library — these dependencies are built from the same wolfSSL source, with kernel module and user library configuration respectively. The wg-fips-quick script works exactly like wg-quick in WireGuard, but with configuration scripts in /etc/wolfguard containing SECP256R1 public and private keys. Symbolic links are installed in the installation bin directory from wg to wg-fips, and from wg-quick to wg-fips-quick, for transparent drop-in replacement of WireGuard. If WireGuard executables are found during installation, they are renamed to wg-wireguard and wg-wireguard-quick, with wg-wireguard-quick modified to call wg-wireguard, and with a safety copy left at wg-wireguard-quick.unpatched. WolfGuard remaps cryptography from WireGuard as follows: Algo category WireGuard WolfGuard ECDH Curve25519 SECP256R1 AEAD XChaCha20-Poly1305 AES-256-GCM digest Blake2s SHA2-256 authenticating digest Blake2s-HMAC SHA2-256-HMAC internal hash SipHash SHA2-256 DRBG ChaCha20 DRBG SHA2-256 Hash-DRBG Note that WolfGuard and WireGuard can coexist on the same system, simultaneously establishing WolfGuard and WireGuard tunnels. If libwolfssl.ko is configured with --enable-intelasm, performance of WolfGuard matches or exceeds that of CPU-accelerated WireGuard, thanks to CPU acceleration of the AES-256-GCM and SHA2-256 operations. Without --enable-intelasm, WolfGuard is slightly slower than CPU-accelerated WireGuard, but is still capable of saturating gigabit ethernet on modern CPUs. Building and Installation Below are two sets of instructions, the first for building from non-FIPS s...