intel/crypto-reference-stack repository overview

⁠Crypto Reference Stack – NGINX

This container provides an extended NGINX* working with Asynchronous Mode OpenSSL* for demonstrating Intel® Cryptography New Instructions validated in 3rd Gen Intel® Xeon® Scalable Processors⁠.

Crypto Reference Stack NGINX* is packaged as a Docker container with a set of scripts to build components including:

• OpenSSL* Project⁠
• Intel® Integrated Performance Primitives Cryptography⁠
• Intel® Multi-Buffer Crypto for IPsec Library⁠
• Intel® QuickAssist Technology(QAT) OpenSSL* Engine⁠
• Asynch Mode for NGINX*⁠

⁠NGINX* Asynch Mode

Optimized NGINX* for Cryptography is part of Intel® Crypto Reference Stack, optimized for Web Services use cases. NGINX* is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. NGINX* is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption.

⁠Source Code

The latest source code and documentation to build and deploy the image can be found here:

• https://github.com/intel/crypto-reference-stack⁠

⁠Build NGINX* Asynch Mode Image

To build an image, install the Docker dependencies and run the following command:

$ docker build --force-rm --no-cache -t crypto-reference-stack

⁠Run NGINX Asynch Mode Container

Start the container:

$ docker run --name nginx --rm -itd -p 8443:8443 -e SSL_ASYNC=off crypto-reference-stack

Then go to your browser on https://localhost:8443/⁠

⁠Reporting Security Issues

If you have discovered potential security vulnerability in an Intel product, please contact the iPSIRT at [email protected]⁠. It is important to include the following details:

• The products and versions affected
• Detailed description of the vulnerability
• Information on known exploits

Vulnerability information is extremely sensitive. The iPSIRT strongly recommends that all security vulnerability reports sent to Intel be encrypted using the iPSIRT PGP key. The PGP key is available here: https://www.intel.com/content/www/us/en/security-center/pgp-public-key.html⁠

Software to encrypt messages may be obtained from:

• PGP Corporation
• GnuPG

For more information on how Intel works to resolve security issues, see: Vulnerability handling guidelines⁠

⁠Legal Notice

By accessing, downloading or using this software and any required dependent software (the “Software Package”), you agree to the terms and conditions of the software license agreements for the Software Package, which may also include notices, disclaimers, or license terms for third party software included with the Software Package. Please refer to the license⁠ information for additional details.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries

*Other names and brands may be claimed as the property of others