Transport properties manager facade, key manager refactoring. #112
Refactoring for #112: decouple the invitation and plugin code from the database with a TransportPropertiesManager facade (which will become a BSP client), and move some key management logic from the invitation code to the KeyManager. Update the integration tests to use the new FooManager facades.
See merge request !49
Use XSalsa20-Poly1305 instead of AES-GCM for transport encryption and password storage.
This patch integrates @str4d's new authenticated cipher implementation. It depends on !18.
See merge request !35
Remove the Toast that always says 'Message Sent' and show graphical
indicators instead that show either:
* message is waiting to be sent
* message was sent (or requested)
* message was delivered
1. The things we're really trying to protect - contact identities,
message contents, etc - can't be erased from memory because they're
encapsulated inside objects we don't control.
2. Long-term secrets can't be protected by erasing them from memory
because they're stored in the database and the database key has to be
held in memory whenever the app's running.
3. If the runtime uses a compacting garbage collector then we have no
way to ensure an object is erased from memory.
4. Trying to erase secrets from memory makes the code more complex.
Conclusion: Let's not try to protect secrets from an attacker who can
read arbitrary memory locations.
DuplexOutgoingSession flushes its output stream if it's idle for a
transport-defined interval, causing an empty frame to be sent. The TCP
and Tor plugins use a socket timeout equal to twice the idle interval to
detect dead connections.
See bugs #27, #46 and #60.
This makes it more likely that connections will be closed cleanly.
However, the interrupt() method is currently ineffective for incoming
sessions as it won't interrupt a blocking read, e.g. when the packet
reader is waiting for a packet.
