Skip to content

Commit

Permalink
Added Logger Scripts
Browse files Browse the repository at this point in the history
  • Loading branch information
FinnCowbell committed Oct 27, 2021
1 parent 0612dae commit e775cc0
Show file tree
Hide file tree
Showing 3 changed files with 63 additions and 0 deletions.
9 changes: 9 additions & 0 deletions SDP_Logger_Scripts/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# What do I do with this?

1. Copy this folder into your certificate-transparency-go repository.
2. in a bash terminal in this window, run ```sh ctfe_setup.sh```
- This builds ctfe into an executable file and called ./ct_server
- It also makes a config file for CTFE to use.
3. Whenever you want to run the logger,
1. Start trillian in the trillian repository using ```docker-compose -f examples/deployment/docker-compose.yml up```
2. In a seperate terminal, run ```sh run_ctfe.sh```
51 changes: 51 additions & 0 deletions SDP_Logger_Scripts/ctfe_setup.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
#!/bin/bash

# Made to automate the config creation outlined here:
# https://github.com/google/certificate-transparency-go/blob/master/trillian/docs/ManualDeployment.md#ctfe-start-up

# # Builds the logger's keypair (Skipped for now, as we are using the hex-encoded der-format keys below.)
# openssl ecparam -name prime256v1 > privkey.pem
# openssl ecparam -in privkey.pem -genkey -noout >> privkey.pem
# openssl ec -in privkey.pem -pubout -out pubkey.pem
# # Prints it because console output is cool
# openssl ec -in privkey.pem -noout -text

# Build CTFE into this directory
go build -o ./ct_server ../trillian/ctfe/ct_server/main.go;

# Gets Mozilla's default CA root certs.
# When we start to send to ctfe, we'll likely need to add a step to add our own public key to this list.
curl https://curl.se/ca/cacert.pem >> cacert.pem

# Write the following to a file:
echo "config {
log_id: 1913726365410962020
prefix: \"sdp\"
roots_pem_file: \"$PWD/../trillian/testdata/fake-ca.cert\"
roots_pem_file: \"$PWD/../testdata/gossip-root.cert\"" > sdp_config.cfg

cat keys.cfg >> sdp_config.cfg

echo "max_merge_delay_sec: 86400
expected_merge_delay_sec: 120 # Note: 120s is unrealistically fast for a real log, but OK for testing.
}" >> sdp_config.cfg


# Not working, but we could also use our generated keys above:
# echo "config {
# log_id: 1
# prefix: \"sdp\"
# max_merge_delay_sec: 86400
# roots_pem_file: \"$PWD/cacert.pem\"
# private_key: {
# [type.googleapis.com/keyspb.PrivateKey] {
# der: \"`openssl ecparam -in privkey.pem -outform der`\"
# }
# }
# # public_key: {
# # der: \"string_to_hex `openssl ec -in privkey.pem -pubout -outform der`\"
# # }
# expected_merge_delay_sec: 120 # Note: 120s is unrealistically fast for a real log, but OK for testing.
# }
# " > sdp_config.cfg
#
3 changes: 3 additions & 0 deletions SDP_Logger_Scripts/run_ctfe.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/bin/bash

./ct_server -log_config sdp_config.cfg -log_rpc_server localhost:8090 -http_endpoint=localhost:6966

0 comments on commit e775cc0

Please sign in to comment.