# catlfish

catlfish is a Certificate Transparency log server (RFC 6962).

The catlfish software has the following properties:

- Distributed, for fault tolerance under high load

- Layered software design with a generic append-only database below
  and public protocol on top, making it useful for buildling other
  transparency systems as well

- Cross-organisational operations, enabling scaling beyond what can be
  achieved by a single organisation

- Append-only database backend specially designed for this purpose

- HSM support, for keeping sensitive keys off general purpose computers

- Dockerised, for a snazzy deployment option

# Requirements

In order to compile catlfish, the following software packages are
needed:

- A compiled https://git.nordu.net/plop.git in ../plop

- A compiled https://github.com/basho/lager (for logging) in ../lager

- A compiled https://github.com/mochi/mochiweb (for web server
  functionality) in ../mochiweb

- A compiled https://github.com/benoitc/hackney.git (http client) in
  ../hackney

- nettle-dev, libbsd-dev, librhash-dev (for using the permdb backend)

Note: hackney is dependent on rebar, but doesn't include one. You can
use the rebar from lager by adding "REBAR=../lager/rebar" to the make
command line, or install rebar yourself.

In order to perform merge operations, the following software packages
are needed: python-ecdsa, python-yaml.

In order to use the tools for submitting certificates, the following
software packages are needed: python-pyasn1, unzip.

In order to run the tests, the following software packagess are
needed: curl.

# Compile

    $ make release

# Start

This will set up and start a small test system and run some tests on
it:

    $ make tests

To submit a test cert and verify the resulting SCT:

    $ (cd catlfish; ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/pre2.txt --check-sct --sct-file=submittedcerts https://localhost:8080/ --publickey=tests/keys/logkey.pem)

# Unit tests

    $ make check

# Logs and traces

Logs from the latest test run can be found under catlfish/tests/.

Erlang instances log to files named <nodename>-*.log.
In addition, the console output from each erlang instance is stored
under nodes/<nodename>/log/.

The amount of log sent to the console can be adjusted at runtime using

    lager:set_loglevel(lager_console_backend, NewLevel).

where ''NewLevel'' is one of

    debug, info, notice, warning, error, critical, alert, emergency