Derive handshake root key when converting pending contact.

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactManager.java

@@ -13,6 +13,7 @@ import org.briarproject.bramble.api.identity.AuthorInfo;
 import org.briarproject.bramble.api.lifecycle.LifecycleManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
+import java.security.GeneralSecurityException;
 import java.util.Collection;
 
 import javax.annotation.Nullable;
@@ -44,10 +45,13 @@ public interface ContactManager {
 	 * for each transport, and returns an ID for the contact.
 	 *
 	 * @param alice True if the local party is Alice
+	 * @throws GeneralSecurityException If the pending contact's handshake
+	 * public key is invalid
 	 */
 	ContactId addContact(Transaction txn, PendingContactId p, Author remote,
 			AuthorId local, SecretKey rootKey, long timestamp, boolean alice,
-			boolean verified, boolean active) throws DbException;
+			boolean verified, boolean active)
+			throws DbException, GeneralSecurityException;
 
 	/**
 	 * Stores a contact associated with the given local and remote pseudonyms
@@ -83,9 +87,11 @@ public interface ContactManager {
 	 * @throws UnsupportedVersionException If the link uses a format version
 	 * that is not supported
 	 * @throws FormatException If the link is invalid
+	 * @throws GeneralSecurityException If the pending contact's handshake
+	 * public key is invalid
 	 */
 	PendingContact addPendingContact(String link, String alias)
-			throws DbException, FormatException;
+			throws DbException, FormatException, GeneralSecurityException;
 
 	/**
 	 * Returns the pending contact with the given ID.

bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeyManager.java

@@ -1,9 +1,9 @@
 package org.briarproject.bramble.api.transport;
 
 import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContact;
 import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.crypto.KeyPair;
+import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Transaction;
@@ -21,9 +21,9 @@ import javax.annotation.Nullable;
 public interface KeyManager {
 
 	/**
-	 * Informs the key manager that a new contact has been added. Derives and
-	 * stores a set of rotation mode transport keys for communicating with the
-	 * contact over each transport and returns the key set IDs.
+	 * Derives and stores a set of rotation mode transport keys for
+	 * communicating with the given contact over each transport and returns the
+	 * key set IDs.
 	 * <p/>
 	 * {@link StreamContext StreamContexts} for the contact can be created
 	 * after this method has returned.
@@ -31,7 +31,7 @@ public interface KeyManager {
 	 * @param alice True if the local party is Alice
 	 * @param active Whether the derived keys can be used for outgoing streams
 	 */
-	Map<TransportId, KeySetId> addContactWithRotationKeys(Transaction txn,
+	Map<TransportId, KeySetId> addRotationKeys(Transaction txn,
 			ContactId c, SecretKey rootKey, long timestamp, boolean alice,
 			boolean active) throws DbException;
 
@@ -42,11 +42,10 @@ public interface KeyManager {
 	 * <p/>
 	 * {@link StreamContext StreamContexts} for the contact can be created
 	 * after this method has returned.
-	 *
-	 * @param alice True if the local party is Alice
 	 */
-	Map<TransportId, KeySetId> addContactWithHandshakeKeys(Transaction txn,
-			ContactId c, SecretKey rootKey, boolean alice) throws DbException;
+	Map<TransportId, KeySetId> addContact(Transaction txn, ContactId c,
+			PublicKey theirPublicKey, KeyPair ourKeyPair)
+			throws DbException, GeneralSecurityException;
 
 	/**
 	 * Informs the key manager that a new pending contact has been added.
@@ -58,7 +57,7 @@ public interface KeyManager {
 	 * created after this method has returned.
 	 */
 	Map<TransportId, KeySetId> addPendingContact(Transaction txn,
-			PendingContact p, KeyPair ourKeyPair)
+			PendingContactId p, PublicKey theirPublicKey, KeyPair ourKeyPair)
 			throws DbException, GeneralSecurityException;
 
 	/**