WireGuard is a next generation secure VPN tunnel for the Linux kernel, with modern yet conservative cryptography and simple design principles. It is meant as a replacement for OpenVPN and for IPsec, and generally has better performance and security characteristics than both. It also is much easier to use. The whitepaper was peer reviewed for NDSS17 and the protocol itself has been formally verified. Since it lives in the kernel, it not only is very fast, but it is able to integrate in clever ways that are quite nice for battery life and overall smoothness. There are already commercial VPN providers offering services using WireGuard, and it is very easy to run your own WireGuard servers as well.
Not only is it free software, but WireGuard also comes with free stickers. Send me a DM with how many you want and to where I should send them, and I’ll drop an envelope in the box. (Do not request stickers on the mailing list.)
But WireGuard being awesome is old news. The new news is that now there’s an easy way to integrate it into Android ROMs and kernels.
Work continues on making a userspace version of WireGuard that will allow folks to run on normal ROMs without kernel support. This is coming along nicely, but the main interest here in XDA Land is in making the kernelspace version readily available to ROM devs, which has the best possible performance, battery life, integration, and stability.
In order to make this as easy as possible, you may choose to integrate this either into your ROM or into your kernel. Choose between Method A and Method B, below. Do not choose both methods at the same time.
(This thread is for developers looking to integrate WireGuard into their ROM and/or kernel. Casual users should follow this [GUIDE] instead.)
Method A: Adding to Kernel Trees
If you maintain your own kernel, you may easily patch your kernel tree to support WireGuard with the following commands:
$ git clone https://git.zx2c4.com/android_kernel_wireguard $ cd android_kernel_wireguard $ ./patch-kernel.sh path/to/kerneltree
Method B: Integrating into ROMs
If you do not maintain your own kernel, but rather maintain a local_manifest.xml file, and would like to add WireGuard to your ROM, you can simply add these two lines to your local_manifest.xml:
<remote name="zx2c4" fetch="https://git.zx2c4.com/" /> <project remote="zx2c4" name="android_kernel_wireguard" path="kernel/wireguard" revision="master" sync-s="true" />
Everybody: Download the App
The Android GUI app will opportunistically use the kernel component if it's available (patched in using either one of the two methods above), and will then fall back to the userspace implementation otherwise.
Ask or help on IRC in #wireguard on Freenode. DO NOT ASK FOR USER SUPPORT IN THIS THREAD. Devs only, please. User help is on the IRC channel.
WireGuard, Kernel for all devices (see above for details)
Source Code: https://www.wireguard.com/
Kernel Special Features: WireGuard kernel module integration
Last Updated 2017-12-22