Wp 39 pzp secure web socket

[habibvirji]

Starts PZP using secure websocket connection
Generates separate certificate for the PZP WebSocket server.
Requires starting PZP with https instead of http to access localhost.

Jira Issue: WP-39

[jplyle]

It looks like the PZH isn't returning a 'success' result when it runs with the --test command. This is why the travis build is failing.

[habibvirji]

Fixed the callback..

[jplyle]

Enrolment seems broken for me. On Firefox, I hang at "Your device is being enrolled at the PZH".

It's also not a very fun user experience for Firefox.

[habibvirji]

any message you see in your console.

[jplyle]

I thought this didn't work? Should it be called, or is it going to be deleted?

[habibvirji]

I kept it for a later purpose. If somebody can experiment further with store certificate in browser, this code could be useful.

[jplyle]

The Travis CI Build is still failing. When I run 'npm test' I get the same behaviour. Can you fix this?

[habibvirji]

@jplyle can you merge this?

[jplyle]

I need more time to test this, or someone else does. It's a non-trivial change. Sorry!

[habibvirji]

No issue. Suggested as thought travis build was the issue.

[jplyle]

This is failing for me with Linux + Firefox + a Google account.

Enrolment stalls at "Currently your device is being enrolled at the PZH..."

PZP output:
johl@ubuntu:~/git-repos/Webinos-Platform$ node webinos_pzp.js
[7.3.2013-11:59:50:249] info configuration.js(250) created default webinos directories at location : /home/johl/.webinos
[7.3.2013-11:59:50:428] info certificate.js(83) PzpCA created private key (certificate generation I step)
[7.3.2013-11:59:50:429] info certificate.js(99) PzpCA generated CSR (certificate generation II step)
[7.3.2013-11:59:50:433] info certificate.js(112) PzpCA generated self signed certificate (certificate generation III step)
[7.3.2013-11:59:50:436] info certificate.js(119) PzpCA generated crl (certificate generation IV step)
[7.3.2013-11:59:50:437] info configuration.js(287) _master certificate generated_
[7.3.2013-11:59:50:500] info certificate.js(83) Pzp created private key (certificate generation I step)
[7.3.2013-11:59:50:501] info certificate.js(99) Pzp generated CSR (certificate generation II step)
[7.3.2013-11:59:50:505] info certificate.js(112) Pzp generated self signed certificate (certificate generation III step)
[7.3.2013-11:59:50:508] info certificate.js(119) Pzp generated crl (certificate generation IV step)
[7.3.2013-11:59:50:508] info configuration.js(291) _connection certificate generated_
[7.3.2013-11:59:50:513] info certificate.js(159) signed certificate by the PZP/PZH
[7.3.2013-11:59:50:513] info configuration.js(294) _connection certificate signed by master certificate_
[7.3.2013-11:59:50:633] info certificate.js(83) PzpWSS created private key (certificate generation I step)
[7.3.2013-11:59:50:634] info certificate.js(99) PzpWSS generated CSR (certificate generation II step)
[7.3.2013-11:59:50:637] info certificate.js(112) PzpWSS generated self signed certificate (certificate generation III step)
[7.3.2013-11:59:50:640] info certificate.js(119) PzpWSS generated crl (certificate generation IV step)
[7.3.2013-11:59:50:644] info certificate.js(159) signed certificate by the PZP/PZH
[7.3.2013-11:59:50:653] info configuration.js(364) saved /home/johl/.webinos/metaData.json
[7.3.2013-11:59:50:654] info configuration.js(364) saved /home/johl/.webinos/crl.json
[7.3.2013-11:59:50:654] info configuration.js(364) saved /home/johl/.webinos/trustedList.json
[7.3.2013-11:59:50:654] info configuration.js(364) saved /home/johl/.webinos/untrustedList.json
[7.3.2013-11:59:50:654] info configuration.js(364) saved /home/johl/.webinos/exCertList.json
[7.3.2013-11:59:50:655] info configuration.js(364) saved /home/johl/.webinos/certificates/internal/certificates.json
[7.3.2013-11:59:50:655] info configuration.js(364) saved /home/johl/.webinos/certificates/external/certificates.json
[7.3.2013-11:59:50:655] info configuration.js(364) saved /home/johl/.webinos/userData/userDetails.json
[7.3.2013-11:59:50:656] info configuration.js(364) saved /home/johl/.webinos/userData/serviceCache.json
[7.3.2013-11:59:50:656] info configuration.js(99) updated webinos config
[7.3.2013-11:59:50:657] info configuration.js(364) saved /home/johl/.webinos/userData/userPref.json
[7.3.2013-11:59:50:657] info configuration.js(364) saved /home/johl/.webinos/certificates/internal/certificates.json
[7.3.2013-11:59:50:657] info configuration.js(364) saved /home/johl/.webinos/crl.json
[7.3.2013-11:59:50:657] info configuration.js(364) saved /home/johl/.webinos/certificates/internal/null.json
[7.3.2013-11:59:50:670] info pzp_websocket.js(439) httpServer listening at port 8080 and hostname localhost
Adding: ServiceDiscovery
Log DB Initialized in AppContext
Adding: http://webinos.org/api/test
Init old actuator service
File found: fakeDriver2.js - id is 0
File found: zephyrHRMDriver.js - id is 1
File found: brokenDriver1.js - id is 2
File found: serial_devices.json - id is 3
File found: httpDriver.js - id is 4
File found: fakeDriver1.js - id is 5
File found: androidDriver.js - id is 6
File found: serialDriver.js - id is 7
loadDrivers: 8 drivers successfully loaded
Adding: http://webinos.org/api/app2app
Adding: http://webinos.org/api/notifications
Adding: http://webinos.org/api/file
connecting to fake data generator
Adding: http://www.w3.org/ns/api-perms/geolocation
Adding: http://webinos.org/api/applauncher
Fake driver 2 init - id is 0
Zephyr HRM driver init - id is 1
Error: cannot initialize driver {}
Object # has no method 'init'
Error: cannot initialize driver {"usb":[{"port":"/dev/cu.usbmodemfd121","rate":9600}],"bluetooth":[{"port":"/dev/cu.HXM002536-BluetoothSeri","rate":115200}]}
Object # has no method 'init'
HTTP driver init - id is 4
Fake driver 1 init - id is 5
Serial driver init - id is 7
{PAYMENT CONSTRUCTION
Adding: http://webinos.org/api/payment
Adding: http://webinos.org/api/tv
Adding: http://webinos.org/mwc/oauth
Adding: http://webinos.org/api/deviceorientation
connecting to simulator
simulator available at http://localhost:9898/simulator/vehicle.html
registering listener gear
registering listener tripcomputer
registering listener parksensors-rear
registering listener parksensors-front
Adding: http://webinos.org/api/vehicle
Adding: http://webinos.org/api/context
Adding: http://webinos.org/api/authentication
Adding: http://www.w3.org/ns/api-perms/contacts
Adding: http://wacapps.net/api/devicestatus
Adding: http://webinos.org/api/discovery
Adding: http://webinos.org/api/mediacontent
Adding: http://webinos.org/api/corePZinformation
Adding: http://webinos.org/api/nfc
Decision storage constructor
Permanent file is /home/johl/.webinos/policies/decisionpermanent.xml
Policy editor constructor
CONTEXT MANAGER DISABLED
[7.3.2013-11:59:51:313] info pzp_sessionHandling.js(334) [03a01cd9ddb033250803779422f18d64] successfully started pzp websocket server
[7.3.2013-11:59:51:314] info rpc_servicedisco.js(702) initialized pzp
HTTP driver is listening on port 3000

Zephyr HRM driver - register new elements
Adding: http://webinos.org/api/sensors.heartratemonitor

Fake driver 1 - register new elements
Adding: http://webinos.org/api/sensors.temperature
Adding: http://webinos.org/api/sensors.light
Adding: http://webinos.org/api/actuators.linearmotor
Adding: http://webinos.org/api/sensors.temperature

Fake driver 2 - register new elements
Adding: http://webinos.org/api/sensors.light
Adding: http://webinos.org/api/actuators.linearmotor
Adding: http://webinos.org/api/actuators.switch
Adding: http://webinos.org/api/sensors.proximity
[7.3.2013-12:3:24:825] info pzp_websocket.js(770) [03a01cd9ddb033250803779422f18d64] Request for a websocket, origin: https://localhost:8080, host: localhost:8080
[7.3.2013-12:3:24:831] info pzp_websocket.js(774) [03a01cd9ddb033250803779422f18d64] Request accepted
[7.3.2013-12:3:24:910] info pzp_websocket.js(807) [03a01cd9ddb033250803779422f18d64] send to web app - 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8 message {"type":"prop","from":"Linux Device","to":"Linux Device/15ad39f9afef8f0dce733b798bfa4de8","payload":{"status":"registeredBrowser","message":{"connectedPzp":["Linux Device"],"connectedPzh":[],"state":{"hub":"not_connected","peer":"not_connected"},"enrolled":false}}}
[7.3.2013-12:3:24:911] info pzp_websocket.js(807) [03a01cd9ddb033250803779422f18d64] send to web app - 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8 message {"type":"prop","from":"Linux Device","to":"Linux Device/15ad39f9afef8f0dce733b798bfa4de8","payload":{"status":"webinosVersion","message":{"tag":"v0.8.0","num_commit":"95","commit_id":"g7d34bc9"}}}
[7.3.2013-12:3:24:979] info messagehandler.js(324) register Message
New packet from messaging
Response to 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8
Policy Manager enforce request: {"subjectInfo":{"userId":"03a01cd9ddb033250803779422f18d64"},"deviceInfo":{"requestorId":"15ad39f9afef8f0dce733b798bfa4de8"},"resourceInfo":{"apiFeature":"http://webinos.org/api/discovery","serviceId":null,"paramFeature":"http://webinos.org/api/app2app"}} - result is 0
Got request to invoke findServices on ServiceDiscovery with params: [object Object],,
[7.3.2013-12:3:25:7] info rpc_servicedisco.js(130) INFO: [Discovery] search: searching for ServiceType: http://webinos.org/api/app2app
[7.3.2013-12:3:25:8] info rpc_servicedisco.js(203) INFO: [Discovery] search: found matching service(s) for ServiceType: http://webinos.org/api/app2app
[7.3.2013-12:3:25:8] info rpc_servicedisco.js(113) findServices: calling found callback for 4b5e142536321f82e3ab9109d7272d43
[7.3.2013-12:3:25:9] info messagehandler.js(285) clients[session1]:03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8
[7.3.2013-12:3:25:12] info pzp_websocket.js(807) [03a01cd9ddb033250803779422f18d64] send to web app - 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8 message {"to":"Linux Device/15ad39f9afef8f0dce733b798bfa4de8","resp_to":"Linux Device","from":"Linux Device","id":928,"type":"JSONRPC","payload":{"jsonrpc":"2.0","id":"ddb9da77-dfcc-47e5-ac1d-d781d965b8df","method":"d35aeeb0-26ce-41c6-b0fd-7c685ea2c4b7.onservicefound","params":{"id":"4b5e142536321f82e3ab9109d7272d43","api":"http://webinos.org/api/app2app","displayName":"App2App Messaging API","description":"The App2App Messaging API for using channel-based communication between applications.","serviceAddress":"Linux Device"}}}
New packet from messaging
Response to 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8
Policy Manager enforce request: {"subjectInfo":{"userId":"03a01cd9ddb033250803779422f18d64"},"deviceInfo":{"requestorId":"15ad39f9afef8f0dce733b798bfa4de8"},"resourceInfo":{"apiFeature":"http://webinos.org/api/app2app","serviceId":"4b5e142536321f82e3ab9109d7272d43"}} - result is 0
Got request to invoke registerPeer on http://webinos.org/api/app2app@4b5e142536321f82e3ab9109d7272d43 with params: [object Object]
Register peer with id 4b5e142536321f82e3ab9109d7272d43
[7.3.2013-12:3:25:40] info messagehandler.js(285) clients[session1]:03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8
[7.3.2013-12:3:25:42] info pzp_websocket.js(807) [03a01cd9ddb033250803779422f18d64] send to web app - 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8 message {"to":"Linux Device/15ad39f9afef8f0dce733b798bfa4de8","resp_to":"Linux Device","from":"Linux Device","id":370,"type":"JSONRPC","payload":{"jsonrpc":"2.0","id":"71be20d3-c9c5-4ea6-9ec4-e8d626efc916","result":{}}}
New packet from messaging
Response to 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8
Policy Manager enforce request: {"subjectInfo":{"userId":"03a01cd9ddb033250803779422f18d64"},"deviceInfo":{"requestorId":"15ad39f9afef8f0dce733b798bfa4de8"},"resourceInfo":{"apiFeature":"http://webinos.org/api/discovery","serviceId":null,"paramFeature":"http://webinos.org/api/test"}} - result is 0
Got request to invoke findServices on ServiceDiscovery with params: [object Object],,
[7.3.2013-12:3:33:134] info rpc_servicedisco.js(130) INFO: [Discovery] search: searching for ServiceType: http://webinos.org/api/test
[7.3.2013-12:3:33:137] info rpc_servicedisco.js(203) INFO: [Discovery] search: found matching service(s) for ServiceType: http://webinos.org/api/test
[7.3.2013-12:3:33:139] info rpc_servicedisco.js(113) findServices: calling found callback for 6e6885b25a7ddb5f4658e7a599d1fc17
[7.3.2013-12:3:33:140] info messagehandler.js(285) clients[session1]:03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8
[7.3.2013-12:3:33:141] info pzp_websocket.js(807) [03a01cd9ddb033250803779422f18d64] send to web app - 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8 message {"to":"Linux Device/15ad39f9afef8f0dce733b798bfa4de8","resp_to":"Linux Device","from":"Linux Device","id":330,"type":"JSONRPC","payload":{"jsonrpc":"2.0","id":"dfc43787-e8a5-4518-ad47-41005842e2ae","method":"5dd5b069-a23c-40a5-a5e4-938ccb563ceb.onservicefound","params":{"id":"6e6885b25a7ddb5f4658e7a599d1fc17","api":"http://webinos.org/api/test","displayName":"Test","description":"Test Module with the life answer.","serviceAddress":"Linux Device"}}}
New packet from messaging
Response to 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8
Policy Manager enforce request: {"subjectInfo":{"userId":"03a01cd9ddb033250803779422f18d64"},"deviceInfo":{"requestorId":"15ad39f9afef8f0dce733b798bfa4de8"},"resourceInfo":{"apiFeature":"http://webinos.org/api/test","serviceId":"6e6885b25a7ddb5f4658e7a599d1fc17"}} - result is 0
Got request to invoke get42 on http://webinos.org/api/test@6e6885b25a7ddb5f4658e7a599d1fc17 with params: foo
get42 was invoked
[7.3.2013-12:3:37:360] info messagehandler.js(285) clients[session1]:03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8
[7.3.2013-12:3:37:361] info pzp_websocket.js(807) [03a01cd9ddb033250803779422f18d64] send to web app - 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8 message {"to":"Linux Device/15ad39f9afef8f0dce733b798bfa4de8","resp_to":"Linux Device","from":"Linux Device","id":264,"type":"JSONRPC","payload":{"jsonrpc":"2.0","id":"2d3f16fc-2293-457b-9c5a-1a6b860d13c2","result":"21 foo"}}
[7.3.2013-12:3:46:607] info pzp_websocket.js(270) [03a01cd9ddb033250803779422f18d64] web client disconnected: 03a01cd9ddb033250803779422f18d64/15ad39f9afef8f0dce733b798bfa4de8 due to Remote peer is going away
[7.3.2013-12:4:4:302] info pzp_websocket.js(770) [03a01cd9ddb033250803779422f18d64] Request for a websocket, origin: https://172.16.253.150, host: localhost:8080
[7.3.2013-12:4:4:310] info pzp_websocket.js(774) [03a01cd9ddb033250803779422f18d64] Request accepted

PZH output:

[7.3.2013-12:4:2:706] info pzh_webSessionHandling.js(524) adding new zone hub - 172.16.253.150_johnplyle@googlemail.com
[7.3.2013-12:4:2:710] info configuration.js(250) created default webinos directories at location : /home/johl/.webinosPzh/johnplyle@googlemail.com
[7.3.2013-12:4:3:938] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/metaData.json
[7.3.2013-12:4:3:939] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/crl.json
[7.3.2013-12:4:3:939] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/trustedList.json
[7.3.2013-12:4:3:939] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/untrustedList.json
[7.3.2013-12:4:3:940] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/exCertList.json
[7.3.2013-12:4:3:940] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/certificates/internal/certificates.json
[7.3.2013-12:4:3:940] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/certificates/external/certificates.json
[7.3.2013-12:4:3:940] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/userData/userDetails.json
[7.3.2013-12:4:3:941] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/userData/serviceCache.json
[7.3.2013-12:4:3:942] info configuration.js(99) updated webinos config
[7.3.2013-12:4:3:942] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/userData/userPref.json
[7.3.2013-12:4:3:942] info certificate.js(83) PzhCA created private key (certificate generation I step)
[7.3.2013-12:4:3:943] info certificate.js(99) PzhCA generated CSR (certificate generation II step)
[7.3.2013-12:4:3:960] info certificate.js(112) PzhCA generated self signed certificate (certificate generation III step)
[7.3.2013-12:4:3:989] info certificate.js(119) PzhCA generated crl (certificate generation IV step)
[7.3.2013-12:4:3:992] info configuration.js(287) _master certificate generated_
[7.3.2013-12:4:4:115] info certificate.js(83) Pzh created private key (certificate generation I step)
[7.3.2013-12:4:4:116] info certificate.js(99) Pzh generated CSR (certificate generation II step)
[7.3.2013-12:4:4:119] info certificate.js(112) Pzh generated self signed certificate (certificate generation III step)
[7.3.2013-12:4:4:122] info certificate.js(119) Pzh generated crl (certificate generation IV step)
[7.3.2013-12:4:4:122] info configuration.js(291) _connection certificate generated_
[7.3.2013-12:4:4:141] info certificate.js(159) signed certificate by the PZP/PZH
[7.3.2013-12:4:4:146] info configuration.js(294) _connection certificate signed by master certificate_
Adding: ServiceDiscovery
Adding: http://webinos.org/api/test
Adding: http://webinos.org/api/app2app
Adding: http://webinos.org/api/internal/zonenotification
[7.3.2013-12:4:4:152] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/certificates/internal/certificates.json
[7.3.2013-12:4:4:153] info configuration.js(364) saved /home/johl/.webinosPzh/johnplyle@googlemail.com/crl.json
[7.3.2013-12:4:4:155] info pzh_webSessionHandling.js(582) created pzh - 172.16.253.150_johnplyle@googlemail.com
[7.3.2013-12:4:4:162] info pzh_authcode.js(48) new PZP expected, code: 3B5D5D
[7.3.2013-12:4:4:213] info configuration.js(364) saved /home/johl/.webinosPzh/34a6ca51870ebdc3b9636ecc597874d8/trustedList.json
[7.3.2013-12:4:4:323] info pzh_authcode.js(99) trying to add a PZP, code: 3B5D5D
[7.3.2013-12:4:4:324] info pzh_authcode.js(102) not expecting a new PZP

[jplyle]

I also suggest this needs corresponding documentation changes, too.

[habibvirji]

Which firefox you have. I have tested on 19.

[jplyle]

That probably explains it - I'm on 18.0.2.

On 07/03/13 14:00, Habib Virji wrote:

Which firefox you have. I have tested on 19.

—
Reply to this email directly or view it on GitHub
#489 (comment).