added conformance tests.

tests should now pass
updated to jwcrypto that has proper callback delay guarantees and removed unnecessary setTimeouts

Updated all calls to jwcrypto to use the more intuitive API. Fixed a front-end test that was failing due to true asynchronicity of jwcrypto.

add version.js - a small abstraction which extracts a 7char abbrev sha from the current source - issue #226

changed generate to use nodejs crypto, added weakgenerate, added async support for generate, and added tests

store public key on disk as a certificate which has embedded creation time.  use that as the value returned in /wsapi/session_context as domain_key_creation_time - now you can update keys at any time and outstanding client certs are expired automatically - closes #599

public and private keys explicitly read, whenever we can't read them we go down with a hard error: closes #581, related to issue #576

reorganize browserid process - break out view serving and wsapi handling.  preparation for dbwriter split.  issue #460

Signed-off-by: Lloyd Hilaiel <lloyd@hilaiel.com>

now that jwcrypto is a node module, we shall change the way that we include it (ie jwcrypto/vep rather than by relative path)

move secrets.js up to the libs/ dir.  it's useful that all code that uses random strings routes through the same abstraction so that we can later improve a single function.  a central location makes this (more) obvious.

generate a persistent secret for cookie encryption at first server run.  still in pursuit of zero-config and as stateless as possible.