# catlfish catlfish is a Certificate Transparency log server (RFC 6962). The catlfish software has the following properties: - Distributed, for fault tolerance under high load - Layered software design with a generic append-only database below and public protocol on top, making it useful for buildling other transparency systems as well - Cross-organisational operations, enabling scaling beyond what can be achieved by a single organisation - Append-only database backend specially designed for this purpose - HSM support, for keeping sensitive keys off general purpose computers - Dockerised, for a snazzy deployment option # Requirements In order to compile catlfish, the following software packages are needed: - A compiled https://git.nordu.net/plop.git application in ../plop - A compiled https://github.com/basho/lager (for logging) in ../lager - A compiled https://github.com/mochi/mochiweb (for web server functionality) in ../mochiweb - A compiled https://github.com/benoitc/hackney.git (http client) in ../hackney Note: hackney is dependent on rebar, but doesn't include one. You can use the rebar from lager by adding "REBAR=../lager/rebar" to the make command line, or install rebar yourself. In order to perform merge operations, the following software packages are needed: python-ecdsa, python-yaml. In order to use the tools for submitting certificates, the following software package is needed: python-pyasn1. In order to run the tests, the following software packagess are needed: curl. # Compile $ make release # Start This will set up and start a small test system with an empty log: $ make tests To create an empty tree, do a first merge: $ (cd catlfish; ../tools/merge.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) To submit a test cert and verify the resulting SCT: $ (cd catlfish; ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/pre2.txt --check-sct --sct-file=submittedcerts https://localhost:8080/ --publickey=tests/keys/logkey.pem) # Unit tests $ make check # Logs and traces Logs from the latest test run can be found under catlfish/tests/. Erlang instances log to files named <nodename>-*.log. In addition, the console output from each erlang instance is stored under nodes/<nodename>/log/. The amount of log sent to the console can be adjusted at runtime using lager:set_loglevel(lager_console_backend, NewLevel). where ''NewLevel'' is one of debug, info, notice, warning, error, critical, alert, emergency