WIP: BluetoothPlugin: adds abstract superclass

The droidtooth plugin and bluetooth plugins share a lot of common code.
Add an abstract superclass that shares the common code between both
classes.

.gitlab-ci.yml

@@ -1,29 +0,0 @@
-image: registry.gitlab.com/fdroid/ci-images-base:latest
-
-cache:
-  paths:
-    - .gradle/wrapper
-    - .gradle/caches
-
-before_script:
-  - set -e
-  - export GRADLE_USER_HOME=$PWD/.gradle
-  # Accept the license for the Android build tools
-  - echo y | /opt/android-sdk/tools/bin/sdkmanager "build-tools;26.0.2"
-  # Download OpenJDK 6 so we can compile against its standard library
-  - JDK_FILE=openjdk-6-jre-headless_6b38-1.13.10-1~deb7u1_amd64.deb
-  - if [ ! -d openjdk ]
-  - then
-  - wget -q http://ftp.uk.debian.org/debian/pool/main/o/openjdk-6/$JDK_FILE
-  - dpkg-deb -x $JDK_FILE openjdk
-  - fi
-  - export JAVA_6_HOME=$PWD/openjdk/usr/lib/jvm/java-6-openjdk-amd64
-
-test:
-  script:
-    - ./gradlew test
-
-after_script:
-    # this file changes every time but should not be cached
-    - rm -f $GRADLE_USER_HOME/caches/modules-2/modules-2.lock
-    - rm -fr $GRADLE_USER_HOME/caches/*/plugin-resolution/

bramble-android/build.gradle

@@ -6,90 +6,99 @@ apply plugin: 'witness'
 apply plugin: 'de.undercouch.download'
 
 android {
-	compileSdkVersion 27
+	compileSdkVersion 23
-	buildToolsVersion '26.0.2'
+	buildToolsVersion "23.0.3"
 
 	defaultConfig {
 		minSdkVersion 14
-		targetSdkVersion 26
+		targetSdkVersion 22
-		versionCode 1612
+		versionCode 1
-		versionName "0.16.12"
+		versionName "1.0"
 		consumerProguardFiles 'proguard-rules.txt'
 	}
 
 	compileOptions {
-		sourceCompatibility JavaVersion.VERSION_1_8
+		sourceCompatibility JavaVersion.VERSION_1_7
-		targetCompatibility JavaVersion.VERSION_1_8
+		targetCompatibility JavaVersion.VERSION_1_7
 	}
 }
 
 dependencies {
-	implementation project(path: ':bramble-core', configuration: 'default')
+	compile project(':bramble-core')
-	implementation fileTree(dir: 'libs', include: '*.jar')
+	compile fileTree(dir: 'libs', include: ['*.jar'])
-
+	provided 'javax.annotation:jsr250-api:1.0'
-	annotationProcessor 'com.google.dagger:dagger-compiler:2.0.2'
-
-	compileOnly 'javax.annotation:jsr250-api:1.0'
 }
 
-dependencyVerification {
+def torBinaryDir = 'src/main/res/raw'
-	verify = [
+
-			'com.google.code.findbugs:jsr305:3.0.2:jsr305-3.0.2.jar:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7',
+task downloadTorGeoIp(type: Download) {
-			'com.google.dagger:dagger-compiler:2.0.2:dagger-compiler-2.0.2.jar:b74bc9de063dd4c6400b232231f2ef5056145b8fbecbf5382012007dd1c071b3',
+	src 'https://briarproject.org/build/geoip-2015-12-01.zip'
-			'com.google.dagger:dagger-producers:2.0-beta:dagger-producers-2.0-beta.jar:99ec15e8a0507ba569e7655bc1165ee5e5ca5aa914b3c8f7e2c2458f724edd6b',
+	dest "$torBinaryDir/geoip.zip"
-			'com.google.dagger:dagger:2.0.2:dagger-2.0.2.jar:84c0282ed8be73a29e0475d639da030b55dee72369e58dd35ae7d4fe6243dcf9',
+	onlyIfNewer true
-			'com.google.guava:guava:18.0:guava-18.0.jar:d664fbfc03d2e5ce9cab2a44fb01f1d0bf9dfebeccc1a473b1f9ea31f79f6f99',
-			'com.h2database:h2:1.4.192:h2-1.4.192.jar:225b22e9857235c46c93861410b60b8c81c10dc8985f4faf188985ba5445126c',
-			'com.madgag.spongycastle:core:1.58.0.0:core-1.58.0.0.jar:199617dd5698c5a9312b898c0a4cec7ce9dd8649d07f65d91629f58229d72728',
-			'javax.annotation:jsr250-api:1.0:jsr250-api-1.0.jar:a1a922d0d9b6d183ed3800dfac01d1e1eb159f0e8c6f94736931c1def54a941f',
-			'javax.inject:javax.inject:1:javax.inject-1.jar:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff',
-			'org.bitlet:weupnp:0.1.4:weupnp-0.1.4.jar:88df7e6504929d00bdb832863761385c68ab92af945b04f0770b126270a444fb',
-			'org.jacoco:org.jacoco.agent:0.7.4.201502262128:org.jacoco.agent-0.7.4.201502262128-runtime.jar:e357a0f1d573c2f702a273992b1b6cb661734f66311854efb3778a888515c5b5',
-			'org.jacoco:org.jacoco.agent:0.7.4.201502262128:org.jacoco.agent-0.7.4.201502262128.jar:47b4bec6df11a1118da3953da8b9fa1e7079d6fec857faa1a3cf912e53a6fd4e',
-			'org.jacoco:org.jacoco.ant:0.7.4.201502262128:org.jacoco.ant-0.7.4.201502262128.jar:013ce2a68ba57a3c59215ae0dec4df3498c078062a38c3b94c841fc14450f283',
-			'org.jacoco:org.jacoco.core:0.7.4.201502262128:org.jacoco.core-0.7.4.201502262128.jar:ec4c74554312fac5116350164786f91b35c9e082fa4ea598bfa42b5db05d7abb',
-			'org.jacoco:org.jacoco.report:0.7.4.201502262128:org.jacoco.report-0.7.4.201502262128.jar:7a3554c605e088e7e323b1084656243f0444fa353e2f2dee1f1a4204eb64ff09',
-			'org.ow2.asm:asm-debug-all:5.0.1:asm-debug-all-5.0.1.jar:4734de5b515a454b0096db6971fb068e5f70e6f10bbee2b3bd2fdfe5d978ed57',
-	]
 }
 
-ext.torBinaryDir = 'src/main/res/raw'
+task downloadTorBinaryArm(type: Download) {
-ext.torVersion = '0.2.9.12'
+	src 'https://briarproject.org/build/tor-0.2.7.6-arm.zip'
-ext.geoipVersion = '2017-09-06'
+	dest "$torBinaryDir/tor_arm.zip"
-ext.torDownloadUrl = 'https://briarproject.org/build/'
+	onlyIfNewer true
-
-def torBinaries = [
-		"tor_arm"    : '8ed0b347ffed1d6a4d2fd14495118eb92be83e9cc06e057e15220dc288b31688',
-		"tor_arm_pie": '64403262511c29f462ca5e7c7621bfc3c944898364d1d5ad35a016bb8a034283',
-		"tor_x86"    : '61e014607a2079bcf1646289c67bff6372b1aded6e1d8d83d7791efda9a4d5ab',
-		"tor_x86_pie": '18fbc98356697dd0895836ab46d5c9877d1c539193464f7db1e82a65adaaf288',
-		"geoip"      : 'fe49d3adb86d3c512373101422a017dbb86c85a570524663f09dd8ce143a24f3'
-]
-
-def downloadBinary(name) {
-	return tasks.create("downloadBinary${name}", Download) {
-		src "${torDownloadUrl}${name}.zip"
-				.replace('tor_', "tor-${torVersion}-")
-				.replace('geoip', "geoip-${geoipVersion}")
-				.replaceAll('_', '-')
-		dest "${torBinaryDir}/${name}.zip"
-		onlyIfNewer true
-	}
 }
 
-def verifyBinary(name, chksum) {
+task downloadTorBinaryArmPie(type: Download) {
-	return tasks.create([
+	src 'https://briarproject.org/build/tor-0.2.7.6-arm-pie.zip'
-			name     : "verifyBinary${name}",
+	dest "$torBinaryDir/tor_arm_pie.zip"
-			type     : Verify,
+	onlyIfNewer true
-			dependsOn: downloadBinary(name)]) {
+}
-		src "${torBinaryDir}/${name}.zip"
+
-		algorithm 'SHA-256'
+task downloadTorBinaryX86(type: Download) {
-		checksum chksum
+	src 'https://briarproject.org/build/tor-0.2.7.6-x86.zip'
-	}
+	dest "$torBinaryDir/tor_x86.zip"
+	onlyIfNewer true
+}
+
+task downloadTorBinaryX86Pie(type: Download) {
+	src 'https://briarproject.org/build/tor-0.2.7.6-x86-pie.zip'
+	dest "$torBinaryDir/tor_x86_pie.zip"
+	onlyIfNewer true
+}
+
+task verifyTorGeoIp(type: Verify, dependsOn: 'downloadTorGeoIp') {
+	src "$torBinaryDir/geoip.zip"
+	algorithm 'SHA-256'
+	checksum '9bcdaf0a7ba0933735328d8ec466c25c25dbb459efc2bce9e55c774eabea5162'
+}
+
+task verifyTorBinaryArm(type: Verify, dependsOn: 'downloadTorBinaryArm') {
+	src "$torBinaryDir/tor_arm.zip"
+	algorithm 'SHA-256'
+	checksum '83272962eda701cd5d74d2418651c4ff0f0b1dff51f558a292d1a1c42bf12146'
+}
+
+task verifyTorBinaryArmPie(type: Verify, dependsOn: 'downloadTorBinaryArmPie') {
+	src "$torBinaryDir/tor_arm_pie.zip"
+	algorithm 'SHA-256'
+	checksum 'd0300d1e45de11ebb24ed62b9c492be9c2e88590b7822195ab38c7a76ffcf646'
+}
+
+task verifyTorBinaryX86(type: Verify, dependsOn: 'downloadTorBinaryX86') {
+	src "$torBinaryDir/tor_x86.zip"
+	algorithm 'SHA-256'
+	checksum 'b8813d97b01ee1b9c9a4233c1b9bbe9f9f6b494ae6f9cbd84de8a3911911615e'
+}
+
+task verifyTorBinaryX86Pie(type: Verify, dependsOn: 'downloadTorBinaryX86Pie') {
+	src "$torBinaryDir/tor_x86_pie.zip"
+	algorithm 'SHA-256'
+	checksum '9c66e765aa196dc089951a1b2140cc8290305c2fcbf365121f99e01a233baf4e'
 }
 
 project.afterEvaluate {
-	torBinaries.every { key, value ->
+	preBuild.dependsOn {
-		preBuild.dependsOn.add(verifyBinary(key, value))
+		[
+				'verifyTorGeoIp',
+				'verifyTorBinaryArm',
+				'verifyTorBinaryArmPie',
+				'verifyTorBinaryX86',
+				'verifyTorBinaryX86Pie'
+		]
 	}
 }

bramble-android/src/main/AndroidManifest.xml

@@ -11,6 +11,8 @@
 	<uses-permission android:name="android.permission.INTERNET"/>
 	<uses-permission android:name="android.permission.READ_LOGS"/>
 	<uses-permission android:name="android.permission.WAKE_LOCK"/>
+	<!-- Since API 23, this is needed to add contacts via Bluetooth -->
+	<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
 
 	<application
 		android:allowBackup="false"

bramble-android/src/main/java/org/briarproject/bramble/plugin/AndroidPluginModule.java

@@ -39,13 +39,13 @@ public class AndroidPluginModule {
 			EventBus eventBus) {
 		Context appContext = app.getApplicationContext();
 		DuplexPluginFactory bluetooth = new DroidtoothPluginFactory(ioExecutor,
-				androidExecutor, appContext, random, eventBus, backoffFactory);
+				androidExecutor, appContext, random, backoffFactory);
 		DuplexPluginFactory tor = new TorPluginFactory(ioExecutor, appContext,
 				locationUtils, reporter, eventBus, torSocketFactory,
 				backoffFactory);
 		DuplexPluginFactory lan = new AndroidLanTcpPluginFactory(ioExecutor,
 				backoffFactory, appContext);
-		Collection<DuplexPluginFactory> duplex =
+		final Collection<DuplexPluginFactory> duplex =
 				Arrays.asList(bluetooth, tor, lan);
 		@NotNullByDefault
 		PluginConfig pluginConfig = new PluginConfig() {

bramble-android/src/main/java/org/briarproject/bramble/plugin/droidtooth/DroidtoothPlugin.java

@@ -11,21 +11,17 @@ import android.content.IntentFilter;
 
 import org.briarproject.bramble.api.FormatException;
 import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.crypto.PseudoRandom;
 import org.briarproject.bramble.api.data.BdfList;
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementConnection;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementListener;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.PluginException;
-import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.AbstractBluetoothPlugin;
-import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.plugin.event.DisableBluetoothEvent;
-import org.briarproject.bramble.api.plugin.event.EnableBluetoothEvent;
 import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.system.AndroidExecutor;
 import org.briarproject.bramble.util.AndroidUtils;
@@ -33,14 +29,23 @@ import org.briarproject.bramble.util.StringUtils;
 
 import java.io.Closeable;
 import java.io.IOException;
+import java.io.InputStream;
 import java.security.SecureRandom;
+import java.util.ArrayList;
 import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
 import java.util.UUID;
 import java.util.concurrent.Callable;
+import java.util.concurrent.CompletionService;
+import java.util.concurrent.CopyOnWriteArrayList;
+import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.Executor;
+import java.util.concurrent.ExecutorCompletionService;
+import java.util.concurrent.Future;
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.logging.Logger;
 
@@ -55,6 +60,8 @@ import static android.bluetooth.BluetoothAdapter.SCAN_MODE_CONNECTABLE_DISCOVERA
 import static android.bluetooth.BluetoothAdapter.SCAN_MODE_NONE;
 import static android.bluetooth.BluetoothAdapter.STATE_OFF;
 import static android.bluetooth.BluetoothAdapter.STATE_ON;
+import static android.bluetooth.BluetoothDevice.EXTRA_DEVICE;
+import static java.util.concurrent.TimeUnit.MILLISECONDS;
 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.TRANSPORT_ID_BLUETOOTH;
@@ -67,21 +74,20 @@ import static org.briarproject.bramble.util.PrivacyUtils.scrubMacAddress;
 
 @MethodsNotNullByDefault
 @ParametersNotNullByDefault
-class DroidtoothPlugin implements DuplexPlugin, EventListener {
+class DroidtoothPlugin<C, S>
+		extends AbstractBluetoothPlugin<C, S>{
 
 	private static final Logger LOG =
 			Logger.getLogger(DroidtoothPlugin.class.getName());
+	private static final String FOUND =
+			"android.bluetooth.device.action.FOUND";
+	private static final String DISCOVERY_FINISHED =
+			"android.bluetooth.adapter.action.DISCOVERY_FINISHED";
 
-	private final Executor ioExecutor;
 	private final AndroidExecutor androidExecutor;
 	private final Context appContext;
-	private final SecureRandom secureRandom;
-	private final Backoff backoff;
-	private final DuplexPluginCallback callback;
-	private final int maxLatency;
 	private final AtomicBoolean used = new AtomicBoolean(false);
 
-	private volatile boolean running = false;
 	private volatile boolean wasEnabledByUs = false;
 	private volatile BluetoothStateReceiver receiver = null;
 	private volatile BluetoothServerSocket socket = null;
@@ -92,29 +98,15 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 	DroidtoothPlugin(Executor ioExecutor, AndroidExecutor androidExecutor,
 			Context appContext, SecureRandom secureRandom, Backoff backoff,
 			DuplexPluginCallback callback, int maxLatency) {
-		this.ioExecutor = ioExecutor;
+
+		super(ioExecutor, secureRandom, backoff, maxLatency, callback);
 		this.androidExecutor = androidExecutor;
 		this.appContext = appContext;
-		this.secureRandom = secureRandom;
-		this.backoff = backoff;
-		this.callback = callback;
-		this.maxLatency = maxLatency;
 	}
 
 	@Override
-	public TransportId getId() {
+	protected void close(S ss) throws IOException {
-		return ID;
+		((BluetoothServerSocket)ss).close();
-	}
-
-	@Override
-	public int getMaxLatency() {
-		return maxLatency;
-	}
-
-	@Override
-	public int getMaxIdleTime() {
-		// Bluetooth detects dead connections so we don't need keepalives
-		return Integer.MAX_VALUE;
 	}
 
 	@Override
@@ -124,7 +116,12 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 		// with a message queue, so submit it to the AndroidExecutor
 		try {
 			adapter = androidExecutor.runOnBackgroundThread(
-					BluetoothAdapter::getDefaultAdapter).get();
+					new Callable<BluetoothAdapter>() {
+						@Override
+						public BluetoothAdapter call() throws Exception {
+							return BluetoothAdapter.getDefaultAdapter();
+						}
+					}).get();
 		} catch (InterruptedException e) {
 			Thread.currentThread().interrupt();
 			LOG.warning("Interrupted while getting BluetoothAdapter");
@@ -149,7 +146,9 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 		} else {
 			// Enable Bluetooth if settings allow
 			if (callback.getSettings().getBoolean(PREF_BT_ENABLE, false)) {
-				enableAdapter();
+				wasEnabledByUs = true;
+				if (adapter.enable()) LOG.info("Enabling Bluetooth");
+				else LOG.info("Could not enable Bluetooth");
 			} else {
 				LOG.info("Not enabling Bluetooth");
 			}
@@ -157,62 +156,43 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 	}
 
 	private void bind() {
-		ioExecutor.execute(() -> {
+		ioExecutor.execute(new Runnable() {
-			if (!isRunning()) return;
+			@Override
-			String address = AndroidUtils.getBluetoothAddress(appContext,
+			public void run() {
-					adapter);
+				if (!isRunning()) return;
-			if (LOG.isLoggable(INFO))
+				String address = AndroidUtils.getBluetoothAddress(appContext,
-				LOG.info("Local address " + scrubMacAddress(address));
+						adapter);
-			if (!StringUtils.isNullOrEmpty(address)) {
+				if (LOG.isLoggable(INFO))
-				// Advertise the Bluetooth address to contacts
+					LOG.info("Local address " + scrubMacAddress(address));
-				TransportProperties p = new TransportProperties();
+				if (!StringUtils.isNullOrEmpty(address)) {
-				p.put(PROP_ADDRESS, address);
+					// Advertise the Bluetooth address to contacts
-				callback.mergeLocalProperties(p);
+					TransportProperties p = new TransportProperties();
+					p.put(PROP_ADDRESS, address);
+					callback.mergeLocalProperties(p);
+				}
+				// Bind a server socket to accept connections from contacts
+				BluetoothServerSocket ss;
+				try {
+					ss = adapter.listenUsingInsecureRfcommWithServiceRecord(
+							"RFCOMM", UUID.fromString(getUuid()));
+				} catch (IOException e) {
+					if (LOG.isLoggable(WARNING))
+						LOG.log(WARNING, e.toString(), e);
+					return;
+				}
+				if (!isRunning()) {
+					tryToClose((S)ss);
+					return;
+				}
+				LOG.info("Socket bound");
+				socket = ss;
+				backoff.reset();
+				callback.transportEnabled();
+				acceptContactConnections();
 			}
-			// Bind a server socket to accept connections from contacts
-			BluetoothServerSocket ss;
-			try {
-				ss = adapter.listenUsingInsecureRfcommWithServiceRecord(
-						"RFCOMM", getUuid());
-			} catch (IOException e) {
-				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
-				return;
-			}
-			if (!isRunning()) {
-				tryToClose(ss);
-				return;
-			}
-			LOG.info("Socket bound");
-			socket = ss;
-			backoff.reset();
-			callback.transportEnabled();
-			acceptContactConnections();
 		});
 	}
 
-	private UUID getUuid() {
-		String uuid = callback.getLocalProperties().get(PROP_UUID);
-		if (uuid == null) {
-			byte[] random = new byte[UUID_BYTES];
-			secureRandom.nextBytes(random);
-			uuid = UUID.nameUUIDFromBytes(random).toString();
-			TransportProperties p = new TransportProperties();
-			p.put(PROP_UUID, uuid);
-			callback.mergeLocalProperties(p);
-		}
-		return UUID.fromString(uuid);
-	}
-
-	private void tryToClose(@Nullable BluetoothServerSocket ss) {
-		try {
-			if (ss != null) ss.close();
-		} catch (IOException e) {
-			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
-		} finally {
-			callback.transportDisabled();
-		}
-	}
-
 	private void acceptContactConnections() {
 		while (isRunning()) {
 			BluetoothSocket s;
@@ -236,27 +216,13 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 		return new DroidtoothTransportConnection(this, s);
 	}
 
-	private void enableAdapter() {
-		if (adapter != null && !adapter.isEnabled()) {
-			if (adapter.enable()) {
-				LOG.info("Enabling Bluetooth");
-				wasEnabledByUs = true;
-			} else {
-				LOG.info("Could not enable Bluetooth");
-			}
-		}
-	}
-
 	@Override
 	public void stop() {
-		running = false;
+		this.running = false;
 		if (receiver != null) appContext.unregisterReceiver(receiver);
-		tryToClose(socket);
+		tryToClose((S)socket);
-		disableAdapter();
+		// Disable Bluetooth if we enabled it and it's still enabled
-	}
+		if (wasEnabledByUs && adapter.isEnabled()) {
-
-	private void disableAdapter() {
-		if (adapter != null && adapter.isEnabled() && wasEnabledByUs) {
 			if (adapter.disable()) LOG.info("Disabling Bluetooth");
 			else LOG.info("Could not disable Bluetooth");
 		}
@@ -267,39 +233,20 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 		return running && adapter != null && adapter.isEnabled();
 	}
 
-	@Override
+	protected Runnable returnPollRunnable(final String address, final String uuid,
-	public boolean shouldPoll() {
+			final ContactId c) {
-		return true;
+		return new Runnable() {
-	}
+			@Override
-
+			public void run() {
-	@Override
-	public int getPollingInterval() {
-		return backoff.getPollingInterval();
-	}
-
-	@Override
-	public void poll(Collection<ContactId> connected) {
-		if (!isRunning()) return;
-		backoff.increment();
-		// Try to connect to known devices in parallel
-		Map<ContactId, TransportProperties> remote =
-				callback.getRemoteProperties();
-		for (Entry<ContactId, TransportProperties> e : remote.entrySet()) {
-			ContactId c = e.getKey();
-			if (connected.contains(c)) continue;
-			String address = e.getValue().get(PROP_ADDRESS);
-			if (StringUtils.isNullOrEmpty(address)) continue;
-			String uuid = e.getValue().get(PROP_UUID);
-			if (StringUtils.isNullOrEmpty(uuid)) continue;
-			ioExecutor.execute(() -> {
 				if (!running) return;
 				BluetoothSocket s = connect(address, uuid);
 				if (s != null) {
 					backoff.reset();
 					callback.outgoingConnectionCreated(c, wrapSocket(s));
 				}
-			});
+			}
-		}
+
+		};
 	}
 
 	@Nullable
@@ -335,35 +282,95 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 				LOG.info("Failed to connect to " + scrubMacAddress(address)
 						+ ": " + e);
 			}
-			tryToClose(s);
+			tryToClose((S)s);
 			return null;
 		}
 	}
 
-	private void tryToClose(@Nullable Closeable c) {
+
+	public DuplexTransportConnection connectToAddress(String address, String uuid) {
+		BluetoothSocket s = connect(address, uuid);
+		return s == null ? null : wrapSocket(s);
+	}
+
+
+	@Override
+	public DuplexTransportConnection createInvitationConnection(PseudoRandom r,
+			long timeout, boolean alice) {
+		if (!isRunning()) return null;
+		// Use the invitation codes to generate the UUID
+		byte[] b = r.nextBytes(UUID_BYTES);
+		UUID uuid = UUID.nameUUIDFromBytes(b);
+		if (LOG.isLoggable(INFO)) LOG.info("Invitation UUID " + uuid);
+		// Bind a server socket for receiving invitation connections
+		BluetoothServerSocket ss;
 		try {
-			if (c != null) c.close();
+			ss = adapter.listenUsingInsecureRfcommWithServiceRecord(
+					"RFCOMM", uuid);
 		} catch (IOException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			return null;
+		}
+		// Create the background tasks
+		CompletionService<BluetoothSocket> complete =
+				new ExecutorCompletionService<>(ioExecutor);
+		List<Future<BluetoothSocket>> futures = new ArrayList<>();
+		if (alice) {
+			// Return the first connected socket
+			futures.add(complete.submit(new ListeningTask(ss)));
+			futures.add(complete.submit(new DiscoveryTask(uuid.toString())));
+		} else {
+			// Return the first socket with readable data
+			futures.add(complete.submit(new ReadableTask(
+					new ListeningTask(ss))));
+			futures.add(complete.submit(new ReadableTask(
+					new DiscoveryTask(uuid.toString()))));
+		}
+		BluetoothSocket chosen = null;
+		try {
+			Future<BluetoothSocket> f = complete.poll(timeout, MILLISECONDS);
+			if (f == null) return null; // No task completed within the timeout
+			chosen = f.get();
+			return new DroidtoothTransportConnection(this, chosen);
+		} catch (InterruptedException e) {
+			LOG.info("Interrupted while exchanging invitations");
+			Thread.currentThread().interrupt();
+			return null;
+		} catch (ExecutionException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			return null;
+		} finally {
+			// Closing the socket will terminate the listener task
+			tryToClose((S)ss);
+			closeSockets(futures, chosen);
 		}
 	}
 
-	@Override
+	private void closeSockets(final List<Future<BluetoothSocket>> futures,
-	public DuplexTransportConnection createConnection(ContactId c) {
+			@Nullable final BluetoothSocket chosen) {
-		if (!isRunning()) return null;
+		ioExecutor.execute(new Runnable() {
-		TransportProperties p = callback.getRemoteProperties(c);
+			@Override
-		String address = p.get(PROP_ADDRESS);
+			public void run() {
-		if (StringUtils.isNullOrEmpty(address)) return null;
+				for (Future<BluetoothSocket> f : futures) {
-		String uuid = p.get(PROP_UUID);
+					try {
-		if (StringUtils.isNullOrEmpty(uuid)) return null;
+						if (f.cancel(true)) {
-		BluetoothSocket s = connect(address, uuid);
+							LOG.info("Cancelled task");
-		if (s == null) return null;
+						} else {
-		return new DroidtoothTransportConnection(this, s);
+							BluetoothSocket s = f.get();
-	}
+							if (s != null && s != chosen) {
-
+								LOG.info("Closing unwanted socket");
-	@Override
+								s.close();
-	public boolean supportsKeyAgreement() {
+							}
-		return true;
+						}
+					} catch (InterruptedException e) {
+						LOG.info("Interrupted while closing sockets");
+						return;
+					} catch (ExecutionException | IOException e) {
+						if (LOG.isLoggable(INFO)) LOG.info(e.toString());
+					}
+				}
+			}
+		});
 	}
 
 	@Override
@@ -375,7 +382,7 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 		// No truncation necessary because COMMIT_LENGTH = 16
 		UUID uuid = UUID.nameUUIDFromBytes(commitment);
 		if (LOG.isLoggable(INFO)) LOG.info("Key agreement UUID " + uuid);
-		// Bind a server socket for receiving key agreement connections
+		// Bind a server socket for receiving invitation connections
 		BluetoothServerSocket ss;
 		try {
 			ss = adapter.listenUsingInsecureRfcommWithServiceRecord(
@@ -390,48 +397,6 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 		return new BluetoothKeyAgreementListener(descriptor, ss);
 	}
 
-	@Override
-	public DuplexTransportConnection createKeyAgreementConnection(
-			byte[] commitment, BdfList descriptor, long timeout) {
-		if (!isRunning()) return null;
-		String address;
-		try {
-			address = parseAddress(descriptor);
-		} catch (FormatException e) {
-			LOG.info("Invalid address in key agreement descriptor");
-			return null;
-		}
-		// No truncation necessary because COMMIT_LENGTH = 16
-		UUID uuid = UUID.nameUUIDFromBytes(commitment);
-		if (LOG.isLoggable(INFO))
-			LOG.info("Connecting to key agreement UUID " + uuid);
-		BluetoothSocket s = connect(address, uuid.toString());
-		if (s == null) return null;
-		return new DroidtoothTransportConnection(this, s);
-	}
-
-	private String parseAddress(BdfList descriptor) throws FormatException {
-		byte[] mac = descriptor.getRaw(1);
-		if (mac.length != 6) throw new FormatException();
-		return StringUtils.macToString(mac);
-	}
-
-	@Override
-	public void eventOccurred(Event e) {
-		if (e instanceof EnableBluetoothEvent) {
-			enableAdapterAsync();
-		} else if (e instanceof DisableBluetoothEvent) {
-			disableAdapterAsync();
-		}
-	}
-
-	private void enableAdapterAsync() {
-		ioExecutor.execute(this::enableAdapter);
-	}
-
-	private void disableAdapterAsync() {
-		ioExecutor.execute(this::disableAdapter);
-	}
 
 	private class BluetoothStateReceiver extends BroadcastReceiver {
 
@@ -443,7 +408,7 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 				bind();
 			} else if (state == STATE_OFF) {
 				LOG.info("Bluetooth disabled");
-				tryToClose(socket);
+				tryToClose((S)socket);
 			}
 			int scanMode = intent.getIntExtra(EXTRA_SCAN_MODE, 0);
 			if (scanMode == SCAN_MODE_NONE) {
@@ -456,6 +421,115 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 		}
 	}
 
+	private class DiscoveryTask implements Callable<BluetoothSocket> {
+
+		private final String uuid;
+
+		private DiscoveryTask(String uuid) {
+			this.uuid = uuid;
+		}
+
+		@Override
+		public BluetoothSocket call() throws Exception {
+			// Repeat discovery until we connect or get interrupted
+			while (true) {
+				// Discover nearby devices
+				LOG.info("Discovering nearby devices");
+				List<String> addresses = discoverDevices();
+				if (addresses.isEmpty()) {
+					LOG.info("No devices discovered");
+					continue;
+				}
+				// Connect to any device with the right UUID
+				for (String address : addresses) {
+					BluetoothSocket s = connect(address, uuid);
+					if (s != null) {
+						LOG.info("Outgoing connection");
+						return s;
+					}
+				}
+			}
+		}
+
+		private List<String> discoverDevices() throws InterruptedException {
+			IntentFilter filter = new IntentFilter();
+			filter.addAction(FOUND);
+			filter.addAction(DISCOVERY_FINISHED);
+			DiscoveryReceiver disco = new DiscoveryReceiver();
+			appContext.registerReceiver(disco, filter);
+			LOG.info("Starting discovery");
+			adapter.startDiscovery();
+			return disco.waitForAddresses();
+		}
+	}
+
+	private static class DiscoveryReceiver extends BroadcastReceiver {
+
+		private final CountDownLatch finished = new CountDownLatch(1);
+		private final List<String> addresses = new CopyOnWriteArrayList<>();
+
+		@Override
+		public void onReceive(Context ctx, Intent intent) {
+			String action = intent.getAction();
+			if (action.equals(DISCOVERY_FINISHED)) {
+				LOG.info("Discovery finished");
+				ctx.unregisterReceiver(this);
+				finished.countDown();
+			} else if (action.equals(FOUND)) {
+				BluetoothDevice d = intent.getParcelableExtra(EXTRA_DEVICE);
+				if (LOG.isLoggable(INFO)) {
+					LOG.info("Discovered device: " +
+							scrubMacAddress(d.getAddress()));
+				}
+				addresses.add(d.getAddress());
+			}
+		}
+
+		private List<String> waitForAddresses() throws InterruptedException {
+			finished.await();
+			List<String> shuffled = new ArrayList<>(addresses);
+			Collections.shuffle(shuffled);
+			return shuffled;
+		}
+	}
+
+	private static class ListeningTask implements Callable<BluetoothSocket> {
+
+		private final BluetoothServerSocket serverSocket;
+
+		private ListeningTask(BluetoothServerSocket serverSocket) {
+			this.serverSocket = serverSocket;
+		}
+
+		@Override
+		public BluetoothSocket call() throws IOException {
+			BluetoothSocket s = serverSocket.accept();
+			LOG.info("Incoming connection");
+			return s;
+		}
+	}
+
+	private static class ReadableTask implements Callable<BluetoothSocket> {
+
+		private final Callable<BluetoothSocket> connectionTask;
+
+		private ReadableTask(Callable<BluetoothSocket> connectionTask) {
+			this.connectionTask = connectionTask;
+		}
+
+		@Override
+		public BluetoothSocket call() throws Exception {
+			BluetoothSocket s = connectionTask.call();
+			InputStream in = s.getInputStream();
+			while (in.available() == 0) {
+				LOG.info("Waiting for data");
+				Thread.sleep(1000);
+			}
+			LOG.info("Data available");
+			return s;
+		}
+	}
+
 	private class BluetoothKeyAgreementListener extends KeyAgreementListener {
 
 		private final BluetoothServerSocket ss;
@@ -468,13 +542,16 @@ class DroidtoothPlugin implements DuplexPlugin, EventListener {
 
 		@Override
 		public Callable<KeyAgreementConnection> listen() {
-			return () -> {
+			return new Callable<KeyAgreementConnection>() {
-				BluetoothSocket s = ss.accept();
+				@Override
-				if (LOG.isLoggable(INFO))
+				public KeyAgreementConnection call() throws IOException {
-					LOG.info(ID.getString() + ": Incoming connection");
+					BluetoothSocket s = ss.accept();
-				return new KeyAgreementConnection(
+					if (LOG.isLoggable(INFO))
-						new DroidtoothTransportConnection(
+						LOG.info(ID.getString() + ": Incoming connection");
-								DroidtoothPlugin.this, s), ID);
+					return new KeyAgreementConnection(
+							new DroidtoothTransportConnection(
+									DroidtoothPlugin.this, s), ID);
+				}
 			};
 		}
 

bramble-android/src/main/java/org/briarproject/bramble/plugin/droidtooth/DroidtoothPluginFactory.java

@@ -2,7 +2,6 @@ package org.briarproject.bramble.plugin.droidtooth;
 
 import android.content.Context;
 
-import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.BackoffFactory;
@@ -32,18 +31,15 @@ public class DroidtoothPluginFactory implements DuplexPluginFactory {
 	private final AndroidExecutor androidExecutor;
 	private final Context appContext;
 	private final SecureRandom secureRandom;
-	private final EventBus eventBus;
 	private final BackoffFactory backoffFactory;
 
 	public DroidtoothPluginFactory(Executor ioExecutor,
 			AndroidExecutor androidExecutor, Context appContext,
-			SecureRandom secureRandom, EventBus eventBus,
+			SecureRandom secureRandom, BackoffFactory backoffFactory) {
-			BackoffFactory backoffFactory) {
 		this.ioExecutor = ioExecutor;
 		this.androidExecutor = androidExecutor;
 		this.appContext = appContext;
 		this.secureRandom = secureRandom;
-		this.eventBus = eventBus;
 		this.backoffFactory = backoffFactory;
 	}
 
@@ -61,10 +57,7 @@ public class DroidtoothPluginFactory implements DuplexPluginFactory {
 	public DuplexPlugin createPlugin(DuplexPluginCallback callback) {
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
-		DroidtoothPlugin plugin = new DroidtoothPlugin(ioExecutor,
+		return new DroidtoothPlugin(ioExecutor, androidExecutor, appContext,
-				androidExecutor, appContext, secureRandom, backoff, callback,
+				secureRandom, backoff, callback, MAX_LATENCY);
-				MAX_LATENCY);
-		eventBus.addListener(plugin);
-		return plugin;
 	}
 }

bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/TorPlugin.java

@@ -17,6 +17,7 @@ import net.freehaven.tor.control.EventHandler;
 import net.freehaven.tor.control.TorControlConnection;
 
 import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.crypto.PseudoRandom;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.event.Event;
 import org.briarproject.bramble.api.event.EventListener;
@@ -55,7 +56,6 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
-import java.util.Map.Entry;
 import java.util.Scanner;
 import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.Executor;
@@ -85,13 +85,13 @@ import static org.briarproject.bramble.api.plugin.TorConstants.PREF_TOR_NETWORK_
 import static org.briarproject.bramble.api.plugin.TorConstants.PREF_TOR_NETWORK_NEVER;
 import static org.briarproject.bramble.api.plugin.TorConstants.PREF_TOR_NETWORK_WIFI;
 import static org.briarproject.bramble.api.plugin.TorConstants.PREF_TOR_PORT;
-import static org.briarproject.bramble.api.plugin.TorConstants.PROP_ONION;
 import static org.briarproject.bramble.util.PrivacyUtils.scrubOnion;
 
 @MethodsNotNullByDefault
 @ParametersNotNullByDefault
 class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 
+	private static final String PROP_ONION = "onion";
 	private static final String[] EVENTS = {
 			"CIRC", "ORCONN", "HS_DESC", "NOTICE", "WARN", "ERR"
 	};
@@ -149,8 +149,7 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		cookieFile = new File(torDirectory, ".tor/control_auth_cookie");
 		Object o = appContext.getSystemService(POWER_SERVICE);
 		PowerManager pm = (PowerManager) o;
-		// This tag will prevent Huawei's powermanager from killing us.
+		wakeLock = pm.newWakeLock(PARTIAL_WAKE_LOCK, "TorPlugin");
-		wakeLock = pm.newWakeLock(PARTIAL_WAKE_LOCK, "LocationManagerService");
 		wakeLock.setReferenceCounted(false);
 	}
 
@@ -370,45 +369,57 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}
 
 	private void sendDevReports() {
-		ioExecutor.execute(() -> {
+		ioExecutor.execute(new Runnable() {
-			// TODO: Trigger this with a TransportEnabledEvent
+			@Override
-			File reportDir = AndroidUtils.getReportDir(appContext);
+			public void run() {
-			reporter.sendReports(reportDir);
+				// TODO: Trigger this with a TransportEnabledEvent
+				File reportDir = AndroidUtils.getReportDir(appContext);
+				reporter.sendReports(reportDir);
+			}
 		});
 	}
 
 	private void bind() {
-		ioExecutor.execute(() -> {
+		ioExecutor.execute(new Runnable() {
-			// If there's already a port number stored in config, reuse it
+			@Override
-			String portString = callback.getSettings().get(PREF_TOR_PORT);
+			public void run() {
-			int port;
+				// If there's already a port number stored in config, reuse it
-			if (StringUtils.isNullOrEmpty(portString)) port = 0;
+				String portString = callback.getSettings().get(PREF_TOR_PORT);
-			else port = Integer.parseInt(portString);
+				int port;
-			// Bind a server socket to receive connections from Tor
+				if (StringUtils.isNullOrEmpty(portString)) port = 0;
-			ServerSocket ss = null;
+				else port = Integer.parseInt(portString);
-			try {
+				// Bind a server socket to receive connections from Tor
-				ss = new ServerSocket();
+				ServerSocket ss = null;
-				ss.bind(new InetSocketAddress("127.0.0.1", port));
+				try {
-			} catch (IOException e) {
+					ss = new ServerSocket();
-				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+					ss.bind(new InetSocketAddress("127.0.0.1", port));
-				tryToClose(ss);
+				} catch (IOException e) {
-				return;
+					if (LOG.isLoggable(WARNING))
+						LOG.log(WARNING, e.toString(), e);
+					tryToClose(ss);
+					return;
+				}
+				if (!running) {
+					tryToClose(ss);
+					return;
+				}
+				socket = ss;
+				// Store the port number
+				final String localPort = String.valueOf(ss.getLocalPort());
+				Settings s = new Settings();
+				s.put(PREF_TOR_PORT, localPort);
+				callback.mergeSettings(s);
+				// Create a hidden service if necessary
+				ioExecutor.execute(new Runnable() {
+					@Override
+					public void run() {
+						publishHiddenService(localPort);
+					}
+				});
+				backoff.reset();
+				// Accept incoming hidden service connections from Tor
+				acceptContactConnections(ss);
 			}
-			if (!running) {
-				tryToClose(ss);
-				return;
-			}
-			socket = ss;
-			// Store the port number
-			String localPort = String.valueOf(ss.getLocalPort());
-			Settings s = new Settings();
-			s.put(PREF_TOR_PORT, localPort);
-			callback.mergeSettings(s);
-			// Create a hidden service if necessary
-			ioExecutor.execute(() -> publishHiddenService(localPort));
-			backoff.reset();
-			// Accept incoming hidden service connections from Tor
-			acceptContactConnections(ss);
 		});
 	}
 
@@ -528,21 +539,20 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	public void poll(Collection<ContactId> connected) {
 		if (!isRunning()) return;
 		backoff.increment();
-		Map<ContactId, TransportProperties> remote =
+		// TODO: Pass properties to connectAndCallBack()
-				callback.getRemoteProperties();
+		for (ContactId c : callback.getRemoteProperties().keySet())
-		for (Entry<ContactId, TransportProperties> e : remote.entrySet()) {
+			if (!connected.contains(c)) connectAndCallBack(c);
-			ContactId c = e.getKey();
-			if (!connected.contains(c)) connectAndCallBack(c, e.getValue());
-		}
 	}
 
-	private void connectAndCallBack(ContactId c, TransportProperties p) {
+	private void connectAndCallBack(final ContactId c) {
-		ioExecutor.execute(() -> {
+		ioExecutor.execute(new Runnable() {
-			if (!isRunning()) return;
+			@Override
-			DuplexTransportConnection d = createConnection(p);
+			public void run() {
-			if (d != null) {
+				DuplexTransportConnection d = createConnection(c);
-				backoff.reset();
+				if (d != null) {
-				callback.outgoingConnectionCreated(c, d);
+					backoff.reset();
+					callback.outgoingConnectionCreated(c, d);
+				}
 			}
 		});
 	}
@@ -550,11 +560,8 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	@Override
 	public DuplexTransportConnection createConnection(ContactId c) {
 		if (!isRunning()) return null;
-		return createConnection(callback.getRemoteProperties(c));
+		TransportProperties p = callback.getRemoteProperties().get(c);
-	}
+		if (p == null) return null;
-
-	@Nullable
-	private DuplexTransportConnection createConnection(TransportProperties p) {
 		String onion = p.get(PROP_ONION);
 		if (StringUtils.isNullOrEmpty(onion)) return null;
 		if (!ONION.matcher(onion).matches()) {
@@ -582,6 +589,17 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		}
 	}
 
+	@Override
+	public boolean supportsInvitations() {
+		return false;
+	}
+
+	@Override
+	public DuplexTransportConnection createInvitationConnection(PseudoRandom r,
+			long timeout, boolean alice) {
+		throw new UnsupportedOperationException();
+	}
+
 	@Override
 	public boolean supportsKeyAgreement() {
 		return false;
@@ -675,43 +693,48 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}
 
 	private void updateConnectionStatus() {
-		ioExecutor.execute(() -> {
+		ioExecutor.execute(new Runnable() {
-			if (!running) return;
+			@Override
+			public void run() {
+				if (!running) return;
 
-			Object o = appContext.getSystemService(CONNECTIVITY_SERVICE);
+				Object o = appContext.getSystemService(CONNECTIVITY_SERVICE);
-			ConnectivityManager cm = (ConnectivityManager) o;
+				ConnectivityManager cm = (ConnectivityManager) o;
-			NetworkInfo net = cm.getActiveNetworkInfo();
+				NetworkInfo net = cm.getActiveNetworkInfo();
-			boolean online = net != null && net.isConnected();
+				boolean online = net != null && net.isConnected();
-			boolean wifi = online && net.getType() == TYPE_WIFI;
+				boolean wifi = online && net.getType() == TYPE_WIFI;
-			String country = locationUtils.getCurrentCountry();
+				String country = locationUtils.getCurrentCountry();
-			boolean blocked = TorNetworkMetadata.isTorProbablyBlocked(
+				boolean blocked = TorNetworkMetadata.isTorProbablyBlocked(
-					country);
+						country);
-			Settings s = callback.getSettings();
+				Settings s = callback.getSettings();
-			int network = s.getInt(PREF_TOR_NETWORK, PREF_TOR_NETWORK_ALWAYS);
+				int network = s.getInt(PREF_TOR_NETWORK,
+						PREF_TOR_NETWORK_ALWAYS);
 
-			if (LOG.isLoggable(INFO)) {
+				if (LOG.isLoggable(INFO)) {
-				LOG.info("Online: " + online + ", wifi: " + wifi);
+					LOG.info("Online: " + online + ", wifi: " + wifi);
-				if ("".equals(country)) LOG.info("Country code unknown");
+					if ("".equals(country)) LOG.info("Country code unknown");
-				else LOG.info("Country code: " + country);
+					else LOG.info("Country code: " + country);
-			}
+				}
-
+
-			try {
+				try {
-				if (!online) {
+					if (!online) {
-					LOG.info("Disabling network, device is offline");
+						LOG.info("Disabling network, device is offline");
-					enableNetwork(false);
+						enableNetwork(false);
-				} else if (blocked) {
+					} else if (blocked) {
-					LOG.info("Disabling network, country is blocked");
+						LOG.info("Disabling network, country is blocked");
-					enableNetwork(false);
+						enableNetwork(false);
-				} else if (network == PREF_TOR_NETWORK_NEVER
+					} else if (network == PREF_TOR_NETWORK_NEVER
-						|| (network == PREF_TOR_NETWORK_WIFI && !wifi)) {
+							|| (network == PREF_TOR_NETWORK_WIFI && !wifi)) {
-					LOG.info("Disabling network due to data setting");
+						LOG.info("Disabling network due to data setting");
-					enableNetwork(false);
+						enableNetwork(false);
-				} else {
+					} else {
-					LOG.info("Enabling network");
+						LOG.info("Enabling network");
-					enableNetwork(true);
+						enableNetwork(true);
+					}
+				} catch (IOException e) {
+					if (LOG.isLoggable(WARNING))
+						LOG.log(WARNING, e.toString(), e);
 				}
-			} catch (IOException e) {
-				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 			}
 		});
 	}

bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/TorTransportConnection.java

@@ -3,7 +3,6 @@ package org.briarproject.bramble.plugin.tor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.duplex.AbstractDuplexTransportConnection;
-import org.briarproject.bramble.util.IoUtils;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -22,12 +21,12 @@ class TorTransportConnection extends AbstractDuplexTransportConnection {
 
 	@Override
 	protected InputStream getInputStream() throws IOException {
-		return IoUtils.getInputStream(socket);
+		return socket.getInputStream();
 	}
 
 	@Override
 	protected OutputStream getOutputStream() throws IOException {
-		return IoUtils.getOutputStream(socket);
+		return socket.getOutputStream();
 	}
 
 	@Override

bramble-android/src/main/java/org/briarproject/bramble/system/AndroidExecutorImpl.java

@@ -27,11 +27,14 @@ class AndroidExecutorImpl implements AndroidExecutor {
 	@Inject
 	AndroidExecutorImpl(Application app) {
 		uiHandler = new Handler(app.getApplicationContext().getMainLooper());
-		loop = () -> {
+		loop = new Runnable() {
-			Looper.prepare();
+			@Override
-			backgroundHandler = new Handler();
+			public void run() {
-			startLatch.countDown();
+				Looper.prepare();
-			Looper.loop();
+				backgroundHandler = new Handler();
+				startLatch.countDown();
+				Looper.loop();
+			}
 		};
 	}
 

bramble-api/build.gradle

@@ -1,39 +1,30 @@
-apply plugin: 'java-library'
+apply plugin: 'java'
-sourceCompatibility = 1.8
+sourceCompatibility = 1.6
-targetCompatibility = 1.8
+targetCompatibility = 1.6
 
 apply plugin: 'witness'
 
 dependencies {
-	implementation "com.google.dagger:dagger:2.0.2"
+	compile "com.google.dagger:dagger:2.0.2"
-	implementation 'com.google.code.findbugs:jsr305:3.0.2'
+	compile 'com.google.dagger:dagger-compiler:2.0.2'
+	compile 'com.google.code.findbugs:jsr305:3.0.1'
 
-	testImplementation 'junit:junit:4.12'
+	testCompile 'junit:junit:4.12'
-	testImplementation "org.jmock:jmock:2.8.2"
+	testCompile "org.jmock:jmock:2.8.1"
-	testImplementation "org.jmock:jmock-junit4:2.8.2"
+	testCompile "org.jmock:jmock-junit4:2.8.1"
-	testImplementation "org.jmock:jmock-legacy:2.8.2"
+	testCompile "org.jmock:jmock-legacy:2.8.1"
-	testImplementation "org.hamcrest:hamcrest-library:1.3"
+	testCompile "org.hamcrest:hamcrest-library:1.3"
-	testImplementation "org.hamcrest:hamcrest-core:1.3"
+	testCompile "org.hamcrest:hamcrest-core:1.3"
 }
 
 dependencyVerification {
 	verify = [
-			'cglib:cglib:3.2.0:cglib-3.2.0.jar:adb13bab79712ad6bdf1bd59f2a3918018a8016e722e8a357065afb9e6690861',
+			'com.google.dagger:dagger:84c0282ed8be73a29e0475d639da030b55dee72369e58dd35ae7d4fe6243dcf9',
-			'com.google.code.findbugs:jsr305:3.0.2:jsr305-3.0.2.jar:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7',
+			'com.google.dagger:dagger-compiler:b74bc9de063dd4c6400b232231f2ef5056145b8fbecbf5382012007dd1c071b3',
-			'com.google.dagger:dagger:2.0.2:dagger-2.0.2.jar:84c0282ed8be73a29e0475d639da030b55dee72369e58dd35ae7d4fe6243dcf9',
+			'com.google.code.findbugs:jsr305:c885ce34249682bc0236b4a7d56efcc12048e6135a5baf7a9cde8ad8cda13fcd',
-			'javax.inject:javax.inject:1:javax.inject-1.jar:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff',
+			'javax.inject:javax.inject:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff',
-			'junit:junit:4.12:junit-4.12.jar:59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a',
+			'com.google.dagger:dagger-producers:99ec15e8a0507ba569e7655bc1165ee5e5ca5aa914b3c8f7e2c2458f724edd6b',
-			'org.apache.ant:ant-launcher:1.9.4:ant-launcher-1.9.4.jar:7bccea20b41801ca17bcbc909a78c835d0f443f12d639c77bd6ae3d05861608d',
+			'com.google.guava:guava:d664fbfc03d2e5ce9cab2a44fb01f1d0bf9dfebeccc1a473b1f9ea31f79f6f99',
-			'org.apache.ant:ant:1.9.4:ant-1.9.4.jar:649ae0730251de07b8913f49286d46bba7b92d47c5f332610aa426c4f02161d8',
-			'org.beanshell:bsh:1.3.0:bsh-1.3.0.jar:9b04edc75d19db54f1b4e8b5355e9364384c6cf71eb0a1b9724c159d779879f8',
-			'org.hamcrest:hamcrest-core:1.3:hamcrest-core-1.3.jar:66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9',
-			'org.hamcrest:hamcrest-library:1.3:hamcrest-library-1.3.jar:711d64522f9ec410983bd310934296da134be4254a125080a0416ec178dfad1c',
-			'org.jmock:jmock-junit4:2.8.2:jmock-junit4-2.8.2.jar:f7ee4df4f7bd7b7f1cafad3b99eb74d579f109d5992ff625347352edb55e674c',
-			'org.jmock:jmock-legacy:2.8.2:jmock-legacy-2.8.2.jar:f2b985a5c08a9edb7f37612330c058809da3f6a6d63ce792426ebf8ff0d6d31b',
-			'org.jmock:jmock-testjar:2.8.2:jmock-testjar-2.8.2.jar:8900860f72c474e027cf97fe78dcbf154a1aa7fc62b6845c5fb4e4f3c7bc8760',
-			'org.jmock:jmock:2.8.2:jmock-2.8.2.jar:6c73cb4a2e6dbfb61fd99c9a768539c170ab6568e57846bd60dbf19596b65b16',
-			'org.objenesis:objenesis:2.1:objenesis-2.1.jar:c74330cc6b806c804fd37e74487b4fe5d7c2750c5e15fbc6efa13bdee1bdef80',
-			'org.ow2.asm:asm:5.0.4:asm-5.0.4.jar:896618ed8ae62702521a78bc7be42b7c491a08e6920a15f89a3ecdec31e9a220',
 	]
 }
 
@@ -48,8 +39,3 @@ task jarTest(type: Jar, dependsOn: testClasses) {
 artifacts {
 	testOutput jarTest
 }
-
-// If a Java 6 JRE is available, check we're not using any Java 7 or 8 APIs
-tasks.withType(JavaCompile) {
-	useJava6StandardLibrary(it)
-}

bramble-api/src/main/java/org/briarproject/bramble/api/Bytes.java

@@ -1,7 +1,6 @@
 package org.briarproject.bramble.api;
 
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.util.StringUtils;
 
 import java.util.Arrays;
 import java.util.Comparator;
@@ -54,12 +53,6 @@ public class Bytes implements Comparable<Bytes> {
 		return aBytes.length - bBytes.length;
 	}
 
-	@Override
-	public String toString() {
-		return getClass().getSimpleName() +
-				"(" + StringUtils.toHexString(getBytes()) + ")";
-	}
-
 	public static class BytesComparator implements Comparator<Bytes> {
 
 		@Override

bramble-api/src/main/java/org/briarproject/bramble/api/client/BdfMessageContext.java

@@ -23,7 +23,7 @@ public class BdfMessageContext {
 	}
 
 	public BdfMessageContext(BdfDictionary dictionary) {
-		this(dictionary, Collections.emptyList());
+		this(dictionary, Collections.<MessageId>emptyList());
 	}
 
 	public BdfDictionary getDictionary() {

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java

@@ -10,6 +10,8 @@ public interface CryptoComponent {
 
 	SecretKey generateSecretKey();
 
+	PseudoRandom getPseudoRandom(int seed1, int seed2);
+
 	SecureRandom getSecureRandom();
 
 	KeyPair generateAgreementKeyPair();
@@ -22,6 +24,15 @@ public interface CryptoComponent {
 
 	KeyParser getMessageKeyParser();
 
+	/** Generates a random invitation code. */
+	int generateBTInvitationCode();
+
+	/**
+	 * Derives a confirmation code from the given master secret.
+	 * @param alice whether the code is for use by Alice or Bob.
+	 */
+	int deriveBTConfirmationCode(SecretKey master, boolean alice);
+
 	/**
 	 * Derives a stream header key from the given master secret.
 	 * @param alice whether the key is for use by Alice or Bob.
@@ -126,8 +137,7 @@ public interface CryptoComponent {
 	TransportKeys rotateTransportKeys(TransportKeys k, long rotationPeriod);
 
 	/** Encodes the pseudo-random tag that is used to recognise a stream. */
-	void encodeTag(byte[] tag, SecretKey tagKey, int protocolVersion,
+	void encodeTag(byte[] tag, SecretKey tagKey, long streamNumber);
-			long streamNumber);
 
 	/**
 	 * Signs the given byte[] with the given PrivateKey.

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/PseudoRandom.java

@@ -0,0 +1,12 @@
+package org.briarproject.bramble.api.crypto;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+/**
+ * A deterministic pseudo-random number generator.
+ */
+@NotNullByDefault
+public interface PseudoRandom {
+
+	byte[] nextBytes(int bytes);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/StreamDecrypterFactory.java

@@ -14,9 +14,8 @@ public interface StreamDecrypterFactory {
 	StreamDecrypter createStreamDecrypter(InputStream in, StreamContext ctx);
 
 	/**
-	 * Creates a {@link StreamDecrypter} for decrypting a contact exchange
+	 * Creates a {@link StreamDecrypter} for decrypting an invitation stream.
-	 * stream.
 	 */
-	StreamDecrypter createContactExchangeStreamDecrypter(InputStream in,
+	StreamDecrypter createInvitationStreamDecrypter(InputStream in,
 			SecretKey headerKey);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/StreamEncrypterFactory.java

@@ -14,9 +14,8 @@ public interface StreamEncrypterFactory {
 	StreamEncrypter createStreamEncrypter(OutputStream out, StreamContext ctx);
 
 	/**
-	 * Creates a {@link StreamEncrypter} for encrypting a contact exchange
+	 * Creates a {@link StreamEncrypter} for encrypting an invitation stream.
-	 * stream.
 	 */
-	StreamEncrypter createContactExchangeStreamDecrypter(OutputStream out,
+	StreamEncrypter createInvitationStreamEncrypter(OutputStream out,
 			SecretKey headerKey);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/data/BdfDictionary.java

@@ -4,14 +4,11 @@ import org.briarproject.bramble.api.Bytes;
 import org.briarproject.bramble.api.FormatException;
 
 import java.util.Map;
-import java.util.Map.Entry;
+import java.util.concurrent.ConcurrentSkipListMap;
-import java.util.TreeMap;
 
 import javax.annotation.Nullable;
-import javax.annotation.concurrent.NotThreadSafe;
 
-@NotThreadSafe
+public class BdfDictionary extends ConcurrentSkipListMap<String, Object> {
-public class BdfDictionary extends TreeMap<String, Object> {
 
 	public static final Object NULL_VALUE = new Object();
 

bramble-api/src/main/java/org/briarproject/bramble/api/data/BdfList.java

@@ -3,17 +3,15 @@ package org.briarproject.bramble.api.data;
 import org.briarproject.bramble.api.Bytes;
 import org.briarproject.bramble.api.FormatException;
 
-import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Vector;
 
 import javax.annotation.Nullable;
-import javax.annotation.concurrent.NotThreadSafe;
 
 import static org.briarproject.bramble.api.data.BdfDictionary.NULL_VALUE;
 
-@NotThreadSafe
+public class BdfList extends Vector<Object> {
-public class BdfList extends ArrayList<Object> {
 
 	/**
 	 * Factory method for constructing lists inline.

bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseComponent.java

@@ -122,9 +122,8 @@ public interface DatabaseComponent {
 			throws DbException;
 
 	/**
-	 * Deletes the message with the given ID. Unlike
+	 * Deletes the message with the given ID. The message ID and any other
-	 * {@link #removeMessage(Transaction, MessageId)}, the message ID and any
+	 * associated data are not deleted.
-	 * other associated data are not deleted.
 	 */
 	void deleteMessage(Transaction txn, MessageId m) throws DbException;
 
@@ -453,11 +452,6 @@ public interface DatabaseComponent {
 	 */
 	void removeLocalAuthor(Transaction txn, AuthorId a) throws DbException;
 
-	/**
-	 * Removes a message (and all associated state) from the database.
-	 */
-	void removeMessage(Transaction txn, MessageId m) throws DbException;
-
 	/**
 	 * Removes a transport (and all associated state) from the database.
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/db/Metadata.java

@@ -1,11 +1,11 @@
 package org.briarproject.bramble.api.db;
 
-import java.util.TreeMap;
+import java.util.Hashtable;
 
-import javax.annotation.concurrent.NotThreadSafe;
+import javax.annotation.concurrent.ThreadSafe;
 
-@NotThreadSafe
+@ThreadSafe
-public class Metadata extends TreeMap<String, byte[]> {
+public class Metadata extends Hashtable<String, byte[]> {
 
 	/**
 	 * Special value to indicate that a key is being removed.

bramble-api/src/main/java/org/briarproject/bramble/api/db/Transaction.java

@@ -45,7 +45,7 @@ public class Transaction {
 	 * committed.
 	 */
 	public void attach(Event e) {
-		if (events == null) events = new ArrayList<>();
+		if (events == null) events = new ArrayList<Event>();
 		events.add(e);
 	}
 

bramble-api/src/main/java/org/briarproject/bramble/api/invitation/InvitationConstants.java

@@ -0,0 +1,20 @@
+package org.briarproject.bramble.api.invitation;
+
+public interface InvitationConstants {
+
+	/**
+	 * The connection timeout in milliseconds.
+	 */
+	long CONNECTION_TIMEOUT = 60 * 1000;
+
+	/**
+	 * The confirmation timeout in milliseconds.
+	 */
+	long CONFIRMATION_TIMEOUT = 60 * 1000;
+
+	/**
+	 * The number of bits in an invitation or confirmation code. Codes must fit
+	 * into six decimal digits.
+	 */
+	int CODE_BITS = 19;
+}

bramble-api/src/main/java/org/briarproject/bramble/api/invitation/InvitationListener.java

@@ -0,0 +1,47 @@
+package org.briarproject.bramble.api.invitation;
+
+/**
+ * An interface for receiving updates about the state of an
+ * {@link InvitationTask}.
+ */
+public interface InvitationListener {
+
+	/** Called if a connection to the remote peer is established. */
+	void connectionSucceeded();
+
+	/**
+	 * Called if a connection to the remote peer cannot be established. This
+	 * indicates that the protocol has ended unsuccessfully.
+	 */
+	void connectionFailed();
+
+	/** Called if key agreement with the remote peer succeeds. */
+	void keyAgreementSucceeded(int localCode, int remoteCode);
+
+	/**
+	 * Called if key agreement with the remote peer fails or the connection is
+	 * lost. This indicates that the protocol has ended unsuccessfully.
+	 */
+	void keyAgreementFailed();
+
+	/** Called if the remote peer's confirmation check succeeds. */
+	void remoteConfirmationSucceeded();
+
+	/**
+	 * Called if remote peer's confirmation check fails or the connection is
+	 * lost. This indicates that the protocol has ended unsuccessfully.
+	 */
+	void remoteConfirmationFailed();
+
+	/**
+	 * Called if the exchange of pseudonyms succeeds. This indicates that the
+	 * protocol has ended successfully.
+	 */
+	void pseudonymExchangeSucceeded(String remoteName);
+
+	/**
+	 * Called if the exchange of pseudonyms fails or the connection is lost.
+	 * This indicates that the protocol has ended unsuccessfully.
+	 */
+	void pseudonymExchangeFailed();
+}

bramble-api/src/main/java/org/briarproject/bramble/api/invitation/InvitationState.java

@@ -0,0 +1,85 @@
+package org.briarproject.bramble.api.invitation;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.Nullable;
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * A snapshot of the state of an {@link InvitationTask}.
+ */
+@Immutable
+@NotNullByDefault
+public class InvitationState {
+
+	private final int localInvitationCode, remoteInvitationCode;
+	private final int localConfirmationCode, remoteConfirmationCode;
+	private final boolean connected, connectionFailed;
+	private final boolean localCompared, remoteCompared;
+	private final boolean localMatched, remoteMatched;
+	@Nullable
+	private final String contactName;
+
+	public InvitationState(int localInvitationCode, int remoteInvitationCode,
+			int localConfirmationCode, int remoteConfirmationCode,
+			boolean connected, boolean connectionFailed, boolean localCompared,
+			boolean remoteCompared, boolean localMatched,
+			boolean remoteMatched, @Nullable String contactName) {
+		this.localInvitationCode = localInvitationCode;
+		this.remoteInvitationCode = remoteInvitationCode;
+		this.localConfirmationCode = localConfirmationCode;
+		this.remoteConfirmationCode = remoteConfirmationCode;
+		this.connected = connected;
+		this.connectionFailed = connectionFailed;
+		this.localCompared = localCompared;
+		this.remoteCompared = remoteCompared;
+		this.localMatched = localMatched;
+		this.remoteMatched = remoteMatched;
+		this.contactName = contactName;
+	}
+
+	public int getLocalInvitationCode() {
+		return localInvitationCode;
+	}
+
+	public int getRemoteInvitationCode() {
+		return remoteInvitationCode;
+	}
+
+	public int getLocalConfirmationCode() {
+		return localConfirmationCode;
+	}
+
+	public int getRemoteConfirmationCode() {
+		return remoteConfirmationCode;
+	}
+
+	public boolean getConnected() {
+		return connected;
+	}
+
+	public boolean getConnectionFailed() {
+		return connectionFailed;
+	}
+
+	public boolean getLocalCompared() {
+		return localCompared;
+	}
+
+	public boolean getRemoteCompared() {
+		return remoteCompared;
+	}
+
+	public boolean getLocalMatched() {
+		return localMatched;
+	}
+
+	public boolean getRemoteMatched() {
+		return remoteMatched;
+	}
+
+	@Nullable
+	public String getContactName() {
+		return contactName;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/invitation/InvitationTask.java

@@ -0,0 +1,38 @@
+package org.briarproject.bramble.api.invitation;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+/**
+ * A task for exchanging invitations with a remote peer.
+ */
+@NotNullByDefault
+public interface InvitationTask {
+
+	/**
+	 * Adds a listener to be informed of state changes and returns the
+	 * task's current state.
+	 */
+	InvitationState addListener(InvitationListener l);
+
+	/**
+	 * Removes the given listener.
+	 */
+	void removeListener(InvitationListener l);
+
+	/**
+	 * Asynchronously starts the connection process.
+	 */
+	void connect();
+
+	/**
+	 * Asynchronously informs the remote peer that the local peer's
+	 * confirmation codes matched.
+	 */
+	void localConfirmationSucceeded();
+
+	/**
+	 * Asynchronously informs the remote peer that the local peer's
+	 * confirmation codes did not match.
+	 */
+	void localConfirmationFailed();
+}

bramble-api/src/main/java/org/briarproject/bramble/api/invitation/InvitationTaskFactory.java

@@ -0,0 +1,15 @@
+package org.briarproject.bramble.api.invitation;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+/**
+ * Creates tasks for exchanging invitations with remote peers.
+ */
+@NotNullByDefault
+public interface InvitationTaskFactory {
+
+	/**
+	 * Creates a task using the given local and remote invitation codes.
+	 */
+	InvitationTask createTask(int localCode, int remoteCode);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/LanTcpConstants.java

@@ -4,10 +4,5 @@ public interface LanTcpConstants {
 
 	TransportId ID = new TransportId("org.briarproject.bramble.lan");
 
-	// a transport property (shared with contacts)
-	String PROP_IP_PORTS = "ipPorts";
-
-	// a local setting
 	String PREF_LAN_IP_PORTS = "ipPorts";
-
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginCallback.java

@@ -29,11 +29,6 @@ public interface PluginCallback {
 	 */
 	Map<ContactId, TransportProperties> getRemoteProperties();
 
-	/**
-	 * Returns the plugin's remote transport properties for the given contact.
-	 */
-	TransportProperties getRemoteProperties(ContactId c);
-
 	/**
 	 * Merges the given settings with the namespaced settings
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginManager.java

@@ -32,6 +32,11 @@ public interface PluginManager {
 	 */
 	Collection<DuplexPlugin> getDuplexPlugins();
 
+	/**
+	 * Returns any duplex plugins that support invitations.
+	 */
+	Collection<DuplexPlugin> getInvitationPlugins();
+
 	/**
 	 * Returns any duplex plugins that support key agreement.
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/TorConstants.java

@@ -4,8 +4,6 @@ public interface TorConstants {
 
 	TransportId ID = new TransportId("org.briarproject.bramble.tor");
 
-	String PROP_ONION = "onion";
-
 	int SOCKS_PORT = 59050;
 	int CONTROL_PORT = 59051;
 
@@ -18,5 +16,4 @@ public interface TorConstants {
 	int PREF_TOR_NETWORK_NEVER = 0;
 	int PREF_TOR_NETWORK_WIFI = 1;
 	int PREF_TOR_NETWORK_ALWAYS = 2;
-
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/AbstractBluetoothPlugin.java

@@ -0,0 +1,190 @@
+package org.briarproject.bramble.api.plugin.duplex;
+
+import org.briarproject.bramble.api.FormatException;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.data.BdfList;
+import org.briarproject.bramble.api.plugin.Backoff;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
+import org.briarproject.bramble.api.properties.TransportProperties;
+import org.briarproject.bramble.util.StringUtils;
+
+import static java.util.logging.Level.INFO;
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.api.plugin.BluetoothConstants.ID;
+import static org.briarproject.bramble.api.plugin.BluetoothConstants.PROP_ADDRESS;
+import static org.briarproject.bramble.api.plugin.BluetoothConstants.PROP_UUID;
+import static org.briarproject.bramble.api.plugin.BluetoothConstants.UUID_BYTES;
+
+import java.io.IOException;
+import java.security.SecureRandom;
+import java.util.Collection;
+import java.util.Map;
+import java.util.UUID;
+import java.util.concurrent.Executor;
+import java.util.logging.Logger;
+
+import javax.annotation.Nullable;
+
+/**
+ * Created by Santiago Torres-Arias on 1/10/17.
+ */
+
+public abstract class AbstractBluetoothPlugin<C, S> implements DuplexPlugin {
+
+	private static final Logger LOG =
+			Logger.getLogger("Halp");
+
+	protected final Executor ioExecutor;
+	protected final SecureRandom secureRandom;
+	protected final Backoff backoff;
+	protected final int maxLatency;
+	protected final DuplexPluginCallback callback;
+	protected final S ss = null;
+
+	protected volatile boolean running = false;
+
+	protected Runnable pollRunnable = null;
+
+	public AbstractBluetoothPlugin(Executor ioExecutor,
+			SecureRandom secureRandom,
+			Backoff backoff, int maxLatency,
+			DuplexPluginCallback callback) {
+		this.ioExecutor = ioExecutor;
+		this.secureRandom = secureRandom;
+		this.backoff = backoff;
+		this.maxLatency = maxLatency;
+		this.callback = callback;
+	}
+
+	@Override
+	public boolean supportsInvitations() {
+		return true;
+	}
+
+	@Override
+	public boolean supportsKeyAgreement() {
+		return true;
+	}
+
+	@Override
+	public boolean isRunning() {
+		return running;
+	}
+
+	@Override
+	public boolean shouldPoll() {
+		return true;
+	}
+
+	@Override
+	public int getPollingInterval() {
+		return backoff.getPollingInterval();
+	}
+
+	protected String getUuid() {
+		String uuid = callback.getLocalProperties().get(PROP_UUID);
+		if (uuid == null) {
+			byte[] random = new byte[UUID_BYTES];
+			secureRandom.nextBytes(random);
+			uuid = UUID.nameUUIDFromBytes(random).toString();
+			TransportProperties p = new TransportProperties();
+			p.put(PROP_UUID, uuid);
+			callback.mergeLocalProperties(p);
+		}
+		return uuid;
+	}
+
+	@Override
+	public TransportId getId() {
+		return ID;
+	}
+
+	@Override
+	public int getMaxLatency() {
+		return maxLatency;
+	}
+
+	@Override
+	public int getMaxIdleTime() {
+		// Bluetooth detects dead connections so we don't need keepalives
+		return Integer.MAX_VALUE;
+	}
+
+	protected String parseAddress(BdfList descriptor) throws FormatException {
+		byte[] mac = descriptor.getRaw(1);
+		if (mac.length != 6) throw new FormatException();
+		return StringUtils.macToString(mac);
+	}
+
+	protected void tryToClose(@Nullable S ss) {
+		try {
+			if (ss != null) close(ss);
+		} catch (IOException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+		} finally {
+			callback.transportDisabled();
+		}
+	}
+
+	protected abstract void close(S ss) throws IOException;
+
+	public void stop() {
+		running = false;
+		tryToClose(ss);
+	}
+
+	@Override
+	public void poll(final Collection<ContactId> connected) {
+		if (!running) return;
+		backoff.increment();
+		// Try to connect to known devices in parallel
+		Map<ContactId, TransportProperties> remote =
+				callback.getRemoteProperties();
+		for (Map.Entry<ContactId, TransportProperties> e : remote.entrySet()) {
+			final ContactId c = e.getKey();
+			if (connected.contains(c)) continue;
+			final String address = e.getValue().get(PROP_ADDRESS);
+			if (StringUtils.isNullOrEmpty(address)) continue;
+			final String uuid = e.getValue().get(PROP_UUID);
+			if (StringUtils.isNullOrEmpty(uuid)) continue;
+			ioExecutor.execute(returnPollRunnable(address,uuid, c));
+		}
+	}
+
+	protected abstract Runnable returnPollRunnable(String address, String uuid,
+			ContactId c);
+
+	@Override
+	public DuplexTransportConnection createConnection(ContactId c) {
+		if (!isRunning()) return null;
+		TransportProperties p = callback.getRemoteProperties().get(c);
+		if (p == null) return null;
+		String address = p.get(PROP_ADDRESS);
+		if (StringUtils.isNullOrEmpty(address)) return null;
+		String uuid = p.get(PROP_UUID);
+		if (StringUtils.isNullOrEmpty(uuid)) return null;
+		return connectToAddress(address, uuid);
+	}
+
+	protected abstract DuplexTransportConnection connectToAddress(String address, String uuid);
+
+	@Override
+	public DuplexTransportConnection createKeyAgreementConnection(
+			byte[] commitment, BdfList descriptor, long timeout) {
+		if (!isRunning()) return null;
+		String address;
+		try {
+			address = parseAddress(descriptor);
+		} catch (FormatException e) {
+			LOG.info("Invalid address in key agreement descriptor");
+			return null;
+		}
+		// No truncation necessary because COMMIT_LENGTH = 16
+		String uuid = UUID.nameUUIDFromBytes(commitment).toString();
+		if (LOG.isLoggable(INFO))
+			LOG.info("Connecting to key agreement UUID " + uuid);
+		return connectToAddress(address, uuid);
+	}
+
+}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/DuplexPlugin.java

@@ -1,6 +1,7 @@
 package org.briarproject.bramble.api.plugin.duplex;
 
 import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.crypto.PseudoRandom;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementListener;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
@@ -22,6 +23,20 @@ public interface DuplexPlugin extends Plugin {
 	@Nullable
 	DuplexTransportConnection createConnection(ContactId c);
 
+	/**
+	 * Returns true if the plugin supports exchanging invitations.
+	 */
+	boolean supportsInvitations();
+
+	/**
+	 * Attempts to create and return an invitation connection to the remote
+	 * peer. Returns null if no connection can be established within the given
+	 * time.
+	 */
+	@Nullable
+	DuplexTransportConnection createInvitationConnection(PseudoRandom r,
+			long timeout, boolean alice);
+
 	/**
 	 * Returns true if the plugin supports short-range key agreement.
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/DisableBluetoothEvent.java

@@ -1,15 +0,0 @@
-package org.briarproject.bramble.api.plugin.event;
-
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * An event that asks the Bluetooth plugin to disable the Bluetooth adapter if
- * we previously enabled it.
- */
-@Immutable
-@NotNullByDefault
-public class DisableBluetoothEvent extends Event {
-}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/EnableBluetoothEvent.java

@@ -1,14 +0,0 @@
-package org.briarproject.bramble.api.plugin.event;
-
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * An event asks the Bluetooth plugin to enable the Bluetooth adapter.
- */
-@Immutable
-@NotNullByDefault
-public class EnableBluetoothEvent extends Event {
-}

bramble-api/src/main/java/org/briarproject/bramble/api/properties/TransportPropertyManager.java

@@ -33,7 +33,7 @@ public interface TransportPropertyManager {
 	/**
 	 * Returns the local transport properties for all transports.
 	 * <br/>
-	 * TODO: Transaction can be read-only when code is simplified
+	 * Read-Only
 	 */
 	Map<TransportId, TransportProperties> getLocalProperties(Transaction txn)
 			throws DbException;
@@ -49,13 +49,6 @@ public interface TransportPropertyManager {
 	Map<ContactId, TransportProperties> getRemoteProperties(TransportId t)
 			throws DbException;
 
-	/**
-	 * Returns the remote transport properties for the given contact and
-	 * transport.
-	 */
-	TransportProperties getRemoteProperties(ContactId c, TransportId t)
-			throws DbException;
-
 	/**
 	 * Merges the given properties with the existing local properties for the
 	 * given transport.

bramble-api/src/main/java/org/briarproject/bramble/api/sync/MessageContext.java

@@ -22,7 +22,7 @@ public class MessageContext {
 	}
 
 	public MessageContext(Metadata metadata) {
-		this(metadata, Collections.emptyList());
+		this(metadata, Collections.<MessageId>emptyList());
 	}
 
 	public Metadata getMetadata() {

bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamReaderFactory.java

@@ -15,9 +15,9 @@ public interface StreamReaderFactory {
 	InputStream createStreamReader(InputStream in, StreamContext ctx);
 
 	/**
-	 * Creates an {@link InputStream InputStream} for reading from a contact
+	 * Creates an {@link InputStream InputStream} for reading from an
-	 * exchangestream.
+	 * invitation stream.
 	 */
-	InputStream createContactExchangeStreamReader(InputStream in,
+	InputStream createInvitationStreamReader(InputStream in,
 			SecretKey headerKey);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamWriterFactory.java

@@ -15,9 +15,9 @@ public interface StreamWriterFactory {
 	OutputStream createStreamWriter(OutputStream out, StreamContext ctx);
 
 	/**
-	 * Creates an {@link OutputStream OutputStream} for writing to a contact
+	 * Creates an {@link OutputStream OutputStream} for writing to an
-	 * exchange stream.
+	 * invitation stream.
 	 */
-	OutputStream createContactExchangeStreamWriter(OutputStream out,
+	OutputStream createInvitationStreamWriter(OutputStream out,
 			SecretKey headerKey);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportConstants.java

@@ -4,11 +4,6 @@ import org.briarproject.bramble.api.crypto.SecretKey;
 
 public interface TransportConstants {
 
-	/**
-	 * The current version of the transport protocol.
-	 */
-	int PROTOCOL_VERSION = 3;
-
 	/**
 	 * The length of the pseudo-random tag in bytes.
 	 */
@@ -19,22 +14,21 @@ public interface TransportConstants {
 	 */
 	int STREAM_HEADER_NONCE_LENGTH = 24;
 
+	/**
+	 * The length of the stream header initialisation vector (IV) in bytes.
+	 */
+	int STREAM_HEADER_IV_LENGTH = STREAM_HEADER_NONCE_LENGTH - 8;
+
 	/**
 	 * The length of the message authentication code (MAC) in bytes.
 	 */
 	int MAC_LENGTH = 16;
 
-	/**
-	 * The length of the stream header plaintext in bytes. The stream header
-	 * contains the protocol version, stream number and frame key.
-	 */
-	int STREAM_HEADER_PLAINTEXT_LENGTH = 2 + 8 + SecretKey.LENGTH;
-
 	/**
 	 * The length of the stream header in bytes.
 	 */
-	int STREAM_HEADER_LENGTH = STREAM_HEADER_NONCE_LENGTH
+	int STREAM_HEADER_LENGTH = STREAM_HEADER_IV_LENGTH + SecretKey.LENGTH
-			+ STREAM_HEADER_PLAINTEXT_LENGTH + MAC_LENGTH;
+			+ MAC_LENGTH;
 
 	/**
 	 * The length of the frame nonce in bytes.

bramble-api/src/main/java/org/briarproject/bramble/util/IoUtils.java

@@ -8,7 +8,6 @@ import java.io.File;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.net.Socket;
 
 import javax.annotation.Nullable;
 
@@ -60,24 +59,4 @@ public class IoUtils {
 			offset += read;
 		}
 	}
-
-	// Workaround for a bug in Android 7, see
-	// https://android-review.googlesource.com/#/c/271775/
-	public static InputStream getInputStream(Socket s) throws IOException {
-		try {
-			return s.getInputStream();
-		} catch (NullPointerException e) {
-			throw new IOException(e);
-		}
-	}
-
-	// Workaround for a bug in Android 7, see
-	// https://android-review.googlesource.com/#/c/271775/
-	public static OutputStream getOutputStream(Socket s) throws IOException {
-		try {
-			return s.getOutputStream();
-		} catch (NullPointerException e) {
-			throw new IOException(e);
-		}
-	}
 }

bramble-api/src/main/java/org/briarproject/bramble/util/PrivacyUtils.java

@@ -19,7 +19,7 @@ public class PrivacyUtils {
 
 	@Nullable
 	public static String scrubMacAddress(@Nullable String address) {
-		if (address == null || address.length() == 0) return null;
+		if (address == null) return null;
 		// this is a fake address we need to know about
 		if (address.equals("02:00:00:00:00:00")) return address;
 		// keep first and last octet of MAC address

bramble-api/src/main/java/org/briarproject/bramble/util/StringUtils.java

@@ -8,7 +8,6 @@ import java.nio.charset.CharacterCodingException;
 import java.nio.charset.Charset;
 import java.nio.charset.CharsetDecoder;
 import java.util.Collection;
-import java.util.Random;
 import java.util.regex.Pattern;
 
 import javax.annotation.Nullable;
@@ -28,7 +27,6 @@ public class StringUtils {
 			'0', '1', '2', '3', '4', '5', '6', '7',
 			'8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
 	};
-	private static final Random random = new Random();
 
 	public static boolean isNullOrEmpty(@Nullable String s) {
 		return s == null || s.length() == 0;
@@ -141,12 +139,4 @@ public class StringUtils {
 		}
 		return s.toString();
 	}
-
-	public static String getRandomString(int length) {
-		char[] c = new char[length];
-		for (int i = 0; i < length; i++)
-			c[i] = (char) ('a' + random.nextInt(26));
-		return new String(c);
-	}
-
 }

bramble-api/src/test/java/org/briarproject/bramble/test/BrambleMockTestCase.java

@@ -3,7 +3,8 @@ package org.briarproject.bramble.test;
 import org.jmock.Mockery;
 import org.junit.After;
 
-public abstract class BrambleMockTestCase extends BrambleTestCase {
+public abstract class BrambleMockTestCase extends
+		BrambleTestCase {
 
 	protected final Mockery context = new Mockery();
 

bramble-api/src/test/java/org/briarproject/bramble/test/BrambleTestCase.java

@@ -8,9 +8,12 @@ public abstract class BrambleTestCase {
 
 	public BrambleTestCase() {
 		// Ensure exceptions thrown on worker threads cause tests to fail
-		UncaughtExceptionHandler fail = (thread, throwable) -> {
+		UncaughtExceptionHandler fail = new UncaughtExceptionHandler() {
-			throwable.printStackTrace();
+			@Override
-			fail();
+			public void uncaughtException(Thread thread, Throwable throwable) {
+				throwable.printStackTrace();
+				fail();
+			}
 		};
 		Thread.setDefaultUncaughtExceptionHandler(fail);
 	}

bramble-api/src/test/java/org/briarproject/bramble/test/TestUtils.java

@@ -34,6 +34,13 @@ public class TestUtils {
 		return getRandomBytes(UniqueId.LENGTH);
 	}
 
+	public static String getRandomString(int length) {
+		char[] c = new char[length];
+		for (int i = 0; i < length; i++)
+			c[i] = (char) ('a' + random.nextInt(26));
+		return new String(c);
+	}
+
 	public static SecretKey getSecretKey() {
 		return new SecretKey(getRandomBytes(SecretKey.LENGTH));
 	}

bramble-core/build.gradle

@@ -1,54 +1,26 @@
-apply plugin: 'java-library'
+plugins {
-sourceCompatibility = 1.8
+	id "java"
-targetCompatibility = 1.8
+	id "net.ltgt.apt" version "0.9"
+	id "idea"
+}
+sourceCompatibility = 1.6
+targetCompatibility = 1.6
 
-apply plugin: 'net.ltgt.apt'
-apply plugin: 'idea'
 apply plugin: 'witness'
 
 dependencies {
-	implementation project(path: ':bramble-api', configuration: 'default')
+	compile project(':bramble-api')
-	implementation 'com.madgag.spongycastle:core:1.58.0.0'
+	compile fileTree(dir: 'libs', include: '*.jar')
-	implementation 'com.h2database:h2:1.4.192' // This is the last version that supports Java 1.6
+	compile 'com.madgag.spongycastle:core:1.54.0.0'
-	implementation 'org.bitlet:weupnp:0.1.4'
+	compile 'com.h2database:h2:1.4.190'
 
-	apt 'com.google.dagger:dagger-compiler:2.0.2'
+	testCompile project(path: ':bramble-api', configuration: 'testOutput')
-
-	testImplementation project(path: ':bramble-api', configuration: 'testOutput')
-	testImplementation 'junit:junit:4.12'
-	testImplementation "org.jmock:jmock:2.8.2"
-	testImplementation "org.jmock:jmock-junit4:2.8.2"
-	testImplementation "org.jmock:jmock-legacy:2.8.2"
-	testImplementation "org.hamcrest:hamcrest-library:1.3"
-	testImplementation "org.hamcrest:hamcrest-core:1.3"
-
-	testApt 'com.google.dagger:dagger-compiler:2.0.2'
 }
 
 dependencyVerification {
 	verify = [
-			'cglib:cglib:3.2.0:cglib-3.2.0.jar:adb13bab79712ad6bdf1bd59f2a3918018a8016e722e8a357065afb9e6690861',
+			'com.madgag.spongycastle:core:1e7fa4b19ccccd1011364ab838d0b4702470c178bbbdd94c5c90b2d4d749ea1e',
-			'com.google.code.findbugs:jsr305:3.0.2:jsr305-3.0.2.jar:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7',
+			'com.h2database:h2:23ba495a07bbbb3bd6c3084d10a96dad7a23741b8b6d64b213459a784195a98c'
-			'com.google.dagger:dagger-compiler:2.0.2:dagger-compiler-2.0.2.jar:b74bc9de063dd4c6400b232231f2ef5056145b8fbecbf5382012007dd1c071b3',
-			'com.google.dagger:dagger-producers:2.0-beta:dagger-producers-2.0-beta.jar:99ec15e8a0507ba569e7655bc1165ee5e5ca5aa914b3c8f7e2c2458f724edd6b',
-			'com.google.dagger:dagger:2.0.2:dagger-2.0.2.jar:84c0282ed8be73a29e0475d639da030b55dee72369e58dd35ae7d4fe6243dcf9',
-			'com.google.guava:guava:18.0:guava-18.0.jar:d664fbfc03d2e5ce9cab2a44fb01f1d0bf9dfebeccc1a473b1f9ea31f79f6f99',
-			'com.h2database:h2:1.4.192:h2-1.4.192.jar:225b22e9857235c46c93861410b60b8c81c10dc8985f4faf188985ba5445126c',
-			'com.madgag.spongycastle:core:1.58.0.0:core-1.58.0.0.jar:199617dd5698c5a9312b898c0a4cec7ce9dd8649d07f65d91629f58229d72728',
-			'javax.inject:javax.inject:1:javax.inject-1.jar:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff',
-			'junit:junit:4.12:junit-4.12.jar:59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a',
-			'org.apache.ant:ant-launcher:1.9.4:ant-launcher-1.9.4.jar:7bccea20b41801ca17bcbc909a78c835d0f443f12d639c77bd6ae3d05861608d',
-			'org.apache.ant:ant:1.9.4:ant-1.9.4.jar:649ae0730251de07b8913f49286d46bba7b92d47c5f332610aa426c4f02161d8',
-			'org.beanshell:bsh:1.3.0:bsh-1.3.0.jar:9b04edc75d19db54f1b4e8b5355e9364384c6cf71eb0a1b9724c159d779879f8',
-			'org.bitlet:weupnp:0.1.4:weupnp-0.1.4.jar:88df7e6504929d00bdb832863761385c68ab92af945b04f0770b126270a444fb',
-			'org.hamcrest:hamcrest-core:1.3:hamcrest-core-1.3.jar:66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9',
-			'org.hamcrest:hamcrest-library:1.3:hamcrest-library-1.3.jar:711d64522f9ec410983bd310934296da134be4254a125080a0416ec178dfad1c',
-			'org.jmock:jmock-junit4:2.8.2:jmock-junit4-2.8.2.jar:f7ee4df4f7bd7b7f1cafad3b99eb74d579f109d5992ff625347352edb55e674c',
-			'org.jmock:jmock-legacy:2.8.2:jmock-legacy-2.8.2.jar:f2b985a5c08a9edb7f37612330c058809da3f6a6d63ce792426ebf8ff0d6d31b',
-			'org.jmock:jmock-testjar:2.8.2:jmock-testjar-2.8.2.jar:8900860f72c474e027cf97fe78dcbf154a1aa7fc62b6845c5fb4e4f3c7bc8760',
-			'org.jmock:jmock:2.8.2:jmock-2.8.2.jar:6c73cb4a2e6dbfb61fd99c9a768539c170ab6568e57846bd60dbf19596b65b16',
-			'org.objenesis:objenesis:2.1:objenesis-2.1.jar:c74330cc6b806c804fd37e74487b4fe5d7c2750c5e15fbc6efa13bdee1bdef80',
-			'org.ow2.asm:asm:5.0.4:asm-5.0.4.jar:896618ed8ae62702521a78bc7be42b7c491a08e6920a15f89a3ecdec31e9a220',
 	]
 }
 
@@ -63,8 +35,3 @@ task jarTest(type: Jar, dependsOn: testClasses) {
 artifacts {
 	testOutput jarTest
 }
-
-// If a Java 6 JRE is available, check we're not using any Java 7 or 8 APIs
-tasks.withType(JavaCompile) {
-	useJava6StandardLibrary(it)
-}

bramble-core/src/main/java/org/briarproject/bramble/BrambleCoreModule.java

@@ -8,6 +8,7 @@ import org.briarproject.bramble.db.DatabaseExecutorModule;
 import org.briarproject.bramble.db.DatabaseModule;
 import org.briarproject.bramble.event.EventModule;
 import org.briarproject.bramble.identity.IdentityModule;
+import org.briarproject.bramble.invitation.InvitationModule;
 import org.briarproject.bramble.keyagreement.KeyAgreementModule;
 import org.briarproject.bramble.lifecycle.LifecycleModule;
 import org.briarproject.bramble.plugin.PluginModule;
@@ -31,6 +32,7 @@ import dagger.Module;
 		DatabaseExecutorModule.class,
 		EventModule.class,
 		IdentityModule.class,
+		InvitationModule.class,
 		KeyAgreementModule.class,
 		LifecycleModule.class,
 		PluginModule.class,
@@ -52,7 +54,6 @@ public class BrambleCoreModule {
 		c.inject(new IdentityModule.EagerSingletons());
 		c.inject(new LifecycleModule.EagerSingletons());
 		c.inject(new PluginModule.EagerSingletons());
-		c.inject(new PropertiesModule.EagerSingletons());
 		c.inject(new SyncModule.EagerSingletons());
 		c.inject(new SystemModule.EagerSingletons());
 		c.inject(new TransportModule.EagerSingletons());

bramble-core/src/main/java/org/briarproject/bramble/PoliteExecutor.java

@@ -24,7 +24,7 @@ public class PoliteExecutor implements Executor {
 
 	private final Object lock = new Object();
 	@GuardedBy("lock")
-	private final Queue<Runnable> queue = new LinkedList<>();
+	private final Queue<Runnable> queue = new LinkedList<Runnable>();
 	private final Executor delegate;
 	private final int maxConcurrentTasks;
 	private final Logger log;
@@ -48,17 +48,20 @@ public class PoliteExecutor implements Executor {
 	}
 
 	@Override
-	public void execute(Runnable r) {
+	public void execute(final Runnable r) {
-		long submitted = System.currentTimeMillis();
+		final long submitted = System.currentTimeMillis();
-		Runnable wrapped = () -> {
+		Runnable wrapped = new Runnable() {
-			if (log.isLoggable(LOG_LEVEL)) {
+			@Override
-				long queued = System.currentTimeMillis() - submitted;
+			public void run() {
-				log.log(LOG_LEVEL, "Queue time " + queued + " ms");
+				if (log.isLoggable(LOG_LEVEL)) {
-			}
+					long queued = System.currentTimeMillis() - submitted;
-			try {
+					log.log(LOG_LEVEL, "Queue time " + queued + " ms");
-				r.run();
+				}
-			} finally {
+				try {
-				scheduleNext();
+					r.run();
+				} finally {
+					scheduleNext();
+				}
 			}
 		};
 		synchronized (lock) {

bramble-core/src/main/java/org/briarproject/bramble/TimeLoggingExecutor.java

@@ -28,16 +28,19 @@ public class TimeLoggingExecutor extends ThreadPoolExecutor {
 	}
 
 	@Override
-	public void execute(Runnable r) {
+	public void execute(final Runnable r) {
 		if (log.isLoggable(LOG_LEVEL)) {
-			long submitted = System.currentTimeMillis();
+			final long submitted = System.currentTimeMillis();
-			super.execute(() -> {
+			super.execute(new Runnable() {
-				long started = System.currentTimeMillis();
+				@Override
-				long queued = started - submitted;
+				public void run() {
-				log.log(LOG_LEVEL, "Queue time " + queued + " ms");
+					long started = System.currentTimeMillis();
-				r.run();
+					long queued = started - submitted;
-				long executing = System.currentTimeMillis() - started;
+					log.log(LOG_LEVEL, "Queue time " + queued + " ms");
-				log.log(LOG_LEVEL, "Execution time " + executing + " ms");
+					r.run();
+					long executing = System.currentTimeMillis() - started;
+					log.log(LOG_LEVEL, "Execution time " + executing + " ms");
+				}
 			});
 		} else {
 			super.execute(r);

bramble-core/src/main/java/org/briarproject/bramble/client/ClientHelperImpl.java

@@ -201,7 +201,8 @@ class ClientHelperImpl implements ClientHelper {
 	public Map<MessageId, BdfDictionary> getMessageMetadataAsDictionary(
 			Transaction txn, GroupId g) throws DbException, FormatException {
 		Map<MessageId, Metadata> raw = db.getMessageMetadata(txn, g);
-		Map<MessageId, BdfDictionary> parsed = new HashMap<>(raw.size());
+		Map<MessageId, BdfDictionary> parsed =
+				new HashMap<MessageId, BdfDictionary>(raw.size());
 		for (Entry<MessageId, Metadata> e : raw.entrySet())
 			parsed.put(e.getKey(), metadataParser.parse(e.getValue()));
 		return parsed;
@@ -228,7 +229,8 @@ class ClientHelperImpl implements ClientHelper {
 			FormatException {
 		Metadata metadata = metadataEncoder.encode(query);
 		Map<MessageId, Metadata> raw = db.getMessageMetadata(txn, g, metadata);
-		Map<MessageId, BdfDictionary> parsed = new HashMap<>(raw.size());
+		Map<MessageId, BdfDictionary> parsed =
+				new HashMap<MessageId, BdfDictionary>(raw.size());
 		for (Entry<MessageId, Metadata> e : raw.entrySet())
 			parsed.put(e.getKey(), metadataParser.parse(e.getValue()));
 		return parsed;

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java

@@ -80,7 +80,7 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 	private volatile boolean alice;
 
 	@Inject
-	ContactExchangeTaskImpl(DatabaseComponent db,
+	public ContactExchangeTaskImpl(DatabaseComponent db,
 			AuthorFactory authorFactory, BdfReaderFactory bdfReaderFactory,
 			BdfWriterFactory bdfWriterFactory, Clock clock,
 			ConnectionManager connectionManager, ContactManager contactManager,
@@ -146,12 +146,12 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 
 		// Create the readers
 		InputStream streamReader =
-				streamReaderFactory.createContactExchangeStreamReader(in,
+				streamReaderFactory.createInvitationStreamReader(in,
 						alice ? bobHeaderKey : aliceHeaderKey);
 		BdfReader r = bdfReaderFactory.createReader(streamReader);
 		// Create the writers
 		OutputStream streamWriter =
-				streamWriterFactory.createContactExchangeStreamWriter(out,
+				streamWriterFactory.createInvitationStreamWriter(out,
 						alice ? aliceHeaderKey : bobHeaderKey);
 		BdfWriter w = bdfWriterFactory.createWriter(streamWriter);
 
@@ -184,7 +184,12 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 			// Close the outgoing stream and expect EOF on the incoming stream
 			w.close();
 			if (!r.eof()) LOG.warning("Unexpected data at end of connection");
-		} catch (GeneralSecurityException | IOException e) {
+		} catch (GeneralSecurityException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			listener.contactExchangeFailed();
+			tryToClose(conn, true);
+			return;
+		} catch (IOException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 			listener.contactExchangeFailed();
 			tryToClose(conn, true);
@@ -271,7 +276,8 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 
 	private Map<TransportId, TransportProperties> receiveTransportProperties(
 			BdfReader r) throws IOException {
-		Map<TransportId, TransportProperties> remote = new HashMap<>();
+		Map<TransportId, TransportProperties> remote =
+				new HashMap<TransportId, TransportProperties>();
 		r.readListStart();
 		while (!r.hasListEnd()) {
 			r.readListStart();

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactManagerImpl.java

@@ -34,8 +34,8 @@ class ContactManagerImpl implements ContactManager {
 	ContactManagerImpl(DatabaseComponent db, KeyManager keyManager) {
 		this.db = db;
 		this.keyManager = keyManager;
-		addHooks = new CopyOnWriteArrayList<>();
+		addHooks = new CopyOnWriteArrayList<AddContactHook>();
-		removeHooks = new CopyOnWriteArrayList<>();
+		removeHooks = new CopyOnWriteArrayList<RemoveContactHook>();
 	}
 
 	@Override
@@ -125,7 +125,7 @@ class ContactManagerImpl implements ContactManager {
 		} finally {
 			db.endTransaction(txn);
 		}
-		List<Contact> active = new ArrayList<>(contacts.size());
+		List<Contact> active = new ArrayList<Contact>(contacts.size());
 		for (Contact c : contacts) if (c.isActive()) active.add(c);
 		return active;
 	}

bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java

@@ -4,6 +4,7 @@ import org.briarproject.bramble.api.crypto.CryptoComponent;
 import org.briarproject.bramble.api.crypto.KeyPair;
 import org.briarproject.bramble.api.crypto.KeyParser;
 import org.briarproject.bramble.api.crypto.PrivateKey;
+import org.briarproject.bramble.api.crypto.PseudoRandom;
 import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.plugin.TransportId;
@@ -40,13 +41,12 @@ import java.util.logging.Logger;
 import javax.inject.Inject;
 
 import static java.util.logging.Level.INFO;
+import static org.briarproject.bramble.api.invitation.InvitationConstants.CODE_BITS;
 import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.COMMIT_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.TAG_LENGTH;
 import static org.briarproject.bramble.crypto.EllipticCurveConstants.PARAMETERS;
-import static org.briarproject.bramble.util.ByteUtils.INT_16_BYTES;
 import static org.briarproject.bramble.util.ByteUtils.INT_32_BYTES;
 import static org.briarproject.bramble.util.ByteUtils.INT_64_BYTES;
-import static org.briarproject.bramble.util.ByteUtils.MAX_16_BIT_UNSIGNED;
 import static org.briarproject.bramble.util.ByteUtils.MAX_32_BIT_UNSIGNED;
 
 class CryptoComponentImpl implements CryptoComponent {
@@ -66,6 +66,9 @@ class CryptoComponentImpl implements CryptoComponent {
 		return s.getBytes(Charset.forName("US-ASCII"));
 	}
 
+	// KDF labels for bluetooth confirmation code derivation
+	private static final byte[] BT_A_CONFIRM = ascii("ALICE_CONFIRMATION_CODE");
+	private static final byte[] BT_B_CONFIRM = ascii("BOB_CONFIRMATION_CODE");
 	// KDF labels for contact exchange stream header key derivation
 	private static final byte[] A_INVITE = ascii("ALICE_INVITATION_KEY");
 	private static final byte[] B_INVITE = ascii("BOB_INVITATION_KEY");
@@ -166,6 +169,14 @@ class CryptoComponentImpl implements CryptoComponent {
 		return new SecretKey(b);
 	}
 
+	@Override
+	public PseudoRandom getPseudoRandom(int seed1, int seed2) {
+		byte[] seed = new byte[INT_32_BYTES * 2];
+		ByteUtils.writeUint32(seed1, seed, 0);
+		ByteUtils.writeUint32(seed2, seed, INT_32_BYTES);
+		return new PseudoRandomImpl(seed);
+	}
+
 	@Override
 	public SecureRandom getSecureRandom() {
 		return secureRandom;
@@ -237,6 +248,20 @@ class CryptoComponentImpl implements CryptoComponent {
 		return messageEncrypter.getKeyParser();
 	}
 
+	@Override
+	public int generateBTInvitationCode() {
+		int codeBytes = (CODE_BITS + 7) / 8;
+		byte[] random = new byte[codeBytes];
+		secureRandom.nextBytes(random);
+		return ByteUtils.readUint(random, CODE_BITS);
+	}
+
+	@Override
+	public int deriveBTConfirmationCode(SecretKey master, boolean alice) {
+		byte[] b = macKdf(master, alice ? BT_A_CONFIRM : BT_B_CONFIRM);
+		return ByteUtils.readUint(b, CODE_BITS);
+	}
+
 	@Override
 	public SecretKey deriveHeaderKey(SecretKey master,
 			boolean alice) {
@@ -387,11 +412,8 @@ class CryptoComponentImpl implements CryptoComponent {
 	}
 
 	@Override
-	public void encodeTag(byte[] tag, SecretKey tagKey, int protocolVersion,
+	public void encodeTag(byte[] tag, SecretKey tagKey, long streamNumber) {
-			long streamNumber) {
 		if (tag.length < TAG_LENGTH) throw new IllegalArgumentException();
-		if (protocolVersion < 0 || protocolVersion > MAX_16_BIT_UNSIGNED)
-			throw new IllegalArgumentException();
 		if (streamNumber < 0 || streamNumber > MAX_32_BIT_UNSIGNED)
 			throw new IllegalArgumentException();
 		// Initialise the PRF
@@ -399,14 +421,10 @@ class CryptoComponentImpl implements CryptoComponent {
 		// The output of the PRF must be long enough to use as a tag
 		int macLength = prf.getDigestSize();
 		if (macLength < TAG_LENGTH) throw new IllegalStateException();
-		// The input is the protocol version as a 16-bit integer, followed by
+		// The input is the stream number as a 64-bit integer
-		// the stream number as a 64-bit integer
+		byte[] input = new byte[INT_64_BYTES];
-		byte[] protocolVersionBytes = new byte[INT_16_BYTES];
+		ByteUtils.writeUint64(streamNumber, input, 0);
-		ByteUtils.writeUint16(protocolVersion, protocolVersionBytes, 0);
+		prf.update(input, 0, input.length);
-		prf.update(protocolVersionBytes, 0, protocolVersionBytes.length);
-		byte[] streamNumberBytes = new byte[INT_64_BYTES];
-		ByteUtils.writeUint64(streamNumber, streamNumberBytes, 0);
-		prf.update(streamNumberBytes, 0, streamNumberBytes.length);
 		byte[] mac = new byte[macLength];
 		prf.doFinal(mac, 0);
 		// The output is the first TAG_LENGTH bytes of the MAC
@@ -602,8 +620,8 @@ class CryptoComponentImpl implements CryptoComponent {
 
 	// Package access for testing
 	int chooseIterationCount(int targetMillis) {
-		List<Long> quickSamples = new ArrayList<>(PBKDF_SAMPLES);
+		List<Long> quickSamples = new ArrayList<Long>(PBKDF_SAMPLES);
-		List<Long> slowSamples = new ArrayList<>(PBKDF_SAMPLES);
+		List<Long> slowSamples = new ArrayList<Long>(PBKDF_SAMPLES);
 		long iterationNanos = 0, initNanos = 0;
 		while (iterationNanos <= 0 || initNanos <= 0) {
 			// Sample the running time with one iteration and two iterations

bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoModule.java

@@ -48,7 +48,7 @@ public class CryptoModule {
 
 	public CryptoModule() {
 		// Use an unbounded queue
-		BlockingQueue<Runnable> queue = new LinkedBlockingQueue<>();
+		BlockingQueue<Runnable> queue = new LinkedBlockingQueue<Runnable>();
 		// Discard tasks that are submitted during shutdown
 		RejectedExecutionHandler policy =
 				new ThreadPoolExecutor.DiscardPolicy();

bramble-core/src/main/java/org/briarproject/bramble/crypto/PasswordStrengthEstimatorImpl.java

@@ -16,7 +16,7 @@ class PasswordStrengthEstimatorImpl implements PasswordStrengthEstimator {
 
 	@Override
 	public float estimateStrength(String password) {
-		HashSet<Character> unique = new HashSet<>();
+		HashSet<Character> unique = new HashSet<Character>();
 		int length = password.length();
 		for (int i = 0; i < length; i++) unique.add(password.charAt(i));
 		return Math.min(1, (float) unique.size() / STRONG_UNIQUE_CHARS);

bramble-core/src/main/java/org/briarproject/bramble/crypto/PseudoRandomImpl.java

@@ -1,5 +1,6 @@
 package org.briarproject.bramble.crypto;
 
+import org.briarproject.bramble.api.crypto.PseudoRandom;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.spongycastle.crypto.Digest;
 import org.spongycastle.crypto.engines.Salsa20Engine;
@@ -10,11 +11,11 @@ import javax.annotation.concurrent.NotThreadSafe;
 
 @NotThreadSafe
 @NotNullByDefault
-class PseudoRandom {
+class PseudoRandomImpl implements PseudoRandom {
 
 	private final Salsa20Engine cipher = new Salsa20Engine();
 
-	PseudoRandom(byte[] seed) {
+	PseudoRandomImpl(byte[] seed) {
 		// Hash the seed to produce a 32-byte key
 		byte[] key = new byte[32];
 		Digest digest = new Blake2sDigest();
@@ -25,7 +26,8 @@ class PseudoRandom {
 		cipher.init(true, new ParametersWithIV(new KeyParameter(key), nonce));
 	}
 
-	byte[] nextBytes(int length) {
+	@Override
+	public byte[] nextBytes(int length) {
 		byte[] in = new byte[length], out = new byte[length];
 		cipher.processBytes(in, 0, length, out, 0);
 		return out;

bramble-core/src/main/java/org/briarproject/bramble/crypto/StreamDecrypterFactoryImpl.java

@@ -32,7 +32,7 @@ class StreamDecrypterFactoryImpl implements StreamDecrypterFactory {
 	}
 
 	@Override
-	public StreamDecrypter createContactExchangeStreamDecrypter(InputStream in,
+	public StreamDecrypter createInvitationStreamDecrypter(InputStream in,
 			SecretKey headerKey) {
 		return new StreamDecrypterImpl(in, cipherProvider.get(), 0, headerKey);
 	}

bramble-core/src/main/java/org/briarproject/bramble/crypto/StreamDecrypterImpl.java

@@ -20,11 +20,9 @@ import static org.briarproject.bramble.api.transport.TransportConstants.FRAME_NO
 import static org.briarproject.bramble.api.transport.TransportConstants.MAC_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.MAX_FRAME_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.MAX_PAYLOAD_LENGTH;
-import static org.briarproject.bramble.api.transport.TransportConstants.PROTOCOL_VERSION;
+import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_IV_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_NONCE_LENGTH;
-import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_PLAINTEXT_LENGTH;
-import static org.briarproject.bramble.util.ByteUtils.INT_16_BYTES;
 import static org.briarproject.bramble.util.ByteUtils.INT_64_BYTES;
 
 @NotThreadSafe
@@ -119,7 +117,7 @@ class StreamDecrypterImpl implements StreamDecrypter {
 
 	private void readStreamHeader() throws IOException {
 		byte[] streamHeaderCiphertext = new byte[STREAM_HEADER_LENGTH];
-		byte[] streamHeaderPlaintext = new byte[STREAM_HEADER_PLAINTEXT_LENGTH];
+		byte[] streamHeaderPlaintext = new byte[SecretKey.LENGTH];
 		// Read the stream header
 		int offset = 0;
 		while (offset < STREAM_HEADER_LENGTH) {
@@ -128,35 +126,21 @@ class StreamDecrypterImpl implements StreamDecrypter {
 			if (read == -1) throw new EOFException();
 			offset += read;
 		}
-		// Extract the nonce
+		// The nonce consists of the stream number followed by the IV
 		byte[] streamHeaderNonce = new byte[STREAM_HEADER_NONCE_LENGTH];
-		System.arraycopy(streamHeaderCiphertext, 0, streamHeaderNonce, 0,
+		ByteUtils.writeUint64(streamNumber, streamHeaderNonce, 0);
-				STREAM_HEADER_NONCE_LENGTH);
+		System.arraycopy(streamHeaderCiphertext, 0, streamHeaderNonce,
+				INT_64_BYTES, STREAM_HEADER_IV_LENGTH);
 		// Decrypt and authenticate the stream header
 		try {
 			cipher.init(false, streamHeaderKey, streamHeaderNonce);
 			int decrypted = cipher.process(streamHeaderCiphertext,
-					STREAM_HEADER_NONCE_LENGTH,
+					STREAM_HEADER_IV_LENGTH, SecretKey.LENGTH + MAC_LENGTH,
-					STREAM_HEADER_PLAINTEXT_LENGTH + MAC_LENGTH,
 					streamHeaderPlaintext, 0);
-			if (decrypted != STREAM_HEADER_PLAINTEXT_LENGTH)
+			if (decrypted != SecretKey.LENGTH) throw new RuntimeException();
-				throw new RuntimeException();
 		} catch (GeneralSecurityException e) {
 			throw new FormatException();
 		}
-		// Check the protocol version
+		frameKey = new SecretKey(streamHeaderPlaintext);
-		int receivedProtocolVersion =
-				ByteUtils.readUint16(streamHeaderPlaintext, 0);
-		if (receivedProtocolVersion != PROTOCOL_VERSION)
-			throw new FormatException();
-		// Check the stream number
-		long receivedStreamNumber = ByteUtils.readUint64(streamHeaderPlaintext,
-				INT_16_BYTES);
-		if (receivedStreamNumber != streamNumber) throw new FormatException();
-		// Extract the frame key
-		byte[] frameKeyBytes = new byte[SecretKey.LENGTH];
-		System.arraycopy(streamHeaderPlaintext, INT_16_BYTES + INT_64_BYTES,
-				frameKeyBytes, 0, SecretKey.LENGTH);
-		frameKey = new SecretKey(frameKeyBytes);
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/crypto/StreamEncrypterFactoryImpl.java

@@ -13,8 +13,7 @@ import javax.annotation.concurrent.Immutable;
 import javax.inject.Inject;
 import javax.inject.Provider;
 
-import static org.briarproject.bramble.api.transport.TransportConstants.PROTOCOL_VERSION;
+import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_IV_LENGTH;
-import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_NONCE_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.TAG_LENGTH;
 
 @Immutable
@@ -37,22 +36,22 @@ class StreamEncrypterFactoryImpl implements StreamEncrypterFactory {
 		AuthenticatedCipher cipher = cipherProvider.get();
 		long streamNumber = ctx.getStreamNumber();
 		byte[] tag = new byte[TAG_LENGTH];
-		crypto.encodeTag(tag, ctx.getTagKey(), PROTOCOL_VERSION, streamNumber);
+		crypto.encodeTag(tag, ctx.getTagKey(), streamNumber);
-		byte[] streamHeaderNonce = new byte[STREAM_HEADER_NONCE_LENGTH];
+		byte[] streamHeaderIv = new byte[STREAM_HEADER_IV_LENGTH];
-		crypto.getSecureRandom().nextBytes(streamHeaderNonce);
+		crypto.getSecureRandom().nextBytes(streamHeaderIv);
 		SecretKey frameKey = crypto.generateSecretKey();
 		return new StreamEncrypterImpl(out, cipher, streamNumber, tag,
-				streamHeaderNonce, ctx.getHeaderKey(), frameKey);
+				streamHeaderIv, ctx.getHeaderKey(), frameKey);
 	}
 
 	@Override
-	public StreamEncrypter createContactExchangeStreamDecrypter(
+	public StreamEncrypter createInvitationStreamEncrypter(OutputStream out,
-			OutputStream out, SecretKey headerKey) {
+			SecretKey headerKey) {
 		AuthenticatedCipher cipher = cipherProvider.get();
-		byte[] streamHeaderNonce = new byte[STREAM_HEADER_NONCE_LENGTH];
+		byte[] streamHeaderIv = new byte[STREAM_HEADER_IV_LENGTH];
-		crypto.getSecureRandom().nextBytes(streamHeaderNonce);
+		crypto.getSecureRandom().nextBytes(streamHeaderIv);
 		SecretKey frameKey = crypto.generateSecretKey();
-		return new StreamEncrypterImpl(out, cipher, 0, null, streamHeaderNonce,
+		return new StreamEncrypterImpl(out, cipher, 0, null, streamHeaderIv,
 				headerKey, frameKey);
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/crypto/StreamEncrypterImpl.java

@@ -18,11 +18,9 @@ import static org.briarproject.bramble.api.transport.TransportConstants.FRAME_NO
 import static org.briarproject.bramble.api.transport.TransportConstants.MAC_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.MAX_FRAME_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.MAX_PAYLOAD_LENGTH;
-import static org.briarproject.bramble.api.transport.TransportConstants.PROTOCOL_VERSION;
+import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_IV_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_LENGTH;
 import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_NONCE_LENGTH;
-import static org.briarproject.bramble.api.transport.TransportConstants.STREAM_HEADER_PLAINTEXT_LENGTH;
-import static org.briarproject.bramble.util.ByteUtils.INT_16_BYTES;
 import static org.briarproject.bramble.util.ByteUtils.INT_64_BYTES;
 
 @NotThreadSafe
@@ -35,7 +33,7 @@ class StreamEncrypterImpl implements StreamEncrypter {
 	private final long streamNumber;
 	@Nullable
 	private final byte[] tag;
-	private final byte[] streamHeaderNonce;
+	private final byte[] streamHeaderIv;
 	private final byte[] frameNonce, frameHeader;
 	private final byte[] framePlaintext, frameCiphertext;
 
@@ -43,13 +41,13 @@ class StreamEncrypterImpl implements StreamEncrypter {
 	private boolean writeTag, writeStreamHeader;
 
 	StreamEncrypterImpl(OutputStream out, AuthenticatedCipher cipher,
-			long streamNumber, @Nullable byte[] tag, byte[] streamHeaderNonce,
+			long streamNumber, @Nullable byte[] tag, byte[] streamHeaderIv,
 			SecretKey streamHeaderKey, SecretKey frameKey) {
 		this.out = out;
 		this.cipher = cipher;
 		this.streamNumber = streamNumber;
 		this.tag = tag;
-		this.streamHeaderNonce = streamHeaderNonce;
+		this.streamHeaderIv = streamHeaderIv;
 		this.streamHeaderKey = streamHeaderKey;
 		this.frameKey = frameKey;
 		frameNonce = new byte[FRAME_NONCE_LENGTH];
@@ -116,23 +114,22 @@ class StreamEncrypterImpl implements StreamEncrypter {
 	}
 
 	private void writeStreamHeader() throws IOException {
-		// The header contains the protocol version, stream number and frame key
+		// The nonce consists of the stream number followed by the IV
-		byte[] streamHeaderPlaintext = new byte[STREAM_HEADER_PLAINTEXT_LENGTH];
+		byte[] streamHeaderNonce = new byte[STREAM_HEADER_NONCE_LENGTH];
-		ByteUtils.writeUint16(PROTOCOL_VERSION, streamHeaderPlaintext, 0);
+		ByteUtils.writeUint64(streamNumber, streamHeaderNonce, 0);
-		ByteUtils.writeUint64(streamNumber, streamHeaderPlaintext,
+		System.arraycopy(streamHeaderIv, 0, streamHeaderNonce, INT_64_BYTES,
-				INT_16_BYTES);
+				STREAM_HEADER_IV_LENGTH);
-		System.arraycopy(frameKey.getBytes(), 0, streamHeaderPlaintext,
+		byte[] streamHeaderPlaintext = frameKey.getBytes();
-				INT_16_BYTES + INT_64_BYTES, SecretKey.LENGTH);
 		byte[] streamHeaderCiphertext = new byte[STREAM_HEADER_LENGTH];
-		System.arraycopy(streamHeaderNonce, 0, streamHeaderCiphertext, 0,
+		System.arraycopy(streamHeaderIv, 0, streamHeaderCiphertext, 0,
-				STREAM_HEADER_NONCE_LENGTH);
+				STREAM_HEADER_IV_LENGTH);
-		// Encrypt and authenticate the stream header key
+		// Encrypt and authenticate the frame key
 		try {
 			cipher.init(true, streamHeaderKey, streamHeaderNonce);
 			int encrypted = cipher.process(streamHeaderPlaintext, 0,
-					STREAM_HEADER_PLAINTEXT_LENGTH, streamHeaderCiphertext,
+					SecretKey.LENGTH, streamHeaderCiphertext,
-					STREAM_HEADER_NONCE_LENGTH);
+					STREAM_HEADER_IV_LENGTH);
-			if (encrypted != STREAM_HEADER_PLAINTEXT_LENGTH + MAC_LENGTH)
+			if (encrypted != SecretKey.LENGTH + MAC_LENGTH)
 				throw new RuntimeException();
 		} catch (GeneralSecurityException badCipher) {
 			throw new RuntimeException(badCipher);

bramble-core/src/main/java/org/briarproject/bramble/crypto/XSalsa20Poly1305AuthenticatedCipher.java

@@ -70,7 +70,25 @@ class XSalsa20Poly1305AuthenticatedCipher implements AuthenticatedCipher {
 			byte[] subKey = new byte[SUBKEY_LENGTH];
 			xSalsa20Engine.processBytes(zero, 0, SUBKEY_LENGTH, subKey, 0);
 
-			// Clamp the subkey
+			// Reverse the order of the Poly130 subkey
+			//
+			// NaCl and libsodium use the first 32 bytes of XSalsa20 as the
+			// subkey for crypto_onetimeauth_poly1305, which interprets it
+			// as r[0] ... r[15], k[0] ... k[15]. See section 9 of the NaCl
+			// paper (http://cr.yp.to/highspeed/naclcrypto-20090310.pdf),
+			// where the XSalsa20 output is defined as (r, s, t, ...).
+			//
+			// BC's Poly1305 implementation interprets the subkey as
+			// k[0] ... k[15], r[0] ... r[15] (per poly1305_aes_clamp in
+			// the reference implementation).
+			//
+			// To be NaCl-compatible, we reverse the subkey.
+			System.arraycopy(subKey, 0, zero, 0, SUBKEY_LENGTH / 2);
+			System.arraycopy(subKey, SUBKEY_LENGTH / 2, subKey, 0,
+					SUBKEY_LENGTH / 2);
+			System.arraycopy(zero, 0, subKey, SUBKEY_LENGTH / 2,
+					SUBKEY_LENGTH / 2);
+			// Now we can clamp the correct part of the subkey
 			Poly1305KeyGenerator.clamp(subKey);
 
 			// Initialize Poly1305 with the subkey

bramble-core/src/main/java/org/briarproject/bramble/db/DatabaseComponentImpl.java

@@ -103,11 +103,15 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 
 	@Override
 	public boolean open() throws DbException {
-		Runnable shutdownHook = () -> {
+		Runnable shutdownHook = new Runnable() {
-			try {
+			@Override
-				close();
+			public void run() {
-			} catch (DbException e) {
+				try {
-				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+					close();
+				} catch (DbException e) {
+					if (LOG.isLoggable(WARNING))
+						LOG.log(WARNING, e.toString(), e);
+				}
 			}
 		};
 		boolean reopened = db.open();
@@ -137,7 +141,11 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 		}
 		try {
 			return new Transaction(db.startTransaction(), readOnly);
-		} catch (DbException | RuntimeException e) {
+		} catch (DbException e) {
+			if (readOnly) lock.readLock().unlock();
+			else lock.writeLock().unlock();
+			throw e;
+		} catch (RuntimeException e) {
 			if (readOnly) lock.readLock().unlock();
 			else lock.writeLock().unlock();
 			throw e;
@@ -323,7 +331,7 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 		if (!db.containsContact(txn, c))
 			throw new NoSuchContactException();
 		Collection<MessageId> ids = db.getMessagesToSend(txn, c, maxLength);
-		List<byte[]> messages = new ArrayList<>(ids.size());
+		List<byte[]> messages = new ArrayList<byte[]>(ids.size());
 		for (MessageId m : ids) {
 			messages.add(db.getRawMessage(txn, m));
 			db.updateExpiryTime(txn, c, m, maxLatency);
@@ -373,7 +381,7 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 			throw new NoSuchContactException();
 		Collection<MessageId> ids = db.getRequestedMessagesToSend(txn, c,
 				maxLength);
-		List<byte[]> messages = new ArrayList<>(ids.size());
+		List<byte[]> messages = new ArrayList<byte[]>(ids.size());
 		for (MessageId m : ids) {
 			messages.add(db.getRawMessage(txn, m));
 			db.updateExpiryTime(txn, c, m, maxLatency);
@@ -653,7 +661,7 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 		T txn = unbox(transaction);
 		if (!db.containsContact(txn, c))
 			throw new NoSuchContactException();
-		Collection<MessageId> acked = new ArrayList<>();
+		Collection<MessageId> acked = new ArrayList<MessageId>();
 		for (MessageId m : a.getMessageIds()) {
 			if (db.containsVisibleMessage(txn, c, m)) {
 				db.raiseSeenFlag(txn, c, m);
@@ -762,16 +770,6 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 		transaction.attach(new LocalAuthorRemovedEvent(a));
 	}
 
-	@Override
-	public void removeMessage(Transaction transaction, MessageId m)
-			throws DbException {
-		if (transaction.isReadOnly()) throw new IllegalArgumentException();
-		T txn = unbox(transaction);
-		if (!db.containsMessage(txn, m))
-			throw new NoSuchMessageException();
-		db.removeMessage(txn, m);
-	}
-
 	@Override
 	public void removeTransport(Transaction transaction, TransportId t)
 			throws DbException {
@@ -888,7 +886,8 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 			Map<ContactId, TransportKeys> keys) throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
-		Map<ContactId, TransportKeys> filtered = new HashMap<>();
+		Map<ContactId, TransportKeys> filtered =
+				new HashMap<ContactId, TransportKeys>();
 		for (Entry<ContactId, TransportKeys> e : keys.entrySet()) {
 			ContactId c = e.getKey();
 			TransportKeys k = e.getValue();

bramble-core/src/main/java/org/briarproject/bramble/db/DatabaseExecutorModule.java

@@ -32,7 +32,7 @@ public class DatabaseExecutorModule {
 
 	public DatabaseExecutorModule() {
 		// Use an unbounded queue
-		BlockingQueue<Runnable> queue = new LinkedBlockingQueue<>();
+		BlockingQueue<Runnable> queue = new LinkedBlockingQueue<Runnable>();
 		// Discard tasks that are submitted during shutdown
 		RejectedExecutionHandler policy =
 				new ThreadPoolExecutor.DiscardPolicy();

bramble-core/src/main/java/org/briarproject/bramble/db/DatabaseModule.java

@@ -26,7 +26,7 @@ public class DatabaseModule {
 	@Singleton
 	DatabaseComponent provideDatabaseComponent(Database<Connection> db,
 			EventBus eventBus, ShutdownManager shutdown) {
-		return new DatabaseComponentImpl<>(db, Connection.class, eventBus,
+		return new DatabaseComponentImpl<Connection>(db, Connection.class,
-				shutdown);
+				eventBus, shutdown);
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/db/JdbcDatabase.java

@@ -232,30 +232,6 @@ abstract class JdbcDatabase implements Database<Connection> {
 					+ " REFERENCES transports (transportId)"
 					+ " ON DELETE CASCADE)";
 
-	private static final String INDEX_CONTACTS_BY_AUTHOR_ID =
-			"CREATE INDEX IF NOT EXISTS contactsByAuthorId"
-					+ " ON contacts (authorId)";
-
-	private static final String INDEX_MESSAGES_BY_GROUP_ID =
-			"CREATE INDEX IF NOT EXISTS messagesByGroupId"
-					+ " ON messages (groupId)";
-
-	private static final String INDEX_OFFERS_BY_CONTACT_ID =
-			"CREATE INDEX IF NOT EXISTS offersByContactId"
-					+ " ON offers (contactId)";
-
-	private static final String INDEX_GROUPS_BY_CLIENT_ID =
-			"CREATE INDEX IF NOT EXISTS groupsByClientId"
-					+ " ON groups (clientId)";
-
-	private static final String INDEX_MESSAGE_METADATA_BY_MESSAGE_ID =
-			"CREATE INDEX IF NOT EXISTS messageMetadataByMessageId"
-					+ " ON messageMetadata (messageId)";
-
-	private static final String INDEX_GROUP_METADATA_BY_GROUP_ID =
-			"CREATE INDEX IF NOT EXISTS groupMetadataByGroupId"
-					+ " ON groupMetadata (groupId)";
-
 	private static final Logger LOG =
 			Logger.getLogger(JdbcDatabase.class.getName());
 
@@ -263,8 +239,8 @@ abstract class JdbcDatabase implements Database<Connection> {
 	private final String hashType, binaryType, counterType, secretType;
 	private final Clock clock;
 
-	// Locking: connectionsLock
+	private final LinkedList<Connection> connections =
-	private final LinkedList<Connection> connections = new LinkedList<>();
+			new LinkedList<Connection>(); // Locking: connectionsLock
 
 	private int openConnections = 0; // Locking: connectionsLock
 	private boolean closed = false; // Locking: connectionsLock
@@ -291,7 +267,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 		} catch (ClassNotFoundException e) {
 			throw new DbException(e);
 		}
-		// Open the database and create the tables and indexes if necessary
+		// Open the database and create the tables if necessary
 		Connection txn = startTransaction();
 		try {
 			if (reopen) {
@@ -300,7 +276,6 @@ abstract class JdbcDatabase implements Database<Connection> {
 				createTables(txn);
 				storeSchemaVersion(txn);
 			}
-			createIndexes(txn);
 			commitTransaction(txn);
 		} catch (DbException e) {
 			abortTransaction(txn);
@@ -365,23 +340,6 @@ abstract class JdbcDatabase implements Database<Connection> {
 		}
 	}
 
-	private void createIndexes(Connection txn) throws DbException {
-		Statement s = null;
-		try {
-			s = txn.createStatement();
-			s.executeUpdate(INDEX_CONTACTS_BY_AUTHOR_ID);
-			s.executeUpdate(INDEX_MESSAGES_BY_GROUP_ID);
-			s.executeUpdate(INDEX_OFFERS_BY_CONTACT_ID);
-			s.executeUpdate(INDEX_GROUPS_BY_CLIENT_ID);
-			s.executeUpdate(INDEX_MESSAGE_METADATA_BY_MESSAGE_ID);
-			s.executeUpdate(INDEX_GROUP_METADATA_BY_GROUP_ID);
-			s.close();
-		} catch (SQLException e) {
-			tryToClose(s);
-			throw new DbException(e);
-		}
-	}
-
 	private String insertTypeNames(String s) {
 		s = s.replaceAll("HASH", hashType);
 		s = s.replaceAll("BINARY", binaryType);
@@ -1035,7 +993,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 					+ " FROM contacts";
 			ps = txn.prepareStatement(sql);
 			rs = ps.executeQuery();
-			List<Contact> contacts = new ArrayList<>();
+			List<Contact> contacts = new ArrayList<Contact>();
 			while (rs.next()) {
 				ContactId contactId = new ContactId(rs.getInt(1));
 				AuthorId authorId = new AuthorId(rs.getBytes(2));
@@ -1069,7 +1027,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setBytes(1, local.getBytes());
 			rs = ps.executeQuery();
-			List<ContactId> ids = new ArrayList<>();
+			List<ContactId> ids = new ArrayList<ContactId>();
 			while (rs.next()) ids.add(new ContactId(rs.getInt(1)));
 			rs.close();
 			ps.close();
@@ -1094,7 +1052,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setBytes(1, remote.getBytes());
 			rs = ps.executeQuery();
-			List<Contact> contacts = new ArrayList<>();
+			List<Contact> contacts = new ArrayList<Contact>();
 			while (rs.next()) {
 				ContactId c = new ContactId(rs.getInt(1));
 				String name = rs.getString(2);
@@ -1150,7 +1108,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setString(1, c.getString());
 			rs = ps.executeQuery();
-			List<Group> groups = new ArrayList<>();
+			List<Group> groups = new ArrayList<Group>();
 			while (rs.next()) {
 				GroupId id = new GroupId(rs.getBytes(1));
 				byte[] descriptor = rs.getBytes(2);
@@ -1203,7 +1161,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setBytes(1, g.getBytes());
 			rs = ps.executeQuery();
-			List<ContactId> visible = new ArrayList<>();
+			List<ContactId> visible = new ArrayList<ContactId>();
 			while (rs.next()) visible.add(new ContactId(rs.getInt(1)));
 			rs.close();
 			ps.close();
@@ -1255,7 +1213,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 					+ " FROM localAuthors";
 			ps = txn.prepareStatement(sql);
 			rs = ps.executeQuery();
-			List<LocalAuthor> authors = new ArrayList<>();
+			List<LocalAuthor> authors = new ArrayList<LocalAuthor>();
 			while (rs.next()) {
 				AuthorId authorId = new AuthorId(rs.getBytes(1));
 				String name = rs.getString(2);
@@ -1285,7 +1243,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setBytes(1, g.getBytes());
 			rs = ps.executeQuery();
-			List<MessageId> ids = new ArrayList<>();
+			List<MessageId> ids = new ArrayList<MessageId>();
 			while (rs.next()) ids.add(new MessageId(rs.getBytes(1)));
 			rs.close();
 			ps.close();
@@ -1308,7 +1266,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps.setInt(1, state.getValue());
 			ps.setBytes(2, g.getBytes());
 			rs = ps.executeQuery();
-			List<MessageId> ids = new ArrayList<>();
+			List<MessageId> ids = new ArrayList<MessageId>();
 			while (rs.next()) ids.add(new MessageId(rs.getBytes(1)));
 			rs.close();
 			ps.close();
@@ -1343,7 +1301,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 				ps.setString(3, e.getKey());
 				ps.setBytes(4, e.getValue());
 				rs = ps.executeQuery();
-				Set<MessageId> ids = new HashSet<>();
+				Set<MessageId> ids = new HashSet<MessageId>();
 				while (rs.next()) ids.add(new MessageId(rs.getBytes(1)));
 				rs.close();
 				ps.close();
@@ -1377,7 +1335,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps.setInt(1, DELIVERED.getValue());
 			ps.setBytes(2, g.getBytes());
 			rs = ps.executeQuery();
-			Map<MessageId, Metadata> all = new HashMap<>();
+			Map<MessageId, Metadata> all = new HashMap<MessageId, Metadata>();
 			Metadata metadata = null;
 			MessageId lastMessageId = null;
 			while (rs.next()) {
@@ -1406,7 +1364,8 @@ abstract class JdbcDatabase implements Database<Connection> {
 		Collection<MessageId> matches = getMessageIds(txn, g, query);
 		if (matches.isEmpty()) return Collections.emptyMap();
 		// Retrieve the metadata for each match
-		Map<MessageId, Metadata> all = new HashMap<>(matches.size());
+		Map<MessageId, Metadata> all = new HashMap<MessageId, Metadata>(
+				matches.size());
 		for (MessageId m : matches) all.put(m, getMessageMetadata(txn, m));
 		return all;
 	}
@@ -1504,7 +1463,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps.setBytes(1, g.getBytes());
 			ps.setInt(2, c.getInt());
 			rs = ps.executeQuery();
-			List<MessageStatus> statuses = new ArrayList<>();
+			List<MessageStatus> statuses = new ArrayList<MessageStatus>();
 			while (rs.next()) {
 				MessageId messageId = new MessageId(rs.getBytes(1));
 				boolean sent = rs.getBoolean(2);
@@ -1563,7 +1522,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setBytes(1, m.getBytes());
 			rs = ps.executeQuery();
-			Map<MessageId, State> dependencies = new HashMap<>();
+			Map<MessageId, State> dependencies = new HashMap<MessageId, State>();
 			while (rs.next()) {
 				MessageId dependency = new MessageId(rs.getBytes(1));
 				State state = State.fromValue(rs.getInt(2));
@@ -1601,7 +1560,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setBytes(1, m.getBytes());
 			rs = ps.executeQuery();
-			Map<MessageId, State> dependents = new HashMap<>();
+			Map<MessageId, State> dependents = new HashMap<MessageId, State>();
 			while (rs.next()) {
 				MessageId dependent = new MessageId(rs.getBytes(1));
 				State state = State.fromValue(rs.getInt(2));
@@ -1653,7 +1612,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps.setInt(1, c.getInt());
 			ps.setInt(2, maxMessages);
 			rs = ps.executeQuery();
-			List<MessageId> ids = new ArrayList<>();
+			List<MessageId> ids = new ArrayList<MessageId>();
 			while (rs.next()) ids.add(new MessageId(rs.getBytes(1)));
 			rs.close();
 			ps.close();
@@ -1689,7 +1648,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps.setLong(3, now);
 			ps.setInt(4, maxMessages);
 			rs = ps.executeQuery();
-			List<MessageId> ids = new ArrayList<>();
+			List<MessageId> ids = new ArrayList<MessageId>();
 			while (rs.next()) ids.add(new MessageId(rs.getBytes(1)));
 			rs.close();
 			ps.close();
@@ -1714,7 +1673,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps.setInt(1, c.getInt());
 			ps.setInt(2, maxMessages);
 			rs = ps.executeQuery();
-			List<MessageId> ids = new ArrayList<>();
+			List<MessageId> ids = new ArrayList<MessageId>();
 			while (rs.next()) ids.add(new MessageId(rs.getBytes(1)));
 			rs.close();
 			ps.close();
@@ -1749,7 +1708,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps.setInt(2, DELIVERED.getValue());
 			ps.setLong(3, now);
 			rs = ps.executeQuery();
-			List<MessageId> ids = new ArrayList<>();
+			List<MessageId> ids = new ArrayList<MessageId>();
 			int total = 0;
 			while (rs.next()) {
 				int length = rs.getInt(1);
@@ -1791,7 +1750,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps.setInt(1, state.getValue());
 			ps.setString(2, c.getString());
 			rs = ps.executeQuery();
-			List<MessageId> ids = new ArrayList<>();
+			List<MessageId> ids = new ArrayList<MessageId>();
 			while (rs.next()) ids.add(new MessageId(rs.getBytes(1)));
 			rs.close();
 			ps.close();
@@ -1821,7 +1780,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setString(1, c.getString());
 			rs = ps.executeQuery();
-			List<MessageId> ids = new ArrayList<>();
+			List<MessageId> ids = new ArrayList<MessageId>();
 			while (rs.next()) ids.add(new MessageId(rs.getBytes(1)));
 			rs.close();
 			ps.close();
@@ -1880,7 +1839,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps.setInt(2, DELIVERED.getValue());
 			ps.setLong(3, now);
 			rs = ps.executeQuery();
-			List<MessageId> ids = new ArrayList<>();
+			List<MessageId> ids = new ArrayList<MessageId>();
 			int total = 0;
 			while (rs.next()) {
 				int length = rs.getInt(1);
@@ -1934,7 +1893,7 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setString(1, t.getString());
 			rs = ps.executeQuery();
-			List<IncomingKeys> inKeys = new ArrayList<>();
+			List<IncomingKeys> inKeys = new ArrayList<IncomingKeys>();
 			while (rs.next()) {
 				long rotationPeriod = rs.getLong(1);
 				SecretKey tagKey = new SecretKey(rs.getBytes(2));
@@ -1954,7 +1913,8 @@ abstract class JdbcDatabase implements Database<Connection> {
 			ps = txn.prepareStatement(sql);
 			ps.setString(1, t.getString());
 			rs = ps.executeQuery();
-			Map<ContactId, TransportKeys> keys = new HashMap<>();
+			Map<ContactId, TransportKeys> keys =
+					new HashMap<ContactId, TransportKeys>();
 			for (int i = 0; rs.next(); i++) {
 				// There should be three times as many incoming keys
 				if (inKeys.size() < (i + 1) * 3) throw new DbStateException();
@@ -2072,8 +2032,8 @@ abstract class JdbcDatabase implements Database<Connection> {
 		PreparedStatement ps = null;
 		try {
 			// Determine which keys are being removed
-			List<String> removed = new ArrayList<>();
+			List<String> removed = new ArrayList<String>();
-			Map<String, byte[]> retained = new HashMap<>();
+			Map<String, byte[]> retained = new HashMap<String, byte[]>();
 			for (Entry<String, byte[]> e : meta.entrySet()) {
 				if (e.getValue() == REMOVE) removed.add(e.getKey());
 				else retained.put(e.getKey(), e.getValue());

bramble-core/src/main/java/org/briarproject/bramble/event/EventBusImpl.java

@@ -15,7 +15,7 @@ import javax.annotation.concurrent.ThreadSafe;
 class EventBusImpl implements EventBus {
 
 	private final Collection<EventListener> listeners =
-			new CopyOnWriteArrayList<>();
+			new CopyOnWriteArrayList<EventListener>();
 
 	@Override
 	public void addListener(EventListener l) {

bramble-core/src/main/java/org/briarproject/bramble/invitation/AliceConnector.java

@@ -0,0 +1,119 @@
+package org.briarproject.bramble.invitation;
+
+import org.briarproject.bramble.api.contact.ContactExchangeTask;
+import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.crypto.PseudoRandom;
+import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.data.BdfReader;
+import org.briarproject.bramble.api.data.BdfReaderFactory;
+import org.briarproject.bramble.api.data.BdfWriter;
+import org.briarproject.bramble.api.data.BdfWriterFactory;
+import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.security.GeneralSecurityException;
+import java.util.logging.Logger;
+
+import static java.util.logging.Level.INFO;
+import static java.util.logging.Level.WARNING;
+
+/**
+ * A connection thread for the peer being Alice in the invitation protocol.
+ */
+@NotNullByDefault
+class AliceConnector extends Connector {
+
+	private static final Logger LOG =
+			Logger.getLogger(AliceConnector.class.getName());
+
+	AliceConnector(CryptoComponent crypto, BdfReaderFactory bdfReaderFactory,
+			BdfWriterFactory bdfWriterFactory,
+			ContactExchangeTask contactExchangeTask, ConnectorGroup group,
+			DuplexPlugin plugin, LocalAuthor localAuthor, PseudoRandom random) {
+		super(crypto, bdfReaderFactory, bdfWriterFactory, contactExchangeTask,
+				group, plugin, localAuthor, random);
+	}
+
+	@Override
+	public void run() {
+		// Create an incoming or outgoing connection
+		DuplexTransportConnection conn = createInvitationConnection(true);
+		if (conn == null) return;
+		if (LOG.isLoggable(INFO)) LOG.info(pluginName + " connected");
+		// Don't proceed with more than one connection
+		if (group.getAndSetConnected()) {
+			if (LOG.isLoggable(INFO)) LOG.info(pluginName + " redundant");
+			tryToClose(conn, false);
+			return;
+		}
+		// Carry out the key agreement protocol
+		InputStream in;
+		OutputStream out;
+		BdfReader r;
+		BdfWriter w;
+		SecretKey master;
+		try {
+			in = conn.getReader().getInputStream();
+			out = conn.getWriter().getOutputStream();
+			r = bdfReaderFactory.createReader(in);
+			w = bdfWriterFactory.createWriter(out);
+			// Alice goes first
+			sendPublicKeyHash(w);
+			byte[] hash = receivePublicKeyHash(r);
+			sendPublicKey(w);
+			byte[] key = receivePublicKey(r);
+			master = deriveMasterSecret(hash, key, true);
+		} catch (IOException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			group.keyAgreementFailed();
+			tryToClose(conn, true);
+			return;
+		} catch (GeneralSecurityException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			group.keyAgreementFailed();
+			tryToClose(conn, true);
+			return;
+		}
+		// The key agreement succeeded - derive the confirmation codes
+		if (LOG.isLoggable(INFO)) LOG.info(pluginName + " agreement succeeded");
+		int aliceCode = crypto.deriveBTConfirmationCode(master, true);
+		int bobCode = crypto.deriveBTConfirmationCode(master, false);
+		group.keyAgreementSucceeded(aliceCode, bobCode);
+		// Exchange confirmation results
+		boolean localMatched, remoteMatched;
+		try {
+			localMatched = group.waitForLocalConfirmationResult();
+			sendConfirmation(w, localMatched);
+			remoteMatched = receiveConfirmation(r);
+		} catch (IOException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			group.remoteConfirmationFailed();
+			tryToClose(conn, true);
+			return;
+		} catch (InterruptedException e) {
+			LOG.warning("Interrupted while waiting for confirmation");
+			group.remoteConfirmationFailed();
+			tryToClose(conn, true);
+			Thread.currentThread().interrupt();
+			return;
+		}
+		if (remoteMatched) group.remoteConfirmationSucceeded();
+		else group.remoteConfirmationFailed();
+		if (!(localMatched && remoteMatched)) {
+			if (LOG.isLoggable(INFO))
+				LOG.info(pluginName + " confirmation failed");
+			tryToClose(conn, false);
+			return;
+		}
+		// Confirmation succeeded - upgrade to a secure connection
+		if (LOG.isLoggable(INFO))
+			LOG.info(pluginName + " confirmation succeeded");
+		contactExchangeTask.startExchange(group, localAuthor, master, conn,
+				plugin.getId(), true);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/invitation/BobConnector.java

@@ -0,0 +1,119 @@
+package org.briarproject.bramble.invitation;
+
+import org.briarproject.bramble.api.contact.ContactExchangeTask;
+import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.crypto.PseudoRandom;
+import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.data.BdfReader;
+import org.briarproject.bramble.api.data.BdfReaderFactory;
+import org.briarproject.bramble.api.data.BdfWriter;
+import org.briarproject.bramble.api.data.BdfWriterFactory;
+import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.security.GeneralSecurityException;
+import java.util.logging.Logger;
+
+import static java.util.logging.Level.INFO;
+import static java.util.logging.Level.WARNING;
+
+/**
+ * A connection thread for the peer being Bob in the invitation protocol.
+ */
+@NotNullByDefault
+class BobConnector extends Connector {
+
+	private static final Logger LOG =
+			Logger.getLogger(BobConnector.class.getName());
+
+	BobConnector(CryptoComponent crypto, BdfReaderFactory bdfReaderFactory,
+			BdfWriterFactory bdfWriterFactory,
+			ContactExchangeTask contactExchangeTask, ConnectorGroup group,
+			DuplexPlugin plugin, LocalAuthor localAuthor, PseudoRandom random) {
+		super(crypto, bdfReaderFactory, bdfWriterFactory, contactExchangeTask,
+				group, plugin, localAuthor, random);
+	}
+
+	@Override
+	public void run() {
+		// Create an incoming or outgoing connection
+		DuplexTransportConnection conn = createInvitationConnection(false);
+		if (conn == null) return;
+		if (LOG.isLoggable(INFO)) LOG.info(pluginName + " connected");
+		// Carry out the key agreement protocol
+		InputStream in;
+		OutputStream out;
+		BdfReader r;
+		BdfWriter w;
+		SecretKey master;
+		try {
+			in = conn.getReader().getInputStream();
+			out = conn.getWriter().getOutputStream();
+			r = bdfReaderFactory.createReader(in);
+			w = bdfWriterFactory.createWriter(out);
+			// Alice goes first
+			byte[] hash = receivePublicKeyHash(r);
+			// Don't proceed with more than one connection
+			if (group.getAndSetConnected()) {
+				if (LOG.isLoggable(INFO)) LOG.info(pluginName + " redundant");
+				tryToClose(conn, false);
+				return;
+			}
+			sendPublicKeyHash(w);
+			byte[] key = receivePublicKey(r);
+			sendPublicKey(w);
+			master = deriveMasterSecret(hash, key, false);
+		} catch (IOException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			group.keyAgreementFailed();
+			tryToClose(conn, true);
+			return;
+		} catch (GeneralSecurityException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			group.keyAgreementFailed();
+			tryToClose(conn, true);
+			return;
+		}
+		// The key agreement succeeded - derive the confirmation codes
+		if (LOG.isLoggable(INFO)) LOG.info(pluginName + " agreement succeeded");
+		int aliceCode = crypto.deriveBTConfirmationCode(master, true);
+		int bobCode = crypto.deriveBTConfirmationCode(master, false);
+		group.keyAgreementSucceeded(bobCode, aliceCode);
+		// Exchange confirmation results
+		boolean localMatched, remoteMatched;
+		try {
+			remoteMatched = receiveConfirmation(r);
+			localMatched = group.waitForLocalConfirmationResult();
+			sendConfirmation(w, localMatched);
+		} catch (IOException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			group.remoteConfirmationFailed();
+			tryToClose(conn, true);
+			return;
+		} catch (InterruptedException e) {
+			LOG.warning("Interrupted while waiting for confirmation");
+			group.remoteConfirmationFailed();
+			tryToClose(conn, true);
+			Thread.currentThread().interrupt();
+			return;
+		}
+		if (remoteMatched) group.remoteConfirmationSucceeded();
+		else group.remoteConfirmationFailed();
+		if (!(localMatched && remoteMatched)) {
+			if (LOG.isLoggable(INFO))
+				LOG.info(pluginName + " confirmation failed");
+			tryToClose(conn, false);
+			return;
+		}
+		// Confirmation succeeded - upgrade to a secure connection
+		if (LOG.isLoggable(INFO))
+			LOG.info(pluginName + " confirmation succeeded");
+		contactExchangeTask.startExchange(group, localAuthor, master, conn,
+				plugin.getId(), false);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/invitation/Connector.java

@@ -0,0 +1,150 @@
+package org.briarproject.bramble.invitation;
+
+import org.briarproject.bramble.api.FormatException;
+import org.briarproject.bramble.api.contact.ContactExchangeTask;
+import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.crypto.KeyPair;
+import org.briarproject.bramble.api.crypto.KeyParser;
+import org.briarproject.bramble.api.crypto.PseudoRandom;
+import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.data.BdfReader;
+import org.briarproject.bramble.api.data.BdfReaderFactory;
+import org.briarproject.bramble.api.data.BdfWriter;
+import org.briarproject.bramble.api.data.BdfWriterFactory;
+import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.util.Arrays;
+import java.util.logging.Logger;
+
+import javax.annotation.Nullable;
+
+import static java.util.logging.Level.INFO;
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
+import static org.briarproject.bramble.api.invitation.InvitationConstants.CONNECTION_TIMEOUT;
+
+// FIXME: This class has way too many dependencies
+@NotNullByDefault
+abstract class Connector extends Thread {
+
+	private static final Logger LOG =
+			Logger.getLogger(Connector.class.getName());
+	private static final String LABEL_PUBLIC_KEY =
+			"org.briarproject.bramble.invitation.PUBLIC_KEY";
+
+	protected final CryptoComponent crypto;
+	protected final BdfReaderFactory bdfReaderFactory;
+	protected final BdfWriterFactory bdfWriterFactory;
+	protected final ContactExchangeTask contactExchangeTask;
+	protected final ConnectorGroup group;
+	protected final DuplexPlugin plugin;
+	protected final LocalAuthor localAuthor;
+	protected final PseudoRandom random;
+	protected final String pluginName;
+
+	private final KeyPair keyPair;
+	private final KeyParser keyParser;
+
+	Connector(CryptoComponent crypto, BdfReaderFactory bdfReaderFactory,
+			BdfWriterFactory bdfWriterFactory,
+			ContactExchangeTask contactExchangeTask, ConnectorGroup group,
+			DuplexPlugin plugin, LocalAuthor localAuthor, PseudoRandom random) {
+		super("Connector");
+		this.crypto = crypto;
+		this.bdfReaderFactory = bdfReaderFactory;
+		this.bdfWriterFactory = bdfWriterFactory;
+		this.contactExchangeTask = contactExchangeTask;
+		this.group = group;
+		this.plugin = plugin;
+		this.localAuthor = localAuthor;
+		this.random = random;
+		pluginName = plugin.getClass().getName();
+		keyPair = crypto.generateAgreementKeyPair();
+		keyParser = crypto.getAgreementKeyParser();
+	}
+
+	@Nullable
+	DuplexTransportConnection createInvitationConnection(boolean alice) {
+		if (LOG.isLoggable(INFO))
+			LOG.info(pluginName + " creating invitation connection");
+		return plugin.createInvitationConnection(random, CONNECTION_TIMEOUT,
+				alice);
+	}
+
+	void sendPublicKeyHash(BdfWriter w) throws IOException {
+		byte[] hash =
+				crypto.hash(LABEL_PUBLIC_KEY, keyPair.getPublic().getEncoded());
+		w.writeRaw(hash);
+		w.flush();
+		if (LOG.isLoggable(INFO)) LOG.info(pluginName + " sent hash");
+	}
+
+	byte[] receivePublicKeyHash(BdfReader r) throws IOException {
+		int hashLength = crypto.getHashLength();
+		byte[] b = r.readRaw(hashLength);
+		if (b.length < hashLength) throw new FormatException();
+		if (LOG.isLoggable(INFO)) LOG.info(pluginName + " received hash");
+		return b;
+	}
+
+	void sendPublicKey(BdfWriter w) throws IOException {
+		byte[] key = keyPair.getPublic().getEncoded();
+		w.writeRaw(key);
+		w.flush();
+		if (LOG.isLoggable(INFO)) LOG.info(pluginName + " sent key");
+	}
+
+	byte[] receivePublicKey(BdfReader r)
+			throws GeneralSecurityException, IOException {
+		byte[] b = r.readRaw(MAX_PUBLIC_KEY_LENGTH);
+		keyParser.parsePublicKey(b);
+		if (LOG.isLoggable(INFO)) LOG.info(pluginName + " received key");
+		return b;
+	}
+
+	SecretKey deriveMasterSecret(byte[] hash, byte[] key, boolean alice)
+			throws GeneralSecurityException {
+		// Check that the hash matches the key
+		byte[] keyHash =
+				crypto.hash(LABEL_PUBLIC_KEY, keyPair.getPublic().getEncoded());
+		if (!Arrays.equals(hash, keyHash)) {
+			if (LOG.isLoggable(INFO))
+				LOG.info(pluginName + " hash does not match key");
+			throw new GeneralSecurityException();
+		}
+		//  Derive the master secret
+		if (LOG.isLoggable(INFO))
+			LOG.info(pluginName + " deriving master secret");
+		return crypto.deriveMasterSecret(key, keyPair, alice);
+	}
+
+	void sendConfirmation(BdfWriter w, boolean confirmed) throws IOException {
+		w.writeBoolean(confirmed);
+		w.flush();
+		if (LOG.isLoggable(INFO))
+			LOG.info(pluginName + " sent confirmation: " + confirmed);
+	}
+
+	boolean receiveConfirmation(BdfReader r) throws IOException {
+		boolean confirmed = r.readBoolean();
+		if (LOG.isLoggable(INFO))
+			LOG.info(pluginName + " received confirmation: " + confirmed);
+		return confirmed;
+	}
+
+	protected void tryToClose(DuplexTransportConnection conn,
+			boolean exception) {
+		try {
+			LOG.info("Closing connection");
+			conn.getReader().dispose(exception, true);
+			conn.getWriter().dispose(exception);
+		} catch (IOException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+		}
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/invitation/ConnectorGroup.java

@@ -0,0 +1,278 @@
+package org.briarproject.bramble.invitation;
+
+import org.briarproject.bramble.api.contact.ContactExchangeListener;
+import org.briarproject.bramble.api.contact.ContactExchangeTask;
+import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.crypto.PseudoRandom;
+import org.briarproject.bramble.api.data.BdfReaderFactory;
+import org.briarproject.bramble.api.data.BdfWriterFactory;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.identity.Author;
+import org.briarproject.bramble.api.identity.IdentityManager;
+import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.invitation.InvitationListener;
+import org.briarproject.bramble.api.invitation.InvitationState;
+import org.briarproject.bramble.api.invitation.InvitationTask;
+import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
+import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
+import org.briarproject.bramble.api.plugin.PluginManager;
+import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.concurrent.CopyOnWriteArrayList;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantLock;
+import java.util.logging.Logger;
+
+import static java.util.concurrent.TimeUnit.MILLISECONDS;
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.api.invitation.InvitationConstants.CONFIRMATION_TIMEOUT;
+
+/**
+ * A task consisting of one or more parallel connection attempts.
+ */
+@MethodsNotNullByDefault
+@ParametersNotNullByDefault
+class ConnectorGroup extends Thread implements InvitationTask,
+		ContactExchangeListener {
+
+	private static final Logger LOG =
+			Logger.getLogger(ConnectorGroup.class.getName());
+
+	private final CryptoComponent crypto;
+	private final BdfReaderFactory bdfReaderFactory;
+	private final BdfWriterFactory bdfWriterFactory;
+	private final ContactExchangeTask contactExchangeTask;
+	private final IdentityManager identityManager;
+	private final PluginManager pluginManager;
+	private final int localInvitationCode, remoteInvitationCode;
+	private final Collection<InvitationListener> listeners;
+	private final AtomicBoolean connected;
+	private final CountDownLatch localConfirmationLatch;
+	private final Lock lock = new ReentrantLock();
+
+	// The following are locking: lock
+	private int localConfirmationCode = -1, remoteConfirmationCode = -1;
+	private boolean connectionFailed = false;
+	private boolean localCompared = false, remoteCompared = false;
+	private boolean localMatched = false, remoteMatched = false;
+	private String remoteName = null;
+
+	ConnectorGroup(CryptoComponent crypto, BdfReaderFactory bdfReaderFactory,
+			BdfWriterFactory bdfWriterFactory,
+			ContactExchangeTask contactExchangeTask,
+			IdentityManager identityManager, PluginManager pluginManager,
+			int localInvitationCode, int remoteInvitationCode) {
+		super("ConnectorGroup");
+		this.crypto = crypto;
+		this.bdfReaderFactory = bdfReaderFactory;
+		this.bdfWriterFactory = bdfWriterFactory;
+		this.contactExchangeTask = contactExchangeTask;
+		this.identityManager = identityManager;
+		this.pluginManager = pluginManager;
+		this.localInvitationCode = localInvitationCode;
+		this.remoteInvitationCode = remoteInvitationCode;
+		listeners = new CopyOnWriteArrayList<InvitationListener>();
+		connected = new AtomicBoolean(false);
+		localConfirmationLatch = new CountDownLatch(1);
+	}
+
+	@Override
+	public InvitationState addListener(InvitationListener l) {
+		lock.lock();
+		try {
+			listeners.add(l);
+			return new InvitationState(localInvitationCode,
+					remoteInvitationCode, localConfirmationCode,
+					remoteConfirmationCode, connected.get(), connectionFailed,
+					localCompared, remoteCompared, localMatched, remoteMatched,
+					remoteName);
+		} finally {
+			lock.unlock();
+		}
+	}
+
+	@Override
+	public void removeListener(InvitationListener l) {
+		listeners.remove(l);
+	}
+
+	@Override
+	public void connect() {
+		start();
+	}
+
+	@Override
+	public void run() {
+		LocalAuthor localAuthor;
+		// Load the local pseudonym
+		try {
+			localAuthor = identityManager.getLocalAuthor();
+		} catch (DbException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			lock.lock();
+			try {
+				connectionFailed = true;
+			} finally {
+				lock.unlock();
+			}
+			for (InvitationListener l : listeners) l.connectionFailed();
+			return;
+		}
+		// Start the connection threads
+		Collection<Connector> connectors = new ArrayList<Connector>();
+		// Alice is the party with the smaller invitation code
+		if (localInvitationCode < remoteInvitationCode) {
+			for (DuplexPlugin plugin : pluginManager.getInvitationPlugins()) {
+				Connector c = createAliceConnector(plugin, localAuthor);
+				connectors.add(c);
+				c.start();
+			}
+		} else {
+			for (DuplexPlugin plugin : pluginManager.getInvitationPlugins()) {
+				Connector c = createBobConnector(plugin, localAuthor);
+				connectors.add(c);
+				c.start();
+			}
+		}
+		// Wait for the connection threads to finish
+		try {
+			for (Connector c : connectors) c.join();
+		} catch (InterruptedException e) {
+			LOG.warning("Interrupted while waiting for connectors");
+			Thread.currentThread().interrupt();
+		}
+		// If none of the threads connected, inform the listeners
+		if (!connected.get()) {
+			lock.lock();
+			try {
+				connectionFailed = true;
+			} finally {
+				lock.unlock();
+			}
+			for (InvitationListener l : listeners) l.connectionFailed();
+		}
+	}
+
+	private Connector createAliceConnector(DuplexPlugin plugin,
+			LocalAuthor localAuthor) {
+		PseudoRandom random = crypto.getPseudoRandom(localInvitationCode,
+				remoteInvitationCode);
+		return new AliceConnector(crypto, bdfReaderFactory, bdfWriterFactory,
+				contactExchangeTask, this, plugin, localAuthor, random);
+	}
+
+	private Connector createBobConnector(DuplexPlugin plugin,
+			LocalAuthor localAuthor) {
+		PseudoRandom random = crypto.getPseudoRandom(remoteInvitationCode,
+				localInvitationCode);
+		return new BobConnector(crypto, bdfReaderFactory, bdfWriterFactory,
+				contactExchangeTask, this, plugin, localAuthor, random);
+	}
+
+	@Override
+	public void localConfirmationSucceeded() {
+		lock.lock();
+		try {
+			localCompared = true;
+			localMatched = true;
+		} finally {
+			lock.unlock();
+		}
+		localConfirmationLatch.countDown();
+	}
+
+	@Override
+	public void localConfirmationFailed() {
+		lock.lock();
+		try {
+			localCompared = true;
+			localMatched = false;
+		} finally {
+			lock.unlock();
+		}
+		localConfirmationLatch.countDown();
+	}
+
+	boolean getAndSetConnected() {
+		boolean redundant = connected.getAndSet(true);
+		if (!redundant)
+			for (InvitationListener l : listeners) l.connectionSucceeded();
+		return redundant;
+	}
+
+	void keyAgreementSucceeded(int localCode, int remoteCode) {
+		lock.lock();
+		try {
+			localConfirmationCode = localCode;
+			remoteConfirmationCode = remoteCode;
+		} finally {
+			lock.unlock();
+		}
+		for (InvitationListener l : listeners)
+			l.keyAgreementSucceeded(localCode, remoteCode);
+	}
+
+	void keyAgreementFailed() {
+		for (InvitationListener l : listeners) l.keyAgreementFailed();
+	}
+
+	boolean waitForLocalConfirmationResult() throws InterruptedException {
+		localConfirmationLatch.await(CONFIRMATION_TIMEOUT, MILLISECONDS);
+		lock.lock();
+		try {
+			return localMatched;
+		} finally {
+			lock.unlock();
+		}
+	}
+
+	void remoteConfirmationSucceeded() {
+		lock.lock();
+		try {
+			remoteCompared = true;
+			remoteMatched = true;
+		} finally {
+			lock.unlock();
+		}
+		for (InvitationListener l : listeners) l.remoteConfirmationSucceeded();
+	}
+
+	void remoteConfirmationFailed() {
+		lock.lock();
+		try {
+			remoteCompared = true;
+			remoteMatched = false;
+		} finally {
+			lock.unlock();
+		}
+		for (InvitationListener l : listeners) l.remoteConfirmationFailed();
+	}
+
+	@Override
+	public void contactExchangeSucceeded(Author remoteAuthor) {
+		String name = remoteAuthor.getName();
+		lock.lock();
+		try {
+			remoteName = name;
+		} finally {
+			lock.unlock();
+		}
+		for (InvitationListener l : listeners)
+			l.pseudonymExchangeSucceeded(name);
+	}
+
+	@Override
+	public void duplicateContact(Author remoteAuthor) {
+		// TODO differentiate
+		for (InvitationListener l : listeners) l.pseudonymExchangeFailed();
+	}
+
+	@Override
+	public void contactExchangeFailed() {
+		for (InvitationListener l : listeners) l.pseudonymExchangeFailed();
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/invitation/InvitationModule.java

@@ -0,0 +1,16 @@
+package org.briarproject.bramble.invitation;
+
+import org.briarproject.bramble.api.invitation.InvitationTaskFactory;
+
+import dagger.Module;
+import dagger.Provides;
+
+@Module
+public class InvitationModule {
+
+	@Provides
+	InvitationTaskFactory provideInvitationTaskFactory(
+			InvitationTaskFactoryImpl invitationTaskFactory) {
+		return invitationTaskFactory;
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/invitation/InvitationTaskFactoryImpl.java

@@ -0,0 +1,47 @@
+package org.briarproject.bramble.invitation;
+
+import org.briarproject.bramble.api.contact.ContactExchangeTask;
+import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.data.BdfReaderFactory;
+import org.briarproject.bramble.api.data.BdfWriterFactory;
+import org.briarproject.bramble.api.identity.IdentityManager;
+import org.briarproject.bramble.api.invitation.InvitationTask;
+import org.briarproject.bramble.api.invitation.InvitationTaskFactory;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.PluginManager;
+
+import javax.annotation.concurrent.Immutable;
+import javax.inject.Inject;
+
+@Immutable
+@NotNullByDefault
+class InvitationTaskFactoryImpl implements InvitationTaskFactory {
+
+	private final CryptoComponent crypto;
+	private final BdfReaderFactory bdfReaderFactory;
+	private final BdfWriterFactory bdfWriterFactory;
+	private final ContactExchangeTask contactExchangeTask;
+	private final IdentityManager identityManager;
+	private final PluginManager pluginManager;
+
+	@Inject
+	InvitationTaskFactoryImpl(CryptoComponent crypto,
+			BdfReaderFactory bdfReaderFactory,
+			BdfWriterFactory bdfWriterFactory,
+			ContactExchangeTask contactExchangeTask,
+			IdentityManager identityManager, PluginManager pluginManager) {
+		this.crypto = crypto;
+		this.bdfReaderFactory = bdfReaderFactory;
+		this.bdfWriterFactory = bdfWriterFactory;
+		this.contactExchangeTask = contactExchangeTask;
+		this.identityManager = identityManager;
+		this.pluginManager = pluginManager;
+	}
+
+	@Override
+	public InvitationTask createTask(int localCode, int remoteCode) {
+		return new ConnectorGroup(crypto, bdfReaderFactory, bdfWriterFactory,
+				contactExchangeTask, identityManager, pluginManager,
+				localCode, remoteCode);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/keyagreement/KeyAgreementConnector.java

@@ -50,9 +50,10 @@ class KeyAgreementConnector {
 	private final PluginManager pluginManager;
 	private final CompletionService<KeyAgreementConnection> connect;
 
-	private final List<KeyAgreementListener> listeners = new ArrayList<>();
+	private final List<KeyAgreementListener> listeners =
+			new ArrayList<KeyAgreementListener>();
 	private final List<Future<KeyAgreementConnection>> pending =
-			new ArrayList<>();
+			new ArrayList<Future<KeyAgreementConnection>>();
 
 	private volatile boolean connecting = false;
 	private volatile boolean alice = false;
@@ -64,7 +65,8 @@ class KeyAgreementConnector {
 		this.clock = clock;
 		this.crypto = crypto;
 		this.pluginManager = pluginManager;
-		connect = new ExecutorCompletionService<>(ioExecutor);
+		connect = new ExecutorCompletionService<KeyAgreementConnection>(
+				ioExecutor);
 	}
 
 	public Payload listen(KeyPair localKeyPair) {
@@ -73,7 +75,8 @@ class KeyAgreementConnector {
 		byte[] commitment = crypto.deriveKeyCommitment(
 				localKeyPair.getPublic().getEncoded());
 		// Start all listeners and collect their descriptors
-		List<TransportDescriptor> descriptors = new ArrayList<>();
+		List<TransportDescriptor> descriptors =
+				new ArrayList<TransportDescriptor>();
 		for (DuplexPlugin plugin : pluginManager.getKeyAgreementPlugins()) {
 			KeyAgreementListener l =
 					plugin.createKeyAgreementListener(commitment);
@@ -129,7 +132,10 @@ class KeyAgreementConnector {
 			LOG.info("Interrupted while waiting for connection");
 			Thread.currentThread().interrupt();
 			return null;
-		} catch (ExecutionException | IOException e) {
+		} catch (ExecutionException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+			return null;
+		} catch (IOException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 			return null;
 		} finally {

bramble-core/src/main/java/org/briarproject/bramble/keyagreement/PayloadParserImpl.java

@@ -51,7 +51,8 @@ class PayloadParserImpl implements PayloadParser {
 		byte[] commitment = payload.getRaw(1);
 		if (commitment.length != COMMIT_LENGTH) throw new FormatException();
 		// Remaining elements: transport descriptors
-		List<TransportDescriptor> recognised = new ArrayList<>();
+		List<TransportDescriptor> recognised =
+				new ArrayList<TransportDescriptor>();
 		for (int i = 2; i < payload.size(); i++) {
 			BdfList descriptor = payload.getList(i);
 			long transportId = descriptor.getLong(0);

bramble-core/src/main/java/org/briarproject/bramble/lifecycle/LifecycleManagerImpl.java

@@ -63,9 +63,9 @@ class LifecycleManagerImpl implements LifecycleManager {
 		this.crypto = crypto;
 		this.authorFactory = authorFactory;
 		this.identityManager = identityManager;
-		services = new CopyOnWriteArrayList<>();
+		services = new CopyOnWriteArrayList<Service>();
-		clients = new CopyOnWriteArrayList<>();
+		clients = new CopyOnWriteArrayList<Client>();
-		executors = new CopyOnWriteArrayList<>();
+		executors = new CopyOnWriteArrayList<ExecutorService>();
 	}
 
 	@Override
@@ -88,7 +88,7 @@ class LifecycleManagerImpl implements LifecycleManager {
 		executors.add(e);
 	}
 
-	private LocalAuthor createLocalAuthor(String nickname) {
+	private LocalAuthor createLocalAuthor(final String nickname) {
 		long now = System.currentTimeMillis();
 		KeyPair keyPair = crypto.generateSignatureKeyPair();
 		byte[] publicKey = keyPair.getPublic().getEncoded();
@@ -203,7 +203,9 @@ class LifecycleManagerImpl implements LifecycleManager {
 			if (LOG.isLoggable(INFO))
 				LOG.info("Closing database took " + duration + " ms");
 			shutdownLatch.countDown();
-		} catch (DbException | ServiceException e) {
+		} catch (DbException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+		} catch (ServiceException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 		} finally {
 			startStopSemaphore.release();

bramble-core/src/main/java/org/briarproject/bramble/lifecycle/LifecycleModule.java

@@ -37,7 +37,7 @@ public class LifecycleModule {
 
 	public LifecycleModule() {
 		// The thread pool is unbounded, so use direct handoff
-		BlockingQueue<Runnable> queue = new SynchronousQueue<>();
+		BlockingQueue<Runnable> queue = new SynchronousQueue<Runnable>();
 		// Discard tasks that are submitted during shutdown
 		RejectedExecutionHandler policy =
 				new ThreadPoolExecutor.DiscardPolicy();

bramble-core/src/main/java/org/briarproject/bramble/lifecycle/ShutdownManagerImpl.java

@@ -21,7 +21,7 @@ class ShutdownManagerImpl implements ShutdownManager {
 	private int nextHandle = 0;
 
 	ShutdownManagerImpl() {
-		hooks = new HashMap<>();
+		hooks = new HashMap<Integer, Thread>();
 	}
 
 	@Override

bramble-core/src/main/java/org/briarproject/bramble/plugin/ConnectionManagerImpl.java

@@ -134,7 +134,11 @@ class ConnectionManagerImpl implements ConnectionManager {
 			try {
 				byte[] tag = readTag(reader);
 				ctx = keyManager.getStreamContext(transportId, tag);
-			} catch (IOException | DbException e) {
+			} catch (IOException e) {
+				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+				disposeReader(true, false);
+				return;
+			} catch (DbException e) {
 				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 				disposeReader(true, false);
 				return;
@@ -245,7 +249,11 @@ class ConnectionManagerImpl implements ConnectionManager {
 			try {
 				byte[] tag = readTag(reader);
 				ctx = keyManager.getStreamContext(transportId, tag);
-			} catch (IOException | DbException e) {
+			} catch (IOException e) {
+				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+				disposeReader(true, false);
+				return;
+			} catch (DbException e) {
 				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 				disposeReader(true, false);
 				return;
@@ -258,7 +266,12 @@ class ConnectionManagerImpl implements ConnectionManager {
 			contactId = ctx.getContactId();
 			connectionRegistry.registerConnection(contactId, transportId, true);
 			// Start the outgoing session on another thread
-			ioExecutor.execute(this::runOutgoingSession);
+			ioExecutor.execute(new Runnable() {
+				@Override
+				public void run() {
+					runOutgoingSession();
+				}
+			});
 			try {
 				// Create and run the incoming session
 				incomingSession = createIncomingSession(ctx, reader);
@@ -355,7 +368,12 @@ class ConnectionManagerImpl implements ConnectionManager {
 				return;
 			}
 			// Start the incoming session on another thread
-			ioExecutor.execute(this::runIncomingSession);
+			ioExecutor.execute(new Runnable() {
+				@Override
+				public void run() {
+					runIncomingSession();
+				}
+			});
 			try {
 				// Create and run the outgoing session
 				outgoingSession = createDuplexOutgoingSession(ctx, writer);
@@ -373,7 +391,11 @@ class ConnectionManagerImpl implements ConnectionManager {
 			try {
 				byte[] tag = readTag(reader);
 				ctx = keyManager.getStreamContext(transportId, tag);
-			} catch (IOException | DbException e) {
+			} catch (IOException e) {
+				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+				disposeReader(true, false);
+				return;
+			} catch (DbException e) {
 				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 				disposeReader(true, false);
 				return;

bramble-core/src/main/java/org/briarproject/bramble/plugin/ConnectionRegistryImpl.java

@@ -42,8 +42,8 @@ class ConnectionRegistryImpl implements ConnectionRegistry {
 	@Inject
 	ConnectionRegistryImpl(EventBus eventBus) {
 		this.eventBus = eventBus;
-		connections = new HashMap<>();
+		connections = new HashMap<TransportId, Map<ContactId, Integer>>();
-		contactCounts = new HashMap<>();
+		contactCounts = new HashMap<ContactId, Integer>();
 	}
 
 	@Override
@@ -58,7 +58,7 @@ class ConnectionRegistryImpl implements ConnectionRegistry {
 		try {
 			Map<ContactId, Integer> m = connections.get(t);
 			if (m == null) {
-				m = new HashMap<>();
+				m = new HashMap<ContactId, Integer>();
 				connections.put(t, m);
 			}
 			Integer count = m.get(c);
@@ -124,7 +124,7 @@ class ConnectionRegistryImpl implements ConnectionRegistry {
 		try {
 			Map<ContactId, Integer> m = connections.get(t);
 			if (m == null) return Collections.emptyList();
-			List<ContactId> ids = new ArrayList<>(m.keySet());
+			List<ContactId> ids = new ArrayList<ContactId>(m.keySet());
 			if (LOG.isLoggable(INFO))
 				LOG.info(ids.size() + " contacts connected");
 			return ids;

bramble-core/src/main/java/org/briarproject/bramble/plugin/PluginManagerImpl.java

@@ -82,10 +82,10 @@ class PluginManagerImpl implements PluginManager, Service {
 		this.settingsManager = settingsManager;
 		this.transportPropertyManager = transportPropertyManager;
 		this.uiCallback = uiCallback;
-		plugins = new ConcurrentHashMap<>();
+		plugins = new ConcurrentHashMap<TransportId, Plugin>();
-		simplexPlugins = new CopyOnWriteArrayList<>();
+		simplexPlugins = new CopyOnWriteArrayList<SimplexPlugin>();
-		duplexPlugins = new CopyOnWriteArrayList<>();
+		duplexPlugins = new CopyOnWriteArrayList<DuplexPlugin>();
-		startLatches = new ConcurrentHashMap<>();
+		startLatches = new ConcurrentHashMap<TransportId, CountDownLatch>();
 	}
 
 	@Override
@@ -156,17 +156,25 @@ class PluginManagerImpl implements PluginManager, Service {
 
 	@Override
 	public Collection<SimplexPlugin> getSimplexPlugins() {
-		return new ArrayList<>(simplexPlugins);
+		return new ArrayList<SimplexPlugin>(simplexPlugins);
 	}
 
 	@Override
 	public Collection<DuplexPlugin> getDuplexPlugins() {
-		return new ArrayList<>(duplexPlugins);
+		return new ArrayList<DuplexPlugin>(duplexPlugins);
+	}
+
+	@Override
+	public Collection<DuplexPlugin> getInvitationPlugins() {
+		List<DuplexPlugin> supported = new ArrayList<DuplexPlugin>();
+		for (DuplexPlugin d : duplexPlugins)
+			if (d.supportsInvitations()) supported.add(d);
+		return supported;
 	}
 
 	@Override
 	public Collection<DuplexPlugin> getKeyAgreementPlugins() {
-		List<DuplexPlugin> supported = new ArrayList<>();
+		List<DuplexPlugin> supported = new ArrayList<DuplexPlugin>();
 		for (DuplexPlugin d : duplexPlugins)
 			if (d.supportsKeyAgreement()) supported.add(d);
 		return supported;
@@ -283,16 +291,6 @@ class PluginManagerImpl implements PluginManager, Service {
 			}
 		}
 
-		@Override
-		public TransportProperties getRemoteProperties(ContactId c) {
-			try {
-				return transportPropertyManager.getRemoteProperties(c, id);
-			} catch (DbException e) {
-				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
-				return new TransportProperties();
-			}
-		}
-
 		@Override
 		public void mergeSettings(Settings s) {
 			try {

bramble-core/src/main/java/org/briarproject/bramble/plugin/Poller.java

@@ -66,7 +66,7 @@ class Poller implements EventListener {
 		this.random = random;
 		this.clock = clock;
 		lock = new ReentrantLock();
-		tasks = new HashMap<>();
+		tasks = new HashMap<TransportId, PollTask>();
 	}
 
 	@Override
@@ -111,24 +111,30 @@ class Poller implements EventListener {
 			connectToContact(c, (DuplexPlugin) p);
 	}
 
-	private void connectToContact(ContactId c, SimplexPlugin p) {
+	private void connectToContact(final ContactId c, final SimplexPlugin p) {
-		ioExecutor.execute(() -> {
+		ioExecutor.execute(new Runnable() {
-			TransportId t = p.getId();
+			@Override
-			if (!connectionRegistry.isConnected(c, t)) {
+			public void run() {
-				TransportConnectionWriter w = p.createWriter(c);
+				TransportId t = p.getId();
-				if (w != null)
+				if (!connectionRegistry.isConnected(c, t)) {
-					connectionManager.manageOutgoingConnection(c, t, w);
+					TransportConnectionWriter w = p.createWriter(c);
+					if (w != null)
+						connectionManager.manageOutgoingConnection(c, t, w);
+				}
 			}
 		});
 	}
 
-	private void connectToContact(ContactId c, DuplexPlugin p) {
+	private void connectToContact(final ContactId c, final DuplexPlugin p) {
-		ioExecutor.execute(() -> {
+		ioExecutor.execute(new Runnable() {
-			TransportId t = p.getId();
+			@Override
-			if (!connectionRegistry.isConnected(c, t)) {
+			public void run() {
-				DuplexTransportConnection d = p.createConnection(c);
+				TransportId t = p.getId();
-				if (d != null)
+				if (!connectionRegistry.isConnected(c, t)) {
-					connectionManager.manageOutgoingConnection(c, t, d);
+					DuplexTransportConnection d = p.createConnection(c);
+					if (d != null)
+						connectionManager.manageOutgoingConnection(c, t, d);
+				}
 			}
 		});
 	}
@@ -153,10 +159,14 @@ class Poller implements EventListener {
 		try {
 			PollTask scheduled = tasks.get(t);
 			if (scheduled == null || due < scheduled.due) {
-				PollTask task = new PollTask(p, due, randomiseNext);
+				final PollTask task = new PollTask(p, due, randomiseNext);
 				tasks.put(t, task);
-				scheduler.schedule(
+				scheduler.schedule(new Runnable() {
-						() -> ioExecutor.execute(task), delay, MILLISECONDS);
+					@Override
+					public void run() {
+						ioExecutor.execute(task);
+					}
+				}, delay, MILLISECONDS);
 			}
 		} finally {
 			lock.unlock();
@@ -164,7 +174,7 @@ class Poller implements EventListener {
 	}
 
 	@IoExecutor
-	private void poll(Plugin p) {
+	private void poll(final Plugin p) {
 		TransportId t = p.getId();
 		if (LOG.isLoggable(INFO)) LOG.info("Polling plugin " + t);
 		p.poll(connectionRegistry.getConnectedContacts(t));

bramble-core/src/main/java/org/briarproject/bramble/plugin/file/FilePlugin.java

@@ -108,7 +108,7 @@ abstract class FilePlugin implements SimplexPlugin {
 		}
 	}
 
-	protected void createReaderFromFile(File f) {
+	protected void createReaderFromFile(final File f) {
 		if (!running) return;
 		ioExecutor.execute(new ReaderCreator(f));
 	}

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/LanTcpPlugin.java

@@ -1,6 +1,7 @@
 package org.briarproject.bramble.plugin.tcp;
 
 import org.briarproject.bramble.api.FormatException;
+import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementConnection;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementListener;
@@ -34,7 +35,6 @@ import static java.util.logging.Level.WARNING;
 import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.TRANSPORT_ID_LAN;
 import static org.briarproject.bramble.api.plugin.LanTcpConstants.ID;
 import static org.briarproject.bramble.api.plugin.LanTcpConstants.PREF_LAN_IP_PORTS;
-import static org.briarproject.bramble.api.plugin.LanTcpConstants.PROP_IP_PORTS;
 import static org.briarproject.bramble.util.ByteUtils.MAX_16_BIT_UNSIGNED;
 import static org.briarproject.bramble.util.PrivacyUtils.scrubSocketAddress;
 
@@ -45,6 +45,7 @@ class LanTcpPlugin extends TcpPlugin {
 			Logger.getLogger(LanTcpPlugin.class.getName());
 
 	private static final int MAX_ADDRESSES = 4;
+	private static final String PROP_IP_PORTS = "ipPorts";
 	private static final String SEPARATOR = ",";
 
 	LanTcpPlugin(Executor ioExecutor, Backoff backoff,
@@ -63,7 +64,7 @@ class LanTcpPlugin extends TcpPlugin {
 		TransportProperties p = callback.getLocalProperties();
 		String oldIpPorts = p.get(PROP_IP_PORTS);
 		List<InetSocketAddress> olds = parseSocketAddresses(oldIpPorts);
-		List<InetSocketAddress> locals = new LinkedList<>();
+		List<InetSocketAddress> locals = new LinkedList<InetSocketAddress>();
 		for (InetAddress local : getLocalIpAddresses()) {
 			if (isAcceptableAddress(local)) {
 				// If this is the old address, try to use the same port
@@ -82,7 +83,7 @@ class LanTcpPlugin extends TcpPlugin {
 	private List<InetSocketAddress> parseSocketAddresses(String ipPorts) {
 		if (StringUtils.isNullOrEmpty(ipPorts)) return Collections.emptyList();
 		String[] split = ipPorts.split(SEPARATOR);
-		List<InetSocketAddress> addresses = new ArrayList<>();
+		List<InetSocketAddress> addresses = new ArrayList<InetSocketAddress>();
 		for (String ipPort : split) {
 			InetSocketAddress a = parseSocketAddress(ipPort);
 			if (a != null) addresses.add(a);
@@ -95,7 +96,7 @@ class LanTcpPlugin extends TcpPlugin {
 		String ipPort = getIpPortString(a);
 		// Get the list of recently used addresses
 		String setting = callback.getSettings().get(PREF_LAN_IP_PORTS);
-		List<String> recent = new ArrayList<>();
+		List<String> recent = new ArrayList<String>();
 		if (!StringUtils.isNullOrEmpty(setting))
 			Collections.addAll(recent, setting.split(SEPARATOR));
 		// Is the address already in the list?
@@ -111,7 +112,7 @@ class LanTcpPlugin extends TcpPlugin {
 				recent = recent.subList(0, MAX_ADDRESSES);
 			setting = StringUtils.join(recent, SEPARATOR);
 			// Update the list of addresses shared with contacts
-			List<String> shared = new ArrayList<>(recent);
+			List<String> shared = new ArrayList<String>(recent);
 			Collections.sort(shared);
 			String property = StringUtils.join(shared, SEPARATOR);
 			TransportProperties properties = new TransportProperties();
@@ -125,8 +126,9 @@ class LanTcpPlugin extends TcpPlugin {
 	}
 
 	@Override
-	protected List<InetSocketAddress> getRemoteSocketAddresses(
+	protected List<InetSocketAddress> getRemoteSocketAddresses(ContactId c) {
-			TransportProperties p) {
+		TransportProperties p = callback.getRemoteProperties().get(c);
+		if (p == null) return Collections.emptyList();
 		return parseSocketAddresses(p.get(PROP_IP_PORTS));
 	}
 
@@ -260,12 +262,16 @@ class LanTcpPlugin extends TcpPlugin {
 
 		@Override
 		public Callable<KeyAgreementConnection> listen() {
-			return () -> {
+			return new Callable<KeyAgreementConnection>() {
-				Socket s = ss.accept();
+				@Override
-				if (LOG.isLoggable(INFO))
+				public KeyAgreementConnection call() throws IOException {
-					LOG.info(ID.getString() + ": Incoming connection");
+					Socket s = ss.accept();
-				return new KeyAgreementConnection(
+					if (LOG.isLoggable(INFO))
-						new TcpTransportConnection(LanTcpPlugin.this, s), ID);
+						LOG.info(ID.getString() + ": Incoming connection");
+					return new KeyAgreementConnection(
+							new TcpTransportConnection(LanTcpPlugin.this, s),
+							ID);
+				}
 			};
 		}
 

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/PortMapperImpl.java

@@ -37,7 +37,7 @@ class PortMapperImpl implements PortMapper {
 	}
 
 	@Override
-	public MappingResult map(int port) {
+	public MappingResult map(final int port) {
 		if (!started.getAndSet(true)) start();
 		if (gateway == null) return null;
 		InetAddress internal = gateway.getLocalAddress();
@@ -50,7 +50,12 @@ class PortMapperImpl implements PortMapper {
 			succeeded = gateway.addPortMapping(port, port,
 					getHostAddress(internal), "TCP", "TCP");
 			if (succeeded) {
-				shutdownManager.addShutdownHook(() -> deleteMapping(port));
+				shutdownManager.addShutdownHook(new Runnable() {
+					@Override
+					public void run() {
+						deleteMapping(port);
+					}
+				});
 			}
 			String externalString = gateway.getExternalIPAddress();
 			if (LOG.isLoggable(INFO))
@@ -58,7 +63,9 @@ class PortMapperImpl implements PortMapper {
 						"External address " + scrubInetAddress(externalString));
 			if (externalString != null)
 				external = InetAddress.getByName(externalString);
-		} catch (IOException | SAXException e) {
+		} catch (IOException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+		} catch (SAXException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 		}
 		return new MappingResult(internal, external, port, succeeded);
@@ -75,7 +82,11 @@ class PortMapperImpl implements PortMapper {
 		GatewayDiscover d = new GatewayDiscover();
 		try {
 			d.discover();
-		} catch (IOException | SAXException | ParserConfigurationException e) {
+		} catch (IOException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+		} catch (SAXException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+		} catch (ParserConfigurationException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 		}
 		gateway = d.getValidGateway();
@@ -86,7 +97,9 @@ class PortMapperImpl implements PortMapper {
 			gateway.deletePortMapping(port, "TCP");
 			if (LOG.isLoggable(INFO))
 				LOG.info("Deleted mapping for port " + port);
-		} catch (IOException | SAXException e) {
+		} catch (IOException e) {
+			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
+		} catch (SAXException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 		}
 	}

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/TcpPlugin.java

@@ -1,6 +1,7 @@
 package org.briarproject.bramble.plugin.tcp;
 
 import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.crypto.PseudoRandom;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementListener;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
@@ -9,7 +10,6 @@ import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.util.StringUtils;
 
 import java.io.IOException;
@@ -25,8 +25,6 @@ import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
-import java.util.Map;
-import java.util.Map.Entry;
 import java.util.concurrent.Executor;
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.logging.Logger;
@@ -69,11 +67,11 @@ abstract class TcpPlugin implements DuplexPlugin {
 	protected abstract void setLocalSocketAddress(InetSocketAddress a);
 
 	/**
-	 * Returns zero or more socket addresses for connecting to a contact with
+	 * Returns zero or more socket addresses for connecting to the given
-	 * the given transport properties.
+	 * contact.
 	 */
 	protected abstract List<InetSocketAddress> getRemoteSocketAddresses(
-			TransportProperties p);
+			ContactId c);
 
 	/**
 	 * Returns true if connections to the given address can be attempted.
@@ -110,37 +108,41 @@ abstract class TcpPlugin implements DuplexPlugin {
 	}
 
 	protected void bind() {
-		ioExecutor.execute(() -> {
+		ioExecutor.execute(new Runnable() {
-			if (!running) return;
+			@Override
-			ServerSocket ss = null;
+			public void run() {
-			for (InetSocketAddress addr : getLocalSocketAddresses()) {
+				if (!running) return;
-				try {
+				ServerSocket ss = null;
-					ss = new ServerSocket();
+				for (InetSocketAddress addr : getLocalSocketAddresses()) {
-					ss.bind(addr);
+					try {
-					break;
+						ss = new ServerSocket();
-				} catch (IOException e) {
+						ss.bind(addr);
-					if (LOG.isLoggable(INFO))
+						break;
-						LOG.info("Failed to bind " + scrubSocketAddress(addr));
+					} catch (IOException e) {
-					tryToClose(ss);
+						if (LOG.isLoggable(INFO))
+							LOG.info("Failed to bind " +
+									scrubSocketAddress(addr));
+						tryToClose(ss);
+					}
 				}
+				if (ss == null || !ss.isBound()) {
+					LOG.info("Could not bind server socket");
+					return;
+				}
+				if (!running) {
+					tryToClose(ss);
+					return;
+				}
+				socket = ss;
+				backoff.reset();
+				InetSocketAddress local =
+						(InetSocketAddress) ss.getLocalSocketAddress();
+				setLocalSocketAddress(local);
+				if (LOG.isLoggable(INFO))
+					LOG.info("Listening on " + scrubSocketAddress(local));
+				callback.transportEnabled();
+				acceptContactConnections();
 			}
-			if (ss == null || !ss.isBound()) {
-				LOG.info("Could not bind server socket");
-				return;
-			}
-			if (!running) {
-				tryToClose(ss);
-				return;
-			}
-			socket = ss;
-			backoff.reset();
-			InetSocketAddress local =
-					(InetSocketAddress) ss.getLocalSocketAddress();
-			setLocalSocketAddress(local);
-			if (LOG.isLoggable(INFO))
-				LOG.info("Listening on " + scrubSocketAddress(local));
-			callback.transportEnabled();
-			acceptContactConnections();
 		});
 	}
 
@@ -206,21 +208,20 @@ abstract class TcpPlugin implements DuplexPlugin {
 	public void poll(Collection<ContactId> connected) {
 		if (!isRunning()) return;
 		backoff.increment();
-		Map<ContactId, TransportProperties> remote =
+		// TODO: Pass properties to connectAndCallBack()
-				callback.getRemoteProperties();
+		for (ContactId c : callback.getRemoteProperties().keySet())
-		for (Entry<ContactId, TransportProperties> e : remote.entrySet()) {
+			if (!connected.contains(c)) connectAndCallBack(c);
-			ContactId c = e.getKey();
-			if (!connected.contains(c)) connectAndCallBack(c, e.getValue());
-		}
 	}
 
-	private void connectAndCallBack(ContactId c, TransportProperties p) {
+	private void connectAndCallBack(final ContactId c) {
-		ioExecutor.execute(() -> {
+		ioExecutor.execute(new Runnable() {
-			if (!isRunning()) return;
+			@Override
-			DuplexTransportConnection d = createConnection(p);
+			public void run() {
-			if (d != null) {
+				DuplexTransportConnection d = createConnection(c);
-				backoff.reset();
+				if (d != null) {
-				callback.outgoingConnectionCreated(c, d);
+					backoff.reset();
+					callback.outgoingConnectionCreated(c, d);
+				}
 			}
 		});
 	}
@@ -228,12 +229,7 @@ abstract class TcpPlugin implements DuplexPlugin {
 	@Override
 	public DuplexTransportConnection createConnection(ContactId c) {
 		if (!isRunning()) return null;
-		return createConnection(callback.getRemoteProperties(c));
+		for (InetSocketAddress remote : getRemoteSocketAddresses(c)) {
-	}
-
-	@Nullable
-	private DuplexTransportConnection createConnection(TransportProperties p) {
-		for (InetSocketAddress remote : getRemoteSocketAddresses(p)) {
 			if (!isConnectable(remote)) {
 				if (LOG.isLoggable(INFO)) {
 					SocketAddress local = socket.getLocalSocketAddress();
@@ -285,6 +281,17 @@ abstract class TcpPlugin implements DuplexPlugin {
 		}
 	}
 
+	@Override
+	public boolean supportsInvitations() {
+		return false;
+	}
+
+	@Override
+	public DuplexTransportConnection createInvitationConnection(PseudoRandom r,
+			long timeout, boolean alice) {
+		throw new UnsupportedOperationException();
+	}
+
 	@Override
 	public boolean supportsKeyAgreement() {
 		return false;
@@ -309,7 +316,7 @@ abstract class TcpPlugin implements DuplexPlugin {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 			return Collections.emptyList();
 		}
-		List<InetAddress> addrs = new ArrayList<>();
+		List<InetAddress> addrs = new ArrayList<InetAddress>();
 		for (NetworkInterface iface : ifaces)
 			addrs.addAll(Collections.list(iface.getInetAddresses()));
 		return addrs;

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/TcpTransportConnection.java

@@ -3,7 +3,6 @@ package org.briarproject.bramble.plugin.tcp;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.duplex.AbstractDuplexTransportConnection;
-import org.briarproject.bramble.util.IoUtils;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -25,12 +24,12 @@ class TcpTransportConnection extends AbstractDuplexTransportConnection {
 
 	@Override
 	protected InputStream getInputStream() throws IOException {
-		return IoUtils.getInputStream(socket);
+		return socket.getInputStream();
 	}
 
 	@Override
 	protected OutputStream getOutputStream() throws IOException {
-		return IoUtils.getOutputStream(socket);
+		return socket.getOutputStream();
 	}
 
 	@Override

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/WanTcpPlugin.java

@@ -1,5 +1,6 @@
 package org.briarproject.bramble.plugin.tcp;
 
+import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
@@ -43,7 +44,7 @@ class WanTcpPlugin extends TcpPlugin {
 		// Use the same address and port as last time if available
 		TransportProperties p = callback.getLocalProperties();
 		InetSocketAddress old = parseSocketAddress(p.get(PROP_IP_PORT));
-		List<InetSocketAddress> addrs = new LinkedList<>();
+		List<InetSocketAddress> addrs = new LinkedList<InetSocketAddress>();
 		for (InetAddress a : getLocalIpAddresses()) {
 			if (isAcceptableAddress(a)) {
 				// If this is the old address, try to use the same port
@@ -77,8 +78,9 @@ class WanTcpPlugin extends TcpPlugin {
 	}
 
 	@Override
-	protected List<InetSocketAddress> getRemoteSocketAddresses(
+	protected List<InetSocketAddress> getRemoteSocketAddresses(ContactId c) {
-			TransportProperties p) {
+		TransportProperties p = callback.getRemoteProperties().get(c);
+		if (p == null) return Collections.emptyList();
 		InetSocketAddress parsed = parseSocketAddress(p.get(PROP_IP_PORT));
 		if (parsed == null) return Collections.emptyList();
 		return Collections.singletonList(parsed);

bramble-core/src/main/java/org/briarproject/bramble/properties/PropertiesModule.java

@@ -40,12 +40,9 @@ public class PropertiesModule {
 	@Provides
 	@Singleton
 	TransportPropertyManager getTransportPropertyManager(
-			LifecycleManager lifecycleManager,
+			LifecycleManager lifecycleManager, ContactManager contactManager,
-			ValidationManager validationManager, ContactManager contactManager,
 			TransportPropertyManagerImpl transportPropertyManager) {
 		lifecycleManager.registerClient(transportPropertyManager);
-		validationManager.registerIncomingMessageHook(CLIENT_ID,
-				transportPropertyManager);
 		contactManager.registerAddContactHook(transportPropertyManager);
 		contactManager.registerRemoveContactHook(transportPropertyManager);
 		return transportPropertyManager;

bramble-core/src/main/java/org/briarproject/bramble/properties/TransportPropertyManagerImpl.java

@@ -9,10 +9,8 @@ import org.briarproject.bramble.api.contact.ContactManager.AddContactHook;
 import org.briarproject.bramble.api.contact.ContactManager.RemoveContactHook;
 import org.briarproject.bramble.api.data.BdfDictionary;
 import org.briarproject.bramble.api.data.BdfList;
-import org.briarproject.bramble.api.data.MetadataParser;
 import org.briarproject.bramble.api.db.DatabaseComponent;
 import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.db.Metadata;
 import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
@@ -21,10 +19,8 @@ import org.briarproject.bramble.api.properties.TransportPropertyManager;
 import org.briarproject.bramble.api.sync.Client;
 import org.briarproject.bramble.api.sync.Group;
 import org.briarproject.bramble.api.sync.GroupId;
-import org.briarproject.bramble.api.sync.InvalidMessageException;
 import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.MessageId;
-import org.briarproject.bramble.api.sync.ValidationManager.IncomingMessageHook;
 import org.briarproject.bramble.api.system.Clock;
 
 import java.util.HashMap;
@@ -40,22 +36,20 @@ import static org.briarproject.bramble.api.sync.Group.Visibility.SHARED;
 @Immutable
 @NotNullByDefault
 class TransportPropertyManagerImpl implements TransportPropertyManager,
-		Client, AddContactHook, RemoveContactHook, IncomingMessageHook {
+		Client, AddContactHook, RemoveContactHook {
 
 	private final DatabaseComponent db;
 	private final ClientHelper clientHelper;
-	private final MetadataParser metadataParser;
 	private final ContactGroupFactory contactGroupFactory;
 	private final Clock clock;
 	private final Group localGroup;
 
 	@Inject
 	TransportPropertyManagerImpl(DatabaseComponent db,
-			ClientHelper clientHelper, MetadataParser metadataParser,
+			ClientHelper clientHelper, ContactGroupFactory contactGroupFactory,
-			ContactGroupFactory contactGroupFactory, Clock clock) {
+			Clock clock) {
 		this.db = db;
 		this.clientHelper = clientHelper;
-		this.metadataParser = metadataParser;
 		this.contactGroupFactory = contactGroupFactory;
 		this.clock = clock;
 		localGroup = contactGroupFactory.createLocalGroup(CLIENT_ID);
@@ -90,31 +84,6 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 		db.removeGroup(txn, getContactGroup(c));
 	}
 
-	@Override
-	public boolean incomingMessage(Transaction txn, Message m, Metadata meta)
-			throws DbException, InvalidMessageException {
-		try {
-			// Find the latest update for this transport, if any
-			BdfDictionary d = metadataParser.parse(meta);
-			TransportId t = new TransportId(d.getString("transportId"));
-			LatestUpdate latest = findLatest(txn, m.getGroupId(), t, false);
-			if (latest != null) {
-				if (d.getLong("version") > latest.version) {
-					// This update is newer - delete the previous update
-					db.deleteMessage(txn, latest.messageId);
-					db.deleteMessageMetadata(txn, latest.messageId);
-				} else {
-					// We've already received a newer update - delete this one
-					db.deleteMessage(txn, m.getId());
-					db.deleteMessageMetadata(txn, m.getId());
-				}
-			}
-		} catch (FormatException e) {
-			throw new InvalidMessageException(e);
-		}
-		return false;
-	}
-
 	@Override
 	public void addRemoteProperties(Transaction txn, ContactId c,
 			Map<TransportId, TransportProperties> props) throws DbException {
@@ -129,8 +98,7 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 	public Map<TransportId, TransportProperties> getLocalProperties()
 			throws DbException {
 		Map<TransportId, TransportProperties> local;
-		// TODO: Transaction can be read-only when code is simplified
+		Transaction txn = db.startTransaction(true);
-		Transaction txn = db.startTransaction(false);
 		try {
 			local = getLocalProperties(txn);
 			db.commitTransaction(txn);
@@ -144,9 +112,11 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 	public Map<TransportId, TransportProperties> getLocalProperties(
 			Transaction txn) throws DbException {
 		try {
-			Map<TransportId, TransportProperties> local = new HashMap<>();
+			Map<TransportId, TransportProperties> local =
+					new HashMap<TransportId, TransportProperties>();
 			// Find the latest local update for each transport
-			Map<TransportId, LatestUpdate> latest = findLatestLocal(txn);
+			Map<TransportId, LatestUpdate> latest = findLatest(txn,
+					localGroup.getId(), true);
 			// Retrieve and parse the latest local properties
 			for (Entry<TransportId, LatestUpdate> e : latest.entrySet()) {
 				BdfList message = clientHelper.getMessageAsList(txn,
@@ -165,8 +135,7 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 			throws DbException {
 		try {
 			TransportProperties p = null;
-			// TODO: Transaction can be read-only when code is simplified
+			Transaction txn = db.startTransaction(true);
-			Transaction txn = db.startTransaction(false);
 			try {
 				// Find the latest local update
 				LatestUpdate latest = findLatest(txn, localGroup.getId(), t,
@@ -191,53 +160,35 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 	@Override
 	public Map<ContactId, TransportProperties> getRemoteProperties(
 			TransportId t) throws DbException {
-		Map<ContactId, TransportProperties> remote = new HashMap<>();
-		// TODO: Transaction can be read-only when code is simplified
-		Transaction txn = db.startTransaction(false);
 		try {
-			for (Contact c : db.getContacts(txn))
+			Map<ContactId, TransportProperties> remote =
-				remote.put(c.getId(), getRemoteProperties(txn, c, t));
+					new HashMap<ContactId, TransportProperties>();
-			db.commitTransaction(txn);
+			Transaction txn = db.startTransaction(true);
-		} finally {
+			try {
-			db.endTransaction(txn);
+				for (Contact c : db.getContacts(txn)) {
-		}
+					// Don't return properties for inactive contacts
-		return remote;
+					if (!c.isActive()) continue;
-	}
+					Group g = getContactGroup(c);
-
+					// Find the latest remote update
-	private TransportProperties getRemoteProperties(Transaction txn, Contact c,
+					LatestUpdate latest = findLatest(txn, g.getId(), t, false);
-			TransportId t) throws DbException {
+					if (latest != null) {
-		// Don't return properties for inactive contacts
+						// Retrieve and parse the latest remote properties
-		if (!c.isActive()) return new TransportProperties();
+						BdfList message = clientHelper.getMessageAsList(txn,
-		Group g = getContactGroup(c);
+								latest.messageId);
-		try {
+						if (message == null) throw new DbException();
-			// Find the latest remote update
+						remote.put(c.getId(), parseProperties(message));
-			LatestUpdate latest = findLatest(txn, g.getId(), t, false);
+					}
-			if (latest == null) return new TransportProperties();
+				}
-			// Retrieve and parse the latest remote properties
+				db.commitTransaction(txn);
-			BdfList message =
+			} finally {
-					clientHelper.getMessageAsList(txn, latest.messageId);
+				db.endTransaction(txn);
-			if (message == null) throw new DbException();
+			}
-			return parseProperties(message);
+			return remote;
 		} catch (FormatException e) {
 			throw new DbException(e);
 		}
 	}
 
-	@Override
-	public TransportProperties getRemoteProperties(ContactId c, TransportId t)
-			throws DbException {
-		TransportProperties p;
-		// TODO: Transaction can be read-only when code is simplified
-		Transaction txn = db.startTransaction(false);
-		try {
-			p = getRemoteProperties(txn, db.getContact(txn, c), t);
-			db.commitTransaction(txn);
-		} finally {
-			db.endTransaction(txn);
-		}
-		return p;
-	}
-
 	@Override
 	public void mergeLocalProperties(TransportId t, TransportProperties p)
 			throws DbException {
@@ -266,9 +217,6 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 					long version = latest == null ? 1 : latest.version + 1;
 					storeMessage(txn, localGroup.getId(), t, merged, version,
 							true, false);
-					// Delete the previous update, if any
-					if (latest != null)
-						db.removeMessage(txn, latest.messageId);
 					// Store the merged properties in each contact's group
 					for (Contact c : db.getContacts(txn)) {
 						Group g = getContactGroup(c);
@@ -276,9 +224,6 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 						version = latest == null ? 1 : latest.version + 1;
 						storeMessage(txn, g.getId(), t, merged, version,
 								true, true);
-						// Delete the previous update, if any
-						if (latest != null)
-							db.removeMessage(txn, latest.messageId);
 					}
 				}
 				db.commitTransaction(txn);
@@ -316,26 +261,20 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 		return BdfList.of(t.getString(), version, p);
 	}
 
-	private Map<TransportId, LatestUpdate> findLatestLocal(Transaction txn)
+	private Map<TransportId, LatestUpdate> findLatest(Transaction txn,
-			throws DbException, FormatException {
+			GroupId g, boolean local) throws DbException, FormatException {
-		// TODO: This can be simplified before 1.0
+		Map<TransportId, LatestUpdate> latestUpdates =
-		Map<TransportId, LatestUpdate> latestUpdates = new HashMap<>();
+				new HashMap<TransportId, LatestUpdate>();
-		Map<MessageId, BdfDictionary> metadata = clientHelper
+		Map<MessageId, BdfDictionary> metadata =
-				.getMessageMetadataAsDictionary(txn, localGroup.getId());
+				clientHelper.getMessageMetadataAsDictionary(txn, g);
 		for (Entry<MessageId, BdfDictionary> e : metadata.entrySet()) {
 			BdfDictionary meta = e.getValue();
-			TransportId t = new TransportId(meta.getString("transportId"));
+			if (meta.getBoolean("local") == local) {
-			long version = meta.getLong("version");
+				TransportId t = new TransportId(meta.getString("transportId"));
-			LatestUpdate latest = latestUpdates.get(t);
+				long version = meta.getLong("version");
-			if (latest == null) {
+				LatestUpdate latest = latestUpdates.get(t);
-				latestUpdates.put(t, new LatestUpdate(e.getKey(), version));
+				if (latest == null || version > latest.version)
-			} else if (version > latest.version) {
+					latestUpdates.put(t, new LatestUpdate(e.getKey(), version));
-				// This update is newer - delete the previous one
-				db.removeMessage(txn, latest.messageId);
-				latestUpdates.put(t, new LatestUpdate(e.getKey(), version));
-			} else {
-				// We've already found a newer update - delete this one
-				db.removeMessage(txn, e.getKey());
 			}
 		}
 		return latestUpdates;
@@ -344,7 +283,6 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 	@Nullable
 	private LatestUpdate findLatest(Transaction txn, GroupId g, TransportId t,
 			boolean local) throws DbException, FormatException {
-		// TODO: This can be simplified before 1.0
 		LatestUpdate latest = null;
 		Map<MessageId, BdfDictionary> metadata =
 				clientHelper.getMessageMetadataAsDictionary(txn, g);
@@ -353,26 +291,8 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 			if (meta.getString("transportId").equals(t.getString())
 					&& meta.getBoolean("local") == local) {
 				long version = meta.getLong("version");
-				if (latest == null) {
+				if (latest == null || version > latest.version)
 					latest = new LatestUpdate(e.getKey(), version);
-				} else if (version > latest.version) {
-					// This update is newer - delete the previous one
-					if (local) {
-						db.removeMessage(txn, latest.messageId);
-					} else {
-						db.deleteMessage(txn, latest.messageId);
-						db.deleteMessageMetadata(txn, latest.messageId);
-					}
-					latest = new LatestUpdate(e.getKey(), version);
-				} else {
-					// We've already found a newer update - delete this one
-					if (local) {
-						db.removeMessage(txn, e.getKey());
-					} else {
-						db.deleteMessage(txn, e.getKey());
-						db.deleteMessageMetadata(txn, e.getKey());
-					}
-				}
 			}
 		}
 		return latest;

bramble-core/src/main/java/org/briarproject/bramble/reliability/Receiver.java

@@ -41,7 +41,7 @@ class Receiver implements ReadHandler {
 	Receiver(Clock clock, Sender sender) {
 		this.sender = sender;
 		this.clock = clock;
-		dataFrames = new TreeSet<>(new SequenceNumberComparator());
+		dataFrames = new TreeSet<Data>(new SequenceNumberComparator());
 	}
 
 	Data read() throws IOException, InterruptedException {

bramble-core/src/main/java/org/briarproject/bramble/reliability/ReliabilityLayerImpl.java

@@ -42,44 +42,48 @@ class ReliabilityLayerImpl implements ReliabilityLayer, WriteHandler {
 		this.executor = executor;
 		this.clock = clock;
 		this.writeHandler = writeHandler;
-		writes = new LinkedBlockingQueue<>();
+		writes = new LinkedBlockingQueue<byte[]>();
 	}
 
 	@Override
 	public void start() {
 		SlipEncoder encoder = new SlipEncoder(this);
-		Sender sender = new Sender(clock, encoder);
+		final Sender sender = new Sender(clock, encoder);
 		receiver = new Receiver(clock, sender);
 		decoder = new SlipDecoder(receiver, Data.MAX_LENGTH);
 		inputStream = new ReceiverInputStream(receiver);
 		outputStream = new SenderOutputStream(sender);
 		running = true;
-		executor.execute(() -> {
+		executor.execute(new Runnable() {
-			long now = clock.currentTimeMillis();
+			@Override
-			long next = now + TICK_INTERVAL;
+			public void run() {
-			try {
+				long now = clock.currentTimeMillis();
-				while (running) {
+				long next = now + TICK_INTERVAL;
-					byte[] b = null;
+				try {
-					while (now < next && b == null) {
+					while (running) {
-						b = writes.poll(next - now, MILLISECONDS);
+						byte[] b = null;
-						if (!running) return;
+						while (now < next && b == null) {
-						now = clock.currentTimeMillis();
+							b = writes.poll(next - now, MILLISECONDS);
-					}
+							if (!running) return;
-					if (b == null) {
+							now = clock.currentTimeMillis();
-						sender.tick();
+						}
-						while (next <= now) next += TICK_INTERVAL;
+						if (b == null) {
-					} else {
+							sender.tick();
-						if (b.length == 0) return; // Poison pill
+							while (next <= now) next += TICK_INTERVAL;
-						writeHandler.handleWrite(b);
+						} else {
+							if (b.length == 0) return; // Poison pill
+							writeHandler.handleWrite(b);
+						}
 					}
+				} catch (InterruptedException e) {
+					LOG.warning("Interrupted while waiting to write");
+					Thread.currentThread().interrupt();
+					running = false;
+				} catch (IOException e) {
+					if (LOG.isLoggable(WARNING))
+						LOG.log(WARNING, e.toString(), e);
+					running = false;
 				}
-			} catch (InterruptedException e) {
-				LOG.warning("Interrupted while waiting to write");
-				Thread.currentThread().interrupt();
-				running = false;
-			} catch (IOException e) {
-				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
-				running = false;
 			}
 		});
 	}

bramble-core/src/main/java/org/briarproject/bramble/reliability/Sender.java

@@ -46,7 +46,7 @@ class Sender {
 	Sender(Clock clock, WriteHandler writeHandler) {
 		this.clock = clock;
 		this.writeHandler = writeHandler;
-		outstanding = new LinkedList<>();
+		outstanding = new LinkedList<Outstanding>();
 	}
 
 	void sendAck(long sequenceNumber, int windowSize) throws IOException {
@@ -136,7 +136,7 @@ class Sender {
 					if (now - o.lastTransmitted > rto) {
 						it.remove();
 						if (retransmit == null)
-							retransmit = new ArrayList<>();
+							retransmit = new ArrayList<Outstanding>();
 						retransmit.add(o);
 						// Update the retransmission timeout
 						rto <<= 1;

bramble-core/src/main/java/org/briarproject/bramble/reporting/DevReportServer.java

@@ -1,7 +1,6 @@
 package org.briarproject.bramble.reporting;
 
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.util.IoUtils;
 
 import java.io.Closeable;
 import java.io.File;
@@ -131,7 +130,7 @@ public class DevReportServer {
 			OutputStream out = null;
 			try {
 				socket.setSoTimeout(SOCKET_TIMEOUT_MS);
-				in = IoUtils.getInputStream(socket);
+				in = socket.getInputStream();
 				reportDir.mkdirs();
 				reportFile = File.createTempFile(FILE_PREFIX, FILE_SUFFIX,
 						reportDir);

bramble-core/src/main/java/org/briarproject/bramble/reporting/DevReporterImpl.java

@@ -93,7 +93,7 @@ class DevReporterImpl implements DevReporter {
 			InputStream in = null;
 			try {
 				Socket s = connectToDevelopers();
-				out = IoUtils.getOutputStream(s);
+				out = s.getOutputStream();
 				in = new FileInputStream(f);
 				IoUtils.copyAndClose(in, out);
 				f.delete();

bramble-core/src/main/java/org/briarproject/bramble/socks/SocksSocket.java

@@ -57,8 +57,8 @@ class SocksSocket extends Socket {
 
 		// Connect to the proxy
 		super.connect(proxy, connectToProxyTimeout);
-		OutputStream out = IoUtils.getOutputStream(this);
+		OutputStream out = getOutputStream();
-		InputStream in = IoUtils.getInputStream(this);
+		InputStream in = getInputStream();
 
 		// Request SOCKS 5 with no authentication
 		sendMethodRequest(out);

bramble-core/src/main/java/org/briarproject/bramble/sync/DuplexOutgoingSession.java

@@ -54,7 +54,12 @@ class DuplexOutgoingSession implements SyncSession, EventListener {
 	private static final Logger LOG =
 			Logger.getLogger(DuplexOutgoingSession.class.getName());
 
-	private static final ThrowingRunnable<IOException> CLOSE = () -> {};
+	private static final ThrowingRunnable<IOException> CLOSE =
+			new ThrowingRunnable<IOException>() {
+				@Override
+				public void run() {
+				}
+			};
 
 	private final DatabaseComponent db;
 	private final Executor dbExecutor;
@@ -78,7 +83,7 @@ class DuplexOutgoingSession implements SyncSession, EventListener {
 		this.maxLatency = maxLatency;
 		this.maxIdleTime = maxIdleTime;
 		this.recordWriter = recordWriter;
-		writerTasks = new LinkedBlockingQueue<>();
+		writerTasks = new LinkedBlockingQueue<ThrowingRunnable<IOException>>();
 	}
 
 	@IoExecutor

bramble-core/src/main/java/org/briarproject/bramble/sync/RecordReaderImpl.java

@@ -116,7 +116,7 @@ class RecordReaderImpl implements RecordReader {
 	private List<MessageId> readMessageIds() throws IOException {
 		if (payloadLength == 0) throw new FormatException();
 		if (payloadLength % UniqueId.LENGTH != 0) throw new FormatException();
-		List<MessageId> ids = new ArrayList<>();
+		List<MessageId> ids = new ArrayList<MessageId>();
 		for (int off = 0; off < payloadLength; off += UniqueId.LENGTH) {
 			byte[] id = new byte[UniqueId.LENGTH];
 			System.arraycopy(payload, off, id, 0, UniqueId.LENGTH);

bramble-core/src/main/java/org/briarproject/bramble/sync/SimplexOutgoingSession.java

@@ -43,7 +43,12 @@ class SimplexOutgoingSession implements SyncSession, EventListener {
 	private static final Logger LOG =
 			Logger.getLogger(SimplexOutgoingSession.class.getName());
 
-	private static final ThrowingRunnable<IOException> CLOSE = () -> {};
+	private static final ThrowingRunnable<IOException> CLOSE =
+			new ThrowingRunnable<IOException>() {
+				@Override
+				public void run() {
+				}
+			};
 
 	private final DatabaseComponent db;
 	private final Executor dbExecutor;
@@ -66,7 +71,7 @@ class SimplexOutgoingSession implements SyncSession, EventListener {
 		this.maxLatency = maxLatency;
 		this.recordWriter = recordWriter;
 		outstandingQueries = new AtomicInteger(2); // One per type of record
-		writerTasks = new LinkedBlockingQueue<>();
+		writerTasks = new LinkedBlockingQueue<ThrowingRunnable<IOException>>();
 	}
 
 	@IoExecutor