Decouple poller from plugin manager.

.gitlab-ci.yml

@@ -1,11 +1,6 @@
 image: briar/ci-image-android:latest
 
-stages:
-- test
-- check_reproducibility
-
 test:
-  stage: test
   before_script:
     - set -e
     - export GRADLE_USER_HOME=$PWD/.gradle
@@ -26,7 +21,6 @@ test:
 
 
 test_reproducible:
-  stage: check_reproducibility
   script:
     - "curl -X POST -F token=${RELEASE_CHECK_TOKEN} -F ref=master -F variables[RELEASE_TAG]=${CI_COMMIT_REF_NAME} https://code.briarproject.org/api/v4/projects/61/trigger/pipeline"
   only:

.idea/runConfigurations/All_in_briar_headless.xml

@@ -0,0 +1,20 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="All in briar-headless" type="AndroidJUnit" factoryName="Android JUnit" nameIsGenerated="true">
+    <module name="briar-headless" />
+    <option name="ALTERNATIVE_JRE_PATH_ENABLED" value="false" />
+    <option name="ALTERNATIVE_JRE_PATH" />
+    <option name="PACKAGE_NAME" value="org.briarproject.briar.headless" />
+    <option name="MAIN_CLASS_NAME" value="" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="package" />
+    <option name="VM_PARAMETERS" value="" />
+    <option name="PARAMETERS" value="" />
+    <option name="WORKING_DIRECTORY" value="file://$PROJECT_DIR$/briar-headless" />
+    <option name="PASS_PARENT_ENVS" value="true" />
+    <option name="TEST_SEARCH_SCOPE">
+      <value defaultName="singleModule" />
+    </option>
+    <patterns />
+    <method />
+  </configuration>
+</component>

.idea/runConfigurations/All_tests.xml

@@ -1,20 +1,30 @@
 <component name="ProjectRunConfigurationManager">
   <configuration default="false" name="All tests" type="AndroidJUnit" factoryName="Android JUnit">
+    <extension name="coverage" enabled="false" merge="false" sample_coverage="true" runner="idea" />
     <module name="briar-android" />
+    <option name="ALTERNATIVE_JRE_PATH_ENABLED" value="false" />
+    <option name="ALTERNATIVE_JRE_PATH" />
     <option name="PACKAGE_NAME" value="" />
     <option name="MAIN_CLASS_NAME" value="" />
     <option name="METHOD_NAME" value="" />
     <option name="TEST_OBJECT" value="package" />
+    <option name="VM_PARAMETERS" value="-ea" />
     <option name="PARAMETERS" value="" />
-    <option name="WORKING_DIRECTORY" value="$PROJECT_DIR$/briar-android" />
+    <option name="WORKING_DIRECTORY" value="file://$PROJECT_DIR$/briar-android" />
-    <method v="2">
+    <option name="ENV_VARIABLES" />
-      <option name="Android.Gradle.BeforeRunTask" enabled="true" />
+    <option name="PASS_PARENT_ENVS" value="true" />
+    <option name="TEST_SEARCH_SCOPE">
+      <value defaultName="singleModule" />
+    </option>
+    <envs />
+    <patterns />
+    <method>
       <option name="RunConfigurationTask" enabled="true" run_configuration_name="All tests in bramble-api" run_configuration_type="AndroidJUnit" />
       <option name="RunConfigurationTask" enabled="true" run_configuration_name="All tests in bramble-core" run_configuration_type="AndroidJUnit" />
       <option name="RunConfigurationTask" enabled="true" run_configuration_name="All tests in bramble-android" run_configuration_type="AndroidJUnit" />
       <option name="RunConfigurationTask" enabled="true" run_configuration_name="All tests in bramble-java" run_configuration_type="AndroidJUnit" />
       <option name="RunConfigurationTask" enabled="true" run_configuration_name="All tests in briar-core" run_configuration_type="AndroidJUnit" />
-      <option name="RunConfigurationTask" enabled="true" run_configuration_name="All tests in briar-headless" run_configuration_type="AndroidJUnit" />
+      <option name="RunConfigurationTask" enabled="true" run_configuration_name="All in briar-headless" run_configuration_type="AndroidJUnit" />
     </method>
   </configuration>
 </component>

.idea/runConfigurations/All_tests_in_briar_headless.xml

@@ -1,15 +0,0 @@
-<component name="ProjectRunConfigurationManager">
-  <configuration default="false" name="All tests in briar-headless" type="AndroidJUnit" factoryName="Android JUnit">
-    <module name="briar-headless" />
-    <option name="PACKAGE_NAME" value="org.briarproject.briar.headless" />
-    <option name="MAIN_CLASS_NAME" value="" />
-    <option name="METHOD_NAME" value="" />
-    <option name="TEST_OBJECT" value="package" />
-    <option name="VM_PARAMETERS" />
-    <option name="PARAMETERS" value="" />
-    <option name="WORKING_DIRECTORY" value="$PROJECT_DIR$/briar-headless" />
-    <method v="2">
-      <option name="Android.Gradle.BeforeRunTask" enabled="true" />
-    </method>
-  </configuration>
-</component>

bramble-android/build.gradle

@@ -11,8 +11,8 @@ android {
 	defaultConfig {
 		minSdkVersion 14
 		targetSdkVersion 26
-		versionCode 10107
+		versionCode 10106
-		versionName "1.1.7"
+		versionName "1.1.6"
 		consumerProguardFiles 'proguard-rules.txt'
 
 		testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"

bramble-android/src/main/java/org/briarproject/bramble/BrambleAndroidEagerSingletons.java

@@ -2,13 +2,10 @@ package org.briarproject.bramble;
 
 import org.briarproject.bramble.battery.AndroidBatteryModule;
 import org.briarproject.bramble.network.AndroidNetworkModule;
-import org.briarproject.bramble.reporting.ReportingModule;
 
 public interface BrambleAndroidEagerSingletons {
 
 	void inject(AndroidBatteryModule.EagerSingletons init);
 
 	void inject(AndroidNetworkModule.EagerSingletons init);
-
-	void inject(ReportingModule.EagerSingletons init);
 }

bramble-android/src/main/java/org/briarproject/bramble/BrambleAndroidModule.java

@@ -3,8 +3,6 @@ package org.briarproject.bramble;
 import org.briarproject.bramble.battery.AndroidBatteryModule;
 import org.briarproject.bramble.network.AndroidNetworkModule;
 import org.briarproject.bramble.plugin.tor.CircumventionModule;
-import org.briarproject.bramble.reporting.ReportingModule;
-import org.briarproject.bramble.socks.SocksModule;
 import org.briarproject.bramble.system.AndroidSystemModule;
 
 import dagger.Module;
@@ -13,15 +11,12 @@ import dagger.Module;
 		AndroidBatteryModule.class,
 		AndroidNetworkModule.class,
 		AndroidSystemModule.class,
-		CircumventionModule.class,
+		CircumventionModule.class
-		ReportingModule.class,
-		SocksModule.class
 })
 public class BrambleAndroidModule {
 
 	public static void initEagerSingletons(BrambleAndroidEagerSingletons c) {
 		c.inject(new AndroidBatteryModule.EagerSingletons());
 		c.inject(new AndroidNetworkModule.EagerSingletons());
-		c.inject(new ReportingModule.EagerSingletons());
 	}
 }

bramble-android/src/main/java/org/briarproject/bramble/account/AndroidAccountManager.java

@@ -9,6 +9,7 @@ import org.briarproject.bramble.api.account.AccountManager;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
 import org.briarproject.bramble.api.db.DatabaseConfig;
 import org.briarproject.bramble.api.identity.IdentityManager;
+import org.briarproject.bramble.util.IoUtils;
 
 import java.io.File;
 import java.util.HashSet;
@@ -19,9 +20,6 @@ import javax.annotation.Nullable;
 import javax.inject.Inject;
 
 import static android.os.Build.VERSION.SDK_INT;
-import static java.util.logging.Level.INFO;
-import static org.briarproject.bramble.util.IoUtils.deleteFileOrDir;
-import static org.briarproject.bramble.util.LogUtils.logFileOrDir;
 
 class AndroidAccountManager extends AccountManagerImpl
 		implements AccountManager {
@@ -43,16 +41,6 @@ class AndroidAccountManager extends AccountManagerImpl
 		appContext = app.getApplicationContext();
 	}
 
-	@Override
-	public boolean accountExists() {
-		boolean exists = super.accountExists();
-		if (!exists && LOG.isLoggable(INFO)) {
-			LOG.info("Account does not exist. Contents of account directory:");
-			logFileOrDir(LOG, INFO, getDataDir());
-		}
-		return exists;
-	}
-
 	// Locking: stateChangeLock
 	@Override
 	@Nullable
@@ -86,17 +74,9 @@ class AndroidAccountManager extends AccountManagerImpl
 	@Override
 	public void deleteAccount() {
 		synchronized (stateChangeLock) {
-			if (LOG.isLoggable(INFO)) {
-				LOG.info("Contents of account directory before deleting:");
-				logFileOrDir(LOG, INFO, getDataDir());
-			}
 			super.deleteAccount();
 			SharedPreferences defaultPrefs = getDefaultSharedPreferences();
 			deleteAppData(prefs, defaultPrefs);
-			if (LOG.isLoggable(INFO)) {
-				LOG.info("Contents of account directory after deleting:");
-				logFileOrDir(LOG, INFO, getDataDir());
-			}
 		}
 	}
 
@@ -114,7 +94,7 @@ class AndroidAccountManager extends AccountManagerImpl
 		}
 		// Delete files, except lib and shared_prefs directories
 		Set<File> files = new HashSet<>();
-		File dataDir = getDataDir();
+		File dataDir = new File(appContext.getApplicationInfo().dataDir);
 		@Nullable
 		File[] fileArray = dataDir.listFiles();
 		if (fileArray == null) {
@@ -141,17 +121,13 @@ class AndroidAccountManager extends AccountManagerImpl
 			}
 		}
 		for (File file : files) {
-			deleteFileOrDir(file);
+			IoUtils.deleteFileOrDir(file);
 		}
 		// Recreate the cache dir as some OpenGL drivers expect it to exist
 		if (!new File(dataDir, "cache").mkdirs())
 			LOG.warning("Could not recreate cache dir");
 	}
 
-	private File getDataDir() {
-		return new File(appContext.getApplicationInfo().dataDir);
-	}
-
 	private void addIfNotNull(Set<File> files, @Nullable File file) {
 		if (file != null) files.add(file);
 	}

bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPlugin.java

@@ -12,8 +12,8 @@ import android.content.IntentFilter;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
-import org.briarproject.bramble.api.plugin.PluginCallback;
 import org.briarproject.bramble.api.plugin.PluginException;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 import org.briarproject.bramble.api.system.AndroidExecutor;
 import org.briarproject.bramble.api.system.Clock;
@@ -51,7 +51,6 @@ import static android.bluetooth.BluetoothDevice.EXTRA_DEVICE;
 import static java.util.concurrent.TimeUnit.MILLISECONDS;
 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
-import static java.util.logging.Logger.getLogger;
 import static org.briarproject.bramble.util.PrivacyUtils.scrubMacAddress;
 
 @MethodsNotNullByDefault
@@ -59,7 +58,7 @@ import static org.briarproject.bramble.util.PrivacyUtils.scrubMacAddress;
 class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 
 	private static final Logger LOG =
-			getLogger(AndroidBluetoothPlugin.class.getName());
+			Logger.getLogger(AndroidBluetoothPlugin.class.getName());
 
 	private static final int MAX_DISCOVERY_MS = 10_000;
 
@@ -76,7 +75,7 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 	AndroidBluetoothPlugin(BluetoothConnectionLimiter connectionLimiter,
 			Executor ioExecutor, AndroidExecutor androidExecutor,
 			Context appContext, SecureRandom secureRandom, Clock clock,
-			Backoff backoff, PluginCallback callback, int maxLatency) {
+			Backoff backoff, DuplexPluginCallback callback, int maxLatency) {
 		super(connectionLimiter, ioExecutor, secureRandom, backoff, callback,
 				maxLatency);
 		this.androidExecutor = androidExecutor;

bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPluginFactory.java

@@ -6,9 +6,9 @@ import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.BackoffFactory;
-import org.briarproject.bramble.api.plugin.PluginCallback;
 import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginFactory;
 import org.briarproject.bramble.api.system.AndroidExecutor;
 import org.briarproject.bramble.api.system.Clock;
@@ -61,7 +61,7 @@ public class AndroidBluetoothPluginFactory implements DuplexPluginFactory {
 	}
 
 	@Override
-	public DuplexPlugin createPlugin(PluginCallback callback) {
+	public DuplexPlugin createPlugin(DuplexPluginCallback callback) {
 		BluetoothConnectionLimiter connectionLimiter =
 				new BluetoothConnectionLimiterImpl();
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,

bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPlugin.java

@@ -13,7 +13,7 @@ import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.network.event.NetworkStatusEvent;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
-import org.briarproject.bramble.api.plugin.PluginCallback;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 
 import java.io.IOException;
 import java.net.InetAddress;
@@ -32,18 +32,17 @@ import static android.net.ConnectivityManager.TYPE_WIFI;
 import static android.os.Build.VERSION.SDK_INT;
 import static java.util.Collections.emptyList;
 import static java.util.Collections.singletonList;
-import static java.util.logging.Logger.getLogger;
 
 @NotNullByDefault
 class AndroidLanTcpPlugin extends LanTcpPlugin implements EventListener {
 
-	private static final Logger LOG =
-			getLogger(AndroidLanTcpPlugin.class.getName());
-
 	private static final byte[] WIFI_AP_ADDRESS_BYTES =
 			{(byte) 192, (byte) 168, 43, 1};
 	private static final InetAddress WIFI_AP_ADDRESS;
 
+	private static final Logger LOG =
+			Logger.getLogger(AndroidLanTcpPlugin.class.getName());
+
 	static {
 		try {
 			WIFI_AP_ADDRESS = InetAddress.getByAddress(WIFI_AP_ADDRESS_BYTES);
@@ -61,7 +60,7 @@ class AndroidLanTcpPlugin extends LanTcpPlugin implements EventListener {
 	private volatile SocketFactory socketFactory;
 
 	AndroidLanTcpPlugin(Executor ioExecutor, Context appContext,
-			Backoff backoff, PluginCallback callback, int maxLatency,
+			Backoff backoff, DuplexPluginCallback callback, int maxLatency,
 			int maxIdleTime) {
 		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime);
 		// Don't execute more than one connection status check at a time

bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPluginFactory.java

@@ -6,9 +6,9 @@ import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.BackoffFactory;
-import org.briarproject.bramble.api.plugin.PluginCallback;
 import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginFactory;
 
 import java.util.concurrent.Executor;
@@ -51,7 +51,7 @@ public class AndroidLanTcpPluginFactory implements DuplexPluginFactory {
 	}
 
 	@Override
-	public DuplexPlugin createPlugin(PluginCallback callback) {
+	public DuplexPlugin createPlugin(DuplexPluginCallback callback) {
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
 		AndroidLanTcpPlugin plugin = new AndroidLanTcpPlugin(ioExecutor,

bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/AndroidTorPlugin.java

@@ -11,7 +11,7 @@ import org.briarproject.bramble.api.network.NetworkManager;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
-import org.briarproject.bramble.api.plugin.PluginCallback;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.system.Clock;
 import org.briarproject.bramble.api.system.LocationUtils;
 import org.briarproject.bramble.api.system.ResourceProvider;
@@ -41,12 +41,11 @@ class AndroidTorPlugin extends TorPlugin {
 			Clock clock, ResourceProvider resourceProvider,
 			CircumventionProvider circumventionProvider,
 			BatteryManager batteryManager, Backoff backoff,
-			TorRendezvousCrypto torRendezvousCrypto,
+			DuplexPluginCallback callback, String architecture, int maxLatency,
-			PluginCallback callback, String architecture, int maxLatency,
 			int maxIdleTime) {
 		super(ioExecutor, networkManager, locationUtils, torSocketFactory,
 				clock, resourceProvider, circumventionProvider, batteryManager,
-				backoff, torRendezvousCrypto, callback, architecture, maxLatency, maxIdleTime,
+				backoff, callback, architecture, maxLatency, maxIdleTime,
 				appContext.getDir("tor", MODE_PRIVATE));
 		this.appContext = appContext;
 		PowerManager pm = (PowerManager)

bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/AndroidTorPluginFactory.java

@@ -9,10 +9,10 @@ import org.briarproject.bramble.api.network.NetworkManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.BackoffFactory;
-import org.briarproject.bramble.api.plugin.PluginCallback;
 import org.briarproject.bramble.api.plugin.TorConstants;
 import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginFactory;
 import org.briarproject.bramble.api.system.Clock;
 import org.briarproject.bramble.api.system.LocationUtils;
@@ -84,7 +84,7 @@ public class AndroidTorPluginFactory implements DuplexPluginFactory {
 	}
 
 	@Override
-	public DuplexPlugin createPlugin(PluginCallback callback) {
+	public DuplexPlugin createPlugin(DuplexPluginCallback callback) {
 
 		// Check that we have a Tor binary for this architecture
 		String architecture = null;
@@ -106,12 +106,10 @@ public class AndroidTorPluginFactory implements DuplexPluginFactory {
 
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
-		TorRendezvousCrypto torRendezvousCrypto = new TorRendezvousCryptoImpl();
 		AndroidTorPlugin plugin = new AndroidTorPlugin(ioExecutor, scheduler,
 				appContext, networkManager, locationUtils, torSocketFactory,
 				clock, resourceProvider, circumventionProvider, batteryManager,
-				backoff, torRendezvousCrypto, callback, architecture,
+				backoff, callback, architecture, MAX_LATENCY, MAX_IDLE_TIME);
-				MAX_LATENCY, MAX_IDLE_TIME);
 		eventBus.addListener(plugin);
 		return plugin;
 	}

bramble-android/src/test/java/org/briarproject/bramble/account/AndroidAccountManagerTest.java

@@ -128,7 +128,7 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 			will(returnValue(editor));
 			oneOf(editor).commit();
 			will(returnValue(true));
-			allowing(app).getApplicationInfo();
+			oneOf(app).getApplicationInfo();
 			will(returnValue(applicationInfo));
 			oneOf(app).getFilesDir();
 			will(returnValue(filesDir));

bramble-api/src/main/java/org/briarproject/bramble/api/Bytes.java

@@ -4,8 +4,8 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.util.StringUtils;
 
 import java.util.Arrays;
+import java.util.Comparator;
 
-import javax.annotation.Nullable;
 import javax.annotation.concurrent.ThreadSafe;
 
 /**
@@ -15,6 +15,8 @@ import javax.annotation.concurrent.ThreadSafe;
 @NotNullByDefault
 public class Bytes implements Comparable<Bytes> {
 
+	public static final BytesComparator COMPARATOR = new BytesComparator();
+
 	private final byte[] bytes;
 
 	private int hashCode = -1;
@@ -36,13 +38,20 @@ public class Bytes implements Comparable<Bytes> {
 	}
 
 	@Override
-	public boolean equals(@Nullable Object o) {
+	public boolean equals(Object o) {
 		return o instanceof Bytes && Arrays.equals(bytes, ((Bytes) o).bytes);
 	}
 
 	@Override
 	public int compareTo(Bytes other) {
-		return compare(bytes, other.bytes);
+		byte[] aBytes = bytes, bBytes = other.bytes;
+		int length = Math.min(aBytes.length, bBytes.length);
+		for (int i = 0; i < length; i++) {
+			int aUnsigned = aBytes[i] & 0xFF, bUnsigned = bBytes[i] & 0xFF;
+			if (aUnsigned < bUnsigned) return -1;
+			if (aUnsigned > bUnsigned) return 1;
+		}
+		return aBytes.length - bBytes.length;
 	}
 
 	@Override
@@ -51,13 +60,11 @@ public class Bytes implements Comparable<Bytes> {
 				"(" + StringUtils.toHexString(getBytes()) + ")";
 	}
 
-	public static int compare(byte[] a, byte[] b) {
+	public static class BytesComparator implements Comparator<Bytes> {
-		int length = Math.min(a.length, b.length);
+
-		for (int i = 0; i < length; i++) {
+		@Override
-			int aUnsigned = a[i] & 0xFF, bUnsigned = b[i] & 0xFF;
+		public int compare(Bytes a, Bytes b) {
-			if (aUnsigned < bUnsigned) return -1;
+			return a.compareTo(b);
-			if (aUnsigned > bUnsigned) return 1;
 		}
-		return a.length - b.length;
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/Predicate.java

@@ -1,9 +0,0 @@
-package org.briarproject.bramble.api;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-@NotNullByDefault
-public interface Predicate<T> {
-
-	boolean test(T t);
-}

bramble-api/src/main/java/org/briarproject/bramble/api/client/ClientHelper.java

@@ -1,8 +1,6 @@
 package org.briarproject.bramble.api.client;
 
 import org.briarproject.bramble.api.FormatException;
-import org.briarproject.bramble.api.crypto.PrivateKey;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.data.BdfDictionary;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.db.DbException;
@@ -98,18 +96,14 @@ public interface ClientHelper {
 
 	BdfList toList(Author a);
 
-	byte[] sign(String label, BdfList toSign, PrivateKey privateKey)
+	byte[] sign(String label, BdfList toSign, byte[] privateKey)
 			throws FormatException, GeneralSecurityException;
 
 	void verifySignature(byte[] signature, String label, BdfList signed,
-			PublicKey publicKey)
+			byte[] publicKey) throws FormatException, GeneralSecurityException;
-			throws FormatException, GeneralSecurityException;
 
 	Author parseAndValidateAuthor(BdfList author) throws FormatException;
 
-	PublicKey parseAndValidateAgreementPublicKey(byte[] publicKeyBytes)
-		throws FormatException;
-
 	TransportProperties parseAndValidateTransportProperties(
 			BdfDictionary properties) throws FormatException;
 

bramble-api/src/main/java/org/briarproject/bramble/api/contact/Contact.java

@@ -1,6 +1,5 @@
 package org.briarproject.bramble.api.contact;
 
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
@@ -9,6 +8,7 @@ import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
+import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
 import static org.briarproject.bramble.util.StringUtils.toUtf8;
 
 @Immutable
@@ -21,17 +21,21 @@ public class Contact {
 	@Nullable
 	private final String alias;
 	@Nullable
-	private final PublicKey handshakePublicKey;
+	private final byte[] handshakePublicKey;
 	private final boolean verified;
 
 	public Contact(ContactId id, Author author, AuthorId localAuthorId,
-			@Nullable String alias, @Nullable PublicKey handshakePublicKey,
+			@Nullable String alias, @Nullable byte[] handshakePublicKey,
 			boolean verified) {
 		if (alias != null) {
 			int aliasLength = toUtf8(alias).length;
 			if (aliasLength == 0 || aliasLength > MAX_AUTHOR_NAME_LENGTH)
 				throw new IllegalArgumentException();
 		}
+		if (handshakePublicKey != null && (handshakePublicKey.length == 0 ||
+				handshakePublicKey.length > MAX_PUBLIC_KEY_LENGTH)) {
+			throw new IllegalArgumentException();
+		}
 		this.id = id;
 		this.author = author;
 		this.localAuthorId = localAuthorId;
@@ -58,7 +62,7 @@ public class Contact {
 	}
 
 	@Nullable
-	public PublicKey getHandshakePublicKey() {
+	public byte[] getHandshakePublicKey() {
 		return handshakePublicKey;
 	}
 

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeManager.java

@@ -1,37 +0,0 @@
-package org.briarproject.bramble.api.contact;
-
-import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.db.ContactExistsException;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-
-import java.io.IOException;
-
-@NotNullByDefault
-public interface ContactExchangeManager {
-
-	/**
-	 * Exchanges contact information with a remote peer and adds the peer
-	 * as a contact.
-	 *
-	 * @param alice Whether the local peer takes the role of Alice
-	 * @return The newly added contact
-	 * @throws ContactExistsException If the contact already exists
-	 */
-	Contact exchangeContacts(DuplexTransportConnection conn,
-			SecretKey masterKey, boolean alice, boolean verified)
-			throws IOException, DbException;
-
-	/**
-	 * Exchanges contact information with a remote peer and adds the peer
-	 * as a contact, replacing the given pending contact.
-	 *
-	 * @param alice Whether the local peer takes the role of Alice
-	 * @return The newly added contact
-	 * @throws ContactExistsException If the contact already exists
-	 */
-	Contact exchangeContacts(PendingContactId p, DuplexTransportConnection conn,
-			SecretKey masterKey, boolean alice, boolean verified)
-			throws IOException, DbException;
-}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java

@@ -1,6 +1,16 @@
-package org.briarproject.bramble.contact;
+package org.briarproject.bramble.api.contact;
 
-interface ContactExchangeConstants {
+import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+
+/**
+ * A task for conducting a contact information exchange with a remote peer.
+ */
+@NotNullByDefault
+public interface ContactExchangeTask {
 
 	/**
 	 * The current version of the contact exchange protocol.
@@ -29,7 +39,9 @@ interface ContactExchangeConstants {
 	String BOB_NONCE_LABEL = "org.briarproject.bramble.contact/BOB_NONCE";
 
 	/**
-	 * Label for signing key binding nonces.
+	 * Exchanges contact information with a remote peer.
 	 */
-	String SIGNING_LABEL = "org.briarproject.briar.contact/EXCHANGE";
+	void startExchange(LocalAuthor localAuthor, SecretKey masterKey,
+			DuplexTransportConnection conn, TransportId transportId,
+			boolean alice);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactId.java

@@ -2,7 +2,6 @@ package org.briarproject.bramble.api.contact;
 
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
-import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 
 /**
@@ -29,7 +28,7 @@ public class ContactId {
 	}
 
 	@Override
-	public boolean equals(@Nullable Object o) {
+	public boolean equals(Object o) {
 		return o instanceof ContactId && id == ((ContactId) o).id;
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactManager.java

@@ -1,7 +1,6 @@
 package org.briarproject.bramble.api.contact;
 
 import org.briarproject.bramble.api.FormatException;
-import org.briarproject.bramble.api.Pair;
 import org.briarproject.bramble.api.UnsupportedVersionException;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DbException;
@@ -13,7 +12,6 @@ import org.briarproject.bramble.api.identity.AuthorInfo;
 import org.briarproject.bramble.api.lifecycle.LifecycleManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
-import java.security.GeneralSecurityException;
 import java.util.Collection;
 
 import javax.annotation.Nullable;
@@ -30,71 +28,28 @@ public interface ContactManager {
 
 	/**
 	 * Stores a contact associated with the given local and remote pseudonyms,
-	 * derives and stores rotation mode transport keys for each transport, and
+	 * derives and stores transport keys for each transport, and returns an ID
-	 * returns an ID for the contact.
+	 * for the contact.
 	 *
-	 * @param rootKey The root key for a set of rotation mode transport keys
+	 * @param alice true if the local party is Alice
-	 * @param timestamp The timestamp for deriving rotation mode transport
-	 * keys from the root key
-	 * @param alice True if the local party is Alice
-	 * @param verified True if the contact's identity has been verified, which
-	 * is true if the contact was added in person or false if the contact was
-	 * introduced or added remotely
-	 * @param active True if the rotation mode transport keys can be used for
-	 * outgoing streams
 	 */
 	ContactId addContact(Transaction txn, Author remote, AuthorId local,
 			SecretKey rootKey, long timestamp, boolean alice, boolean verified,
 			boolean active) throws DbException;
 
-	/**
-	 * Stores a contact associated with the given local and remote pseudonyms,
-	 * replacing the given pending contact, derives and stores handshake mode
-	 * and rotation mode transport keys for each transport, and returns an ID
-	 * for the contact.
-	 *
-	 * @param rootKey The root key for a set of rotation mode transport keys
-	 * @param timestamp The timestamp for deriving rotation mode transport
-	 * keys from the root key
-	 * @param alice True if the local party is Alice
-	 * @param verified True if the contact's identity has been verified, which
-	 * is true if the contact was added in person or false if the contact was
-	 * introduced or added remotely
-	 * @param active True if the rotation mode transport keys can be used for
-	 * outgoing streams
-	 * @throws GeneralSecurityException If the pending contact's handshake
-	 * public key is invalid
-	 */
-	ContactId addContact(Transaction txn, PendingContactId p, Author remote,
-			AuthorId local, SecretKey rootKey, long timestamp, boolean alice,
-			boolean verified, boolean active)
-			throws DbException, GeneralSecurityException;
-
 	/**
 	 * Stores a contact associated with the given local and remote pseudonyms
 	 * and returns an ID for the contact.
-	 *
-	 * @param verified True if the contact's identity has been verified, which
-	 * is true if the contact was added in person or false if the contact was
-	 * introduced or added remotely
 	 */
 	ContactId addContact(Transaction txn, Author remote, AuthorId local,
 			boolean verified) throws DbException;
 
 	/**
 	 * Stores a contact associated with the given local and remote pseudonyms,
-	 * derives and stores rotation mode transport keys for each transport, and
+	 * derives and stores transport keys for each transport, and returns an ID
-	 * returns an ID for the contact.
+	 * for the contact.
 	 *
-	 * @param rootKey The root key for a set of rotation mode transport keys
+	 * @param alice true if the local party is Alice
-	 * @param timestamp The timestamp for deriving rotation mode transport
-	 * keys from the root key
-	 * @param alice True if the local party is Alice
-	 * @param verified True if the contact's identity has been verified, which
-	 * is true if the contact was added in person or false if the contact was
-	 * introduced or added remotely
-	 * @param active True if the rotation mode transport keys can be used for
-	 * outgoing streams
 	 */
 	ContactId addContact(Author remote, AuthorId local, SecretKey rootKey,
 			long timestamp, boolean alice, boolean verified, boolean active)
@@ -110,29 +65,20 @@ public interface ContactManager {
 	 * Creates a {@link PendingContact} from the given handshake link and
 	 * alias, adds it to the database and returns it.
 	 *
-	 * @param link The handshake link received from the pending contact
+	 * @param link The handshake link received from the contact we want to add
-	 * @param alias The alias the user has given this pending contact
+	 * @param alias The alias the user has given this contact
+	 * @return A PendingContact representing the contact to be added
 	 * @throws UnsupportedVersionException If the link uses a format version
 	 * that is not supported
 	 * @throws FormatException If the link is invalid
-	 * @throws GeneralSecurityException If the pending contact's handshake
-	 * public key is invalid
 	 */
 	PendingContact addPendingContact(String link, String alias)
-			throws DbException, FormatException, GeneralSecurityException;
+			throws DbException, FormatException;
 
 	/**
-	 * Returns the pending contact with the given ID.
+	 * Returns a list of {@link PendingContact}s.
 	 */
-	PendingContact getPendingContact(Transaction txn, PendingContactId p)
+	Collection<PendingContact> getPendingContacts() throws DbException;
-			throws DbException;
-
-	/**
-	 * Returns a list of {@link PendingContact PendingContacts} and their
-	 * {@link PendingContactState states}.
-	 */
-	Collection<Pair<PendingContact, PendingContactState>> getPendingContacts()
-			throws DbException;
 
 	/**
 	 * Removes a {@link PendingContact}.
@@ -145,13 +91,8 @@ public interface ContactManager {
 	Contact getContact(ContactId c) throws DbException;
 
 	/**
-	 * Returns the contact with the given ID.
+	 * Returns the contact with the given remoteAuthorId
-	 */
+	 * that was added by the LocalAuthor with the given localAuthorId
-	Contact getContact(Transaction txn, ContactId c) throws DbException;
-
-	/**
-	 * Returns the contact with the given {@code remoteAuthorId}
-	 * that belongs to the local pseudonym with the given {@code localAuthorId}.
 	 *
 	 * @throws NoSuchContactException If the contact is not in the database
 	 */
@@ -159,8 +100,8 @@ public interface ContactManager {
 			throws DbException;
 
 	/**
-	 * Returns the contact with the given {@code remoteAuthorId}
+	 * Returns the contact with the given remoteAuthorId
-	 * that belongs to the local pseudonym with the given {@code localAuthorId}.
+	 * that was added by the LocalAuthor with the given localAuthorId
 	 *
 	 * @throws NoSuchContactException If the contact is not in the database
 	 */
@@ -168,7 +109,7 @@ public interface ContactManager {
 			AuthorId localAuthorId) throws DbException;
 
 	/**
-	 * Returns all contacts.
+	 * Returns all active contacts.
 	 */
 	Collection<Contact> getContacts() throws DbException;
 
@@ -183,27 +124,25 @@ public interface ContactManager {
 	void removeContact(Transaction txn, ContactId c) throws DbException;
 
 	/**
-	 * Sets an alias for the contact or unsets it if {@code alias} is null.
+	 * Sets an alias name for the contact or unsets it if alias is null.
 	 */
 	void setContactAlias(Transaction txn, ContactId c, @Nullable String alias)
 			throws DbException;
 
 	/**
-	 * Sets an alias for the contact or unsets it if {@code alias} is null.
+	 * Sets an alias name for the contact or unsets it if alias is null.
 	 */
 	void setContactAlias(ContactId c, @Nullable String alias)
 			throws DbException;
 
 	/**
-	 * Returns true if a contact with this {@code remoteAuthorId} belongs to
+	 * Return true if a contact with this name and public key already exists
-	 * the local pseudonym with this {@code localAuthorId}.
 	 */
 	boolean contactExists(Transaction txn, AuthorId remoteAuthorId,
 			AuthorId localAuthorId) throws DbException;
 
 	/**
-	 * Returns true if a contact with this {@code remoteAuthorId} belongs to
+	 * Return true if a contact with this name and public key already exists
-	 * the local pseudonym with this {@code localAuthorId}.
 	 */
 	boolean contactExists(AuthorId remoteAuthorId, AuthorId localAuthorId)
 			throws DbException;

bramble-api/src/main/java/org/briarproject/bramble/api/contact/HandshakeManager.java

@@ -1,45 +0,0 @@
-package org.briarproject.bramble.api.contact;
-
-import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.transport.StreamWriter;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-@NotNullByDefault
-public interface HandshakeManager {
-
-	/**
-	 * Handshakes with the given pending contact. Returns an ephemeral master
-	 * key authenticated with both parties' handshake key pairs and a flag
-	 * indicating whether the local peer is Alice or Bob.
-	 *
-	 * @param in An incoming stream for the handshake, which must be secured in
-	 * handshake mode
-	 * @param out An outgoing stream for the handshake, which must be secured
-	 * in handshake mode
-	 */
-	HandshakeResult handshake(PendingContactId p, InputStream in,
-			StreamWriter out) throws DbException, IOException;
-
-	class HandshakeResult {
-
-		private final SecretKey masterKey;
-		private final boolean alice;
-
-		public HandshakeResult(SecretKey masterKey, boolean alice) {
-			this.masterKey = masterKey;
-			this.alice = alice;
-		}
-
-		public SecretKey getMasterKey() {
-			return masterKey;
-		}
-
-		public boolean isAlice() {
-			return alice;
-		}
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/PendingContact.java

@@ -1,6 +1,5 @@
 package org.briarproject.bramble.api.contact;
 
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
 import javax.annotation.concurrent.Immutable;
@@ -10,15 +9,17 @@ import javax.annotation.concurrent.Immutable;
 public class PendingContact {
 
 	private final PendingContactId id;
-	private final PublicKey publicKey;
+	private final byte[] publicKey;
 	private final String alias;
+	private final PendingContactState state;
 	private final long timestamp;
 
-	public PendingContact(PendingContactId id, PublicKey publicKey,
+	public PendingContact(PendingContactId id, byte[] publicKey,
-			String alias, long timestamp) {
+			String alias, PendingContactState state, long timestamp) {
 		this.id = id;
 		this.publicKey = publicKey;
 		this.alias = alias;
+		this.state = state;
 		this.timestamp = timestamp;
 	}
 
@@ -26,7 +27,7 @@ public class PendingContact {
 		return id;
 	}
 
-	public PublicKey getPublicKey() {
+	public byte[] getPublicKey() {
 		return publicKey;
 	}
 
@@ -34,6 +35,10 @@ public class PendingContact {
 		return alias;
 	}
 
+	public PendingContactState getState() {
+		return state;
+	}
+
 	public long getTimestamp() {
 		return timestamp;
 	}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/PendingContactId.java

@@ -3,7 +3,6 @@ package org.briarproject.bramble.api.contact;
 import org.briarproject.bramble.api.UniqueId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
-import javax.annotation.Nullable;
 import javax.annotation.concurrent.ThreadSafe;
 
 /**
@@ -18,8 +17,9 @@ public class PendingContactId extends UniqueId {
 		super(id);
 	}
 
+
 	@Override
-	public boolean equals(@Nullable Object o) {
+	public boolean equals(Object o) {
 		return o instanceof PendingContactId && super.equals(o);
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/PendingContactState.java

@@ -1,9 +1,30 @@
 package org.briarproject.bramble.api.contact;
 
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+@Immutable
+@NotNullByDefault
 public enum PendingContactState {
 
-	WAITING_FOR_CONNECTION,
+	WAITING_FOR_CONNECTION(0),
-	CONNECTING,
+	CONNECTED(1),
-	ADDING_CONTACT,
+	ADDING_CONTACT(2),
-	FAILED
+	FAILED(3);
+
+	private final int value;
+
+	PendingContactState(int value) {
+		this.value = value;
+	}
+
+	public int getValue() {
+		return value;
+	}
+
+	public static PendingContactState fromValue(int value) {
+		for (PendingContactState s : values()) if (s.value == value) return s;
+		throw new IllegalArgumentException();
+	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/RecordTypes.java

@@ -1,9 +1,9 @@
-package org.briarproject.bramble.contact;
+package org.briarproject.bramble.api.contact;
 
 /**
  * Record types for the contact exchange protocol.
  */
-interface ContactExchangeRecordTypes {
+public interface RecordTypes {
 
 	byte CONTACT_INFO = 0;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/ContactAddedEvent.java

@@ -14,18 +14,12 @@ import javax.annotation.concurrent.Immutable;
 public class ContactAddedEvent extends Event {
 
 	private final ContactId contactId;
-	private final boolean verified;
 
-	public ContactAddedEvent(ContactId contactId, boolean verified) {
+	public ContactAddedEvent(ContactId contactId) {
 		this.contactId = contactId;
-		this.verified = verified;
 	}
 
 	public ContactId getContactId() {
 		return contactId;
 	}
-
-	public boolean isVerified() {
-		return verified;
-	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/ContactAddedRemotelyEvent.java

@@ -0,0 +1,22 @@
+package org.briarproject.bramble.api.contact.event;
+
+import org.briarproject.bramble.api.contact.Contact;
+import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+@Immutable
+@NotNullByDefault
+public class ContactAddedRemotelyEvent extends Event {
+
+	private final Contact contact;
+
+	public ContactAddedRemotelyEvent(Contact contact) {
+		this.contact = contact;
+	}
+
+	public Contact getContact() {
+		return contact;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/ContactExchangeFailedEvent.java

@@ -0,0 +1,32 @@
+package org.briarproject.bramble.api.contact.event;
+
+import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.identity.Author;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.Nullable;
+
+@NotNullByDefault
+public class ContactExchangeFailedEvent extends Event {
+
+	@Nullable
+	private final Author duplicateRemoteAuthor;
+
+	public ContactExchangeFailedEvent(@Nullable Author duplicateRemoteAuthor) {
+		this.duplicateRemoteAuthor = duplicateRemoteAuthor;
+	}
+
+	public ContactExchangeFailedEvent() {
+		this(null);
+	}
+
+	@Nullable
+	public Author getDuplicateRemoteAuthor() {
+		return duplicateRemoteAuthor;
+	}
+
+	public boolean wasDuplicateContact() {
+		return duplicateRemoteAuthor != null;
+	}
+
+}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/ContactExchangeSucceededEvent.java

@@ -0,0 +1,20 @@
+package org.briarproject.bramble.api.contact.event;
+
+import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.identity.Author;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+@NotNullByDefault
+public class ContactExchangeSucceededEvent extends Event {
+
+	private final Author remoteAuthor;
+
+	public ContactExchangeSucceededEvent(Author remoteAuthor) {
+		this.remoteAuthor = remoteAuthor;
+	}
+
+	public Author getRemoteAuthor() {
+		return remoteAuthor;
+	}
+
+}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/PendingContactAddedEvent.java

@@ -1,25 +0,0 @@
-package org.briarproject.bramble.api.contact.event;
-
-import org.briarproject.bramble.api.contact.PendingContact;
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * An event that is broadcast when a pending contact is added.
- */
-@Immutable
-@NotNullByDefault
-public class PendingContactAddedEvent extends Event {
-
-	private final PendingContact pendingContact;
-
-	public PendingContactAddedEvent(PendingContact pendingContact) {
-		this.pendingContact = pendingContact;
-	}
-
-	public PendingContact getPendingContact() {
-		return pendingContact;
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/AgreementPrivateKey.java

@@ -1,30 +0,0 @@
-package org.briarproject.bramble.api.crypto;
-
-import org.briarproject.bramble.api.Bytes;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_AGREEMENT;
-
-/**
- * Type-safe wrapper for a private key used for key agreement.
- */
-@Immutable
-@NotNullByDefault
-public class AgreementPrivateKey extends Bytes implements PrivateKey {
-
-	public AgreementPrivateKey(byte[] encoded) {
-		super(encoded);
-	}
-
-	@Override
-	public String getKeyType() {
-		return KEY_TYPE_AGREEMENT;
-	}
-
-	@Override
-	public byte[] getEncoded() {
-		return getBytes();
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/AgreementPublicKey.java

@@ -1,35 +0,0 @@
-package org.briarproject.bramble.api.crypto;
-
-import org.briarproject.bramble.api.Bytes;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_AGREEMENT;
-import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
-
-/**
- * Type-safe wrapper for a public key used for key agreement.
- */
-@Immutable
-@NotNullByDefault
-public class AgreementPublicKey extends Bytes implements PublicKey {
-
-	public AgreementPublicKey(byte[] encoded) {
-		super(encoded);
-		if (encoded.length == 0 ||
-				encoded.length > MAX_AGREEMENT_PUBLIC_KEY_BYTES) {
-			throw new IllegalArgumentException();
-		}
-	}
-
-	@Override
-	public String getKeyType() {
-		return KEY_TYPE_AGREEMENT;
-	}
-
-	@Override
-	public byte[] getEncoded() {
-		return getBytes();
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java

@@ -27,78 +27,54 @@ public interface CryptoComponent {
 	/**
 	 * Derives another secret key from the given secret key.
 	 *
-	 * @param label A namespaced label indicating the purpose of the derived
+	 * @param label a namespaced label indicating the purpose of the derived
 	 * key, to prevent it from being repurposed or colliding with a key derived
 	 * for another purpose
-	 * @param inputs Additional inputs that will be included in the derivation
-	 * of the key
 	 */
 	SecretKey deriveKey(String label, SecretKey k, byte[]... inputs);
 
 	/**
-	 * Derives a shared secret from two key pairs.
+	 * Derives a common shared secret from two public keys and one of the
+	 * corresponding private keys.
 	 *
-	 * @param label A namespaced label indicating the purpose of this shared
+	 * @param label a namespaced label indicating the purpose of this shared
 	 * secret, to prevent it from being repurposed or colliding with a shared
 	 * secret derived for another purpose
-	 * @param theirPublicKey The public key of the remote party
+	 * @param theirPublicKey the public key of the remote party
-	 * @param ourKeyPair The key pair of the local party
+	 * @param ourKeyPair the key pair of the local party
-	 * @param inputs Additional inputs that will be included in the derivation
+	 * @return the shared secret
-	 * of the shared secret
-	 * @return The shared secret
 	 */
 	SecretKey deriveSharedSecret(String label, PublicKey theirPublicKey,
 			KeyPair ourKeyPair, byte[]... inputs)
 			throws GeneralSecurityException;
 
-	/**
-	 * Derives a shared secret from two static and two ephemeral key pairs.
-	 *
-	 * @param label A namespaced label indicating the purpose of this shared
-	 * secret, to prevent it from being repurposed or colliding with a shared
-	 * secret derived for another purpose
-	 * @param theirStaticPublicKey The static public key of the remote party
-	 * @param theirEphemeralPublicKey The ephemeral public key of the remote
-	 * party
-	 * @param ourStaticKeyPair The static key pair of the local party
-	 * @param ourEphemeralKeyPair The ephemeral key pair of the local party
-	 * @param alice True if the local party is Alice
-	 * @param inputs Additional inputs that will be included in the
-	 * derivation of the shared secret
-	 * @return The shared secret
-	 */
-	SecretKey deriveSharedSecret(String label, PublicKey theirStaticPublicKey,
-			PublicKey theirEphemeralPublicKey, KeyPair ourStaticKeyPair,
-			KeyPair ourEphemeralKeyPair, boolean alice, byte[]... inputs)
-			throws GeneralSecurityException;
-
 	/**
 	 * Signs the given byte[] with the given private key.
 	 *
-	 * @param label A namespaced label indicating the purpose of this
+	 * @param label a namespaced label indicating the purpose of this
 	 * signature, to prevent it from being repurposed or colliding with a
 	 * signature created for another purpose
 	 */
-	byte[] sign(String label, byte[] toSign, PrivateKey privateKey)
+	byte[] sign(String label, byte[] toSign, byte[] privateKey)
 			throws GeneralSecurityException;
 
 	/**
 	 * Verifies that the given signature is valid for the signed data
 	 * and the given public key.
 	 *
-	 * @param label A namespaced label indicating the purpose of this
+	 * @param label a namespaced label indicating the purpose of this
 	 * signature, to prevent it from being repurposed or colliding with a
 	 * signature created for another purpose
-	 * @return True if the signature was valid, false otherwise.
+	 * @return true if the signature was valid, false otherwise.
 	 */
 	boolean verifySignature(byte[] signature, String label, byte[] signed,
-			PublicKey publicKey) throws GeneralSecurityException;
+			byte[] publicKey) throws GeneralSecurityException;
 
 	/**
 	 * Returns the hash of the given inputs. The inputs are unambiguously
 	 * combined by prefixing each input with its length.
 	 *
-	 * @param label A namespaced label indicating the purpose of this hash, to
+	 * @param label a namespaced label indicating the purpose of this hash, to
 	 * prevent it from being repurposed or colliding with a hash created for
 	 * another purpose
 	 */
@@ -109,7 +85,7 @@ public interface CryptoComponent {
 	 * given inputs. The inputs are unambiguously combined by prefixing each
 	 * input with its length.
 	 *
-	 * @param label A namespaced label indicating the purpose of this MAC, to
+	 * @param label a namespaced label indicating the purpose of this MAC, to
 	 * prevent it from being repurposed or colliding with a MAC created for
 	 * another purpose
 	 */
@@ -119,10 +95,10 @@ public interface CryptoComponent {
 	 * Verifies that the given message authentication code is valid for the
 	 * given secret key and inputs.
 	 *
-	 * @param label A namespaced label indicating the purpose of this MAC, to
+	 * @param label a namespaced label indicating the purpose of this MAC, to
 	 * prevent it from being repurposed or colliding with a MAC created for
 	 * another purpose
-	 * @return True if the MAC was valid, false otherwise.
+	 * @return true if the MAC was valid, false otherwise.
 	 */
 	boolean verifyMac(byte[] mac, String label, SecretKey macKey,
 			byte[]... inputs);

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoConstants.java

@@ -7,21 +7,11 @@ public interface CryptoConstants {
 	 */
 	int MAX_AGREEMENT_PUBLIC_KEY_BYTES = 32;
 
-	/**
-	 * The key type for agreement key pairs.
-	 */
-	String KEY_TYPE_AGREEMENT = "Curve25519";
-
 	/**
 	 * The maximum length of a signature public key in bytes.
 	 */
 	int MAX_SIGNATURE_PUBLIC_KEY_BYTES = 32;
 
-	/**
-	 * The key type for signature key pairs.
-	 */
-	String KEY_TYPE_SIGNATURE = "Ed25519";
-
 	/**
 	 * The maximum length of a signature in bytes.
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/KeyPair.java

@@ -15,8 +15,6 @@ public class KeyPair {
 	private final PrivateKey privateKey;
 
 	public KeyPair(PublicKey publicKey, PrivateKey privateKey) {
-		if (!publicKey.getKeyType().equals(privateKey.getKeyType()))
-			throw new IllegalArgumentException();
 		this.publicKey = publicKey;
 		this.privateKey = privateKey;
 	}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/PrivateKey.java

@@ -8,11 +8,6 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 @NotNullByDefault
 public interface PrivateKey {
 
-	/**
-	 * Returns the type of this key pair.
-	 */
-	String getKeyType();
-
 	/**
 	 * Returns the encoded representation of this key.
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/PublicKey.java

@@ -8,11 +8,6 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 @NotNullByDefault
 public interface PublicKey {
 
-	/**
-	 * Returns the type of this key pair.
-	 */
-	String getKeyType();
-
 	/**
 	 * Returns the encoded representation of this key.
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/SignaturePrivateKey.java

@@ -1,30 +0,0 @@
-package org.briarproject.bramble.api.crypto;
-
-import org.briarproject.bramble.api.Bytes;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_SIGNATURE;
-
-/**
- * Type-safe wrapper for a public key used for signing.
- */
-@Immutable
-@NotNullByDefault
-public class SignaturePrivateKey extends Bytes implements PrivateKey {
-
-	public SignaturePrivateKey(byte[] bytes) {
-		super(bytes);
-	}
-
-	@Override
-	public String getKeyType() {
-		return KEY_TYPE_SIGNATURE;
-	}
-
-	@Override
-	public byte[] getEncoded() {
-		return getBytes();
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/SignaturePublicKey.java

@@ -1,35 +0,0 @@
-package org.briarproject.bramble.api.crypto;
-
-import org.briarproject.bramble.api.Bytes;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_SIGNATURE;
-import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_SIGNATURE_PUBLIC_KEY_BYTES;
-
-/**
- * Type-safe wrapper for a public key used for verifying signatures.
- */
-@Immutable
-@NotNullByDefault
-public class SignaturePublicKey extends Bytes implements PublicKey {
-
-	public SignaturePublicKey(byte[] encoded) {
-		super(encoded);
-		if (encoded.length == 0 ||
-				encoded.length > MAX_SIGNATURE_PUBLIC_KEY_BYTES) {
-			throw new IllegalArgumentException();
-		}
-	}
-
-	@Override
-	public String getKeyType() {
-		return KEY_TYPE_SIGNATURE;
-	}
-
-	@Override
-	public byte[] getEncoded() {
-		return getBytes();
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/TransportCrypto.java

@@ -1,10 +1,9 @@
 package org.briarproject.bramble.api.crypto;
 
 import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.transport.HandshakeKeys;
 import org.briarproject.bramble.api.transport.TransportKeys;
 
-import java.security.GeneralSecurityException;
-
 /**
  * Crypto operations for the transport security protocol - see
  * https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md
@@ -12,52 +11,35 @@ import java.security.GeneralSecurityException;
 public interface TransportCrypto {
 
 	/**
-	 * Returns true if the local peer is Alice.
+	 * Derives initial transport keys for the given transport in the given
-	 */
+	 * time period from the given root key.
-	boolean isAlice(PublicKey theirHandshakePublicKey,
-			KeyPair ourHandshakeKeyPair);
-
-	/**
-	 * Derives the static master key shared with a contact or pending contact.
-	 */
-	SecretKey deriveStaticMasterKey(PublicKey theirHandshakePublicKey,
-			KeyPair ourHandshakeKeyPair) throws GeneralSecurityException;
-
-	/**
-	 * Derives the handshake mode root key from the static master key. To
-	 * prevent tag reuse, separate root keys are derived for contacts and
-	 * pending contacts.
 	 *
-	 * @param pendingContact Whether the static master key is shared with a
+	 * @param alice whether the keys are for use by Alice or Bob.
-	 * pending contact or a contact
+	 * @param active whether the keys are usable for outgoing streams.
 	 */
-	SecretKey deriveHandshakeRootKey(SecretKey staticMasterKey,
+	TransportKeys deriveTransportKeys(TransportId t, SecretKey rootKey,
-			boolean pendingContact);
-
-	/**
-	 * Derives initial rotation mode transport keys for the given transport in
-	 * the given time period from the given root key.
-	 *
-	 * @param alice Whether the keys are for use by Alice or Bob
-	 * @param active Whether the keys are usable for outgoing streams
-	 */
-	TransportKeys deriveRotationKeys(TransportId t, SecretKey rootKey,
 			long timePeriod, boolean alice, boolean active);
 
+	/**
+	 * Rotates the given transport keys to the given time period. If the keys
+	 * are for the given period or any later period they are not rotated.
+	 */
+	TransportKeys rotateTransportKeys(TransportKeys k, long timePeriod);
+
 	/**
 	 * Derives handshake keys for the given transport in the given time period
 	 * from the given root key.
 	 *
-	 * @param alice Whether the keys are for use by Alice or Bob
+	 * @param alice whether the keys are for use by Alice or Bob.
 	 */
-	TransportKeys deriveHandshakeKeys(TransportId t, SecretKey rootKey,
+	HandshakeKeys deriveHandshakeKeys(TransportId t, SecretKey rootKey,
 			long timePeriod, boolean alice);
 
 	/**
-	 * Updates the given transport keys to the given time period. If the keys
+	 * Updates the given handshake keys to the given time period. If the keys
 	 * are for the given period or any later period they are not updated.
 	 */
-	TransportKeys updateTransportKeys(TransportKeys k, long timePeriod);
+	HandshakeKeys updateHandshakeKeys(HandshakeKeys k, long timePeriod);
 
 	/**
 	 * Encodes the pseudo-random tag that is used to recognise a stream.

bramble-api/src/main/java/org/briarproject/bramble/api/db/ContactExistsException.java

@@ -1,27 +1,8 @@
 package org.briarproject.bramble.api.db;
 
-import org.briarproject.bramble.api.identity.Author;
-import org.briarproject.bramble.api.identity.AuthorId;
-
 /**
  * Thrown when a duplicate contact is added to the database. This exception may
  * occur due to concurrent updates and does not indicate a database error.
  */
 public class ContactExistsException extends DbException {
-
-	private final AuthorId local;
-	private final Author remote;
-
-	public ContactExistsException(AuthorId local, Author remote) {
-		this.local = local;
-		this.remote = remote;
-	}
-
-	public AuthorId getLocalAuthorId() {
-		return local;
-	}
-
-	public Author getRemoteAuthor() {
-		return remote;
-	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseComponent.java

@@ -4,8 +4,6 @@ import org.briarproject.bramble.api.contact.Contact;
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.contact.PendingContact;
 import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.crypto.PrivateKey;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
@@ -24,8 +22,11 @@ import org.briarproject.bramble.api.sync.MessageStatus;
 import org.briarproject.bramble.api.sync.Offer;
 import org.briarproject.bramble.api.sync.Request;
 import org.briarproject.bramble.api.sync.validation.MessageState;
-import org.briarproject.bramble.api.transport.KeySetId;
+import org.briarproject.bramble.api.transport.HandshakeKeySet;
+import org.briarproject.bramble.api.transport.HandshakeKeySetId;
+import org.briarproject.bramble.api.transport.HandshakeKeys;
 import org.briarproject.bramble.api.transport.TransportKeySet;
+import org.briarproject.bramble.api.transport.TransportKeySetId;
 import org.briarproject.bramble.api.transport.TransportKeys;
 
 import java.util.Collection;
@@ -38,7 +39,7 @@ import javax.annotation.Nullable;
  * to other components.
  */
 @NotNullByDefault
-public interface DatabaseComponent extends TransactionManager {
+public interface DatabaseComponent {
 
 	/**
 	 * Opens the database and returns true if the database already existed.
@@ -56,18 +57,76 @@ public interface DatabaseComponent extends TransactionManager {
 	 */
 	void close() throws DbException;
 
+	/**
+	 * Starts a new transaction and returns an object representing it.
+	 * <p/>
+	 * This method acquires locks, so it must not be called while holding a
+	 * lock.
+	 *
+	 * @param readOnly true if the transaction will only be used for reading.
+	 */
+	Transaction startTransaction(boolean readOnly) throws DbException;
+
+	/**
+	 * Commits a transaction to the database.
+	 */
+	void commitTransaction(Transaction txn) throws DbException;
+
+	/**
+	 * Ends a transaction. If the transaction has not been committed,
+	 * it will be aborted. If the transaction has been committed,
+	 * any events attached to the transaction are broadcast.
+	 * The database lock will be released in either case.
+	 */
+	void endTransaction(Transaction txn);
+
+	/**
+	 * Runs the given task within a transaction.
+	 */
+	<E extends Exception> void transaction(boolean readOnly,
+			DbRunnable<E> task) throws DbException, E;
+
+	/**
+	 * Runs the given task within a transaction and returns the result of the
+	 * task.
+	 */
+	<R, E extends Exception> R transactionWithResult(boolean readOnly,
+			DbCallable<R, E> task) throws DbException, E;
+
+	/**
+	 * Runs the given task within a transaction and returns the result of the
+	 * task, which may be null.
+	 */
+	@Nullable
+	<R, E extends Exception> R transactionWithNullableResult(boolean readOnly,
+			NullableDbCallable<R, E> task) throws DbException, E;
+
 	/**
 	 * Stores a contact associated with the given local and remote pseudonyms,
 	 * and returns an ID for the contact.
 	 */
 	ContactId addContact(Transaction txn, Author remote, AuthorId local,
-			@Nullable PublicKey handshake, boolean verified) throws DbException;
+			boolean verified) throws DbException;
 
 	/**
 	 * Stores a group.
 	 */
 	void addGroup(Transaction txn, Group g) throws DbException;
 
+	/**
+	 * Stores the given handshake keys for the given contact and returns a
+	 * key set ID.
+	 */
+	HandshakeKeySetId addHandshakeKeys(Transaction txn, ContactId c,
+			HandshakeKeys k) throws DbException;
+
+	/**
+	 * Stores the given handshake keys for the given pending contact and
+	 * returns a key set ID.
+	 */
+	HandshakeKeySetId addHandshakeKeys(Transaction txn, PendingContactId p,
+			HandshakeKeys k) throws DbException;
+
 	/**
 	 * Stores an identity.
 	 */
@@ -95,14 +154,7 @@ public interface DatabaseComponent extends TransactionManager {
 	 * Stores the given transport keys for the given contact and returns a
 	 * key set ID.
 	 */
-	KeySetId addTransportKeys(Transaction txn, ContactId c, TransportKeys k)
+	TransportKeySetId addTransportKeys(Transaction txn, ContactId c,
-			throws DbException;
-
-	/**
-	 * Stores the given transport keys for the given pending contact and
-	 * returns a key set ID.
-	 */
-	KeySetId addTransportKeys(Transaction txn, PendingContactId p,
 			TransportKeys k) throws DbException;
 
 	/**
@@ -222,7 +274,7 @@ public interface DatabaseComponent extends TransactionManager {
 	 * <p/>
 	 * Read-only.
 	 */
-	Collection<ContactId> getContacts(Transaction txn, AuthorId local)
+	Collection<ContactId> getContacts(Transaction txn, AuthorId a)
 			throws DbException;
 
 	/**
@@ -256,6 +308,14 @@ public interface DatabaseComponent extends TransactionManager {
 	Visibility getGroupVisibility(Transaction txn, ContactId c, GroupId g)
 			throws DbException;
 
+	/**
+	 * Returns all handshake keys for the given transport.
+	 * <p/>
+	 * Read-only.
+	 */
+	Collection<HandshakeKeySet> getHandshakeKeys(Transaction txn, TransportId t)
+			throws DbException;
+
 	/**
 	 * Returns the identity for the local pseudonym with the given ID.
 	 * <p/>
@@ -404,14 +464,6 @@ public interface DatabaseComponent extends TransactionManager {
 	 */
 	long getNextSendTime(Transaction txn, ContactId c) throws DbException;
 
-	/**
-	 * Returns the pending contact with the given ID.
-	 * <p/>
-	 * Read-only.
-	 */
-	PendingContact getPendingContact(Transaction txn, PendingContactId p)
-			throws DbException;
-
 	/**
 	 * Returns all pending contacts.
 	 * <p/>
@@ -435,11 +487,17 @@ public interface DatabaseComponent extends TransactionManager {
 	Collection<TransportKeySet> getTransportKeys(Transaction txn, TransportId t)
 			throws DbException;
 
+	/**
+	 * Increments the outgoing stream counter for the given handshake keys.
+	 */
+	void incrementStreamCounter(Transaction txn, TransportId t,
+			HandshakeKeySetId k) throws DbException;
+
 	/**
 	 * Increments the outgoing stream counter for the given transport keys.
 	 */
-	void incrementStreamCounter(Transaction txn, TransportId t, KeySetId k)
+	void incrementStreamCounter(Transaction txn, TransportId t,
-			throws DbException;
+			TransportKeySetId k) throws DbException;
 
 	/**
 	 * Merges the given metadata with the existing metadata for the given
@@ -494,6 +552,12 @@ public interface DatabaseComponent extends TransactionManager {
 	 */
 	void removeGroup(Transaction txn, Group g) throws DbException;
 
+	/**
+	 * Removes the given handshake keys from the database.
+	 */
+	void removeHandshakeKeys(Transaction txn, TransportId t,
+			HandshakeKeySetId k) throws DbException;
+
 	/**
 	 * Removes an identity (and all associated state) from the database.
 	 */
@@ -518,8 +582,8 @@ public interface DatabaseComponent extends TransactionManager {
 	/**
 	 * Removes the given transport keys from the database.
 	 */
-	void removeTransportKeys(Transaction txn, TransportId t, KeySetId k)
+	void removeTransportKeys(Transaction txn, TransportId t,
-			throws DbException;
+			TransportKeySetId k) throws DbException;
 
 	/**
 	 * Marks the given contact as verified.
@@ -558,20 +622,35 @@ public interface DatabaseComponent extends TransactionManager {
 	/**
 	 * Sets the handshake key pair for the identity with the given ID.
 	 */
-	void setHandshakeKeyPair(Transaction txn, AuthorId local,
+	void setHandshakeKeyPair(Transaction txn, AuthorId local, byte[] publicKey,
-			PublicKey publicKey, PrivateKey privateKey) throws DbException;
+			byte[] privateKey) throws DbException;
 
 	/**
-	 * Sets the reordering window for the given transport keys in the given
+	 * Sets the reordering window for the given transport key set in the given
 	 * time period.
 	 */
-	void setReorderingWindow(Transaction txn, KeySetId k, TransportId t,
+	void setReorderingWindow(Transaction txn, TransportKeySetId k,
-			long timePeriod, long base, byte[] bitmap) throws DbException;
+			TransportId t, long timePeriod, long base, byte[] bitmap)
+			throws DbException;
+
+	/**
+	 * Sets the reordering window for the given handshake key set in the given
+	 * time period.
+	 */
+	void setReorderingWindow(Transaction txn, HandshakeKeySetId k,
+			TransportId t, long timePeriod, long base, byte[] bitmap)
+			throws DbException;
 
 	/**
 	 * Marks the given transport keys as usable for outgoing streams.
 	 */
-	void setTransportKeysActive(Transaction txn, TransportId t, KeySetId k)
+	void setTransportKeysActive(Transaction txn, TransportId t,
+			TransportKeySetId k) throws DbException;
+
+	/**
+	 * Stores the given handshake keys, deleting any keys they have replaced.
+	 */
+	void updateHandshakeKeys(Transaction txn, Collection<HandshakeKeySet> keys)
 			throws DbException;
 
 	/**

bramble-api/src/main/java/org/briarproject/bramble/api/db/TransactionManager.java

@@ -1,54 +0,0 @@
-package org.briarproject.bramble.api.db;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.Nullable;
-
-@NotNullByDefault
-public interface TransactionManager {
-
-	/**
-	 * Starts a new transaction and returns an object representing it.
-	 * <p/>
-	 * This method acquires locks, so it must not be called while holding a
-	 * lock.
-	 *
-	 * @param readOnly true if the transaction will only be used for reading.
-	 */
-	Transaction startTransaction(boolean readOnly) throws DbException;
-
-	/**
-	 * Commits a transaction to the database.
-	 */
-	void commitTransaction(Transaction txn) throws DbException;
-
-	/**
-	 * Ends a transaction. If the transaction has not been committed,
-	 * it will be aborted. If the transaction has been committed,
-	 * any events attached to the transaction are broadcast.
-	 * The database lock will be released in either case.
-	 */
-	void endTransaction(Transaction txn);
-
-	/**
-	 * Runs the given task within a transaction.
-	 */
-	<E extends Exception> void transaction(boolean readOnly,
-			DbRunnable<E> task) throws DbException, E;
-
-	/**
-	 * Runs the given task within a transaction and returns the result of the
-	 * task.
-	 */
-	<R, E extends Exception> R transactionWithResult(boolean readOnly,
-			DbCallable<R, E> task) throws DbException, E;
-
-	/**
-	 * Runs the given task within a transaction and returns the result of the
-	 * task, which may be null.
-	 */
-	@Nullable
-	<R, E extends Exception> R transactionWithNullableResult(boolean readOnly,
-			NullableDbCallable<R, E> task) throws DbException, E;
-
-}

bramble-api/src/main/java/org/briarproject/bramble/api/identity/Author.java

@@ -1,14 +1,13 @@
 package org.briarproject.bramble.api.identity;
 
 import org.briarproject.bramble.api.Nameable;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.util.StringUtils;
 
 import javax.annotation.concurrent.Immutable;
 
-import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_SIGNATURE;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
-import static org.briarproject.bramble.util.StringUtils.toUtf8;
+import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
 
 /**
  * A pseudonym for a user.
@@ -25,14 +24,14 @@ public class Author implements Nameable {
 	private final AuthorId id;
 	private final int formatVersion;
 	private final String name;
-	private final PublicKey publicKey;
+	private final byte[] publicKey;
 
 	public Author(AuthorId id, int formatVersion, String name,
-			PublicKey publicKey) {
+			byte[] publicKey) {
-		int nameLength = toUtf8(name).length;
+		int nameLength = StringUtils.toUtf8(name).length;
 		if (nameLength == 0 || nameLength > MAX_AUTHOR_NAME_LENGTH)
 			throw new IllegalArgumentException();
-		if (!publicKey.getKeyType().equals(KEY_TYPE_SIGNATURE))
+		if (publicKey.length == 0 || publicKey.length > MAX_PUBLIC_KEY_LENGTH)
 			throw new IllegalArgumentException();
 		this.id = id;
 		this.formatVersion = formatVersion;
@@ -64,7 +63,7 @@ public class Author implements Nameable {
 	/**
 	 * Returns the public key used to verify the pseudonym's signatures.
 	 */
-	public PublicKey getPublicKey() {
+	public byte[] getPublicKey() {
 		return publicKey;
 	}
 

bramble-api/src/main/java/org/briarproject/bramble/api/identity/AuthorFactory.java

@@ -1,6 +1,5 @@
 package org.briarproject.bramble.api.identity;
 
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
 @NotNullByDefault
@@ -10,12 +9,12 @@ public interface AuthorFactory {
 	 * Creates an author with the current format version and the given name and
 	 * public key.
 	 */
-	Author createAuthor(String name, PublicKey publicKey);
+	Author createAuthor(String name, byte[] publicKey);
 
 	/**
 	 * Creates an author with the given format version, name and public key.
 	 */
-	Author createAuthor(int formatVersion, String name, PublicKey publicKey);
+	Author createAuthor(int formatVersion, String name, byte[] publicKey);
 
 	/**
 	 * Creates a local author with the current format version and the given

bramble-api/src/main/java/org/briarproject/bramble/api/identity/Identity.java

@@ -1,13 +1,13 @@
 package org.briarproject.bramble.api.identity;
 
-import org.briarproject.bramble.api.crypto.PrivateKey;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
+import java.util.Arrays;
+
 import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 
-import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_AGREEMENT;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
 
 @Immutable
 @NotNullByDefault
@@ -15,24 +15,15 @@ public class Identity {
 
 	private final LocalAuthor localAuthor;
 	@Nullable
-	private final PublicKey handshakePublicKey;
+	private final byte[] handshakePublicKey, handshakePrivateKey;
-	@Nullable
-	private final PrivateKey handshakePrivateKey;
 	private final long created;
 
 	public Identity(LocalAuthor localAuthor,
-			@Nullable PublicKey handshakePublicKey,
+			@Nullable byte[] handshakePublicKey,
-			@Nullable PrivateKey handshakePrivateKey, long created) {
+			@Nullable byte[] handshakePrivateKey, long created) {
 		if (handshakePublicKey != null) {
-			if (handshakePrivateKey == null)
+			int keyLength = handshakePublicKey.length;
-				throw new IllegalArgumentException();
+			if (keyLength == 0 || keyLength > MAX_AGREEMENT_PUBLIC_KEY_BYTES)
-			if (!handshakePublicKey.getKeyType().equals(KEY_TYPE_AGREEMENT))
-				throw new IllegalArgumentException();
-		}
-		if (handshakePrivateKey != null) {
-			if (handshakePublicKey == null)
-				throw new IllegalArgumentException();
-			if (!handshakePrivateKey.getKeyType().equals(KEY_TYPE_AGREEMENT))
 				throw new IllegalArgumentException();
 		}
 		this.localAuthor = localAuthor;
@@ -66,7 +57,7 @@ public class Identity {
 	 * Returns the public key used for handshaking, or null if no key exists.
 	 */
 	@Nullable
-	public PublicKey getHandshakePublicKey() {
+	public byte[] getHandshakePublicKey() {
 		return handshakePublicKey;
 	}
 
@@ -74,7 +65,7 @@ public class Identity {
 	 * Returns the private key used for handshaking, or null if no key exists.
 	 */
 	@Nullable
-	public PrivateKey getHandshakePrivateKey() {
+	public byte[] getHandshakePrivateKey() {
 		return handshakePrivateKey;
 	}
 
@@ -85,4 +76,21 @@ public class Identity {
 	public long getTimeCreated() {
 		return created;
 	}
+
+	@Override
+	public int hashCode() {
+		return localAuthor.getId().hashCode();
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		if (o instanceof Identity) {
+			Identity i = (Identity) o;
+			return created == i.created &&
+					localAuthor.equals(i.localAuthor) &&
+					Arrays.equals(handshakePublicKey, i.handshakePublicKey) &&
+					Arrays.equals(handshakePrivateKey, i.handshakePrivateKey);
+		}
+		return false;
+	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/identity/IdentityManager.java

@@ -1,7 +1,6 @@
 package org.briarproject.bramble.api.identity;
 
 import org.briarproject.bramble.api.crypto.CryptoExecutor;
-import org.briarproject.bramble.api.crypto.KeyPair;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Transaction;
@@ -42,6 +41,9 @@ public interface IdentityManager {
 	 * Returns the cached handshake keys or loads them from the database.
 	 * <p/>
 	 * Read-only.
+	 *
+	 * @return A two-element array containing the public key in the first
+	 * element and the private key in the second
 	 */
-	KeyPair getHandshakeKeys(Transaction txn) throws DbException;
+	byte[][] getHandshakeKeys(Transaction txn) throws DbException;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/identity/LocalAuthor.java

@@ -1,13 +1,9 @@
 package org.briarproject.bramble.api.identity;
 
-import org.briarproject.bramble.api.crypto.PrivateKey;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
 import javax.annotation.concurrent.Immutable;
 
-import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_SIGNATURE;
-
 /**
  * A pseudonym for the local user.
  */
@@ -15,20 +11,18 @@ import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_SIGNA
 @NotNullByDefault
 public class LocalAuthor extends Author {
 
-	private final PrivateKey privateKey;
+	private final byte[] privateKey;
 
 	public LocalAuthor(AuthorId id, int formatVersion, String name,
-			PublicKey publicKey, PrivateKey privateKey) {
+			byte[] publicKey, byte[] privateKey) {
 		super(id, formatVersion, name, publicKey);
-		if (!privateKey.getKeyType().equals(KEY_TYPE_SIGNATURE))
-			throw new IllegalArgumentException();
 		this.privateKey = privateKey;
 	}
 
 	/**
 	 * Returns the private key used to generate the pseudonym's signatures.
 	 */
-	public PrivateKey getPrivateKey() {
+	public byte[] getPrivateKey() {
 		return privateKey;
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/keyagreement/KeyAgreementListener.java

@@ -5,7 +5,7 @@ import org.briarproject.bramble.api.data.BdfList;
 import java.io.IOException;
 
 /**
- * Accepts key agreement connections over a given transport.
+ * An class for managing a particular key agreement listener.
  */
 public abstract class KeyAgreementListener {
 

bramble-api/src/main/java/org/briarproject/bramble/api/nullsafety/NullSafety.java

@@ -6,27 +6,10 @@ import javax.annotation.Nullable;
 public class NullSafety {
 
 	/**
-	 * Stand-in for {@code Objects.requireNonNull()}.
+	 * Stand-in for `Objects.requireNonNull()`.
 	 */
 	public static <T> T requireNonNull(@Nullable T t) {
 		if (t == null) throw new NullPointerException();
 		return t;
 	}
-
-	/**
-	 * Checks that exactly one of the arguments is null.
-	 *
-	 * @throws AssertionError If both or neither of the arguments are null
-	 */
-	public static void requireExactlyOneNull(@Nullable Object a,
-			@Nullable Object b) {
-		if ((a == null) == (b == null)) throw new AssertionError();
-	}
-
-	/**
-	 * Checks that the argument is null.
-	 */
-	public static void requireNull(@Nullable Object o) {
-		if (o != null) throw new AssertionError();
-	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/ConnectionHandler.java

@@ -1,28 +0,0 @@
-package org.briarproject.bramble.api.plugin;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.plugin.simplex.SimplexPlugin;
-
-/**
- * An interface for handling connections created by transport plugins.
- */
-@NotNullByDefault
-public interface ConnectionHandler {
-
-	/**
-	 * Handles a connection created by a {@link DuplexPlugin}.
-	 */
-	void handleConnection(DuplexTransportConnection c);
-
-	/**
-	 * Handles a reader created by a {@link SimplexPlugin}.
-	 */
-	void handleReader(TransportConnectionReader r);
-
-	/**
-	 * Handles a writer created by a {@link SimplexPlugin}.
-	 */
-	void handleWriter(TransportConnectionWriter w);
-}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/ConnectionManager.java

@@ -1,46 +1,17 @@
 package org.briarproject.bramble.api.plugin;
 
 import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 
-@NotNullByDefault
 public interface ConnectionManager {
 
-	/**
-	 * Manages an incoming connection from a contact over a simplex transport.
-	 */
 	void manageIncomingConnection(TransportId t, TransportConnectionReader r);
 
-	/**
-	 * Manages an incoming connection from a contact over a duplex transport.
-	 */
 	void manageIncomingConnection(TransportId t, DuplexTransportConnection d);
 
-	/**
-	 * Manages an incoming handshake connection from a pending contact over a
-	 * duplex transport.
-	 */
-	void manageIncomingConnection(PendingContactId p, TransportId t,
-			DuplexTransportConnection d);
-
-	/**
-	 * Manages an outgoing connection to a contact over a simplex transport.
-	 */
 	void manageOutgoingConnection(ContactId c, TransportId t,
 			TransportConnectionWriter w);
 
-	/**
-	 * Manages an outgoing connection to a contact over a duplex transport.
-	 */
 	void manageOutgoingConnection(ContactId c, TransportId t,
 			DuplexTransportConnection d);
-
-	/**
-	 * Manages an outgoing handshake connection to a pending contact over a
-	 * duplex transport.
-	 */
-	void manageOutgoingConnection(PendingContactId p, TransportId t,
-			DuplexTransportConnection d);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/ConnectionRegistry.java

@@ -1,14 +1,7 @@
 package org.briarproject.bramble.api.plugin;
 
 import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
-import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactConnectedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactDisconnectedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionClosedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionOpenedEvent;
 
 import java.util.Collection;
 
@@ -18,50 +11,13 @@ import java.util.Collection;
 @NotNullByDefault
 public interface ConnectionRegistry {
 
-	/**
-	 * Registers a connection with the given contact over the given transport.
-	 * Broadcasts {@link ConnectionOpenedEvent}. Also broadcasts
-	 * {@link ContactConnectedEvent} if this is the only connection with the
-	 * contact.
-	 */
 	void registerConnection(ContactId c, TransportId t, boolean incoming);
 
-	/**
-	 * Unregisters a connection with the given contact over the given transport.
-	 * Broadcasts {@link ConnectionClosedEvent}. Also broadcasts
-	 * {@link ContactDisconnectedEvent} if this is the only connection with
-	 * the contact.
-	 */
 	void unregisterConnection(ContactId c, TransportId t, boolean incoming);
 
-	/**
-	 * Returns any contacts that are connected via the given transport.
-	 */
 	Collection<ContactId> getConnectedContacts(TransportId t);
 
-	/**
-	 * Returns true if the given contact is connected via the given transport.
-	 */
 	boolean isConnected(ContactId c, TransportId t);
 
-	/**
-	 * Returns true if the given contact is connected via any transport.
-	 */
 	boolean isConnected(ContactId c);
-
-	/**
-	 * Registers a connection with the given pending contact. Broadcasts
-	 * {@link RendezvousConnectionOpenedEvent} if this is the only connection
-	 * with the pending contact.
-	 *
-	 * @return True if this is the only connection with the pending contact,
-	 * false if it is redundant and should be closed
-	 */
-	boolean registerConnection(PendingContactId p);
-
-	/**
-	 * Unregisters a connection with the given pending contact. Broadcasts
-	 * {@link RendezvousConnectionClosedEvent}.
-	 */
-	void unregisterConnection(PendingContactId p, boolean success);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/Plugin.java

@@ -1,10 +1,10 @@
 package org.briarproject.bramble.api.plugin;
 
-import org.briarproject.bramble.api.Pair;
+import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.properties.TransportProperties;
 
-import java.util.Collection;
+import java.util.Map;
 
 @NotNullByDefault
 public interface Plugin {
@@ -51,9 +51,8 @@ public interface Plugin {
 	int getPollingInterval();
 
 	/**
-	 * Attempts to create connections using the given transport properties,
+	 * Attempts to establish connections to the given contacts, passing any
-	 * passing any created connections to the corresponding handlers.
+	 * created connections to the callback.
 	 */
-	void poll(Collection<Pair<TransportProperties, ConnectionHandler>>
+	void poll(Map<ContactId, TransportProperties> contacts);
-			properties);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginCallback.java

@@ -9,7 +9,7 @@ import org.briarproject.bramble.api.settings.Settings;
  * the application.
  */
 @NotNullByDefault
-public interface PluginCallback extends ConnectionHandler {
+public interface PluginCallback {
 
 	/**
 	 * Returns the plugin's settings

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginManager.java

@@ -36,9 +36,4 @@ public interface PluginManager {
 	 * Returns any duplex plugins that support key agreement.
 	 */
 	Collection<DuplexPlugin> getKeyAgreementPlugins();
-
-	/**
-	 * Returns any duplex plugins that support rendezvous.
-	 */
-	Collection<DuplexPlugin> getRendezvousPlugins();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/DuplexPlugin.java

@@ -3,11 +3,8 @@ package org.briarproject.bramble.api.plugin.duplex;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementListener;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.ConnectionHandler;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.properties.TransportProperties;
-import org.briarproject.bramble.api.rendezvous.KeyMaterialSource;
-import org.briarproject.bramble.api.rendezvous.RendezvousEndpoint;
 
 import javax.annotation.Nullable;
 
@@ -43,19 +40,4 @@ public interface DuplexPlugin extends Plugin {
 	@Nullable
 	DuplexTransportConnection createKeyAgreementConnection(
 			byte[] remoteCommitment, BdfList descriptor);
-
-	/**
-	 * Returns true if the plugin supports rendezvous connections.
-	 */
-	boolean supportsRendezvous();
-
-	/**
-	 * Creates and returns an endpoint that uses the given key material to
-	 * rendezvous with a pending contact, and the given connection handler to
-	 * handle incoming connections. Returns null if an endpoint cannot be
-	 * created.
-	 */
-	@Nullable
-	RendezvousEndpoint createRendezvousEndpoint(KeyMaterialSource k,
-			boolean alice, ConnectionHandler incoming);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/DuplexPluginCallback.java

@@ -0,0 +1,17 @@
+package org.briarproject.bramble.api.plugin.duplex;
+
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.PluginCallback;
+
+/**
+ * An interface through which a duplex plugin interacts with the rest of the
+ * application.
+ */
+@NotNullByDefault
+public interface DuplexPluginCallback extends PluginCallback {
+
+	void incomingConnectionCreated(DuplexTransportConnection d);
+
+	void outgoingConnectionCreated(ContactId c, DuplexTransportConnection d);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/DuplexPluginFactory.java

@@ -1,7 +1,6 @@
 package org.briarproject.bramble.api.plugin.duplex;
 
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.PluginCallback;
 import org.briarproject.bramble.api.plugin.TransportId;
 
 import javax.annotation.Nullable;
@@ -26,5 +25,5 @@ public interface DuplexPluginFactory {
 	 * Creates and returns a plugin, or null if no plugin can be created.
 	 */
 	@Nullable
-	DuplexPlugin createPlugin(PluginCallback callback);
+	DuplexPlugin createPlugin(DuplexPluginCallback callback);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/simplex/SimplexPluginCallback.java

@@ -0,0 +1,19 @@
+package org.briarproject.bramble.api.plugin.simplex;
+
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.PluginCallback;
+import org.briarproject.bramble.api.plugin.TransportConnectionReader;
+import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+
+/**
+ * An interface through which a simplex plugin interacts with the rest of the
+ * application.
+ */
+@NotNullByDefault
+public interface SimplexPluginCallback extends PluginCallback {
+
+	void readerCreated(TransportConnectionReader r);
+
+	void writerCreated(ContactId c, TransportConnectionWriter w);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/simplex/SimplexPluginFactory.java

@@ -1,7 +1,6 @@
 package org.briarproject.bramble.api.plugin.simplex;
 
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.PluginCallback;
 import org.briarproject.bramble.api.plugin.TransportId;
 
 import javax.annotation.Nullable;
@@ -26,5 +25,5 @@ public interface SimplexPluginFactory {
 	 * Creates and returns a plugin, or null if no plugin can be created.
 	 */
 	@Nullable
-	SimplexPlugin createPlugin(PluginCallback callback);
+	SimplexPlugin createPlugin(SimplexPluginCallback callback);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/record/RecordReader.java

@@ -1,14 +1,10 @@
 package org.briarproject.bramble.api.record;
 
-import org.briarproject.bramble.api.FormatException;
-import org.briarproject.bramble.api.Predicate;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
 import java.io.EOFException;
 import java.io.IOException;
 
-import javax.annotation.Nullable;
-
 @NotNullByDefault
 public interface RecordReader {
 
@@ -20,20 +16,5 @@ public interface RecordReader {
 	 */
 	Record readRecord() throws IOException;
 
-	/**
-	 * Reads and returns the next record matching the 'accept' predicate,
-	 * skipping any records that match the 'ignore' predicate. Returns null if
-	 * no record matching the 'accept' predicate is found before the end of the
-	 * stream.
-	 *
-	 * @throws EOFException If the end of the stream is reached without
-	 * reading a complete record
-	 * @throws FormatException If a record is read that does not match the
-	 * 'accept' or 'ignore' predicates
-	 */
-	@Nullable
-	Record readRecord(Predicate<Record> accept, Predicate<Record> ignore)
-			throws IOException;
-
 	void close() throws IOException;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/KeyMaterialSource.java

@@ -1,15 +0,0 @@
-package org.briarproject.bramble.api.rendezvous;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-/**
- * A source of key material for use in making rendezvous connections.
- */
-@NotNullByDefault
-public interface KeyMaterialSource {
-
-	/**
-	 * Returns the requested amount of key material.
-	 */
-	byte[] getKeyMaterial(int length);
-}

bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousEndpoint.java

@@ -1,26 +0,0 @@
-package org.briarproject.bramble.api.rendezvous;
-
-import org.briarproject.bramble.api.properties.TransportProperties;
-
-import java.io.Closeable;
-import java.io.IOException;
-
-/**
- * An interface for making and accepting rendezvous connections with a pending
- * contact over a given transport.
- */
-public interface RendezvousEndpoint extends Closeable {
-
-	/**
-	 * Returns a set of transport properties for connecting to the pending
-	 * contact.
-	 */
-	TransportProperties getRemoteTransportProperties();
-
-	/**
-	 * Closes the handler and releases any resources held by it, such as
-	 * network sockets.
-	 */
-	@Override
-	void close() throws IOException;
-}

bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousPoller.java

@@ -1,12 +0,0 @@
-package org.briarproject.bramble.api.rendezvous;
-
-import org.briarproject.bramble.api.contact.PendingContactId;
-
-/**
- * Interface for the poller that makes rendezvous connections to pending
- * contacts.
- */
-public interface RendezvousPoller {
-
-	long getLastPollTime(PendingContactId p);
-}

bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/event/RendezvousConnectionClosedEvent.java

@@ -1,32 +0,0 @@
-package org.briarproject.bramble.api.rendezvous.event;
-
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * An event that is broadcast when a rendezvous connection is closed.
- */
-@Immutable
-@NotNullByDefault
-public class RendezvousConnectionClosedEvent extends Event {
-
-	private final PendingContactId pendingContactId;
-	private final boolean success;
-
-	public RendezvousConnectionClosedEvent(PendingContactId pendingContactId,
-			boolean success) {
-		this.pendingContactId = pendingContactId;
-		this.success = success;
-	}
-
-	public PendingContactId getPendingContactId() {
-		return pendingContactId;
-	}
-
-	public boolean isSuccess() {
-		return success;
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/event/RendezvousConnectionOpenedEvent.java

@@ -1,25 +0,0 @@
-package org.briarproject.bramble.api.rendezvous.event;
-
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * An event that is broadcast when a rendezvous connection is opened.
- */
-@Immutable
-@NotNullByDefault
-public class RendezvousConnectionOpenedEvent extends Event {
-
-	private final PendingContactId pendingContactId;
-
-	public RendezvousConnectionOpenedEvent(PendingContactId pendingContactId) {
-		this.pendingContactId = pendingContactId;
-	}
-
-	public PendingContactId getPendingContactId() {
-		return pendingContactId;
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/event/RendezvousPollEvent.java

@@ -1,36 +0,0 @@
-package org.briarproject.bramble.api.rendezvous.event;
-
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportId;
-
-import java.util.Collection;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * An event that is broadcast when a transport plugin is polled for connections
- * to one or more pending contacts.
- */
-@Immutable
-@NotNullByDefault
-public class RendezvousPollEvent extends Event {
-
-	private final TransportId transportId;
-	private final Collection<PendingContactId> pendingContacts;
-
-	public RendezvousPollEvent(TransportId transportId,
-			Collection<PendingContactId> pendingContacts) {
-		this.transportId = transportId;
-		this.pendingContacts = pendingContacts;
-	}
-
-	public TransportId getTransportId() {
-		return transportId;
-	}
-
-	public Collection<PendingContactId> getPendingContacts() {
-		return pendingContacts;
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/AbstractTransportKeys.java

@@ -0,0 +1,57 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * Abstract superclass for {@link TransportKeys} and {@link HandshakeKeys}.
+ */
+@Immutable
+@NotNullByDefault
+public abstract class AbstractTransportKeys {
+
+	private final TransportId transportId;
+	private final IncomingKeys inPrev, inCurr, inNext;
+	private final OutgoingKeys outCurr;
+
+	AbstractTransportKeys(TransportId transportId, IncomingKeys inPrev,
+			IncomingKeys inCurr, IncomingKeys inNext, OutgoingKeys outCurr) {
+		if (inPrev.getTimePeriod() != outCurr.getTimePeriod() - 1)
+			throw new IllegalArgumentException();
+		if (inCurr.getTimePeriod() != outCurr.getTimePeriod())
+			throw new IllegalArgumentException();
+		if (inNext.getTimePeriod() != outCurr.getTimePeriod() + 1)
+			throw new IllegalArgumentException();
+		this.transportId = transportId;
+		this.inPrev = inPrev;
+		this.inCurr = inCurr;
+		this.inNext = inNext;
+		this.outCurr = outCurr;
+	}
+
+	public TransportId getTransportId() {
+		return transportId;
+	}
+
+	public IncomingKeys getPreviousIncomingKeys() {
+		return inPrev;
+	}
+
+	public IncomingKeys getCurrentIncomingKeys() {
+		return inCurr;
+	}
+
+	public IncomingKeys getNextIncomingKeys() {
+		return inNext;
+	}
+
+	public OutgoingKeys getCurrentOutgoingKeys() {
+		return outCurr;
+	}
+
+	public long getTimePeriod() {
+		return outCurr.getTimePeriod();
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/HandshakeKeySet.java

@@ -0,0 +1,70 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.Nullable;
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * A set of keys for handshaking with a given contact or pending contact over a
+ * given transport. Unlike a {@link TransportKeySet} these keys do not provide
+ * forward secrecy.
+ */
+@Immutable
+@NotNullByDefault
+public class HandshakeKeySet {
+
+	private final HandshakeKeySetId keySetId;
+	@Nullable
+	private final ContactId contactId;
+	@Nullable
+	private final PendingContactId pendingContactId;
+	private final HandshakeKeys keys;
+
+	public HandshakeKeySet(HandshakeKeySetId keySetId, ContactId contactId,
+			HandshakeKeys keys) {
+		this.keySetId = keySetId;
+		this.contactId = contactId;
+		this.keys = keys;
+		pendingContactId = null;
+	}
+
+	public HandshakeKeySet(HandshakeKeySetId keySetId,
+			PendingContactId pendingContactId, HandshakeKeys keys) {
+		this.keySetId = keySetId;
+		this.pendingContactId = pendingContactId;
+		this.keys = keys;
+		contactId = null;
+	}
+
+	public HandshakeKeySetId getKeySetId() {
+		return keySetId;
+	}
+
+	@Nullable
+	public ContactId getContactId() {
+		return contactId;
+	}
+
+	@Nullable
+	public PendingContactId getPendingContactId() {
+		return pendingContactId;
+	}
+
+	public HandshakeKeys getKeys() {
+		return keys;
+	}
+
+	@Override
+	public int hashCode() {
+		return keySetId.hashCode();
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		return o instanceof HandshakeKeySet &&
+				keySetId.equals(((HandshakeKeySet) o).keySetId);
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/HandshakeKeySetId.java

@@ -5,16 +5,17 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import javax.annotation.concurrent.Immutable;
 
 /**
- * Type-safe wrapper for an integer that uniquely identifies a set of
+ * Type-safe wrapper for an integer that uniquely identifies a
- * {@link TransportKeySet transport keys} within the scope of the local device.
+ * {@link HandshakeKeySet set of handshake keys} within the scope of the local
+ * device.
  */
 @Immutable
 @NotNullByDefault
-public class KeySetId {
+public class HandshakeKeySetId {
 
 	private final int id;
 
-	public KeySetId(int id) {
+	public HandshakeKeySetId(int id) {
 		this.id = id;
 	}
 
@@ -29,6 +30,7 @@ public class KeySetId {
 
 	@Override
 	public boolean equals(Object o) {
-		return o instanceof KeySetId && id == ((KeySetId) o).id;
+		return o instanceof HandshakeKeySetId &&
+				id == ((HandshakeKeySetId) o).id;
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/transport/HandshakeKeys.java

@@ -0,0 +1,36 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * Keys for handshaking with a given contact or pending contact over a given
+ * transport. Unlike {@link TransportKeys} these keys do not provide forward
+ * secrecy.
+ */
+@Immutable
+@NotNullByDefault
+public class HandshakeKeys extends AbstractTransportKeys {
+
+	private final SecretKey rootKey;
+	private final boolean alice;
+
+	public HandshakeKeys(TransportId transportId, IncomingKeys inPrev,
+			IncomingKeys inCurr, IncomingKeys inNext, OutgoingKeys outCurr,
+			SecretKey rootKey, boolean alice) {
+		super(transportId, inPrev, inCurr, inNext, outCurr);
+		this.rootKey = rootKey;
+		this.alice = alice;
+	}
+
+	public SecretKey getRootKey() {
+		return rootKey;
+	}
+
+	public boolean isAlice() {
+		return alice;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/IncomingKeys.java

@@ -8,8 +8,8 @@ import javax.annotation.concurrent.Immutable;
 import static org.briarproject.bramble.api.transport.TransportConstants.REORDERING_WINDOW_SIZE;
 
 /**
- * Contains transport keys for receiving streams from a given contact or
+ * Contains transport keys for receiving streams from a given contact over a
- * pending contact over a given transport in a given time period.
+ * given transport in a given time period.
  */
 @Immutable
 @NotNullByDefault

bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeyManager.java

@@ -1,15 +1,11 @@
 package org.briarproject.bramble.api.transport;
 
 import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.crypto.KeyPair;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.plugin.TransportId;
 
-import java.security.GeneralSecurityException;
 import java.util.Map;
 
 import javax.annotation.Nullable;
@@ -21,49 +17,24 @@ import javax.annotation.Nullable;
 public interface KeyManager {
 
 	/**
-	 * Derives and stores a set of rotation mode transport keys for
+	 * Informs the key manager that a new contact has been added. Derives and
-	 * communicating with the given contact over each transport and returns the
+	 * stores a set of transport keys for communicating with the contact over
-	 * key set IDs.
+	 * each transport and returns the key set IDs.
 	 * <p/>
 	 * {@link StreamContext StreamContexts} for the contact can be created
 	 * after this method has returned.
 	 *
-	 * @param alice True if the local party is Alice
+	 * @param alice true if the local party is Alice
-	 * @param active Whether the derived keys can be used for outgoing streams
+	 * @param active whether the derived keys can be used for outgoing streams
 	 */
-	Map<TransportId, KeySetId> addRotationKeys(Transaction txn,
+	Map<TransportId, TransportKeySetId> addContact(Transaction txn, ContactId c,
-			ContactId c, SecretKey rootKey, long timestamp, boolean alice,
+			SecretKey rootKey, long timestamp, boolean alice, boolean active)
-			boolean active) throws DbException;
+			throws DbException;
-
-	/**
-	 * Informs the key manager that a new contact has been added. Derives and
-	 * stores a set of handshake mode transport keys for communicating with the
-	 * contact over each transport and returns the key set IDs.
-	 * <p/>
-	 * {@link StreamContext StreamContexts} for the contact can be created
-	 * after this method has returned.
-	 */
-	Map<TransportId, KeySetId> addContact(Transaction txn, ContactId c,
-			PublicKey theirPublicKey, KeyPair ourKeyPair)
-			throws DbException, GeneralSecurityException;
-
-	/**
-	 * Informs the key manager that a new pending contact has been added.
-	 * Derives and stores a set of handshake mode transport keys for
-	 * communicating with the pending contact over each transport and returns
-	 * the key set IDs.
-	 * <p/>
-	 * {@link StreamContext StreamContexts} for the pending contact can be
-	 * created after this method has returned.
-	 */
-	Map<TransportId, KeySetId> addPendingContact(Transaction txn,
-			PendingContactId p, PublicKey theirPublicKey, KeyPair ourKeyPair)
-			throws DbException, GeneralSecurityException;
 
 	/**
 	 * Marks the given transport keys as usable for outgoing streams.
 	 */
-	void activateKeys(Transaction txn, Map<TransportId, KeySetId> keys)
+	void activateKeys(Transaction txn, Map<TransportId, TransportKeySetId> keys)
 			throws DbException;
 
 	/**
@@ -72,28 +43,15 @@ public interface KeyManager {
 	 */
 	boolean canSendOutgoingStreams(ContactId c, TransportId t);
 
-	/**
-	 * Returns true if we have keys that can be used for outgoing streams to
-	 * the given pending contact over the given transport.
-	 */
-	boolean canSendOutgoingStreams(PendingContactId p, TransportId t);
-
 	/**
 	 * Returns a {@link StreamContext} for sending a stream to the given
-	 * contact over the given transport, or null if an error occurs.
+	 * contact over the given transport, or null if an error occurs or the
+	 * contact does not support the transport.
 	 */
 	@Nullable
 	StreamContext getStreamContext(ContactId c, TransportId t)
 			throws DbException;
 
-	/**
-	 * Returns a {@link StreamContext} for sending a stream to the given
-	 * pending contact over the given transport, or null if an error occurs.
-	 */
-	@Nullable
-	StreamContext getStreamContext(PendingContactId p, TransportId t)
-			throws DbException;
-
 	/**
 	 * Looks up the given tag and returns a {@link StreamContext} for reading
 	 * from the corresponding stream, or null if an error occurs or the tag was

bramble-api/src/main/java/org/briarproject/bramble/api/transport/OutgoingKeys.java

@@ -6,8 +6,8 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import javax.annotation.concurrent.Immutable;
 
 /**
- * Contains transport keys for sending streams to a given contact or pending
+ * Contains transport keys for sending streams to a given contact over a given
- * contact over a given transport in a given time period.
+ * transport in a given time period.
  */
 @Immutable
 @NotNullByDefault

bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamContext.java

@@ -1,53 +1,34 @@
 package org.briarproject.bramble.api.transport;
 
 import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
 
-import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 
-import static org.briarproject.bramble.api.nullsafety.NullSafety.requireExactlyOneNull;
-
 @Immutable
 @NotNullByDefault
 public class StreamContext {
 
-	@Nullable
 	private final ContactId contactId;
-	@Nullable
-	private final PendingContactId pendingContactId;
 	private final TransportId transportId;
 	private final SecretKey tagKey, headerKey;
 	private final long streamNumber;
-	private final boolean handshakeMode;
 
-	public StreamContext(@Nullable ContactId contactId,
+	public StreamContext(ContactId contactId, TransportId transportId,
-			@Nullable PendingContactId pendingContactId,
+			SecretKey tagKey, SecretKey headerKey, long streamNumber) {
-			TransportId transportId, SecretKey tagKey, SecretKey headerKey,
-			long streamNumber, boolean handshakeMode) {
-		requireExactlyOneNull(contactId, pendingContactId);
 		this.contactId = contactId;
-		this.pendingContactId = pendingContactId;
 		this.transportId = transportId;
 		this.tagKey = tagKey;
 		this.headerKey = headerKey;
 		this.streamNumber = streamNumber;
-		this.handshakeMode = handshakeMode;
 	}
 
-	@Nullable
 	public ContactId getContactId() {
 		return contactId;
 	}
 
-	@Nullable
-	public PendingContactId getPendingContactId() {
-		return pendingContactId;
-	}
-
 	public TransportId getTransportId() {
 		return transportId;
 	}
@@ -63,8 +44,4 @@ public class StreamContext {
 	public long getStreamNumber() {
 		return streamNumber;
 	}
-
-	public boolean isHandshakeMode() {
-		return handshakeMode;
-	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportConstants.java

@@ -63,6 +63,14 @@ public interface TransportConstants {
 	int MAX_PAYLOAD_LENGTH = MAX_FRAME_LENGTH - FRAME_HEADER_LENGTH
 			- MAC_LENGTH;
 
+	/**
+	 * The minimum stream length in bytes that all transport plugins must
+	 * support. Streams may be shorter than this length, but all transport
+	 * plugins must support streams of at least this length.
+	 */
+	int MIN_STREAM_LENGTH = STREAM_HEADER_LENGTH + FRAME_HEADER_LENGTH
+			+ MAC_LENGTH;
+
 	/**
 	 * The maximum difference in milliseconds between two peers' clocks.
 	 */
@@ -73,26 +81,6 @@ public interface TransportConstants {
 	 */
 	int REORDERING_WINDOW_SIZE = 32;
 
-	/**
-	 * Label for deriving the static master key from handshake key pairs.
-	 */
-	String STATIC_MASTER_KEY_LABEL =
-			"org.briarproject.bramble.transport/STATIC_MASTER_KEY";
-
-	/**
-	 * Label for deriving the handshake mode root key for a pending contact
-	 * from the static master key.
-	 */
-	String PENDING_CONTACT_ROOT_KEY_LABEL =
-			"org.briarproject.bramble.transport/PENDING_CONTACT_ROOT_KEY";
-
-	/**
-	 * Label for deriving the handshake mode root key for a contact from the
-	 * static master key.
-	 */
-	String CONTACT_ROOT_KEY_LABEL =
-			"org.briarproject.bramble.transport/CONTACT_ROOT_KEY";
-
 	/**
 	 * Label for deriving Alice's initial tag key from the root key in
 	 * rotation mode.

bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportKeySet.java

@@ -1,52 +1,37 @@
 package org.briarproject.bramble.api.transport;
 
 import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
-import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 
-import static org.briarproject.bramble.api.nullsafety.NullSafety.requireExactlyOneNull;
-
 /**
- * A set of keys for communicating with a given contact or pending contact
+ * A set of keys for communicating with a given contact over a given transport.
- * over a given transport.
+ * Unlike a {@link HandshakeKeySet} these keys provide forward secrecy.
  */
 @Immutable
 @NotNullByDefault
 public class TransportKeySet {
 
-	private final KeySetId keySetId;
+	private final TransportKeySetId keySetId;
-	@Nullable
 	private final ContactId contactId;
-	@Nullable
-	private final PendingContactId pendingContactId;
 	private final TransportKeys keys;
 
-	public TransportKeySet(KeySetId keySetId, @Nullable ContactId contactId,
+	public TransportKeySet(TransportKeySetId keySetId, ContactId contactId,
-			@Nullable PendingContactId pendingContactId, TransportKeys keys) {
+			TransportKeys keys) {
-		requireExactlyOneNull(contactId, pendingContactId);
 		this.keySetId = keySetId;
 		this.contactId = contactId;
-		this.pendingContactId = pendingContactId;
 		this.keys = keys;
 	}
 
-	public KeySetId getKeySetId() {
+	public TransportKeySetId getKeySetId() {
 		return keySetId;
 	}
 
-	@Nullable
 	public ContactId getContactId() {
 		return contactId;
 	}
 
-	@Nullable
-	public PendingContactId getPendingContactId() {
-		return pendingContactId;
-	}
-
 	public TransportKeys getKeys() {
 		return keys;
 	}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportKeySetId.java

@@ -0,0 +1,38 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * Type-safe wrapper for an integer that uniquely identifies a
+ * {@link TransportKeySet set of transport keys} within the scope of the local
+ * device.
+ * <p/>
+ * Key sets created on a given device must have increasing identifiers.
+ */
+@Immutable
+@NotNullByDefault
+public class TransportKeySetId {
+
+	private final int id;
+
+	public TransportKeySetId(int id) {
+		this.id = id;
+	}
+
+	public int getInt() {
+		return id;
+	}
+
+	@Override
+	public int hashCode() {
+		return id;
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		return o instanceof TransportKeySetId &&
+				id == ((TransportKeySetId) o).id;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportKeys.java

@@ -1,108 +1,20 @@
 package org.briarproject.bramble.api.transport;
 
-import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
 
-import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 
 /**
- * Keys for communicating with a given contact or pending contact over a given
+ * Keys for communicating with a given contact over a given transport. Unlike
- * transport.
+ * {@link HandshakeKeys} these keys provide forward secrecy.
  */
 @Immutable
 @NotNullByDefault
-public class TransportKeys {
+public class TransportKeys extends AbstractTransportKeys {
 
-	private final TransportId transportId;
-	private final IncomingKeys inPrev, inCurr, inNext;
-	private final OutgoingKeys outCurr;
-	@Nullable
-	private final SecretKey rootKey;
-	private final boolean alice;
-
-	/**
-	 * Constructor for rotation mode.
-	 */
 	public TransportKeys(TransportId transportId, IncomingKeys inPrev,
 			IncomingKeys inCurr, IncomingKeys inNext, OutgoingKeys outCurr) {
-		this(transportId, inPrev, inCurr, inNext, outCurr, null, false);
+		super(transportId, inPrev, inCurr, inNext, outCurr);
-	}
-
-	/**
-	 * Constructor for handshake mode.
-	 */
-	public TransportKeys(TransportId transportId, IncomingKeys inPrev,
-			IncomingKeys inCurr, IncomingKeys inNext, OutgoingKeys outCurr,
-			@Nullable SecretKey rootKey, boolean alice) {
-		if (inPrev.getTimePeriod() != outCurr.getTimePeriod() - 1)
-			throw new IllegalArgumentException();
-		if (inCurr.getTimePeriod() != outCurr.getTimePeriod())
-			throw new IllegalArgumentException();
-		if (inNext.getTimePeriod() != outCurr.getTimePeriod() + 1)
-			throw new IllegalArgumentException();
-		this.transportId = transportId;
-		this.inPrev = inPrev;
-		this.inCurr = inCurr;
-		this.inNext = inNext;
-		this.outCurr = outCurr;
-		this.rootKey = rootKey;
-		this.alice = alice;
-	}
-
-	public TransportId getTransportId() {
-		return transportId;
-	}
-
-	public IncomingKeys getPreviousIncomingKeys() {
-		return inPrev;
-	}
-
-	public IncomingKeys getCurrentIncomingKeys() {
-		return inCurr;
-	}
-
-	public IncomingKeys getNextIncomingKeys() {
-		return inNext;
-	}
-
-	public OutgoingKeys getCurrentOutgoingKeys() {
-		return outCurr;
-	}
-
-	public long getTimePeriod() {
-		return outCurr.getTimePeriod();
-	}
-
-	/**
-	 * Returns true if these keys are for use in handshake mode or false if
-	 * they're for use in rotation mode.
-	 */
-	public boolean isHandshakeMode() {
-		return rootKey != null;
-	}
-
-	/**
-	 * If these keys are for use in handshake mode, returns the root key.
-	 *
-	 * @throws UnsupportedOperationException If these keys are for use in
-	 * rotation mode
-	 */
-	public SecretKey getRootKey() {
-		if (rootKey == null) throw new UnsupportedOperationException();
-		return rootKey;
-	}
-
-	/**
-	 * If these keys are for use in handshake mode, returns true if the local
-	 * party is Alice.
-	 *
-	 * @throws UnsupportedOperationException If these keys are for use in
-	 * rotation mode
-	 */
-	public boolean isAlice() {
-		if (rootKey == null) throw new UnsupportedOperationException();
-		return alice;
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/util/LogUtils.java

@@ -1,6 +1,5 @@
 package org.briarproject.bramble.util;
 
-import java.io.File;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -20,7 +19,6 @@ public class LogUtils {
 
 	/**
 	 * Logs the duration of a task.
-	 *
 	 * @param logger the logger to use
 	 * @param task a description of the task
 	 * @param start the start time of the task, as returned by {@link #now()}
@@ -35,26 +33,4 @@ public class LogUtils {
 	public static void logException(Logger logger, Level level, Throwable t) {
 		if (logger.isLoggable(level)) logger.log(level, t.toString(), t);
 	}
-
-	public static void logFileOrDir(Logger logger, Level level, File f) {
-		if (logger.isLoggable(level)) {
-			if (f.isFile()) {
-				logWithType(logger, level, f, "F");
-			} else if (f.isDirectory()) {
-				logWithType(logger, level, f, "D");
-				File[] children = f.listFiles();
-				if (children != null) {
-					for (File child : children)
-						logFileOrDir(logger, level, child);
-				}
-			} else if (f.exists()) {
-				logWithType(logger, level, f, "?");
-			}
-		}
-	}
-
-	private static void logWithType(Logger logger, Level level, File f,
-			String type) {
-		logger.log(level, type + " " + f.getAbsolutePath() + " " + f.length());
-	}
 }

bramble-api/src/test/java/org/briarproject/bramble/test/TestUtils.java

@@ -5,13 +5,7 @@ import org.briarproject.bramble.api.contact.Contact;
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.contact.PendingContact;
 import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.crypto.AgreementPrivateKey;
-import org.briarproject.bramble.api.crypto.AgreementPublicKey;
-import org.briarproject.bramble.api.crypto.PrivateKey;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.crypto.SignaturePrivateKey;
-import org.briarproject.bramble.api.crypto.SignaturePublicKey;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
 import org.briarproject.bramble.api.identity.Identity;
@@ -36,10 +30,11 @@ import java.util.Random;
 import java.util.concurrent.atomic.AtomicInteger;
 
 import static java.util.Arrays.asList;
+import static org.briarproject.bramble.api.contact.PendingContactState.WAITING_FOR_CONNECTION;
 import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
-import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_SIGNATURE_PUBLIC_KEY_BYTES;
 import static org.briarproject.bramble.api.identity.Author.FORMAT_VERSION;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
+import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
 import static org.briarproject.bramble.api.plugin.TransportId.MAX_TRANSPORT_ID_LENGTH;
 import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MAX_PROPERTY_LENGTH;
 import static org.briarproject.bramble.api.sync.ClientId.MAX_CLIENT_ID_LENGTH;
@@ -106,28 +101,10 @@ public class TestUtils {
 		return new SecretKey(getRandomBytes(SecretKey.LENGTH));
 	}
 
-	public static PublicKey getSignaturePublicKey() {
-		byte[] key = getRandomBytes(MAX_SIGNATURE_PUBLIC_KEY_BYTES);
-		return new SignaturePublicKey(key);
-	}
-
-	public static PrivateKey getSignaturePrivateKey() {
-		return new SignaturePrivateKey(getRandomBytes(123));
-	}
-
-	public static PublicKey getAgreementPublicKey() {
-		byte[] key = getRandomBytes(MAX_AGREEMENT_PUBLIC_KEY_BYTES);
-		return new AgreementPublicKey(key);
-	}
-
-	public static PrivateKey getAgreementPrivateKey() {
-		return new AgreementPrivateKey(getRandomBytes(123));
-	}
-
 	public static Identity getIdentity() {
 		LocalAuthor localAuthor = getLocalAuthor();
-		PublicKey handshakePub = getAgreementPublicKey();
+		byte[] handshakePub = getRandomBytes(MAX_AGREEMENT_PUBLIC_KEY_BYTES);
-		PrivateKey handshakePriv = getAgreementPrivateKey();
+		byte[] handshakePriv = getRandomBytes(MAX_AGREEMENT_PUBLIC_KEY_BYTES);
 		return new Identity(localAuthor, handshakePub, handshakePriv,
 				timestamp);
 	}
@@ -136,8 +113,8 @@ public class TestUtils {
 		AuthorId id = new AuthorId(getRandomId());
 		int nameLength = 1 + random.nextInt(MAX_AUTHOR_NAME_LENGTH);
 		String name = getRandomString(nameLength);
-		PublicKey publicKey = getSignaturePublicKey();
+		byte[] publicKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
-		PrivateKey privateKey = getSignaturePrivateKey();
+		byte[] privateKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
 		return new LocalAuthor(id, FORMAT_VERSION, name, publicKey, privateKey);
 	}
 
@@ -145,7 +122,7 @@ public class TestUtils {
 		AuthorId id = new AuthorId(getRandomId());
 		int nameLength = 1 + random.nextInt(MAX_AUTHOR_NAME_LENGTH);
 		String name = getRandomString(nameLength);
-		PublicKey publicKey = getSignaturePublicKey();
+		byte[] publicKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
 		return new Author(id, FORMAT_VERSION, name, publicKey);
 	}
 
@@ -178,9 +155,10 @@ public class TestUtils {
 
 	public static PendingContact getPendingContact(int nameLength) {
 		PendingContactId id = new PendingContactId(getRandomId());
-		PublicKey publicKey = getAgreementPublicKey();
+		byte[] publicKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
 		String alias = getRandomString(nameLength);
-		return new PendingContact(id, publicKey, alias, timestamp);
+		return new PendingContact(id, publicKey, alias, WAITING_FOR_CONNECTION,
+				timestamp);
 	}
 
 	public static ContactId getContactId() {
@@ -201,7 +179,7 @@ public class TestUtils {
 			boolean verified) {
 		return new Contact(c, remote, local,
 				getRandomString(MAX_AUTHOR_NAME_LENGTH),
-				getAgreementPublicKey(), verified);
+				getRandomBytes(MAX_PUBLIC_KEY_LENGTH), verified);
 	}
 
 	public static double getMedian(Collection<? extends Number> samples) {

bramble-core/src/main/java/org/briarproject/bramble/BrambleCoreEagerSingletons.java

@@ -7,7 +7,7 @@ import org.briarproject.bramble.identity.IdentityModule;
 import org.briarproject.bramble.lifecycle.LifecycleModule;
 import org.briarproject.bramble.plugin.PluginModule;
 import org.briarproject.bramble.properties.PropertiesModule;
-import org.briarproject.bramble.rendezvous.RendezvousModule;
+import org.briarproject.bramble.reporting.ReportingModule;
 import org.briarproject.bramble.sync.validation.ValidationModule;
 import org.briarproject.bramble.system.SystemModule;
 import org.briarproject.bramble.transport.TransportModule;
@@ -29,7 +29,7 @@ public interface BrambleCoreEagerSingletons {
 
 	void inject(PropertiesModule.EagerSingletons init);
 
-	void inject(RendezvousModule.EagerSingletons init);
+	void inject(ReportingModule.EagerSingletons init);
 
 	void inject(SystemModule.EagerSingletons init);
 
@@ -38,19 +38,4 @@ public interface BrambleCoreEagerSingletons {
 	void inject(ValidationModule.EagerSingletons init);
 
 	void inject(VersioningModule.EagerSingletons init);
-
-	default void injectBrambleCoreEagerSingletons() {
-		inject(new ContactModule.EagerSingletons());
-		inject(new CryptoExecutorModule.EagerSingletons());
-		inject(new DatabaseExecutorModule.EagerSingletons());
-		inject(new IdentityModule.EagerSingletons());
-		inject(new LifecycleModule.EagerSingletons());
-		inject(new RendezvousModule.EagerSingletons());
-		inject(new PluginModule.EagerSingletons());
-		inject(new PropertiesModule.EagerSingletons());
-		inject(new SystemModule.EagerSingletons());
-		inject(new TransportModule.EagerSingletons());
-		inject(new ValidationModule.EagerSingletons());
-		inject(new VersioningModule.EagerSingletons());
-	}
 }

bramble-core/src/main/java/org/briarproject/bramble/BrambleCoreModule.java

@@ -15,8 +15,9 @@ import org.briarproject.bramble.plugin.PluginModule;
 import org.briarproject.bramble.properties.PropertiesModule;
 import org.briarproject.bramble.record.RecordModule;
 import org.briarproject.bramble.reliability.ReliabilityModule;
-import org.briarproject.bramble.rendezvous.RendezvousModule;
+import org.briarproject.bramble.reporting.ReportingModule;
 import org.briarproject.bramble.settings.SettingsModule;
+import org.briarproject.bramble.socks.SocksModule;
 import org.briarproject.bramble.sync.SyncModule;
 import org.briarproject.bramble.sync.validation.ValidationModule;
 import org.briarproject.bramble.system.SystemModule;
@@ -41,8 +42,9 @@ import dagger.Module;
 		PropertiesModule.class,
 		RecordModule.class,
 		ReliabilityModule.class,
-		RendezvousModule.class,
+		ReportingModule.class,
 		SettingsModule.class,
+		SocksModule.class,
 		SyncModule.class,
 		SystemModule.class,
 		TransportModule.class,
@@ -52,6 +54,17 @@ import dagger.Module;
 public class BrambleCoreModule {
 
 	public static void initEagerSingletons(BrambleCoreEagerSingletons c) {
-		c.injectBrambleCoreEagerSingletons();
+		c.inject(new ContactModule.EagerSingletons());
+		c.inject(new CryptoExecutorModule.EagerSingletons());
+		c.inject(new DatabaseExecutorModule.EagerSingletons());
+		c.inject(new IdentityModule.EagerSingletons());
+		c.inject(new LifecycleModule.EagerSingletons());
+		c.inject(new PluginModule.EagerSingletons());
+		c.inject(new PropertiesModule.EagerSingletons());
+		c.inject(new ReportingModule.EagerSingletons());
+		c.inject(new SystemModule.EagerSingletons());
+		c.inject(new TransportModule.EagerSingletons());
+		c.inject(new ValidationModule.EagerSingletons());
+		c.inject(new VersioningModule.EagerSingletons());
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/client/ClientHelperImpl.java

@@ -3,9 +3,6 @@ package org.briarproject.bramble.client;
 import org.briarproject.bramble.api.FormatException;
 import org.briarproject.bramble.api.client.ClientHelper;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
-import org.briarproject.bramble.api.crypto.KeyParser;
-import org.briarproject.bramble.api.crypto.PrivateKey;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.data.BdfDictionary;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.data.BdfReader;
@@ -308,15 +305,14 @@ class ClientHelperImpl implements ClientHelper {
 	}
 
 	@Override
-	public byte[] sign(String label, BdfList toSign, PrivateKey privateKey)
+	public byte[] sign(String label, BdfList toSign, byte[] privateKey)
 			throws FormatException, GeneralSecurityException {
 		return crypto.sign(label, toByteArray(toSign), privateKey);
 	}
 
 	@Override
 	public void verifySignature(byte[] signature, String label, BdfList signed,
-			PublicKey publicKey)
+			byte[] publicKey) throws FormatException, GeneralSecurityException {
-			throws FormatException, GeneralSecurityException {
 		if (!crypto.verifySignature(signature, label, toByteArray(signed),
 				publicKey)) {
 			throw new GeneralSecurityException("Invalid signature");
@@ -331,29 +327,11 @@ class ClientHelperImpl implements ClientHelper {
 		if (formatVersion != FORMAT_VERSION) throw new FormatException();
 		String name = author.getString(1);
 		checkLength(name, 1, MAX_AUTHOR_NAME_LENGTH);
-		byte[] publicKeyBytes = author.getRaw(2);
+		byte[] publicKey = author.getRaw(2);
-		checkLength(publicKeyBytes, 1, MAX_PUBLIC_KEY_LENGTH);
+		checkLength(publicKey, 1, MAX_PUBLIC_KEY_LENGTH);
-		KeyParser parser = crypto.getSignatureKeyParser();
-		PublicKey publicKey;
-		try {
-			publicKey = parser.parsePublicKey(publicKeyBytes);
-		} catch (GeneralSecurityException e) {
-			throw new FormatException();
-		}
 		return authorFactory.createAuthor(formatVersion, name, publicKey);
 	}
 
-	@Override
-	public PublicKey parseAndValidateAgreementPublicKey(byte[] publicKeyBytes)
-			throws FormatException {
-		KeyParser parser = crypto.getAgreementKeyParser();
-		try {
-			return parser.parsePublicKey(publicKeyBytes);
-		} catch (GeneralSecurityException e) {
-			throw new FormatException();
-		}
-	}
-
 	@Override
 	public TransportProperties parseAndValidateTransportProperties(
 			BdfDictionary properties) throws FormatException {

bramble-core/src/main/java/org/briarproject/bramble/client/ContactGroupFactoryImpl.java

@@ -1,5 +1,6 @@
 package org.briarproject.bramble.client;
 
+import org.briarproject.bramble.api.Bytes;
 import org.briarproject.bramble.api.FormatException;
 import org.briarproject.bramble.api.client.ClientHelper;
 import org.briarproject.bramble.api.client.ContactGroupFactory;
@@ -54,7 +55,7 @@ class ContactGroupFactoryImpl implements ContactGroupFactory {
 
 	private byte[] createGroupDescriptor(AuthorId local, AuthorId remote) {
 		try {
-			if (local.compareTo(remote) < 0)
+			if (Bytes.COMPARATOR.compare(local, remote) < 0)
 				return clientHelper.toByteArray(BdfList.of(local, remote));
 			else return clientHelper.toByteArray(BdfList.of(remote, local));
 		} catch (FormatException e) {

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeCrypto.java

@@ -1,35 +0,0 @@
-package org.briarproject.bramble.contact;
-
-import org.briarproject.bramble.api.crypto.PrivateKey;
-import org.briarproject.bramble.api.crypto.PublicKey;
-import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-@NotNullByDefault
-interface ContactExchangeCrypto {
-
-	/**
-	 * Derives the header key for a contact exchange stream from the master key.
-	 *
-	 * @param alice Whether the header key is for the stream sent by Alice
-	 */
-	SecretKey deriveHeaderKey(SecretKey masterKey, boolean alice);
-
-	/**
-	 * Creates and returns a signature that proves ownership of a pseudonym.
-	 *
-	 * @param privateKey The pseudonym's signature private key
-	 * @param alice Whether the pseudonym belongs to Alice
-	 */
-	byte[] sign(PrivateKey privateKey, SecretKey masterKey, boolean alice);
-
-	/**
-	 * Verifies a signature that proves ownership of a pseudonym.
-	 *
-	 * @param publicKey The pseudonym's signature public key
-	 * @param alice Whether the pseudonym belongs to Alice
-	 * @return True if the signature is valid
-	 */
-	boolean verify(PublicKey publicKey, SecretKey masterKey, boolean alice,
-			byte[] signature);
-}

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeCryptoImpl.java

@@ -1,66 +0,0 @@
-package org.briarproject.bramble.contact;
-
-import org.briarproject.bramble.api.crypto.CryptoComponent;
-import org.briarproject.bramble.api.crypto.PrivateKey;
-import org.briarproject.bramble.api.crypto.PublicKey;
-import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import java.security.GeneralSecurityException;
-
-import javax.inject.Inject;
-
-import static org.briarproject.bramble.contact.ContactExchangeConstants.ALICE_KEY_LABEL;
-import static org.briarproject.bramble.contact.ContactExchangeConstants.ALICE_NONCE_LABEL;
-import static org.briarproject.bramble.contact.ContactExchangeConstants.BOB_KEY_LABEL;
-import static org.briarproject.bramble.contact.ContactExchangeConstants.BOB_NONCE_LABEL;
-import static org.briarproject.bramble.contact.ContactExchangeConstants.PROTOCOL_VERSION;
-import static org.briarproject.bramble.contact.ContactExchangeConstants.SIGNING_LABEL;
-
-@NotNullByDefault
-class ContactExchangeCryptoImpl implements ContactExchangeCrypto {
-
-	private static final byte[] PROTOCOL_VERSION_BYTES =
-			new byte[] {PROTOCOL_VERSION};
-
-	private final CryptoComponent crypto;
-
-	@Inject
-	ContactExchangeCryptoImpl(CryptoComponent crypto) {
-		this.crypto = crypto;
-	}
-
-	@Override
-	public SecretKey deriveHeaderKey(SecretKey masterKey, boolean alice) {
-		String label = alice ? ALICE_KEY_LABEL : BOB_KEY_LABEL;
-		return crypto.deriveKey(label, masterKey, PROTOCOL_VERSION_BYTES);
-	}
-
-	@Override
-	public byte[] sign(PrivateKey privateKey, SecretKey masterKey,
-			boolean alice) {
-		byte[] nonce = deriveNonce(masterKey, alice);
-		try {
-			return crypto.sign(SIGNING_LABEL, nonce, privateKey);
-		} catch (GeneralSecurityException e) {
-			throw new AssertionError();
-		}
-	}
-
-	@Override
-	public boolean verify(PublicKey publicKey,
-			SecretKey masterKey, boolean alice, byte[] signature) {
-		byte[] nonce = deriveNonce(masterKey, alice);
-		try {
-			return crypto.verifySignature(signature, SIGNING_LABEL, nonce,
-					publicKey);
-		} catch (GeneralSecurityException e) {
-			return false;
-		}
-	}
-
-	private byte[] deriveNonce(SecretKey masterKey, boolean alice) {
-		String label = alice ? ALICE_NONCE_LABEL : BOB_NONCE_LABEL;
-		return crypto.mac(label, masterKey, PROTOCOL_VERSION_BYTES);
-	}
-}

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeManagerImpl.java

@@ -1,273 +0,0 @@
-package org.briarproject.bramble.contact;
-
-import org.briarproject.bramble.api.FormatException;
-import org.briarproject.bramble.api.Predicate;
-import org.briarproject.bramble.api.client.ClientHelper;
-import org.briarproject.bramble.api.contact.Contact;
-import org.briarproject.bramble.api.contact.ContactExchangeManager;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.ContactManager;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.crypto.PublicKey;
-import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.data.BdfDictionary;
-import org.briarproject.bramble.api.data.BdfList;
-import org.briarproject.bramble.api.db.DatabaseComponent;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.db.Transaction;
-import org.briarproject.bramble.api.identity.Author;
-import org.briarproject.bramble.api.identity.IdentityManager;
-import org.briarproject.bramble.api.identity.LocalAuthor;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.properties.TransportProperties;
-import org.briarproject.bramble.api.properties.TransportPropertyManager;
-import org.briarproject.bramble.api.record.Record;
-import org.briarproject.bramble.api.record.RecordReader;
-import org.briarproject.bramble.api.record.RecordReaderFactory;
-import org.briarproject.bramble.api.record.RecordWriter;
-import org.briarproject.bramble.api.record.RecordWriterFactory;
-import org.briarproject.bramble.api.system.Clock;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriter;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.GeneralSecurityException;
-import java.util.Map;
-import java.util.logging.Logger;
-
-import javax.annotation.Nullable;
-import javax.annotation.concurrent.Immutable;
-import javax.inject.Inject;
-
-import static java.util.logging.Logger.getLogger;
-import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH;
-import static org.briarproject.bramble.contact.ContactExchangeConstants.PROTOCOL_VERSION;
-import static org.briarproject.bramble.contact.ContactExchangeRecordTypes.CONTACT_INFO;
-import static org.briarproject.bramble.util.ValidationUtils.checkLength;
-import static org.briarproject.bramble.util.ValidationUtils.checkSize;
-
-@Immutable
-@NotNullByDefault
-class ContactExchangeManagerImpl implements ContactExchangeManager {
-
-	private static final Logger LOG =
-			getLogger(ContactExchangeManagerImpl.class.getName());
-
-	// Accept records with current protocol version, known record type
-	private static final Predicate<Record> ACCEPT = r ->
-			r.getProtocolVersion() == PROTOCOL_VERSION &&
-					isKnownRecordType(r.getRecordType());
-
-	// Ignore records with current protocol version, unknown record type
-	private static final Predicate<Record> IGNORE = r ->
-			r.getProtocolVersion() == PROTOCOL_VERSION &&
-					!isKnownRecordType(r.getRecordType());
-
-	private static boolean isKnownRecordType(byte type) {
-		return type == CONTACT_INFO;
-	}
-
-	private final DatabaseComponent db;
-	private final ClientHelper clientHelper;
-	private final RecordReaderFactory recordReaderFactory;
-	private final RecordWriterFactory recordWriterFactory;
-	private final Clock clock;
-	private final ContactManager contactManager;
-	private final IdentityManager identityManager;
-	private final TransportPropertyManager transportPropertyManager;
-	private final ContactExchangeCrypto contactExchangeCrypto;
-	private final StreamReaderFactory streamReaderFactory;
-	private final StreamWriterFactory streamWriterFactory;
-
-	@Inject
-	ContactExchangeManagerImpl(DatabaseComponent db, ClientHelper clientHelper,
-			RecordReaderFactory recordReaderFactory,
-			RecordWriterFactory recordWriterFactory, Clock clock,
-			ContactManager contactManager, IdentityManager identityManager,
-			TransportPropertyManager transportPropertyManager,
-			ContactExchangeCrypto contactExchangeCrypto,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory) {
-		this.db = db;
-		this.clientHelper = clientHelper;
-		this.recordReaderFactory = recordReaderFactory;
-		this.recordWriterFactory = recordWriterFactory;
-		this.clock = clock;
-		this.contactManager = contactManager;
-		this.identityManager = identityManager;
-		this.transportPropertyManager = transportPropertyManager;
-		this.contactExchangeCrypto = contactExchangeCrypto;
-		this.streamReaderFactory = streamReaderFactory;
-		this.streamWriterFactory = streamWriterFactory;
-	}
-
-	@Override
-	public Contact exchangeContacts(DuplexTransportConnection conn,
-			SecretKey masterKey, boolean alice,
-			boolean verified) throws IOException, DbException {
-		return exchange(null, conn, masterKey, alice, verified);
-	}
-
-	@Override
-	public Contact exchangeContacts(PendingContactId p,
-			DuplexTransportConnection conn, SecretKey masterKey, boolean alice,
-			boolean verified) throws IOException, DbException {
-		return exchange(p, conn, masterKey, alice, verified);
-	}
-
-	private Contact exchange(@Nullable PendingContactId p,
-			DuplexTransportConnection conn, SecretKey masterKey, boolean alice,
-			boolean verified) throws IOException, DbException {
-		// Get the transport connection's input and output streams
-		InputStream in = conn.getReader().getInputStream();
-		OutputStream out = conn.getWriter().getOutputStream();
-
-		// Get the local author and transport properties
-		LocalAuthor localAuthor = identityManager.getLocalAuthor();
-		Map<TransportId, TransportProperties> localProperties =
-				transportPropertyManager.getLocalProperties();
-
-		// Derive the header keys for the transport streams
-		SecretKey localHeaderKey =
-				contactExchangeCrypto.deriveHeaderKey(masterKey, alice);
-		SecretKey remoteHeaderKey =
-				contactExchangeCrypto.deriveHeaderKey(masterKey, !alice);
-
-		// Create the readers
-		InputStream streamReader = streamReaderFactory
-				.createContactExchangeStreamReader(in, remoteHeaderKey);
-		RecordReader recordReader =
-				recordReaderFactory.createRecordReader(streamReader);
-
-		// Create the writers
-		StreamWriter streamWriter = streamWriterFactory
-				.createContactExchangeStreamWriter(out, localHeaderKey);
-		RecordWriter recordWriter = recordWriterFactory
-				.createRecordWriter(streamWriter.getOutputStream());
-
-		// Create our signature
-		byte[] localSignature = contactExchangeCrypto
-				.sign(localAuthor.getPrivateKey(), masterKey, alice);
-
-		// Exchange contact info
-		long localTimestamp = clock.currentTimeMillis();
-		ContactInfo remoteInfo;
-		if (alice) {
-			sendContactInfo(recordWriter, localAuthor, localProperties,
-					localSignature, localTimestamp);
-			remoteInfo = receiveContactInfo(recordReader);
-		} else {
-			remoteInfo = receiveContactInfo(recordReader);
-			sendContactInfo(recordWriter, localAuthor, localProperties,
-					localSignature, localTimestamp);
-		}
-
-		// Send EOF on the outgoing stream
-		streamWriter.sendEndOfStream();
-
-		// Skip any remaining records from the incoming stream
-		recordReader.readRecord(r -> false, IGNORE);
-
-		// Verify the contact's signature
-		PublicKey remotePublicKey = remoteInfo.author.getPublicKey();
-		if (!contactExchangeCrypto.verify(remotePublicKey,
-				masterKey, !alice, remoteInfo.signature)) {
-			LOG.warning("Invalid signature");
-			throw new FormatException();
-		}
-
-		// The agreed timestamp is the minimum of the peers' timestamps
-		long timestamp = Math.min(localTimestamp, remoteInfo.timestamp);
-
-		// Add the contact
-		Contact contact = addContact(p, remoteInfo.author, localAuthor,
-				masterKey, timestamp, alice, verified, remoteInfo.properties);
-
-		// Contact exchange succeeded
-		LOG.info("Contact exchange succeeded");
-		return contact;
-	}
-
-	private void sendContactInfo(RecordWriter recordWriter, Author author,
-			Map<TransportId, TransportProperties> properties, byte[] signature,
-			long timestamp) throws IOException {
-		BdfList authorList = clientHelper.toList(author);
-		BdfDictionary props = clientHelper.toDictionary(properties);
-		BdfList payload = BdfList.of(authorList, props, signature, timestamp);
-		recordWriter.writeRecord(new Record(PROTOCOL_VERSION, CONTACT_INFO,
-				clientHelper.toByteArray(payload)));
-		recordWriter.flush();
-		LOG.info("Sent contact info");
-	}
-
-	private ContactInfo receiveContactInfo(RecordReader recordReader)
-			throws IOException {
-		Record record = recordReader.readRecord(ACCEPT, IGNORE);
-		if (record == null) throw new EOFException();
-		LOG.info("Received contact info");
-		BdfList payload = clientHelper.toList(record.getPayload());
-		checkSize(payload, 4);
-		Author author = clientHelper.parseAndValidateAuthor(payload.getList(0));
-		BdfDictionary props = payload.getDictionary(1);
-		Map<TransportId, TransportProperties> properties =
-				clientHelper.parseAndValidateTransportPropertiesMap(props);
-		byte[] signature = payload.getRaw(2);
-		checkLength(signature, 1, MAX_SIGNATURE_LENGTH);
-		long timestamp = payload.getLong(3);
-		if (timestamp < 0) throw new FormatException();
-		return new ContactInfo(author, properties, signature, timestamp);
-	}
-
-	private Contact addContact(@Nullable PendingContactId pendingContactId,
-			Author remoteAuthor, LocalAuthor localAuthor, SecretKey masterKey,
-			long timestamp, boolean alice, boolean verified,
-			Map<TransportId, TransportProperties> remoteProperties)
-			throws DbException, FormatException {
-		Transaction txn = db.startTransaction(false);
-		try {
-			ContactId contactId;
-			if (pendingContactId == null) {
-				contactId = contactManager.addContact(txn, remoteAuthor,
-						localAuthor.getId(), masterKey, timestamp, alice,
-						verified, true);
-			} else {
-				contactId = contactManager.addContact(txn, pendingContactId,
-						remoteAuthor, localAuthor.getId(), masterKey,
-						timestamp, alice, verified, true);
-			}
-			transportPropertyManager.addRemoteProperties(txn, contactId,
-					remoteProperties);
-			Contact contact = contactManager.getContact(txn, contactId);
-			db.commitTransaction(txn);
-			return contact;
-		} catch (GeneralSecurityException e) {
-			// Pending contact's public key is invalid
-			throw new FormatException();
-		} finally {
-			db.endTransaction(txn);
-		}
-	}
-
-	private static class ContactInfo {
-
-		private final Author author;
-		private final Map<TransportId, TransportProperties> properties;
-		private final byte[] signature;
-		private final long timestamp;
-
-		private ContactInfo(Author author,
-				Map<TransportId, TransportProperties> properties,
-				byte[] signature, long timestamp) {
-			this.author = author;
-			this.properties = properties;
-			this.signature = signature;
-			this.timestamp = timestamp;
-		}
-	}
-}

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java

@@ -0,0 +1,330 @@
+package org.briarproject.bramble.contact;
+
+import org.briarproject.bramble.api.FormatException;
+import org.briarproject.bramble.api.client.ClientHelper;
+import org.briarproject.bramble.api.contact.ContactExchangeTask;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.ContactManager;
+import org.briarproject.bramble.api.contact.event.ContactExchangeFailedEvent;
+import org.briarproject.bramble.api.contact.event.ContactExchangeSucceededEvent;
+import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.data.BdfDictionary;
+import org.briarproject.bramble.api.data.BdfList;
+import org.briarproject.bramble.api.db.ContactExistsException;
+import org.briarproject.bramble.api.db.DatabaseComponent;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.event.EventBus;
+import org.briarproject.bramble.api.identity.Author;
+import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
+import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
+import org.briarproject.bramble.api.plugin.ConnectionManager;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.properties.TransportProperties;
+import org.briarproject.bramble.api.properties.TransportPropertyManager;
+import org.briarproject.bramble.api.record.Record;
+import org.briarproject.bramble.api.record.RecordReader;
+import org.briarproject.bramble.api.record.RecordReaderFactory;
+import org.briarproject.bramble.api.record.RecordWriter;
+import org.briarproject.bramble.api.record.RecordWriterFactory;
+import org.briarproject.bramble.api.system.Clock;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriter;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.security.GeneralSecurityException;
+import java.util.Map;
+import java.util.logging.Logger;
+
+import javax.inject.Inject;
+
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.api.contact.RecordTypes.CONTACT_INFO;
+import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH;
+import static org.briarproject.bramble.util.LogUtils.logException;
+import static org.briarproject.bramble.util.ValidationUtils.checkLength;
+import static org.briarproject.bramble.util.ValidationUtils.checkSize;
+
+@MethodsNotNullByDefault
+@ParametersNotNullByDefault
+class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
+
+	private static final Logger LOG =
+			Logger.getLogger(ContactExchangeTaskImpl.class.getName());
+
+	private static final String SIGNING_LABEL_EXCHANGE =
+			"org.briarproject.briar.contact/EXCHANGE";
+
+	private final DatabaseComponent db;
+	private final ClientHelper clientHelper;
+	private final RecordReaderFactory recordReaderFactory;
+	private final RecordWriterFactory recordWriterFactory;
+	private final EventBus eventBus;
+	private final Clock clock;
+	private final ConnectionManager connectionManager;
+	private final ContactManager contactManager;
+	private final TransportPropertyManager transportPropertyManager;
+	private final CryptoComponent crypto;
+	private final StreamReaderFactory streamReaderFactory;
+	private final StreamWriterFactory streamWriterFactory;
+
+	private volatile LocalAuthor localAuthor;
+	private volatile DuplexTransportConnection conn;
+	private volatile TransportId transportId;
+	private volatile SecretKey masterKey;
+	private volatile boolean alice;
+
+	@Inject
+	ContactExchangeTaskImpl(DatabaseComponent db, ClientHelper clientHelper,
+			RecordReaderFactory recordReaderFactory,
+			RecordWriterFactory recordWriterFactory, EventBus eventBus,
+			Clock clock, ConnectionManager connectionManager,
+			ContactManager contactManager,
+			TransportPropertyManager transportPropertyManager,
+			CryptoComponent crypto, StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory) {
+		this.db = db;
+		this.clientHelper = clientHelper;
+		this.recordReaderFactory = recordReaderFactory;
+		this.recordWriterFactory = recordWriterFactory;
+		this.eventBus = eventBus;
+		this.clock = clock;
+		this.connectionManager = connectionManager;
+		this.contactManager = contactManager;
+		this.transportPropertyManager = transportPropertyManager;
+		this.crypto = crypto;
+		this.streamReaderFactory = streamReaderFactory;
+		this.streamWriterFactory = streamWriterFactory;
+	}
+
+	@Override
+	public void startExchange(LocalAuthor localAuthor, SecretKey masterKey,
+			DuplexTransportConnection conn, TransportId transportId,
+			boolean alice) {
+		this.localAuthor = localAuthor;
+		this.conn = conn;
+		this.transportId = transportId;
+		this.masterKey = masterKey;
+		this.alice = alice;
+		start();
+	}
+
+	@Override
+	public void run() {
+		// Get the transport connection's input and output streams
+		InputStream in;
+		OutputStream out;
+		try {
+			in = conn.getReader().getInputStream();
+			out = conn.getWriter().getOutputStream();
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+			tryToClose(conn);
+			eventBus.broadcast(new ContactExchangeFailedEvent());
+			return;
+		}
+
+		// Get the local transport properties
+		Map<TransportId, TransportProperties> localProperties;
+		try {
+			localProperties = transportPropertyManager.getLocalProperties();
+		} catch (DbException e) {
+			logException(LOG, WARNING, e);
+			eventBus.broadcast(new ContactExchangeFailedEvent());
+			tryToClose(conn);
+			return;
+		}
+
+		// Derive the header keys for the transport streams
+		SecretKey aliceHeaderKey = crypto.deriveKey(ALICE_KEY_LABEL, masterKey,
+				new byte[] {PROTOCOL_VERSION});
+		SecretKey bobHeaderKey = crypto.deriveKey(BOB_KEY_LABEL, masterKey,
+				new byte[] {PROTOCOL_VERSION});
+
+		// Create the readers
+		InputStream streamReader =
+				streamReaderFactory.createContactExchangeStreamReader(in,
+						alice ? bobHeaderKey : aliceHeaderKey);
+		RecordReader recordReader =
+				recordReaderFactory.createRecordReader(streamReader);
+
+		// Create the writers
+		StreamWriter streamWriter =
+				streamWriterFactory.createContactExchangeStreamWriter(out,
+						alice ? aliceHeaderKey : bobHeaderKey);
+		RecordWriter recordWriter =
+				recordWriterFactory
+						.createRecordWriter(streamWriter.getOutputStream());
+
+		// Derive the nonces to be signed
+		byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterKey,
+				new byte[] {PROTOCOL_VERSION});
+		byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterKey,
+				new byte[] {PROTOCOL_VERSION});
+		byte[] localNonce = alice ? aliceNonce : bobNonce;
+		byte[] remoteNonce = alice ? bobNonce : aliceNonce;
+
+		// Sign the nonce
+		byte[] localSignature = sign(localAuthor, localNonce);
+
+		// Exchange contact info
+		long localTimestamp = clock.currentTimeMillis();
+		ContactInfo remoteInfo;
+		try {
+			if (alice) {
+				sendContactInfo(recordWriter, localAuthor, localProperties,
+						localSignature, localTimestamp);
+				recordWriter.flush();
+				remoteInfo = receiveContactInfo(recordReader);
+			} else {
+				remoteInfo = receiveContactInfo(recordReader);
+				sendContactInfo(recordWriter, localAuthor, localProperties,
+						localSignature, localTimestamp);
+				recordWriter.flush();
+			}
+			// Send EOF on the outgoing stream
+			streamWriter.sendEndOfStream();
+			// Skip any remaining records from the incoming stream
+			try {
+				while (true) recordReader.readRecord();
+			} catch (EOFException expected) {
+				LOG.info("End of stream");
+			}
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+			eventBus.broadcast(new ContactExchangeFailedEvent());
+			tryToClose(conn);
+			return;
+		}
+
+		// Verify the contact's signature
+		if (!verify(remoteInfo.author, remoteNonce, remoteInfo.signature)) {
+			LOG.warning("Invalid signature");
+			eventBus.broadcast(new ContactExchangeFailedEvent());
+			tryToClose(conn);
+			return;
+		}
+
+		// The agreed timestamp is the minimum of the peers' timestamps
+		long timestamp = Math.min(localTimestamp, remoteInfo.timestamp);
+
+		try {
+			// Add the contact
+			ContactId contactId = addContact(remoteInfo.author, timestamp,
+					remoteInfo.properties);
+			// Reuse the connection as a transport connection
+			connectionManager.manageOutgoingConnection(contactId, transportId,
+					conn);
+			// Pseudonym exchange succeeded
+			LOG.info("Pseudonym exchange succeeded");
+			eventBus.broadcast(
+					new ContactExchangeSucceededEvent(remoteInfo.author));
+		} catch (ContactExistsException e) {
+			logException(LOG, WARNING, e);
+			tryToClose(conn);
+			eventBus.broadcast(
+					new ContactExchangeFailedEvent(remoteInfo.author));
+		} catch (DbException e) {
+			logException(LOG, WARNING, e);
+			tryToClose(conn);
+			eventBus.broadcast(new ContactExchangeFailedEvent());
+		}
+	}
+
+	private byte[] sign(LocalAuthor author, byte[] nonce) {
+		try {
+			return crypto.sign(SIGNING_LABEL_EXCHANGE, nonce,
+					author.getPrivateKey());
+		} catch (GeneralSecurityException e) {
+			throw new AssertionError();
+		}
+	}
+
+	private boolean verify(Author author, byte[] nonce, byte[] signature) {
+		try {
+			return crypto.verifySignature(signature, SIGNING_LABEL_EXCHANGE,
+					nonce, author.getPublicKey());
+		} catch (GeneralSecurityException e) {
+			return false;
+		}
+	}
+
+	private void sendContactInfo(RecordWriter recordWriter, Author author,
+			Map<TransportId, TransportProperties> properties, byte[] signature,
+			long timestamp) throws IOException {
+		BdfList authorList = clientHelper.toList(author);
+		BdfDictionary props = clientHelper.toDictionary(properties);
+		BdfList payload = BdfList.of(authorList, props, signature, timestamp);
+		recordWriter.writeRecord(new Record(PROTOCOL_VERSION, CONTACT_INFO,
+				clientHelper.toByteArray(payload)));
+		LOG.info("Sent contact info");
+	}
+
+	private ContactInfo receiveContactInfo(RecordReader recordReader)
+			throws IOException {
+		Record record;
+		do {
+			record = recordReader.readRecord();
+			if (record.getProtocolVersion() != PROTOCOL_VERSION)
+				throw new FormatException();
+		} while (record.getRecordType() != CONTACT_INFO);
+		LOG.info("Received contact info");
+		BdfList payload = clientHelper.toList(record.getPayload());
+		checkSize(payload, 4);
+		Author author = clientHelper.parseAndValidateAuthor(payload.getList(0));
+		BdfDictionary props = payload.getDictionary(1);
+		Map<TransportId, TransportProperties> properties =
+				clientHelper.parseAndValidateTransportPropertiesMap(props);
+		byte[] signature = payload.getRaw(2);
+		checkLength(signature, 1, MAX_SIGNATURE_LENGTH);
+		long timestamp = payload.getLong(3);
+		if (timestamp < 0) throw new FormatException();
+		return new ContactInfo(author, properties, signature, timestamp);
+	}
+
+	private ContactId addContact(Author remoteAuthor, long timestamp,
+			Map<TransportId, TransportProperties> remoteProperties)
+			throws DbException {
+		return db.transactionWithResult(false, txn -> {
+			ContactId contactId = contactManager.addContact(txn, remoteAuthor,
+					localAuthor.getId(), masterKey, timestamp, alice,
+					true, true);
+			transportPropertyManager.addRemoteProperties(txn, contactId,
+					remoteProperties);
+			return contactId;
+		});
+	}
+
+	private void tryToClose(DuplexTransportConnection conn) {
+		try {
+			LOG.info("Closing connection");
+			conn.getReader().dispose(true, true);
+			conn.getWriter().dispose(true);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+		}
+	}
+
+	private static class ContactInfo {
+
+		private final Author author;
+		private final Map<TransportId, TransportProperties> properties;
+		private final byte[] signature;
+		private final long timestamp;
+
+		private ContactInfo(Author author,
+				Map<TransportId, TransportProperties> properties,
+				byte[] signature, long timestamp) {
+			this.author = author;
+			this.properties = properties;
+			this.signature = signature;
+			this.timestamp = timestamp;
+		}
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactManagerImpl.java

@@ -1,23 +1,16 @@
 package org.briarproject.bramble.contact;
 
 import org.briarproject.bramble.api.FormatException;
-import org.briarproject.bramble.api.Pair;
 import org.briarproject.bramble.api.contact.Contact;
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.contact.ContactManager;
 import org.briarproject.bramble.api.contact.PendingContact;
 import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.contact.PendingContactState;
-import org.briarproject.bramble.api.contact.event.PendingContactStateChangedEvent;
-import org.briarproject.bramble.api.crypto.KeyPair;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DatabaseComponent;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.NoSuchContactException;
 import org.briarproject.bramble.api.db.Transaction;
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
 import org.briarproject.bramble.api.identity.AuthorInfo;
@@ -26,48 +19,45 @@ import org.briarproject.bramble.api.identity.LocalAuthor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.transport.KeyManager;
 
-import java.security.GeneralSecurityException;
-import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.CopyOnWriteArrayList;
 
 import javax.annotation.Nullable;
 import javax.annotation.concurrent.ThreadSafe;
 import javax.inject.Inject;
 
-import static org.briarproject.bramble.api.contact.PendingContactState.WAITING_FOR_CONNECTION;
+import static org.briarproject.bramble.api.contact.HandshakeLinkConstants.BASE32_LINK_BYTES;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
 import static org.briarproject.bramble.api.identity.AuthorInfo.Status.OURSELVES;
 import static org.briarproject.bramble.api.identity.AuthorInfo.Status.UNKNOWN;
 import static org.briarproject.bramble.api.identity.AuthorInfo.Status.UNVERIFIED;
 import static org.briarproject.bramble.api.identity.AuthorInfo.Status.VERIFIED;
+import static org.briarproject.bramble.util.StringUtils.getRandomBase32String;
 import static org.briarproject.bramble.util.StringUtils.toUtf8;
 
 @ThreadSafe
 @NotNullByDefault
-class ContactManagerImpl implements ContactManager, EventListener {
+class ContactManagerImpl implements ContactManager {
+
+	private static final String REMOTE_CONTACT_LINK =
+			"briar://" + getRandomBase32String(BASE32_LINK_BYTES);
 
 	private final DatabaseComponent db;
 	private final KeyManager keyManager;
 	private final IdentityManager identityManager;
 	private final PendingContactFactory pendingContactFactory;
-
+	private final List<ContactHook> hooks;
-	private final List<ContactHook> hooks = new CopyOnWriteArrayList<>();
-	private final Map<PendingContactId, PendingContactState> states =
-			new ConcurrentHashMap<>();
 
 	@Inject
-	ContactManagerImpl(DatabaseComponent db,
+	ContactManagerImpl(DatabaseComponent db, KeyManager keyManager,
-			KeyManager keyManager,
 			IdentityManager identityManager,
 			PendingContactFactory pendingContactFactory) {
 		this.db = db;
 		this.keyManager = keyManager;
 		this.identityManager = identityManager;
 		this.pendingContactFactory = pendingContactFactory;
+		hooks = new CopyOnWriteArrayList<>();
 	}
 
 	@Override
@@ -79,29 +69,8 @@ class ContactManagerImpl implements ContactManager, EventListener {
 	public ContactId addContact(Transaction txn, Author remote, AuthorId local,
 			SecretKey rootKey, long timestamp, boolean alice, boolean verified,
 			boolean active) throws DbException {
-		ContactId c = db.addContact(txn, remote, local, null, verified);
+		ContactId c = db.addContact(txn, remote, local, verified);
-		keyManager.addRotationKeys(txn, c, rootKey, timestamp, alice, active);
+		keyManager.addContact(txn, c, rootKey, timestamp, alice, active);
-		Contact contact = db.getContact(txn, c);
-		for (ContactHook hook : hooks) hook.addingContact(txn, contact);
-		return c;
-	}
-
-	@Override
-	public ContactId addContact(Transaction txn, PendingContactId p,
-			Author remote, AuthorId local, SecretKey rootKey, long timestamp,
-			boolean alice, boolean verified, boolean active)
-			throws DbException, GeneralSecurityException {
-		PendingContact pendingContact = db.getPendingContact(txn, p);
-		db.removePendingContact(txn, p);
-		states.remove(p);
-		PublicKey theirPublicKey = pendingContact.getPublicKey();
-		ContactId c =
-				db.addContact(txn, remote, local, theirPublicKey, verified);
-		String alias = pendingContact.getAlias();
-		if (!alias.equals(remote.getName())) db.setContactAlias(txn, c, alias);
-		KeyPair ourKeyPair = identityManager.getHandshakeKeys(txn);
-		keyManager.addContact(txn, c, theirPublicKey, ourKeyPair);
-		keyManager.addRotationKeys(txn, c, rootKey, timestamp, alice, active);
 		Contact contact = db.getContact(txn, c);
 		for (ContactHook hook : hooks) hook.addingContact(txn, contact);
 		return c;
@@ -110,7 +79,7 @@ class ContactManagerImpl implements ContactManager, EventListener {
 	@Override
 	public ContactId addContact(Transaction txn, Author remote, AuthorId local,
 			boolean verified) throws DbException {
-		ContactId c = db.addContact(txn, remote, local, null, verified);
+		ContactId c = db.addContact(txn, remote, local, verified);
 		Contact contact = db.getContact(txn, c);
 		for (ContactHook hook : hooks) hook.addingContact(txn, contact);
 		return c;
@@ -126,56 +95,28 @@ class ContactManagerImpl implements ContactManager, EventListener {
 	}
 
 	@Override
-	public String getHandshakeLink() throws DbException {
+	public String getHandshakeLink() {
-		KeyPair keyPair = db.transactionWithResult(true,
+		// TODO replace with real implementation
-				identityManager::getHandshakeKeys);
+		return REMOTE_CONTACT_LINK;
-		return pendingContactFactory.createHandshakeLink(keyPair.getPublic());
 	}
 
 	@Override
 	public PendingContact addPendingContact(String link, String alias)
-			throws DbException, FormatException, GeneralSecurityException {
+			throws DbException, FormatException {
 		PendingContact p =
 				pendingContactFactory.createPendingContact(link, alias);
-		Transaction txn = db.startTransaction(false);
+		db.transaction(false, txn -> db.addPendingContact(txn, p));
-		try {
-			db.addPendingContact(txn, p);
-			KeyPair ourKeyPair = identityManager.getHandshakeKeys(txn);
-			keyManager.addPendingContact(txn, p.getId(), p.getPublicKey(),
-					ourKeyPair);
-			db.commitTransaction(txn);
-		} finally {
-			db.endTransaction(txn);
-		}
-		states.put(p.getId(), WAITING_FOR_CONNECTION);
 		return p;
 	}
 
 	@Override
-	public PendingContact getPendingContact(Transaction txn, PendingContactId p)
+	public Collection<PendingContact> getPendingContacts() throws DbException {
-			throws DbException {
+		return db.transactionWithResult(true, db::getPendingContacts);
-		return db.getPendingContact(txn, p);
-	}
-
-	@Override
-	public Collection<Pair<PendingContact, PendingContactState>> getPendingContacts()
-			throws DbException {
-		Collection<PendingContact> pendingContacts =
-				db.transactionWithResult(true, db::getPendingContacts);
-		List<Pair<PendingContact, PendingContactState>> pairs =
-				new ArrayList<>(pendingContacts.size());
-		for (PendingContact p : pendingContacts) {
-			PendingContactState state = states.get(p.getId());
-			if (state == null) state = WAITING_FOR_CONNECTION;
-			pairs.add(new Pair<>(p, state));
-		}
-		return pairs;
 	}
 
 	@Override
 	public void removePendingContact(PendingContactId p) throws DbException {
 		db.transaction(false, txn -> db.removePendingContact(txn, p));
-		states.remove(p);
 	}
 
 	@Override
@@ -183,11 +124,6 @@ class ContactManagerImpl implements ContactManager, EventListener {
 		return db.transactionWithResult(true, txn -> db.getContact(txn, c));
 	}
 
-	@Override
-	public Contact getContact(Transaction txn, ContactId c) throws DbException {
-		return db.getContact(txn, c);
-	}
-
 	@Override
 	public Contact getContact(AuthorId remoteAuthorId, AuthorId localAuthorId)
 			throws DbException {
@@ -275,12 +211,4 @@ class ContactManagerImpl implements ContactManager, EventListener {
 		else return new AuthorInfo(UNVERIFIED, c.getAlias());
 	}
 
-	@Override
-	public void eventOccurred(Event e) {
-		if (e instanceof PendingContactStateChangedEvent) {
-			PendingContactStateChangedEvent p =
-					(PendingContactStateChangedEvent) e;
-			states.put(p.getId(), p.getPendingContactState());
-		}
-	}
 }

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactModule.java

@@ -1,9 +1,7 @@
 package org.briarproject.bramble.contact;
 
-import org.briarproject.bramble.api.contact.ContactExchangeManager;
+import org.briarproject.bramble.api.contact.ContactExchangeTask;
 import org.briarproject.bramble.api.contact.ContactManager;
-import org.briarproject.bramble.api.contact.HandshakeManager;
-import org.briarproject.bramble.api.event.EventBus;
 
 import javax.inject.Inject;
 import javax.inject.Singleton;
@@ -21,16 +19,14 @@ public class ContactModule {
 
 	@Provides
 	@Singleton
-	ContactManager provideContactManager(EventBus eventBus,
+	ContactManager getContactManager(ContactManagerImpl contactManager) {
-			ContactManagerImpl contactManager) {
-		eventBus.addListener(contactManager);
 		return contactManager;
 	}
 
 	@Provides
-	ContactExchangeManager provideContactExchangeManager(
+	ContactExchangeTask provideContactExchangeTask(
-			ContactExchangeManagerImpl contactExchangeManager) {
+			ContactExchangeTaskImpl contactExchangeTask) {
-		return contactExchangeManager;
+		return contactExchangeTask;
 	}
 
 	@Provides
@@ -38,23 +34,4 @@ public class ContactModule {
 			PendingContactFactoryImpl pendingContactFactory) {
 		return pendingContactFactory;
 	}
-
-	@Provides
-	ContactExchangeCrypto provideContactExchangeCrypto(
-			ContactExchangeCryptoImpl contactExchangeCrypto) {
-		return contactExchangeCrypto;
-	}
-
-	@Provides
-	@Singleton
-	HandshakeManager provideHandshakeManager(
-			HandshakeManagerImpl handshakeManager) {
-		return handshakeManager;
-	}
-
-	@Provides
-	HandshakeCrypto provideHandshakeCrypto(
-			HandshakeCryptoImpl handshakeCrypto) {
-		return handshakeCrypto;
-	}
 }

bramble-core/src/main/java/org/briarproject/bramble/contact/HandshakeConstants.java

@@ -1,31 +0,0 @@
-package org.briarproject.bramble.contact;
-
-import static org.briarproject.bramble.api.crypto.CryptoConstants.MAC_BYTES;
-
-interface HandshakeConstants {
-
-	/**
-	 * The current version of the handshake protocol.
-	 */
-	byte PROTOCOL_VERSION = 0;
-
-	/**
-	 * Label for deriving the master key.
-	 */
-	String MASTER_KEY_LABEL = "org.briarproject.bramble.handshake/MASTER_KEY";
-
-	/**
-	 * Label for deriving Alice's proof of ownership from the master key.
-	 */
-	String ALICE_PROOF_LABEL = "org.briarproject.bramble.handshake/ALICE_PROOF";
-
-	/**
-	 * Label for deriving Bob's proof of ownership from the master key.
-	 */
-	String BOB_PROOF_LABEL = "org.briarproject.bramble.handshake/BOB_PROOF";
-
-	/**
-	 * The length of the proof of ownership in bytes.
-	 */
-	int PROOF_BYTES = MAC_BYTES;
-}

bramble-core/src/main/java/org/briarproject/bramble/contact/HandshakeCrypto.java

@@ -1,40 +0,0 @@
-package org.briarproject.bramble.contact;
-
-import org.briarproject.bramble.api.crypto.KeyPair;
-import org.briarproject.bramble.api.crypto.PublicKey;
-import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import java.security.GeneralSecurityException;
-
-@NotNullByDefault
-interface HandshakeCrypto {
-
-	KeyPair generateEphemeralKeyPair();
-
-	/**
-	 * Derives the master key from the given static and ephemeral keys.
-	 *
-	 * @param alice Whether the local peer is Alice
-	 */
-	SecretKey deriveMasterKey(PublicKey theirStaticPublicKey,
-			PublicKey theirEphemeralPublicKey, KeyPair ourStaticKeyPair,
-			KeyPair ourEphemeralKeyPair, boolean alice)
-			throws GeneralSecurityException;
-
-	/**
-	 * Returns proof that the local peer knows the master key and therefore
-	 * owns the static and ephemeral public keys sent by the local peer.
-	 *
-	 * @param alice Whether the proof is being created by Alice
-	 */
-	byte[] proveOwnership(SecretKey masterKey, boolean alice);
-
-	/**
-	 * Verifies the given proof that the remote peer knows the master key and
-	 * therefore owns the static and ephemeral keys sent by the remote peer.
-	 *
-	 * @param alice Whether the proof was created by Alice
-	 */
-	boolean verifyOwnership(SecretKey masterKey, boolean alice, byte[] proof);
-}

bramble-core/src/main/java/org/briarproject/bramble/contact/HandshakeCryptoImpl.java

@@ -1,66 +0,0 @@
-package org.briarproject.bramble.contact;
-
-import org.briarproject.bramble.api.crypto.CryptoComponent;
-import org.briarproject.bramble.api.crypto.KeyPair;
-import org.briarproject.bramble.api.crypto.PublicKey;
-import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import java.security.GeneralSecurityException;
-
-import javax.annotation.concurrent.Immutable;
-import javax.inject.Inject;
-
-import static org.briarproject.bramble.contact.HandshakeConstants.ALICE_PROOF_LABEL;
-import static org.briarproject.bramble.contact.HandshakeConstants.BOB_PROOF_LABEL;
-import static org.briarproject.bramble.contact.HandshakeConstants.MASTER_KEY_LABEL;
-
-@Immutable
-@NotNullByDefault
-class HandshakeCryptoImpl implements HandshakeCrypto {
-
-	private final CryptoComponent crypto;
-
-	@Inject
-	HandshakeCryptoImpl(CryptoComponent crypto) {
-		this.crypto = crypto;
-	}
-
-	@Override
-	public KeyPair generateEphemeralKeyPair() {
-		return crypto.generateAgreementKeyPair();
-	}
-
-	@Override
-	public SecretKey deriveMasterKey(PublicKey theirStaticPublicKey,
-			PublicKey theirEphemeralPublicKey, KeyPair ourStaticKeyPair,
-			KeyPair ourEphemeralKeyPair, boolean alice) throws
-			GeneralSecurityException {
-		byte[] theirStatic = theirStaticPublicKey.getEncoded();
-		byte[] theirEphemeral = theirEphemeralPublicKey.getEncoded();
-		byte[] ourStatic = ourStaticKeyPair.getPublic().getEncoded();
-		byte[] ourEphemeral = ourEphemeralKeyPair.getPublic().getEncoded();
-		byte[][] inputs = {
-				alice ? ourStatic : theirStatic,
-				alice ? theirStatic : ourStatic,
-				alice ? ourEphemeral : theirEphemeral,
-				alice ? theirEphemeral : ourEphemeral
-		};
-		return crypto.deriveSharedSecret(MASTER_KEY_LABEL, theirStaticPublicKey,
-				theirEphemeralPublicKey, ourStaticKeyPair, ourEphemeralKeyPair,
-				alice, inputs);
-	}
-
-	@Override
-	public byte[] proveOwnership(SecretKey masterKey, boolean alice) {
-		String label = alice ? ALICE_PROOF_LABEL : BOB_PROOF_LABEL;
-		return crypto.mac(label, masterKey);
-	}
-
-	@Override
-	public boolean verifyOwnership(SecretKey masterKey, boolean alice,
-			byte[] proof) {
-		String label = alice ? ALICE_PROOF_LABEL : BOB_PROOF_LABEL;
-		return crypto.verifyMac(proof, label, masterKey);
-	}
-}

bramble-core/src/main/java/org/briarproject/bramble/contact/HandshakeManagerImpl.java

@@ -1,163 +0,0 @@
-package org.briarproject.bramble.contact;
-
-import org.briarproject.bramble.api.FormatException;
-import org.briarproject.bramble.api.Pair;
-import org.briarproject.bramble.api.Predicate;
-import org.briarproject.bramble.api.contact.ContactManager;
-import org.briarproject.bramble.api.contact.HandshakeManager;
-import org.briarproject.bramble.api.contact.PendingContact;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.crypto.AgreementPublicKey;
-import org.briarproject.bramble.api.crypto.KeyPair;
-import org.briarproject.bramble.api.crypto.PublicKey;
-import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.crypto.TransportCrypto;
-import org.briarproject.bramble.api.db.DatabaseComponent;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.db.TransactionManager;
-import org.briarproject.bramble.api.identity.IdentityManager;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.record.Record;
-import org.briarproject.bramble.api.record.RecordReader;
-import org.briarproject.bramble.api.record.RecordReaderFactory;
-import org.briarproject.bramble.api.record.RecordWriter;
-import org.briarproject.bramble.api.record.RecordWriterFactory;
-import org.briarproject.bramble.api.transport.StreamWriter;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.GeneralSecurityException;
-
-import javax.annotation.concurrent.Immutable;
-import javax.inject.Inject;
-
-import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
-import static org.briarproject.bramble.contact.HandshakeConstants.PROOF_BYTES;
-import static org.briarproject.bramble.contact.HandshakeConstants.PROTOCOL_VERSION;
-import static org.briarproject.bramble.contact.HandshakeRecordTypes.EPHEMERAL_PUBLIC_KEY;
-import static org.briarproject.bramble.contact.HandshakeRecordTypes.PROOF_OF_OWNERSHIP;
-import static org.briarproject.bramble.util.ValidationUtils.checkLength;
-
-@Immutable
-@NotNullByDefault
-class HandshakeManagerImpl implements HandshakeManager {
-
-	// Ignore records with current protocol version, unknown record type
-	private static final Predicate<Record> IGNORE = r ->
-			r.getProtocolVersion() == PROTOCOL_VERSION &&
-					!isKnownRecordType(r.getRecordType());
-
-	private static boolean isKnownRecordType(byte type) {
-		return type == EPHEMERAL_PUBLIC_KEY || type == PROOF_OF_OWNERSHIP;
-	}
-
-	private final TransactionManager db;
-	private final IdentityManager identityManager;
-	private final ContactManager contactManager;
-	private final TransportCrypto transportCrypto;
-	private final HandshakeCrypto handshakeCrypto;
-	private final RecordReaderFactory recordReaderFactory;
-	private final RecordWriterFactory recordWriterFactory;
-
-	@Inject
-	HandshakeManagerImpl(DatabaseComponent db,
-			IdentityManager identityManager,
-			ContactManager contactManager,
-			TransportCrypto transportCrypto,
-			HandshakeCrypto handshakeCrypto,
-			RecordReaderFactory recordReaderFactory,
-			RecordWriterFactory recordWriterFactory) {
-		this.db = db;
-		this.identityManager = identityManager;
-		this.contactManager = contactManager;
-		this.transportCrypto = transportCrypto;
-		this.handshakeCrypto = handshakeCrypto;
-		this.recordReaderFactory = recordReaderFactory;
-		this.recordWriterFactory = recordWriterFactory;
-	}
-
-	@Override
-	public HandshakeResult handshake(PendingContactId p, InputStream in,
-			StreamWriter out) throws DbException, IOException {
-		Pair<PublicKey, KeyPair> keys = db.transactionWithResult(true, txn -> {
-			PendingContact pendingContact =
-					contactManager.getPendingContact(txn, p);
-			KeyPair keyPair = identityManager.getHandshakeKeys(txn);
-			return new Pair<>(pendingContact.getPublicKey(), keyPair);
-		});
-		PublicKey theirStaticPublicKey = keys.getFirst();
-		KeyPair ourStaticKeyPair = keys.getSecond();
-		boolean alice = transportCrypto.isAlice(theirStaticPublicKey,
-				ourStaticKeyPair);
-		RecordReader recordReader = recordReaderFactory.createRecordReader(in);
-		RecordWriter recordWriter = recordWriterFactory
-				.createRecordWriter(out.getOutputStream());
-		KeyPair ourEphemeralKeyPair =
-				handshakeCrypto.generateEphemeralKeyPair();
-		PublicKey theirEphemeralPublicKey;
-		if (alice) {
-			sendPublicKey(recordWriter, ourEphemeralKeyPair.getPublic());
-			theirEphemeralPublicKey = receivePublicKey(recordReader);
-		} else {
-			theirEphemeralPublicKey = receivePublicKey(recordReader);
-			sendPublicKey(recordWriter, ourEphemeralKeyPair.getPublic());
-		}
-		SecretKey masterKey;
-		try {
-			masterKey = handshakeCrypto.deriveMasterKey(theirStaticPublicKey,
-					theirEphemeralPublicKey, ourStaticKeyPair,
-					ourEphemeralKeyPair, alice);
-		} catch (GeneralSecurityException e) {
-			throw new FormatException();
-		}
-		byte[] ourProof = handshakeCrypto.proveOwnership(masterKey, alice);
-		byte[] theirProof;
-		if (alice) {
-			sendProof(recordWriter, ourProof);
-			theirProof = receiveProof(recordReader);
-		} else {
-			theirProof = receiveProof(recordReader);
-			sendProof(recordWriter, ourProof);
-		}
-		out.sendEndOfStream();
-		recordReader.readRecord(r -> false, IGNORE);
-		if (!handshakeCrypto.verifyOwnership(masterKey, !alice, theirProof))
-			throw new FormatException();
-		return new HandshakeResult(masterKey, alice);
-	}
-
-	private void sendPublicKey(RecordWriter w, PublicKey k) throws IOException {
-		w.writeRecord(new Record(PROTOCOL_VERSION, EPHEMERAL_PUBLIC_KEY,
-				k.getEncoded()));
-		w.flush();
-	}
-
-	private PublicKey receivePublicKey(RecordReader r) throws IOException {
-		byte[] key = readRecord(r, EPHEMERAL_PUBLIC_KEY).getPayload();
-		checkLength(key, 1, MAX_AGREEMENT_PUBLIC_KEY_BYTES);
-		return new AgreementPublicKey(key);
-	}
-
-	private void sendProof(RecordWriter w, byte[] proof) throws IOException {
-		w.writeRecord(new Record(PROTOCOL_VERSION, PROOF_OF_OWNERSHIP, proof));
-		w.flush();
-	}
-
-	private byte[] receiveProof(RecordReader r) throws IOException {
-		byte[] proof = readRecord(r, PROOF_OF_OWNERSHIP).getPayload();
-		checkLength(proof, PROOF_BYTES, PROOF_BYTES);
-		return proof;
-	}
-
-	private Record readRecord(RecordReader r, byte expectedType)
-			throws IOException {
-		// Accept records with current protocol version, expected type only
-		Predicate<Record> accept = rec ->
-				rec.getProtocolVersion() == PROTOCOL_VERSION &&
-						rec.getRecordType() == expectedType;
-		Record rec = r.readRecord(accept, IGNORE);
-		if (rec == null) throw new EOFException();
-		return rec;
-	}
-}

bramble-core/src/main/java/org/briarproject/bramble/contact/HandshakeRecordTypes.java

@@ -1,11 +0,0 @@
-package org.briarproject.bramble.contact;
-
-/**
- * Record types for the handshake protocol.
- */
-interface HandshakeRecordTypes {
-
-	byte EPHEMERAL_PUBLIC_KEY = 0;
-
-	byte PROOF_OF_OWNERSHIP = 1;
-}