Encrypt bundles in case the OS writes them to unencrypted storage.

Only the bundle contents created by Briar classes are encrypted.

briar-api/src/net/sf/briar/api/android/BundleEncrypter.java

@@ -0,0 +1,27 @@
+package net.sf.briar.api.android;
+
+import android.os.Bundle;
+
+/**
+ * Encrypts and decrypts the contents of bundles in case the operating system
+ * writes them to unencrypted storage.
+ * <p>
+ * This interface is designed to be accessed from the UI thread, so
+ * implementations may not be thread-safe.
+ */
+public interface BundleEncrypter {
+
+	/**
+	 * Encrypts the given bundle, replacing its contents with the encrypted
+	 * data.
+	 */
+	void encrypt(Bundle b);
+
+	/**
+	 * Decrypts the given bundle, replacing its contents with the decrypted
+	 * data, or returns false if the bundle contains invalid data, which may
+	 * occur if the process that created the encrypted bundle was terminated
+	 * and replaced by the current process.
+	 */
+	boolean decrypt(Bundle b);
+}

briar-api/src/net/sf/briar/api/crypto/AuthenticatedCipher.java

@@ -26,4 +26,7 @@ public interface AuthenticatedCipher {
 
 	/** Returns the length of the message authenticated code (MAC) in bytes. */
 	int getMacLength();
+
+	/** Returns the block size of the cipher in bytes. */
+	int getBlockSize();
 }

briar-api/src/net/sf/briar/api/crypto/CryptoComponent.java

@@ -65,7 +65,7 @@ public interface CryptoComponent {
 
 	KeyParser getSignatureKeyParser();
 
-	ErasableKey generateTestKey();
+	ErasableKey generateSecretKey();
 
 	MessageDigest getMessageDigest();
 
@@ -77,5 +77,7 @@ public interface CryptoComponent {
 
 	AuthenticatedCipher getFrameCipher();
 
+	AuthenticatedCipher getBundleCipher();
+
 	Signature getSignature();
 }