From 5aba848c92da90a77ba525abca9e17aba9388571 Mon Sep 17 00:00:00 2001
From: FinnCowbell <thomasfnavin@gmail.com>
Date: Mon, 1 Nov 2021 16:05:34 -0400
Subject: [PATCH] Updated Scripts

---
 SDP_Logger_Scripts/README.md     | 14 ++++++----
 SDP_Logger_Scripts/ctfe_setup.sh | 48 +++++++++++++-------------------
 SDP_Logger_Scripts/run_ctfe.sh   |  1 -
 3 files changed, 28 insertions(+), 35 deletions(-)

diff --git a/SDP_Logger_Scripts/README.md b/SDP_Logger_Scripts/README.md
index 9f2d4b6..0e13199 100644
--- a/SDP_Logger_Scripts/README.md
+++ b/SDP_Logger_Scripts/README.md
@@ -1,12 +1,16 @@
 # What do I do with this?
 
 1. Copy this folder into your certificate-transparency-go repository.
-2. in a bash terminal in this window, run ```sh ctfe_setup.sh```
+2. Start Trillian in the trillian repository using ```docker-compose -f examples/deployment/docker-compose.yml up```
+3. in a bash terminal in this window, run ```sh ctfe_setup.sh```
+    - Note: The setup command interacts with Trillian, so it needs to be running.
     - This builds ctfe into an executable file and called ./ct_server
     - It also makes a config file for CTFE to use.
-3. Whenever you want to run the logger, 
-    1. Start trillian in the trillian repository using ```docker-compose -f examples/deployment/docker-compose.yml up```
-    2. In a seperate terminal, run ```sh run_ctfe.sh```. The terminal window should appear frozen, but will be running CTFE. CTRL+C to terminate.
+4. Whenever you want to run the logger run ```sh run_ctfe.sh```. 
+    - The terminal window should appear frozen, but will be running CTFE. CTRL+C to terminate.
 
 To confirm its working, go to your browser and navigate to http://localhost:6966/sdp/ct/v1/get-sth
- - If you recieve a response, then the logger is successfully running!
\ No newline at end of file
+ - If you recieve a response that looks like this: 
+ ```{"tree_size":0,"timestamp":1635634570923....}```
+ 
+ - ...then the logger is successfully running and connected with Trillian!
\ No newline at end of file
diff --git a/SDP_Logger_Scripts/ctfe_setup.sh b/SDP_Logger_Scripts/ctfe_setup.sh
index c73355d..696ac01 100644
--- a/SDP_Logger_Scripts/ctfe_setup.sh
+++ b/SDP_Logger_Scripts/ctfe_setup.sh
@@ -1,51 +1,41 @@
 #!/bin/bash
 
-# Made to automate the config creation outlined here:
+# Made to automate logger setup outlined here:
 # https://github.com/google/certificate-transparency-go/blob/master/trillian/docs/ManualDeployment.md#ctfe-start-up
 
-  # # Builds the logger's keypair (Skipped for now, as we are using the hex-encoded der-format keys below.)
+# # 1. LOGGER KEYPAIR (SKIPPING CURRENTLY TO USE INTEGRATION TEST KEYS (in keys.cfg))
+# # I couldn't figure out how to get .pem keys into the form neccessary for them to be included in the .cfg file.
+# Builds the logger's keypair (Skipped for now, as we are using the hex-encoded der-format keys below.)
 # openssl ecparam -name prime256v1 > privkey.pem
 # openssl ecparam -in privkey.pem -genkey -noout >> privkey.pem
 # openssl ec -in privkey.pem -pubout -out pubkey.pem
-  # # Prints it because console output is cool
 # openssl ec -in privkey.pem -noout -text
 
-# Build CTFE into this directory
+# # 2. BUILDING NECCESSARY EXECUTABLES
+# Build CTFE locally into this directory
 go build -o ./ct_server ../trillian/ctfe/ct_server/main.go;
+# OR Build CTFE from the repo.
+# go build -o ./ct_server github.com/google/certificate-transparency-go/trillian/ctfe
 
+# Generates a new tree in Trillian for our logger. Assumes the logger is running locally and the RPC port is 8090 (The default)
+go build github.com/google/trillian/cmd/createtree/ 
+ID=$(./createtree -admin_server localhost:8090)
+
+# # 3. Creating CA root cert files
 # Gets Mozilla's default CA root certs.
-# When we start to send to ctfe, we'll likely need to add a step to add our own public key to this list.
+# Currently, it seems like this might not contain _all_ the certs that google's logger uses.
+# Though we have access to google's certs.
 curl https://curl.se/ca/cacert.pem >> cacert.pem
 
+# # 4. Config file creation.
 # Write the following to a file:
 echo "config {
-	log_id: 1913726365410962020
+	log_id: $ID
 	prefix: \"sdp\"
-	roots_pem_file: \"$PWD/../trillian/testdata/fake-ca.cert\"
-	roots_pem_file: \"$PWD/../testdata/gossip-root.cert\"" > sdp_config.cfg
+	roots_pem_file: \"$PWD/cacert.pem\"" > sdp_config.cfg
 
 cat keys.cfg >> sdp_config.cfg
 
 echo "max_merge_delay_sec: 86400
 	expected_merge_delay_sec: 120 # Note: 120s is unrealistically fast for a real log, but OK for testing.
-}" >> sdp_config.cfg
-
-
-  # Not working, but we could also use our generated keys above:
-# echo "config {
-# 	log_id: 1
-# 	prefix: \"sdp\"
-#   max_merge_delay_sec: 86400
-#   roots_pem_file: \"$PWD/cacert.pem\"
-#   private_key: {
-#     [type.googleapis.com/keyspb.PrivateKey] {
-#       der: \"`openssl ecparam -in privkey.pem -outform der`\"
-#     }
-#   }
-#   # public_key: {
-#   #   der: \"string_to_hex `openssl ec -in privkey.pem -pubout -outform der`\"
-#   # }
-# 	expected_merge_delay_sec: 120 # Note: 120s is unrealistically fast for a real log, but OK for testing.
-# }
-# " > sdp_config.cfg
-#
\ No newline at end of file
+}" >> sdp_config.cfg
\ No newline at end of file
diff --git a/SDP_Logger_Scripts/run_ctfe.sh b/SDP_Logger_Scripts/run_ctfe.sh
index db9fcc6..232cf3b 100644
--- a/SDP_Logger_Scripts/run_ctfe.sh
+++ b/SDP_Logger_Scripts/run_ctfe.sh
@@ -1,3 +1,2 @@
 #!/bin/bash
-
 ./ct_server -log_config sdp_config.cfg -log_rpc_server localhost:8090 -http_endpoint=localhost:6966
\ No newline at end of file