Bump version numbers for 1.0.6 release.

Remove RemovableDrivePlugin, refactor plugin interface

Closes #25

See merge request akwizgran/briar!817

.gitignore

@@ -20,6 +20,7 @@ local.properties
 .idea/*
 !.idea/runConfigurations/
 !.idea/codeStyleSettings.xml
+!.idea/codeStyles
 .gradle
 build/
 *.iml

.gitlab-ci.yml

@@ -1,29 +1,31 @@
-image: registry.gitlab.com/fdroid/ci-images-base:latest
-
-cache:
-  paths:
-    - .gradle/wrapper
-    - .gradle/caches
-
-before_script:
-  - set -e
-  - export GRADLE_USER_HOME=$PWD/.gradle
-  # Accept the license for the Android build tools
-  - echo y | /opt/android-sdk/tools/bin/sdkmanager "build-tools;26.0.2"
-  # Download OpenJDK 6 so we can compile against its standard library
-  - JDK_FILE=openjdk-6-jre-headless_6b38-1.13.10-1~deb7u1_amd64.deb
-  - if [ ! -d openjdk ]
-  - then
-  - wget -q http://ftp.uk.debian.org/debian/pool/main/o/openjdk-6/$JDK_FILE
-  - dpkg-deb -x $JDK_FILE openjdk
-  - fi
-  - export JAVA_6_HOME=$PWD/openjdk/usr/lib/jvm/java-6-openjdk-amd64
+image: briar/ci-image-android:latest
 
 test:
-  script:
-    - ./gradlew test
+  before_script:
+    - set -e
+    - export GRADLE_USER_HOME=$PWD/.gradle
 
-after_script:
-    # this file changes every time but should not be cached
+  cache:
+    paths:
+      - .gradle/wrapper
+      - .gradle/caches
+
+  script:
+    - ./gradlew --no-daemon animalSnifferMain animalSnifferTest
+    - ./gradlew --no-daemon test
+
+  after_script:
+    # these file change every time but should not be cached
     - rm -f $GRADLE_USER_HOME/caches/modules-2/modules-2.lock
     - rm -fr $GRADLE_USER_HOME/caches/*/plugin-resolution/
+
+
+test_reproducible:
+  image: briar/reproducer:latest
+
+  script:
+    - cd /opt/briar-reproducer
+    - ./reproduce.py ${CI_COMMIT_REF_NAME}
+
+  only:
+    - tags

.idea/codeStyles/Project.xml

@@ -0,0 +1,261 @@
+<component name="ProjectCodeStyleConfiguration">
+  <code_scheme name="Project" version="173">
+    <option name="RIGHT_MARGIN" value="100" />
+    <AndroidXmlCodeStyleSettings>
+      <option name="USE_CUSTOM_SETTINGS" value="true" />
+    </AndroidXmlCodeStyleSettings>
+    <JavaCodeStyleSettings>
+      <option name="ANNOTATION_PARAMETER_WRAP" value="1" />
+      <option name="CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND" value="99" />
+      <option name="NAMES_COUNT_TO_USE_IMPORT_ON_DEMAND" value="99" />
+      <option name="PACKAGES_TO_USE_IMPORT_ON_DEMAND">
+        <value />
+      </option>
+      <option name="IMPORT_LAYOUT_TABLE">
+        <value>
+          <package name="android" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="com" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="junit" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="net" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="org" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="java" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="javax" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="" withSubpackages="true" static="true" />
+          <emptyLine />
+        </value>
+      </option>
+      <option name="JD_ALIGN_PARAM_COMMENTS" value="false" />
+      <option name="JD_ALIGN_EXCEPTION_COMMENTS" value="false" />
+    </JavaCodeStyleSettings>
+    <Objective-C-extensions>
+      <file>
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Import" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Macro" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Typedef" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Enum" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Constant" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Global" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Struct" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="FunctionPredecl" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Function" />
+      </file>
+      <class>
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Property" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Synthesize" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="InitMethod" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="StaticMethod" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="InstanceMethod" />
+        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="DeallocMethod" />
+      </class>
+      <extensions>
+        <pair source="cpp" header="h" fileNamingConvention="NONE" />
+        <pair source="c" header="h" fileNamingConvention="NONE" />
+      </extensions>
+    </Objective-C-extensions>
+    <XML>
+      <option name="XML_LEGACY_SETTINGS_IMPORTED" value="true" />
+    </XML>
+    <codeStyleSettings language="Groovy">
+      <indentOptions>
+        <option name="USE_TAB_CHARACTER" value="true" />
+        <option name="SMART_TABS" value="true" />
+      </indentOptions>
+    </codeStyleSettings>
+    <codeStyleSettings language="JAVA">
+      <option name="RIGHT_MARGIN" value="80" />
+      <option name="ALIGN_MULTILINE_PARAMETERS" value="false" />
+      <option name="ALIGN_MULTILINE_RESOURCES" value="false" />
+      <option name="ALIGN_MULTILINE_FOR" value="false" />
+      <option name="SPACE_BEFORE_ARRAY_INITIALIZER_LBRACE" value="true" />
+      <option name="CALL_PARAMETERS_WRAP" value="1" />
+      <option name="METHOD_PARAMETERS_WRAP" value="1" />
+      <option name="RESOURCE_LIST_WRAP" value="1" />
+      <option name="EXTENDS_LIST_WRAP" value="1" />
+      <option name="THROWS_LIST_WRAP" value="1" />
+      <option name="EXTENDS_KEYWORD_WRAP" value="1" />
+      <option name="THROWS_KEYWORD_WRAP" value="1" />
+      <option name="METHOD_CALL_CHAIN_WRAP" value="1" />
+      <option name="BINARY_OPERATION_WRAP" value="1" />
+      <option name="TERNARY_OPERATION_WRAP" value="1" />
+      <option name="FOR_STATEMENT_WRAP" value="1" />
+      <option name="ARRAY_INITIALIZER_WRAP" value="1" />
+      <option name="ASSIGNMENT_WRAP" value="1" />
+      <option name="ASSERT_STATEMENT_WRAP" value="1" />
+      <option name="PARAMETER_ANNOTATION_WRAP" value="1" />
+      <option name="VARIABLE_ANNOTATION_WRAP" value="1" />
+      <option name="ENUM_CONSTANTS_WRAP" value="1" />
+      <indentOptions>
+        <option name="USE_TAB_CHARACTER" value="true" />
+        <option name="SMART_TABS" value="true" />
+      </indentOptions>
+    </codeStyleSettings>
+    <codeStyleSettings language="XML">
+      <option name="FORCE_REARRANGE_MODE" value="1" />
+      <indentOptions>
+        <option name="CONTINUATION_INDENT_SIZE" value="4" />
+        <option name="USE_TAB_CHARACTER" value="true" />
+        <option name="SMART_TABS" value="true" />
+      </indentOptions>
+      <arrangement>
+        <rules>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>xmlns:android</NAME>
+                  <XML_NAMESPACE>Namespace:</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>xmlns:.*</NAME>
+                  <XML_NAMESPACE>Namespace:</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*:id</NAME>
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*:name</NAME>
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>name</NAME>
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>style</NAME>
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*</NAME>
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*:layout_width</NAME>
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*:layout_height</NAME>
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*:layout_.*</NAME>
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*:width</NAME>
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*:height</NAME>
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*</NAME>
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*</NAME>
+                  <XML_NAMESPACE>.*</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+        </rules>
+      </arrangement>
+    </codeStyleSettings>
+  </code_scheme>
+</component>

.idea/codeStyles/codeStyleConfig.xml

@@ -0,0 +1,5 @@
+<component name="ProjectCodeStyleConfiguration">
+  <state>
+    <option name="USE_PER_PROJECT_SETTINGS" value="true" />
+  </state>
+</component>

bramble-android/build.gradle

@@ -1,19 +1,15 @@
-import de.undercouch.gradle.tasks.download.Download
-import de.undercouch.gradle.tasks.download.Verify
-
 apply plugin: 'com.android.library'
 apply plugin: 'witness'
-apply plugin: 'de.undercouch.download'
 
 android {
 	compileSdkVersion 27
-	buildToolsVersion '26.0.2'
+	buildToolsVersion '27.0.3'
 
 	defaultConfig {
 		minSdkVersion 14
 		targetSdkVersion 26
-		versionCode 1700
-		versionName "0.17.0"
+		versionCode 10006
+		versionName "1.0.6"
 		consumerProguardFiles 'proguard-rules.txt'
 	}
 
@@ -23,9 +19,14 @@ android {
 	}
 }
 
+configurations {
+	tor
+}
+
 dependencies {
 	implementation project(path: ':bramble-core', configuration: 'default')
-	implementation fileTree(dir: 'libs', include: '*.jar')
+	implementation 'org.briarproject:jtorctl:0.3'
+	tor 'org.briarproject:tor-android:0.2.9.15@zip'
 
 	annotationProcessor 'com.google.dagger:dagger-compiler:2.0.2'
 
@@ -34,63 +35,87 @@ dependencies {
 
 dependencyVerification {
 	verify = [
-			'com.google.code.findbugs:jsr305:3.0.2:jsr305-3.0.2.jar:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7',
+			'com.android.tools.analytics-library:protos:26.1.2:protos-26.1.2.jar:52672a0b42b572a06aecc3535d5068eb46c0e15d129b9f1085d3c16a1da5cdbb',
+			'com.android.tools.analytics-library:shared:26.1.2:shared-26.1.2.jar:5c7e0eda18c6f87feeb83628c707e8aaa3298b41fb72e38efe31ad1675f9e8e9',
+			'com.android.tools.analytics-library:tracker:26.1.2:tracker-26.1.2.jar:06f97aa0adf44ffb06f8681c6a79d9be153a08f61d21eddc42b8d3db96df4282',
+			'com.android.tools.build:apksig:3.1.2:apksig-3.1.2.jar:40696a4559124d1d57873d208857eee059d48859239d569c7d18374ac644a8be',
+			'com.android.tools.build:builder-model:3.1.2:builder-model-3.1.2.jar:d49bfa2a135c9562b6ca7aa4342036cfa1582c7074c2d1d93d1dae8b3a134e17',
+			'com.android.tools.build:builder-test-api:3.1.2:builder-test-api-3.1.2.jar:dfe2a50b740d41b11189101062434d4283d18647e89a492ad51710c719363e9f',
+			'com.android.tools.build:builder:3.1.2:builder-3.1.2.jar:b60f825a42e2efe8433619fbc759f3d9effecab718279048d36881188ceb1d14',
+			'com.android.tools.build:gradle-api:3.1.2:gradle-api-3.1.2.jar:e58bcc5b893e4583ab0f5c8ef89c4dbcce202b405a9d7fcc116d21e5357d4893',
+			'com.android.tools.build:manifest-merger:26.1.2:manifest-merger-26.1.2.jar:9c61c27ea5266573107b954acf1216d398f4d7e7ae6fad6409d6b2b767eb091c',
+			'com.android.tools.ddms:ddmlib:26.1.2:ddmlib-26.1.2.jar:18a2a5fbef36882f07d03c2b9e59eba05cf8248177bf5cbff736e4b582804c44',
+			'com.android.tools.external.com-intellij:intellij-core:26.1.2:intellij-core-26.1.2.jar:37c5acf279f1ae3e85b1a5be3c9f15f43bde7b08f978eefefffb9c4035760c52',
+			'com.android.tools.external.com-intellij:kotlin-compiler:26.1.2:kotlin-compiler-26.1.2.jar:152df0bee7580326c77316b669a9d96e3b09efb1d45f545dce4147271b0b8944',
+			'com.android.tools.external.org-jetbrains:uast:26.1.2:uast-26.1.2.jar:02d39582206d3f5fc0a6cb18bfd9e8b9f9c1acb805ec6dac08b4e3a56849d279',
+			'com.android.tools.layoutlib:layoutlib-api:26.1.2:layoutlib-api-26.1.2.jar:20220039fcc7d799f928153beff862e704457c0f55ab44258f3745ebeb662b4f',
+			'com.android.tools.lint:lint-api:26.1.2:lint-api-26.1.2.jar:e1d5b62b870a7c566e9877a6b96b27784a4d713f8caa07fdcb4705d47a40a1d9',
+			'com.android.tools.lint:lint-checks:26.1.2:lint-checks-26.1.2.jar:211e2afd58504372385d71b1e5be982c2b5121ab6fee1c04ddabeb75a8729e07',
+			'com.android.tools.lint:lint-gradle-api:26.1.2:lint-gradle-api-26.1.2.jar:71284f2a8b03c3e55c94511c9eb36f8184fbb85324325fc6b78abf5183f03d90',
+			'com.android.tools.lint:lint-gradle:26.1.2:lint-gradle-26.1.2.jar:855f0c82b7fc690df1b7319c0774f7517f7f8f5dd4eee1f6077dcf50e07c6240',
+			'com.android.tools.lint:lint-kotlin:26.1.2:lint-kotlin-26.1.2.jar:1e591f70bcbbc11569720a9bbcca2bc1f3d4f789f01f40f642848d920643d484',
+			'com.android.tools.lint:lint:26.1.2:lint-26.1.2.jar:93736c62e9f1976998c2b4aa716aea0734cdb162d05502f4af7292654aedb182',
+			'com.android.tools:annotations:26.1.2:annotations-26.1.2.jar:72773dcaf5c4ccca828e3c8467f1b78a8a00b3cc5f8ad1aab88fcf9379928018',
+			'com.android.tools:common:26.1.2:common-26.1.2.jar:ea4320f0c17dcbc4491896bb705c4d25ec08bd62ef02ab0579fe154e75e788e6',
+			'com.android.tools:dvlib:26.1.2:dvlib-26.1.2.jar:1187aa4fb666595c96c4deb6bc0e0f4b7e396bde9f6243330b49a232946130ea',
+			'com.android.tools:repository:26.1.2:repository-26.1.2.jar:8b86e512ad6d32bd76989451eefe2b271f5efce6d4d65ecb173afaf14606e01a',
+			'com.android.tools:sdk-common:26.1.2:sdk-common-26.1.2.jar:23584720a60a21cdcb5b1ec10269e3013789d6805d153cc696c39ec7ce251896',
+			'com.android.tools:sdklib:26.1.2:sdklib-26.1.2.jar:d3870fafc59ab8efa70d3f9649f40ee299c8ec5b58377b06e8853d7272a5bf4e',
+			'com.google.code.findbugs:jsr305:1.3.9:jsr305-1.3.9.jar:905721a0eea90a81534abb7ee6ef4ea2e5e645fa1def0a5cd88402df1b46c9ed',
+			'com.google.code.gson:gson:2.7:gson-2.7.jar:2d43eb5ea9e133d2ee2405cc14f5ee08951b8361302fdd93494a3a997b508d32',
 			'com.google.dagger:dagger-compiler:2.0.2:dagger-compiler-2.0.2.jar:b74bc9de063dd4c6400b232231f2ef5056145b8fbecbf5382012007dd1c071b3',
 			'com.google.dagger:dagger-producers:2.0-beta:dagger-producers-2.0-beta.jar:99ec15e8a0507ba569e7655bc1165ee5e5ca5aa914b3c8f7e2c2458f724edd6b',
 			'com.google.dagger:dagger:2.0.2:dagger-2.0.2.jar:84c0282ed8be73a29e0475d639da030b55dee72369e58dd35ae7d4fe6243dcf9',
+			'com.google.errorprone:error_prone_annotations:2.0.18:error_prone_annotations-2.0.18.jar:cb4cfad870bf563a07199f3ebea5763f0dec440fcda0b318640b1feaa788656b',
 			'com.google.guava:guava:18.0:guava-18.0.jar:d664fbfc03d2e5ce9cab2a44fb01f1d0bf9dfebeccc1a473b1f9ea31f79f6f99',
-			'com.h2database:h2:1.4.192:h2-1.4.192.jar:225b22e9857235c46c93861410b60b8c81c10dc8985f4faf188985ba5445126c',
-			'com.madgag.spongycastle:core:1.58.0.0:core-1.58.0.0.jar:199617dd5698c5a9312b898c0a4cec7ce9dd8649d07f65d91629f58229d72728',
+			'com.google.guava:guava:22.0:guava-22.0.jar:1158e94c7de4da480873f0b4ab4a1da14c0d23d4b1902cc94a58a6f0f9ab579e',
+			'com.google.j2objc:j2objc-annotations:1.1:j2objc-annotations-1.1.jar:40ceb7157feb263949e0f503fe5f71689333a621021aa20ce0d0acee3badaa0f',
+			'com.google.jimfs:jimfs:1.1:jimfs-1.1.jar:c4828e28d7c0a930af9387510b3bada7daa5c04d7c25a75c7b8b081f1c257ddd',
+			'com.google.protobuf:protobuf-java:3.4.0:protobuf-java-3.4.0.jar:dce7e66b32456a1b1198da0caff3a8acb71548658391e798c79369241e6490a4',
+			'com.googlecode.json-simple:json-simple:1.1:json-simple-1.1.jar:2d9484f4c649f708f47f9a479465fc729770ee65617dca3011836602264f6439',
+			'com.squareup:javawriter:2.5.0:javawriter-2.5.0.jar:fcfb09fb0ea0aa97d3cfe7ea792398081348e468f126b3603cb3803f240197f0',
+			'com.sun.activation:javax.activation:1.2.0:javax.activation-1.2.0.jar:993302b16cd7056f21e779cc577d175a810bb4900ef73cd8fbf2b50f928ba9ce',
+			'com.sun.istack:istack-commons-runtime:2.21:istack-commons-runtime-2.21.jar:c33e67a0807095f02a0e2da139412dd7c4f9cc1a4c054b3e434f96831ba950f4',
+			'com.sun.xml.fastinfoset:FastInfoset:1.2.13:FastInfoset-1.2.13.jar:27a77db909f3c2833c0b1a37c55af1db06045118ad2eed96ce567b6632bce038',
+			'commons-codec:commons-codec:1.6:commons-codec-1.6.jar:54b34e941b8e1414bd3e40d736efd3481772dc26db3296f6aa45cec9f6203d86',
+			'commons-logging:commons-logging:1.1.1:commons-logging-1.1.1.jar:ce6f913cad1f0db3aad70186d65c5bc7ffcc9a99e3fe8e0b137312819f7c362f',
+			'it.unimi.dsi:fastutil:7.2.0:fastutil-7.2.0.jar:74fa208043740642f7e6eb09faba15965218ad2f50ce3020efb100136e4b591c',
 			'javax.annotation:jsr250-api:1.0:jsr250-api-1.0.jar:a1a922d0d9b6d183ed3800dfac01d1e1eb159f0e8c6f94736931c1def54a941f',
 			'javax.inject:javax.inject:1:javax.inject-1.jar:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff',
-			'net.i2p.crypto:eddsa:0.2.0:eddsa-0.2.0.jar:a7cb1b85c16e2f0730b9204106929a1d9aaae1df728adc7041a8b8b605692140',
-			'org.bitlet:weupnp:0.1.4:weupnp-0.1.4.jar:88df7e6504929d00bdb832863761385c68ab92af945b04f0770b126270a444fb',
-			'org.jacoco:org.jacoco.agent:0.7.4.201502262128:org.jacoco.agent-0.7.4.201502262128-runtime.jar:e357a0f1d573c2f702a273992b1b6cb661734f66311854efb3778a888515c5b5',
-			'org.jacoco:org.jacoco.agent:0.7.4.201502262128:org.jacoco.agent-0.7.4.201502262128.jar:47b4bec6df11a1118da3953da8b9fa1e7079d6fec857faa1a3cf912e53a6fd4e',
-			'org.jacoco:org.jacoco.ant:0.7.4.201502262128:org.jacoco.ant-0.7.4.201502262128.jar:013ce2a68ba57a3c59215ae0dec4df3498c078062a38c3b94c841fc14450f283',
-			'org.jacoco:org.jacoco.core:0.7.4.201502262128:org.jacoco.core-0.7.4.201502262128.jar:ec4c74554312fac5116350164786f91b35c9e082fa4ea598bfa42b5db05d7abb',
-			'org.jacoco:org.jacoco.report:0.7.4.201502262128:org.jacoco.report-0.7.4.201502262128.jar:7a3554c605e088e7e323b1084656243f0444fa353e2f2dee1f1a4204eb64ff09',
-			'org.ow2.asm:asm-debug-all:5.0.1:asm-debug-all-5.0.1.jar:4734de5b515a454b0096db6971fb068e5f70e6f10bbee2b3bd2fdfe5d978ed57',
+			'javax.xml.bind:jaxb-api:2.2.12-b140109.1041:jaxb-api-2.2.12-b140109.1041.jar:b5e60cd8b7b5ff01ce4a74c5dd008f4fbd14ced3495d0b47b85cfedc182211f2',
+			'net.sf.jopt-simple:jopt-simple:4.9:jopt-simple-4.9.jar:26c5856e954b5f864db76f13b86919b59c6eecf9fd930b96baa8884626baf2f5',
+			'net.sf.kxml:kxml2:2.3.0:kxml2-2.3.0.jar:f264dd9f79a1fde10ce5ecc53221eff24be4c9331c830b7d52f2f08a7b633de2',
+			'org.apache.commons:commons-compress:1.12:commons-compress-1.12.jar:2c1542faf343185b7cab9c3d55c8ae5471d6d095d3887a4adefdbdf2984dc0b6',
+			'org.apache.httpcomponents:httpclient:4.2.6:httpclient-4.2.6.jar:362e9324ee7c697e21279e20077b52737ddef3f1b2c1a7abe5ad34b465145550',
+			'org.apache.httpcomponents:httpcore:4.2.5:httpcore-4.2.5.jar:e5e82da4cc66c8d917bbf743e3c0752efe8522735e7fc9dbddb65bccea81cfe9',
+			'org.apache.httpcomponents:httpmime:4.1:httpmime-4.1.jar:31629566148e8a47688ae43b420abc3ecd783ed15b33bebc00824bf24c9b15aa',
+			'org.bouncycastle:bcpkix-jdk15on:1.56:bcpkix-jdk15on-1.56.jar:7043dee4e9e7175e93e0b36f45b1ec1ecb893c5f755667e8b916eb8dd201c6ca',
+			'org.bouncycastle:bcprov-jdk15on:1.56:bcprov-jdk15on-1.56.jar:963e1ee14f808ffb99897d848ddcdb28fa91ddda867eb18d303e82728f878349',
+			'org.briarproject:jtorctl:0.3:jtorctl-0.3.jar:f2939238a097898998432effe93b0334d97a787972ab3a91a8973a1d309fc864',
+			'org.briarproject:tor-android:0.2.9.15:tor-android-0.2.9.15.zip:34a6474ee219ffa52e0f3393e917dda6ed03d320b02247d4fa5075aa4094ee6d',
+			'org.codehaus.groovy:groovy-all:2.4.12:groovy-all-2.4.12.jar:6a56af4bd48903d56bec62821876cadefafd007360cc6bd0d8f7aa8d72b38be4',
+			'org.codehaus.mojo:animal-sniffer-annotations:1.14:animal-sniffer-annotations-1.14.jar:2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d',
+			'org.glassfish.jaxb:jaxb-core:2.2.11:jaxb-core-2.2.11.jar:37bcaee8ebb04362c8352a5bf6221b86967ecdab5164c696b10b9a2bb587b2aa',
+			'org.glassfish.jaxb:jaxb-runtime:2.2.11:jaxb-runtime-2.2.11.jar:a874f2351cfba8e2946be3002d10c18a6da8f21b52ba2acf52f2b85d5520ed70',
+			'org.glassfish.jaxb:txw2:2.2.11:txw2-2.2.11.jar:272a3ccad45a4511351920cd2a8633c53cab8d5220c7a92954da5526bb5eafea',
+			'org.jetbrains.kotlin:kotlin-reflect:1.2.0:kotlin-reflect-1.2.0.jar:4f48a872bad6e4d9c053f4ad610d11e4012ad7e58dc19a03dd5eb811f36069dd',
+			'org.jetbrains.kotlin:kotlin-stdlib-jre7:1.2.0:kotlin-stdlib-jre7-1.2.0.jar:c7a20fb951d437797afe8980aff6c1e5a03f310c661ba58ba1d4fa90cb0f2926',
+			'org.jetbrains.kotlin:kotlin-stdlib-jre8:1.2.0:kotlin-stdlib-jre8-1.2.0.jar:633524eee6ef1941f7cb1dab7ee3927b0a221ceee9047aeb5515f4cbb990c82a',
+			'org.jetbrains.kotlin:kotlin-stdlib:1.2.0:kotlin-stdlib-1.2.0.jar:05cfd9f5ac0b41910703a8925f7211a495909b27a2ffdd1c5106f1689aeafcd4',
+			'org.jetbrains.trove4j:trove4j:20160824:trove4j-20160824.jar:1917871c8deb468307a584680c87a44572f5a8b0b98c6d397fc0f5f86596dbe7',
+			'org.jetbrains:annotations:13.0:annotations-13.0.jar:ace2a10dc8e2d5fd34925ecac03e4988b2c0f851650c94b8cef49ba1bd111478',
+			'org.jvnet.staxex:stax-ex:1.7.7:stax-ex-1.7.7.jar:a31ff7d77163c0deb09e7fee59ad35ae44c2cee2cc8552a116ccd1583d813fb4',
+			'org.ow2.asm:asm-analysis:5.1:asm-analysis-5.1.jar:a34658f5c5de4b573eef21131cc32cc25f7b66407944f312b28ec2e56abb1fa9',
+			'org.ow2.asm:asm-commons:5.1:asm-commons-5.1.jar:97b3786e1f55e74bddf8ad102bf50e33bbcbc1f6b7fd7b36f0bbbb25cd4981be',
+			'org.ow2.asm:asm-tree:5.1:asm-tree-5.1.jar:c0de2bbc4cb8297419659813ecd4ed1d077ed1dd5c1f5544cc5143e493e84c10',
+			'org.ow2.asm:asm-util:5.1:asm-util-5.1.jar:ee032c39ae5e3cd099148fbba9a2124f9ed613e5cb93e03ee0fa8808ce364040',
+			'org.ow2.asm:asm:5.1:asm-5.1.jar:d2da399a9967c69f0a21739256fa79d284222c223082cacadc17372244764b54',
 	]
 }
 
-ext.torBinaryDir = 'src/main/res/raw'
-ext.torVersion = '0.2.9.14'
-ext.geoipVersion = '2017-11-06'
-ext.torDownloadUrl = 'https://briarproject.org/build/'
-
-def torBinaries = [
-		"tor_arm"    : '1710ea6c47b7f4c1a88bdf4858c7893837635db10e8866854eed8d61629f50e8',
-		"tor_arm_pie": '974e6949507db8fa2ea45231817c2c3677ed4ccf5488a2252317d744b0be1917',
-		"tor_x86"    : '3a5e45b3f051fcda9353b098b7086e762ffe7ba9242f7d7c8bf6523faaa8b1e9',
-		"tor_x86_pie": 'd1d96d8ce1a4b68accf04850185780d10cd5563d3552f7e1f040f8ca32cb4e51',
-		"geoip"      : '8239b98374493529a29096e45fc5877d4d6fdad0146ad8380b291f90d61484ea'
-]
-
-def downloadBinary(name) {
-	return tasks.create("downloadBinary${name}", Download) {
-		src "${torDownloadUrl}${name}.zip"
-				.replace('tor_', "tor-${torVersion}-")
-				.replace('geoip', "geoip-${geoipVersion}")
-				.replaceAll('_', '-')
-		dest "${torBinaryDir}/${name}.zip"
-		onlyIfNewer true
-	}
-}
-
-def verifyBinary(name, chksum) {
-	return tasks.create([
-			name     : "verifyBinary${name}",
-			type     : Verify,
-			dependsOn: downloadBinary(name)]) {
-		src "${torBinaryDir}/${name}.zip"
-		algorithm 'SHA-256'
-		checksum chksum
-	}
-}
-
 project.afterEvaluate {
-	torBinaries.every { key, value ->
-		preBuild.dependsOn.add(verifyBinary(key, value))
+	copy {
+		from configurations.tor.collect { zipTree(it) }
+		into 'src/main/res/raw'
 	}
 }

bramble-android/src/main/java/org/briarproject/bramble/BrambleAndroidModule.java

@@ -1,12 +1,10 @@
 package org.briarproject.bramble;
 
-import org.briarproject.bramble.plugin.AndroidPluginModule;
 import org.briarproject.bramble.system.AndroidSystemModule;
 
 import dagger.Module;
 
 @Module(includes = {
-		AndroidPluginModule.class,
 		AndroidSystemModule.class
 })
 public class BrambleAndroidModule {

bramble-android/src/main/java/org/briarproject/bramble/plugin/AndroidPluginModule.java

@@ -1,69 +0,0 @@
-package org.briarproject.bramble.plugin;
-
-import android.app.Application;
-import android.content.Context;
-
-import org.briarproject.bramble.api.event.EventBus;
-import org.briarproject.bramble.api.lifecycle.IoExecutor;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.BackoffFactory;
-import org.briarproject.bramble.api.plugin.PluginConfig;
-import org.briarproject.bramble.api.plugin.duplex.DuplexPluginFactory;
-import org.briarproject.bramble.api.plugin.simplex.SimplexPluginFactory;
-import org.briarproject.bramble.api.reporting.DevReporter;
-import org.briarproject.bramble.api.system.AndroidExecutor;
-import org.briarproject.bramble.api.system.LocationUtils;
-import org.briarproject.bramble.api.system.Scheduler;
-import org.briarproject.bramble.plugin.bluetooth.AndroidBluetoothPluginFactory;
-import org.briarproject.bramble.plugin.tcp.AndroidLanTcpPluginFactory;
-import org.briarproject.bramble.plugin.tor.TorPluginFactory;
-
-import java.security.SecureRandom;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.concurrent.Executor;
-import java.util.concurrent.ScheduledExecutorService;
-
-import javax.net.SocketFactory;
-
-import dagger.Module;
-import dagger.Provides;
-
-@Module
-public class AndroidPluginModule {
-
-	@Provides
-	PluginConfig providePluginConfig(@IoExecutor Executor ioExecutor,
-			@Scheduler ScheduledExecutorService scheduler,
-			AndroidExecutor androidExecutor, SecureRandom random,
-			SocketFactory torSocketFactory, BackoffFactory backoffFactory,
-			Application app, LocationUtils locationUtils, DevReporter reporter,
-			EventBus eventBus) {
-		Context appContext = app.getApplicationContext();
-		DuplexPluginFactory bluetooth =
-				new AndroidBluetoothPluginFactory(ioExecutor, androidExecutor,
-						appContext, random, eventBus, backoffFactory);
-		DuplexPluginFactory tor = new TorPluginFactory(ioExecutor, scheduler,
-				appContext, locationUtils, reporter, eventBus,
-				torSocketFactory, backoffFactory);
-		DuplexPluginFactory lan = new AndroidLanTcpPluginFactory(ioExecutor,
-				backoffFactory, appContext);
-		Collection<DuplexPluginFactory> duplex =
-				Arrays.asList(bluetooth, tor, lan);
-		@NotNullByDefault
-		PluginConfig pluginConfig = new PluginConfig() {
-
-			@Override
-			public Collection<DuplexPluginFactory> getDuplexFactories() {
-				return duplex;
-			}
-
-			@Override
-			public Collection<SimplexPluginFactory> getSimplexFactories() {
-				return Collections.emptyList();
-			}
-		};
-		return pluginConfig;
-	}
-}

bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPlugin.java

@@ -55,10 +55,12 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 	// Non-null if the plugin started successfully
 	private volatile BluetoothAdapter adapter = null;
 
-	AndroidBluetoothPlugin(Executor ioExecutor, AndroidExecutor androidExecutor,
+	AndroidBluetoothPlugin(BluetoothConnectionLimiter connectionLimiter,
+			Executor ioExecutor, AndroidExecutor androidExecutor,
 			Context appContext, SecureRandom secureRandom, Backoff backoff,
 			DuplexPluginCallback callback, int maxLatency) {
-		super(ioExecutor, secureRandom, backoff, callback, maxLatency);
+		super(connectionLimiter, ioExecutor, secureRandom, backoff, callback,
+				maxLatency);
 		this.androidExecutor = androidExecutor;
 		this.appContext = appContext;
 	}
@@ -154,7 +156,8 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 	}
 
 	private DuplexTransportConnection wrapSocket(BluetoothSocket s) {
-		return new AndroidBluetoothTransportConnection(this, s);
+		return new AndroidBluetoothTransportConnection(this,
+				connectionLimiter, s);
 	}
 
 	@Override

bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPluginFactory.java

@@ -59,11 +59,13 @@ public class AndroidBluetoothPluginFactory implements DuplexPluginFactory {
 
 	@Override
 	public DuplexPlugin createPlugin(DuplexPluginCallback callback) {
+		BluetoothConnectionLimiter connectionLimiter =
+				new BluetoothConnectionLimiterImpl();
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
-		AndroidBluetoothPlugin plugin = new AndroidBluetoothPlugin(ioExecutor,
-				androidExecutor, appContext, secureRandom, backoff, callback,
-				MAX_LATENCY);
+		AndroidBluetoothPlugin plugin = new AndroidBluetoothPlugin(
+				connectionLimiter, ioExecutor, androidExecutor, appContext,
+				secureRandom, backoff, callback, MAX_LATENCY);
 		eventBus.addListener(plugin);
 		return plugin;
 	}

bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothTransportConnection.java

@@ -14,10 +14,14 @@ import java.io.OutputStream;
 class AndroidBluetoothTransportConnection
 		extends AbstractDuplexTransportConnection {
 
+	private final BluetoothConnectionLimiter connectionManager;
 	private final BluetoothSocket socket;
 
-	AndroidBluetoothTransportConnection(Plugin plugin, BluetoothSocket socket) {
+	AndroidBluetoothTransportConnection(Plugin plugin,
+			BluetoothConnectionLimiter connectionManager,
+			BluetoothSocket socket) {
 		super(plugin);
+		this.connectionManager = connectionManager;
 		this.socket = socket;
 	}
 
@@ -33,6 +37,10 @@ class AndroidBluetoothTransportConnection
 
 	@Override
 	protected void closeConnection(boolean exception) throws IOException {
-		socket.close();
+		try {
+			socket.close();
+		} finally {
+			connectionManager.connectionClosed(this);
+		}
 	}
 }

bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPlugin.java

@@ -5,37 +5,84 @@ import android.content.Context;
 import android.content.Intent;
 import android.content.IntentFilter;
 import android.net.ConnectivityManager;
+import android.net.Network;
 import android.net.NetworkInfo;
+import android.net.wifi.WifiInfo;
+import android.net.wifi.WifiManager;
 
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+import java.util.Collection;
 import java.util.concurrent.Executor;
+import java.util.concurrent.ScheduledExecutorService;
 import java.util.logging.Logger;
 
 import javax.annotation.Nullable;
+import javax.net.SocketFactory;
 
 import static android.content.Context.CONNECTIVITY_SERVICE;
+import static android.content.Context.WIFI_SERVICE;
 import static android.net.ConnectivityManager.CONNECTIVITY_ACTION;
 import static android.net.ConnectivityManager.TYPE_WIFI;
+import static android.net.wifi.WifiManager.EXTRA_WIFI_STATE;
+import static android.os.Build.VERSION.SDK_INT;
+import static java.util.Collections.emptyList;
+import static java.util.Collections.singletonList;
+import static java.util.concurrent.TimeUnit.SECONDS;
 
 @NotNullByDefault
 class AndroidLanTcpPlugin extends LanTcpPlugin {
 
+	// See android.net.wifi.WifiManager
+	private static final String WIFI_AP_STATE_CHANGED_ACTION =
+			"android.net.wifi.WIFI_AP_STATE_CHANGED";
+	private static final int WIFI_AP_STATE_ENABLED = 13;
+
+	private static final byte[] WIFI_AP_ADDRESS_BYTES =
+			{(byte) 192, (byte) 168, 43, 1};
+	private static final InetAddress WIFI_AP_ADDRESS;
+
 	private static final Logger LOG =
 			Logger.getLogger(AndroidLanTcpPlugin.class.getName());
 
+	static {
+		try {
+			WIFI_AP_ADDRESS = InetAddress.getByAddress(WIFI_AP_ADDRESS_BYTES);
+		} catch (UnknownHostException e) {
+			// Should only be thrown if the address has an illegal length
+			throw new AssertionError(e);
+		}
+	}
+
+	private final ScheduledExecutorService scheduler;
 	private final Context appContext;
+	private final ConnectivityManager connectivityManager;
+	@Nullable
+	private final WifiManager wifiManager;
 
 	@Nullable
 	private volatile BroadcastReceiver networkStateReceiver = null;
+	private volatile SocketFactory socketFactory;
 
-	AndroidLanTcpPlugin(Executor ioExecutor, Backoff backoff,
-			Context appContext, DuplexPluginCallback callback, int maxLatency,
-			int maxIdleTime) {
+	AndroidLanTcpPlugin(Executor ioExecutor, ScheduledExecutorService scheduler,
+			Backoff backoff, Context appContext, DuplexPluginCallback callback,
+			int maxLatency, int maxIdleTime) {
 		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime);
+		this.scheduler = scheduler;
 		this.appContext = appContext;
+		ConnectivityManager connectivityManager = (ConnectivityManager)
+				appContext.getSystemService(CONNECTIVITY_SERVICE);
+		if (connectivityManager == null) throw new AssertionError();
+		this.connectivityManager = connectivityManager;
+		wifiManager = (WifiManager) appContext.getApplicationContext()
+				.getSystemService(WIFI_SERVICE);
+		socketFactory = SocketFactory.getDefault();
 	}
 
 	@Override
@@ -44,7 +91,9 @@ class AndroidLanTcpPlugin extends LanTcpPlugin {
 		running = true;
 		// Register to receive network status events
 		networkStateReceiver = new NetworkStateReceiver();
-		IntentFilter filter = new IntentFilter(CONNECTIVITY_ACTION);
+		IntentFilter filter = new IntentFilter();
+		filter.addAction(CONNECTIVITY_ACTION);
+		filter.addAction(WIFI_AP_STATE_CHANGED_ACTION);
 		appContext.registerReceiver(networkStateReceiver, filter);
 	}
 
@@ -56,21 +105,92 @@ class AndroidLanTcpPlugin extends LanTcpPlugin {
 		tryToClose(socket);
 	}
 
+	@Override
+	protected Socket createSocket() throws IOException {
+		return socketFactory.createSocket();
+	}
+
+	@Override
+	protected Collection<InetAddress> getLocalIpAddresses() {
+		// If the device doesn't have wifi, don't open any sockets
+		if (wifiManager == null) return emptyList();
+		// If we're connected to a wifi network, use that network
+		WifiInfo info = wifiManager.getConnectionInfo();
+		if (info != null && info.getIpAddress() != 0)
+			return singletonList(intToInetAddress(info.getIpAddress()));
+		// If we're running an access point, return its address
+		if (super.getLocalIpAddresses().contains(WIFI_AP_ADDRESS))
+				return singletonList(WIFI_AP_ADDRESS);
+		// No suitable addresses
+		return emptyList();
+	}
+
+	private InetAddress intToInetAddress(int ip) {
+		byte[] ipBytes = new byte[4];
+		ipBytes[0] = (byte) (ip & 0xFF);
+		ipBytes[1] = (byte) ((ip >> 8) & 0xFF);
+		ipBytes[2] = (byte) ((ip >> 16) & 0xFF);
+		ipBytes[3] = (byte) ((ip >> 24) & 0xFF);
+		try {
+			return InetAddress.getByAddress(ipBytes);
+		} catch (UnknownHostException e) {
+			// Should only be thrown if address has illegal length
+			throw new AssertionError(e);
+		}
+	}
+
+	// On API 21 and later, a socket that is not created with the wifi
+	// network's socket factory may try to connect via another network
+	private SocketFactory getSocketFactory() {
+		if (SDK_INT < 21) return SocketFactory.getDefault();
+		for (Network net : connectivityManager.getAllNetworks()) {
+			NetworkInfo info = connectivityManager.getNetworkInfo(net);
+			if (info != null && info.getType() == TYPE_WIFI)
+				return net.getSocketFactory();
+		}
+		LOG.warning("Could not find suitable socket factory");
+		return SocketFactory.getDefault();
+	}
+
 	private class NetworkStateReceiver extends BroadcastReceiver {
 
 		@Override
 		public void onReceive(Context ctx, Intent i) {
 			if (!running) return;
-			Object o = ctx.getSystemService(CONNECTIVITY_SERVICE);
-			ConnectivityManager cm = (ConnectivityManager) o;
-			NetworkInfo net = cm.getActiveNetworkInfo();
-			if (net != null && net.getType() == TYPE_WIFI && net.isConnected()) {
-				LOG.info("Connected to Wi-Fi");
-				if (socket == null || socket.isClosed()) bind();
+			if (isApEnabledEvent(i)) {
+				// The state change may be broadcast before the AP address is
+				// visible, so delay handling the event
+				scheduler.schedule(this::handleConnectivityChange, 1, SECONDS);
 			} else {
-				LOG.info("Not connected to Wi-Fi");
-				tryToClose(socket);
+				handleConnectivityChange();
 			}
 		}
+
+		private void handleConnectivityChange() {
+			if (!running) return;
+			Collection<InetAddress> addrs = getLocalIpAddresses();
+			if (addrs.contains(WIFI_AP_ADDRESS)) {
+				LOG.info("Providing wifi hotspot");
+				// There's no corresponding Network object and thus no way
+				// to get a suitable socket factory, so we won't be able to
+				// make outgoing connections on API 21+ if another network
+				// has internet access
+				socketFactory = SocketFactory.getDefault();
+				if (socket == null || socket.isClosed()) bind();
+			} else if (addrs.isEmpty()) {
+				LOG.info("Not connected to wifi");
+				socketFactory = SocketFactory.getDefault();
+				tryToClose(socket);
+			} else {
+				LOG.info("Connected to wifi");
+				socketFactory = getSocketFactory();
+				if (socket == null || socket.isClosed()) bind();
+			}
+		}
+
+		private boolean isApEnabledEvent(Intent i) {
+			return WIFI_AP_STATE_CHANGED_ACTION.equals(i.getAction()) &&
+					i.getIntExtra(EXTRA_WIFI_STATE, 0) == WIFI_AP_STATE_ENABLED;
+		}
 	}
 }

bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPluginFactory.java

@@ -11,6 +11,7 @@ import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginFactory;
 
 import java.util.concurrent.Executor;
+import java.util.concurrent.ScheduledExecutorService;
 
 import javax.annotation.concurrent.Immutable;
 
@@ -27,12 +28,15 @@ public class AndroidLanTcpPluginFactory implements DuplexPluginFactory {
 	private static final double BACKOFF_BASE = 1.2;
 
 	private final Executor ioExecutor;
+	private final ScheduledExecutorService scheduler;
 	private final BackoffFactory backoffFactory;
 	private final Context appContext;
 
 	public AndroidLanTcpPluginFactory(Executor ioExecutor,
-			BackoffFactory backoffFactory, Context appContext) {
+			ScheduledExecutorService scheduler, BackoffFactory backoffFactory,
+			Context appContext) {
 		this.ioExecutor = ioExecutor;
+		this.scheduler = scheduler;
 		this.backoffFactory = backoffFactory;
 		this.appContext = appContext;
 	}
@@ -51,7 +55,7 @@ public class AndroidLanTcpPluginFactory implements DuplexPluginFactory {
 	public DuplexPlugin createPlugin(DuplexPluginCallback callback) {
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
-		return new AndroidLanTcpPlugin(ioExecutor, backoff, appContext,
-				callback, MAX_LATENCY, MAX_IDLE_TIME);
+		return new AndroidLanTcpPlugin(ioExecutor, scheduler, backoff,
+				appContext, callback, MAX_LATENCY, MAX_IDLE_TIME);
 	}
 }

bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/TorPlugin.java

@@ -16,6 +16,7 @@ import android.os.PowerManager;
 import net.freehaven.tor.control.EventHandler;
 import net.freehaven.tor.control.TorControlConnection;
 
+import org.briarproject.bramble.PoliteExecutor;
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.event.Event;
@@ -31,11 +32,9 @@ import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 import org.briarproject.bramble.api.properties.TransportProperties;
-import org.briarproject.bramble.api.reporting.DevReporter;
 import org.briarproject.bramble.api.settings.Settings;
 import org.briarproject.bramble.api.settings.event.SettingsUpdatedEvent;
 import org.briarproject.bramble.api.system.LocationUtils;
-import org.briarproject.bramble.util.AndroidUtils;
 import org.briarproject.bramble.util.IoUtils;
 import org.briarproject.bramble.util.StringUtils;
 
@@ -51,7 +50,6 @@ import java.net.InetSocketAddress;
 import java.net.ServerSocket;
 import java.net.Socket;
 import java.util.Arrays;
-import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
@@ -63,8 +61,6 @@ import java.util.concurrent.Future;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.concurrent.atomic.AtomicReference;
-import java.util.concurrent.locks.Lock;
-import java.util.concurrent.locks.ReentrantLock;
 import java.util.logging.Logger;
 import java.util.regex.Pattern;
 import java.util.zip.ZipInputStream;
@@ -111,11 +107,10 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	private static final Logger LOG =
 			Logger.getLogger(TorPlugin.class.getName());
 
-	private final Executor ioExecutor;
+	private final Executor ioExecutor, connectionStatusExecutor;
 	private final ScheduledExecutorService scheduler;
 	private final Context appContext;
 	private final LocationUtils locationUtils;
-	private final DevReporter reporter;
 	private final SocketFactory torSocketFactory;
 	private final Backoff backoff;
 	private final DuplexPluginCallback callback;
@@ -125,7 +120,6 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	private final File torDirectory, torFile, geoIpFile, configFile;
 	private final File doneFile, cookieFile;
 	private final PowerManager.WakeLock wakeLock;
-	private final Lock connectionStatusLock;
 	private final AtomicReference<Future<?>> connectivityCheck =
 			new AtomicReference<>();
 	private final AtomicBoolean used = new AtomicBoolean(false);
@@ -138,14 +132,13 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 
 	TorPlugin(Executor ioExecutor, ScheduledExecutorService scheduler,
 			Context appContext, LocationUtils locationUtils,
-			DevReporter reporter, SocketFactory torSocketFactory,
-			Backoff backoff, DuplexPluginCallback callback,
-			String architecture, int maxLatency, int maxIdleTime) {
+			SocketFactory torSocketFactory, Backoff backoff,
+			DuplexPluginCallback callback, String architecture,
+			int maxLatency, int maxIdleTime) {
 		this.ioExecutor = ioExecutor;
 		this.scheduler = scheduler;
 		this.appContext = appContext;
 		this.locationUtils = locationUtils;
-		this.reporter = reporter;
 		this.torSocketFactory = torSocketFactory;
 		this.backoff = backoff;
 		this.callback = callback;
@@ -167,7 +160,9 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		// This tag will prevent Huawei's powermanager from killing us.
 		wakeLock = pm.newWakeLock(PARTIAL_WAKE_LOCK, "LocationManagerService");
 		wakeLock.setReferenceCounted(false);
-		connectionStatusLock = new ReentrantLock();
+		// Don't execute more than one connection status check at a time
+		connectionStatusExecutor = new PoliteExecutor("TorPlugin",
+				ioExecutor, 1);
 	}
 
 	@Override
@@ -338,7 +333,7 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		return zin;
 	}
 
-	private InputStream getConfigInputStream() throws IOException {
+	private InputStream getConfigInputStream() {
 		int resId = getResourceId("torrc");
 		return appContext.getResources().openRawResource(resId);
 	}
@@ -389,14 +384,6 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		}
 	}
 
-	private void sendDevReports() {
-		ioExecutor.execute(() -> {
-			// TODO: Trigger this with a TransportEnabledEvent
-			File reportDir = AndroidUtils.getReportDir(appContext);
-			reporter.sendReports(reportDir);
-		});
-	}
-
 	private void bind() {
 		ioExecutor.execute(() -> {
 			// If there's already a port number stored in config, reuse it
@@ -511,7 +498,7 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}
 
 	@Override
-	public void stop() throws PluginException {
+	public void stop() {
 		running = false;
 		tryToClose(socket);
 		if (networkStateReceiver != null)
@@ -545,20 +532,16 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}
 
 	@Override
-	public void poll(Collection<ContactId> connected) {
+	public void poll(Map<ContactId, TransportProperties> contacts) {
 		if (!isRunning()) return;
 		backoff.increment();
-		Map<ContactId, TransportProperties> remote =
-				callback.getRemoteProperties();
-		for (Entry<ContactId, TransportProperties> e : remote.entrySet()) {
-			ContactId c = e.getKey();
-			if (!connected.contains(c)) connectAndCallBack(c, e.getValue());
+		for (Entry<ContactId, TransportProperties> e : contacts.entrySet()) {
+			connectAndCallBack(e.getKey(), e.getValue());
 		}
 	}
 
 	private void connectAndCallBack(ContactId c, TransportProperties p) {
 		ioExecutor.execute(() -> {
-			if (!isRunning()) return;
 			DuplexTransportConnection d = createConnection(p);
 			if (d != null) {
 				backoff.reset();
@@ -568,13 +551,8 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}
 
 	@Override
-	public DuplexTransportConnection createConnection(ContactId c) {
+	public DuplexTransportConnection createConnection(TransportProperties p) {
 		if (!isRunning()) return null;
-		return createConnection(callback.getRemoteProperties(c));
-	}
-
-	@Nullable
-	private DuplexTransportConnection createConnection(TransportProperties p) {
 		String onion = p.get(PROP_ONION);
 		if (StringUtils.isNullOrEmpty(onion)) return null;
 		if (!ONION.matcher(onion).matches()) {
@@ -614,7 +592,7 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 
 	@Override
 	public DuplexTransportConnection createKeyAgreementConnection(
-			byte[] commitment, BdfList descriptor, long timeout) {
+			byte[] commitment, BdfList descriptor) {
 		throw new UnsupportedOperationException();
 	}
 
@@ -624,10 +602,7 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 				connectionStatus.getAndSetCircuitBuilt()) {
 			LOG.info("First circuit built");
 			backoff.reset();
-			if (isRunning()) {
-				sendDevReports();
-				callback.transportEnabled();
-			}
+			if (isRunning()) callback.transportEnabled();
 		}
 	}
 
@@ -656,10 +631,7 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		if (severity.equals("NOTICE") && msg.startsWith("Bootstrapped 100%")) {
 			connectionStatus.setBootstrapped();
 			backoff.reset();
-			if (isRunning()) {
-				sendDevReports();
-				callback.transportEnabled();
-			}
+			if (isRunning()) callback.transportEnabled();
 		}
 	}
 
@@ -697,56 +669,46 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}
 
 	private void updateConnectionStatus() {
-		ioExecutor.execute(() -> {
+		connectionStatusExecutor.execute(() -> {
 			if (!running) return;
+			Object o = appContext.getSystemService(CONNECTIVITY_SERVICE);
+			ConnectivityManager cm = (ConnectivityManager) o;
+			NetworkInfo net = cm.getActiveNetworkInfo();
+			boolean online = net != null && net.isConnected();
+			boolean wifi = online && net.getType() == TYPE_WIFI;
+			String country = locationUtils.getCurrentCountry();
+			boolean blocked = TorNetworkMetadata.isTorProbablyBlocked(
+					country);
+			Settings s = callback.getSettings();
+			int network = s.getInt(PREF_TOR_NETWORK, PREF_TOR_NETWORK_ALWAYS);
+
+			if (LOG.isLoggable(INFO)) {
+				LOG.info("Online: " + online + ", wifi: " + wifi);
+				if ("".equals(country)) LOG.info("Country code unknown");
+				else LOG.info("Country code: " + country);
+			}
+
 			try {
-				connectionStatusLock.lock();
-				updateConnectionStatusLocked();
-			} finally {
-				connectionStatusLock.unlock();
+				if (!online) {
+					LOG.info("Disabling network, device is offline");
+					enableNetwork(false);
+				} else if (blocked) {
+					LOG.info("Disabling network, country is blocked");
+					enableNetwork(false);
+				} else if (network == PREF_TOR_NETWORK_NEVER
+						|| (network == PREF_TOR_NETWORK_WIFI && !wifi)) {
+					LOG.info("Disabling network due to data setting");
+					enableNetwork(false);
+				} else {
+					LOG.info("Enabling network");
+					enableNetwork(true);
+				}
+			} catch (IOException e) {
+				if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 			}
 		});
 	}
 
-	// Locking: connectionStatusLock
-	private void updateConnectionStatusLocked() {
-		Object o = appContext.getSystemService(CONNECTIVITY_SERVICE);
-		ConnectivityManager cm = (ConnectivityManager) o;
-		NetworkInfo net = cm.getActiveNetworkInfo();
-		boolean online = net != null && net.isConnected();
-		boolean wifi = online && net.getType() == TYPE_WIFI;
-		String country = locationUtils.getCurrentCountry();
-		boolean blocked = TorNetworkMetadata.isTorProbablyBlocked(
-				country);
-		Settings s = callback.getSettings();
-		int network = s.getInt(PREF_TOR_NETWORK, PREF_TOR_NETWORK_ALWAYS);
-
-		if (LOG.isLoggable(INFO)) {
-			LOG.info("Online: " + online + ", wifi: " + wifi);
-			if ("".equals(country)) LOG.info("Country code unknown");
-			else LOG.info("Country code: " + country);
-		}
-
-		try {
-			if (!online) {
-				LOG.info("Disabling network, device is offline");
-				enableNetwork(false);
-			} else if (blocked) {
-				LOG.info("Disabling network, country is blocked");
-				enableNetwork(false);
-			} else if (network == PREF_TOR_NETWORK_NEVER
-					|| (network == PREF_TOR_NETWORK_WIFI && !wifi)) {
-				LOG.info("Disabling network due to data setting");
-				enableNetwork(false);
-			} else {
-				LOG.info("Enabling network");
-				enableNetwork(true);
-			}
-		} catch (IOException e) {
-			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
-		}
-	}
-
 	private void scheduleConnectionStatusUpdate() {
 		Future<?> newConnectivityCheck =
 				scheduler.schedule(this::updateConnectionStatus, 1, MINUTES);
@@ -788,7 +750,7 @@ class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 
 		private synchronized void enableNetwork(boolean enable) {
 			networkEnabled = enable;
-			circuitBuilt = false;
+			if (!enable) circuitBuilt = false;
 		}
 
 		private synchronized boolean isConnected() {

bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/TorPluginFactory.java

@@ -12,7 +12,6 @@ import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginCallback;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginFactory;
-import org.briarproject.bramble.api.reporting.DevReporter;
 import org.briarproject.bramble.api.system.LocationUtils;
 import org.briarproject.bramble.util.AndroidUtils;
 
@@ -40,21 +39,18 @@ public class TorPluginFactory implements DuplexPluginFactory {
 	private final ScheduledExecutorService scheduler;
 	private final Context appContext;
 	private final LocationUtils locationUtils;
-	private final DevReporter reporter;
 	private final EventBus eventBus;
 	private final SocketFactory torSocketFactory;
 	private final BackoffFactory backoffFactory;
 
 	public TorPluginFactory(Executor ioExecutor,
 			ScheduledExecutorService scheduler, Context appContext,
-			LocationUtils locationUtils, DevReporter reporter,
-			EventBus eventBus, SocketFactory torSocketFactory,
-			BackoffFactory backoffFactory) {
+			LocationUtils locationUtils, EventBus eventBus,
+			SocketFactory torSocketFactory, BackoffFactory backoffFactory) {
 		this.ioExecutor = ioExecutor;
 		this.scheduler = scheduler;
 		this.appContext = appContext;
 		this.locationUtils = locationUtils;
-		this.reporter = reporter;
 		this.eventBus = eventBus;
 		this.torSocketFactory = torSocketFactory;
 		this.backoffFactory = backoffFactory;
@@ -94,7 +90,7 @@ public class TorPluginFactory implements DuplexPluginFactory {
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
 		TorPlugin plugin = new TorPlugin(ioExecutor, scheduler, appContext,
-				locationUtils, reporter, torSocketFactory, backoff, callback,
+				locationUtils, torSocketFactory, backoff, callback,
 				architecture, MAX_LATENCY, MAX_IDLE_TIME);
 		eventBus.addListener(plugin);
 		return plugin;

bramble-android/src/main/java/org/briarproject/bramble/system/AndroidSecureRandomProvider.java

@@ -9,6 +9,7 @@ import android.net.wifi.WifiConfiguration;
 import android.net.wifi.WifiManager;
 import android.os.Build;
 import android.os.Parcel;
+import android.os.StrictMode;
 import android.provider.Settings;
 
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
@@ -66,9 +67,12 @@ class AndroidSecureRandomProvider extends LinuxSecureRandomProvider {
 
 	@Override
 	protected void writeSeed() {
+		// Silence strict mode
+		StrictMode.ThreadPolicy tp = StrictMode.allowThreadDiskWrites();
 		super.writeSeed();
 		if (Build.VERSION.SDK_INT >= 16 && Build.VERSION.SDK_INT <= 18)
 			applyOpenSslFix();
+		StrictMode.setThreadPolicy(tp);
 	}
 
 	// Based on https://android-developers.googleblog.com/2013/08/some-securerandom-thoughts.html

bramble-android/src/main/java/org/briarproject/bramble/util/AndroidUtils.java

@@ -1,7 +1,9 @@
 package org.briarproject.bramble.util;
 
+import android.annotation.SuppressLint;
 import android.bluetooth.BluetoothAdapter;
 import android.content.Context;
+import android.content.SharedPreferences;
 import android.os.Build;
 import android.provider.Settings;
 
@@ -10,11 +12,15 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
+import java.util.logging.Logger;
 
 import static android.content.Context.MODE_PRIVATE;
 
 public class AndroidUtils {
 
+	private static final Logger LOG =
+			Logger.getLogger(AndroidUtils.class.getName());
+
 	// Fake Bluetooth address returned by BluetoothAdapter on API 23 and later
 	private static final String FAKE_BLUETOOTH_ADDRESS = "02:00:00:00:00:00";
 
@@ -35,6 +41,7 @@ public class AndroidUtils {
 	public static String getBluetoothAddress(Context ctx,
 			BluetoothAdapter adapter) {
 		// Return the adapter's address if it's valid and not fake
+		@SuppressLint("HardwareIds")
 		String address = adapter.getAddress();
 		if (isValidBluetoothAddress(address)) return address;
 		// Return the address from settings if it's valid and not fake
@@ -51,17 +58,28 @@ public class AndroidUtils {
 				&& !address.equals(FAKE_BLUETOOTH_ADDRESS);
 	}
 
-	public static void deleteAppData(Context ctx) {
+	public static void deleteAppData(Context ctx, SharedPreferences... clear) {
+		// Clear and commit shared preferences
+		for (SharedPreferences prefs : clear) {
+			if (!prefs.edit().clear().commit())
+				LOG.warning("Could not clear shared preferences");
+		}
+		// Delete files, except lib and shared_prefs directories
 		File dataDir = new File(ctx.getApplicationInfo().dataDir);
 		File[] children = dataDir.listFiles();
-		if (children != null) {
+		if (children == null) {
+			LOG.warning("Could not list files in app data dir");
+		} else {
 			for (File child : children) {
-				if (!child.getName().equals("lib"))
+				String name = child.getName();
+				if (!name.equals("lib") && !name.equals("shared_prefs")) {
 					IoUtils.deleteFileOrDir(child);
+				}
 			}
 		}
 		// Recreate the cache dir as some OpenGL drivers expect it to exist
-		new File(dataDir, "cache").mkdir();
+		if (!new File(dataDir, "cache").mkdir())
+			LOG.warning("Could not recreate cache dir");
 	}
 
 	public static File getReportDir(Context ctx) {

bramble-api/build.gradle

@@ -2,6 +2,7 @@ apply plugin: 'java-library'
 sourceCompatibility = 1.8
 targetCompatibility = 1.8
 
+apply plugin: 'ru.vyarus.animalsniffer'
 apply plugin: 'witness'
 
 dependencies {
@@ -14,6 +15,8 @@ dependencies {
 	testImplementation "org.jmock:jmock-legacy:2.8.2"
 	testImplementation "org.hamcrest:hamcrest-library:1.3"
 	testImplementation "org.hamcrest:hamcrest-core:1.3"
+
+	signature 'org.codehaus.mojo.signature:java16:1.1@signature'
 }
 
 dependencyVerification {
@@ -26,6 +29,9 @@ dependencyVerification {
 			'org.apache.ant:ant-launcher:1.9.4:ant-launcher-1.9.4.jar:7bccea20b41801ca17bcbc909a78c835d0f443f12d639c77bd6ae3d05861608d',
 			'org.apache.ant:ant:1.9.4:ant-1.9.4.jar:649ae0730251de07b8913f49286d46bba7b92d47c5f332610aa426c4f02161d8',
 			'org.beanshell:bsh:1.3.0:bsh-1.3.0.jar:9b04edc75d19db54f1b4e8b5355e9364384c6cf71eb0a1b9724c159d779879f8',
+			'org.codehaus.mojo.signature:java16:1.1:java16-1.1.signature:53799223a2c98dba2d0add810bed76315460df285c69e4f397ae6098f87dd619',
+			'org.codehaus.mojo:animal-sniffer-ant-tasks:1.16:animal-sniffer-ant-tasks-1.16.jar:890040976fbe2d584619a6a61b1fd2e925b3b5eb342a85eb2762c467c0d64e90',
+			'org.codehaus.mojo:animal-sniffer:1.16:animal-sniffer-1.16.jar:72be8bcc226ba43b937c722a08a07852bfa1b11400089265d5df0ee7b38b1d52',
 			'org.hamcrest:hamcrest-core:1.3:hamcrest-core-1.3.jar:66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9',
 			'org.hamcrest:hamcrest-library:1.3:hamcrest-library-1.3.jar:711d64522f9ec410983bd310934296da134be4254a125080a0416ec178dfad1c',
 			'org.jmock:jmock-junit4:2.8.2:jmock-junit4-2.8.2.jar:f7ee4df4f7bd7b7f1cafad3b99eb74d579f109d5992ff625347352edb55e674c',
@@ -33,6 +39,7 @@ dependencyVerification {
 			'org.jmock:jmock-testjar:2.8.2:jmock-testjar-2.8.2.jar:8900860f72c474e027cf97fe78dcbf154a1aa7fc62b6845c5fb4e4f3c7bc8760',
 			'org.jmock:jmock:2.8.2:jmock-2.8.2.jar:6c73cb4a2e6dbfb61fd99c9a768539c170ab6568e57846bd60dbf19596b65b16',
 			'org.objenesis:objenesis:2.1:objenesis-2.1.jar:c74330cc6b806c804fd37e74487b4fe5d7c2750c5e15fbc6efa13bdee1bdef80',
+			'org.ow2.asm:asm-all:5.2:asm-all-5.2.jar:7fbffbc1db3422e2101689fd88df8384b15817b52b9b2b267b9f6d2511dc198d',
 			'org.ow2.asm:asm:5.0.4:asm-5.0.4.jar:896618ed8ae62702521a78bc7be42b7c491a08e6920a15f89a3ecdec31e9a220',
 	]
 }
@@ -48,8 +55,3 @@ task jarTest(type: Jar, dependsOn: testClasses) {
 artifacts {
 	testOutput jarTest
 }
-
-// If a Java 6 JRE is available, check we're not using any Java 7 or 8 APIs
-tasks.withType(JavaCompile) {
-	useJava6StandardLibrary(it)
-}

bramble-api/src/main/java/org/briarproject/bramble/api/client/ClientHelper.java

@@ -7,6 +7,8 @@ import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.sync.GroupId;
 import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.MessageId;
@@ -88,6 +90,10 @@ public interface ClientHelper {
 	BdfDictionary toDictionary(byte[] b, int off, int len)
 			throws FormatException;
 
+	BdfDictionary toDictionary(TransportProperties transportProperties);
+
+	BdfDictionary toDictionary(Map<TransportId, TransportProperties> map);
+
 	BdfList toList(byte[] b, int off, int len) throws FormatException;
 
 	BdfList toList(byte[] b) throws FormatException;
@@ -99,8 +105,15 @@ public interface ClientHelper {
 	byte[] sign(String label, BdfList toSign, byte[] privateKey)
 			throws FormatException, GeneralSecurityException;
 
-	void verifySignature(String label, byte[] sig, byte[] publicKey,
-			BdfList signed) throws FormatException, GeneralSecurityException;
+	void verifySignature(byte[] signature, String label, BdfList signed,
+			byte[] publicKey) throws FormatException, GeneralSecurityException;
 
 	Author parseAndValidateAuthor(BdfList author) throws FormatException;
+
+	TransportProperties parseAndValidateTransportProperties(
+			BdfDictionary properties) throws FormatException;
+
+	Map<TransportId, TransportProperties> parseAndValidateTransportPropertiesMap(
+			BdfDictionary properties) throws FormatException;
+
 }

bramble-api/src/main/java/org/briarproject/bramble/api/client/ContactGroupFactory.java

@@ -12,19 +12,19 @@ public interface ContactGroupFactory {
 	/**
 	 * Creates a group that is not shared with any contacts.
 	 */
-	Group createLocalGroup(ClientId clientId, int clientVersion);
+	Group createLocalGroup(ClientId clientId, int majorVersion);
 
 	/**
 	 * Creates a group for the given client to share with the given contact.
 	 */
-	Group createContactGroup(ClientId clientId, int clientVersion,
+	Group createContactGroup(ClientId clientId, int majorVersion,
 			Contact contact);
 
 	/**
 	 * Creates a group for the given client to share between the given authors
 	 * identified by their AuthorIds.
 	 */
-	Group createContactGroup(ClientId clientId, int clientVersion,
+	Group createContactGroup(ClientId clientId, int majorVersion,
 			AuthorId authorId1, AuthorId authorId2);
 
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java

@@ -13,9 +13,9 @@ import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 public interface ContactExchangeTask {
 
 	/**
-	 * The current version of the contact exchange protocol
+	 * The current version of the contact exchange protocol.
 	 */
-	int PROTOCOL_VERSION = 0;
+	byte PROTOCOL_VERSION = 1;
 
 	/**
 	 * Label for deriving Alice's header key from the master secret.

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactId.java

@@ -6,7 +6,7 @@ import javax.annotation.concurrent.Immutable;
 
 /**
  * Type-safe wrapper for an integer that uniquely identifies a contact within
- * the scope of a single node.
+ * the scope of the local device.
  */
 @Immutable
 @NotNullByDefault

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactManager.java

@@ -5,6 +5,7 @@ import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
+import org.briarproject.bramble.api.lifecycle.LifecycleManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
 import java.util.Collection;
@@ -13,30 +14,40 @@ import java.util.Collection;
 public interface ContactManager {
 
 	/**
-	 * Registers a hook to be called whenever a contact is added.
+	 * Registers a hook to be called whenever a contact is added or removed.
+	 * This method should be called before
+	 * {@link LifecycleManager#startServices(String)}.
 	 */
-	void registerAddContactHook(AddContactHook hook);
+	void registerContactHook(ContactHook hook);
 
 	/**
-	 * Registers a hook to be called whenever a contact is removed.
-	 */
-	void registerRemoveContactHook(RemoveContactHook hook);
-
-	/**
-	 * Stores a contact within the given transaction associated with the given
-	 * local and remote pseudonyms, and returns an ID for the contact.
+	 * Stores a contact associated with the given local and remote pseudonyms,
+	 * derives and stores transport keys for each transport, and returns an ID
+	 * for the contact.
+	 *
+	 * @param alice true if the local party is Alice
 	 */
 	ContactId addContact(Transaction txn, Author remote, AuthorId local,
 			SecretKey master, long timestamp, boolean alice, boolean verified,
 			boolean active) throws DbException;
 
 	/**
-	 * Stores a contact associated with the given local and remote pseudonyms,
+	 * Stores a contact associated with the given local and remote pseudonyms
 	 * and returns an ID for the contact.
 	 */
-	ContactId addContact(Author remote, AuthorId local,
-			SecretKey master, long timestamp, boolean alice, boolean verified,
-			boolean active) throws DbException;
+	ContactId addContact(Transaction txn, Author remote, AuthorId local,
+			boolean verified, boolean active) throws DbException;
+
+	/**
+	 * Stores a contact associated with the given local and remote pseudonyms,
+	 * derives and stores transport keys for each transport, and returns an ID
+	 * for the contact.
+	 *
+	 * @param alice true if the local party is Alice
+	 */
+	ContactId addContact(Author remote, AuthorId local, SecretKey master,
+			long timestamp, boolean alice, boolean verified, boolean active)
+			throws DbException;
 
 	/**
 	 * Returns the contact with the given ID.
@@ -94,11 +105,10 @@ public interface ContactManager {
 	boolean contactExists(AuthorId remoteAuthorId, AuthorId localAuthorId)
 			throws DbException;
 
-	interface AddContactHook {
-		void addingContact(Transaction txn, Contact c) throws DbException;
-	}
+	interface ContactHook {
+
+		void addingContact(Transaction txn, Contact c) throws DbException;
 
-	interface RemoveContactHook {
 		void removingContact(Transaction txn, Contact c) throws DbException;
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/RecordTypes.java

@@ -0,0 +1,9 @@
+package org.briarproject.bramble.api.contact;
+
+/**
+ * Record types for the contact exchange protocol.
+ */
+public interface RecordTypes {
+
+	byte CONTACT_INFO = 0;
+}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java

@@ -67,8 +67,8 @@ public interface CryptoComponent {
 	 * signature created for another purpose
 	 * @return true if the signature was valid, false otherwise.
 	 */
-	boolean verify(String label, byte[] signedData, byte[] publicKey,
-			byte[] signature) throws GeneralSecurityException;
+	boolean verifySignature(byte[] signature, String label, byte[] signed,
+			byte[] publicKey) throws GeneralSecurityException;
 
 	/**
 	 * Returns the hash of the given inputs. The inputs are unambiguously
@@ -91,6 +91,18 @@ public interface CryptoComponent {
 	 */
 	byte[] mac(String label, SecretKey macKey, byte[]... inputs);
 
+	/**
+	 * Verifies that the given message authentication code is valid for the
+	 * given secret key and inputs.
+	 *
+	 * @param label a namespaced label indicating the purpose of this MAC, to
+	 * prevent it from being repurposed or colliding with a MAC created for
+	 * another purpose
+	 * @return true if the MAC was valid, false otherwise.
+	 */
+	boolean verifyMac(byte[] mac, String label, SecretKey macKey,
+			byte[]... inputs);
+
 	/**
 	 * Encrypts and authenticates the given plaintext so it can be written to
 	 * storage. The encryption and authentication keys are derived from the

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoConstants.java

@@ -16,4 +16,10 @@ public interface CryptoConstants {
 	 * The maximum length of a signature in bytes.
 	 */
 	int MAX_SIGNATURE_BYTES = 64;
+
+	/**
+	 * The length of a MAC in bytes.
+	 */
+	int MAC_BYTES = SecretKey.LENGTH;
+
 }

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/KeyPair.java

@@ -5,7 +5,7 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import javax.annotation.concurrent.Immutable;
 
 /**
- * A key pair consisting of a {@link PublicKey} and a {@link PrivateKey).
+ * A key pair consisting of a {@link PublicKey} and a {@link PrivateKey}.
  */
 @Immutable
 @NotNullByDefault

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/TransportCrypto.java

@@ -14,9 +14,10 @@ public interface TransportCrypto {
 	 * rotation period from the given master secret.
 	 *
 	 * @param alice whether the keys are for use by Alice or Bob.
+	 * @param active whether the keys are usable for outgoing streams.
 	 */
 	TransportKeys deriveTransportKeys(TransportId t, SecretKey master,
-			long rotationPeriod, boolean alice);
+			long rotationPeriod, boolean alice, boolean active);
 
 	/**
 	 * Rotates the given transport keys to the given rotation period. If the

bramble-api/src/main/java/org/briarproject/bramble/api/data/BdfDictionary.java

@@ -24,9 +24,9 @@ public class BdfDictionary extends TreeMap<String, Object> {
 	 * );
 	 * </pre>
 	 */
-	public static BdfDictionary of(Entry<String, Object>... entries) {
+	public static BdfDictionary of(Entry<String, ?>... entries) {
 		BdfDictionary d = new BdfDictionary();
-		for (Entry<String, Object> e : entries) d.put(e.getKey(), e.getValue());
+		for (Entry<String, ?> e : entries) d.put(e.getKey(), e.getValue());
 		return d;
 	}
 
@@ -34,7 +34,7 @@ public class BdfDictionary extends TreeMap<String, Object> {
 		super();
 	}
 
-	public BdfDictionary(Map<String, Object> m) {
+	public BdfDictionary(Map<String, ?> m) {
 		super(m);
 	}
 

bramble-api/src/main/java/org/briarproject/bramble/api/data/BdfReader.java

@@ -8,6 +8,7 @@ import java.io.IOException;
 public interface BdfReader {
 
 	int DEFAULT_NESTED_LIMIT = 5;
+	int DEFAULT_MAX_BUFFER_SIZE = 64 * 1024;
 
 	boolean eof() throws IOException;
 
@@ -39,13 +40,13 @@ public interface BdfReader {
 
 	boolean hasString() throws IOException;
 
-	String readString(int maxLength) throws IOException;
+	String readString() throws IOException;
 
 	void skipString() throws IOException;
 
 	boolean hasRaw() throws IOException;
 
-	byte[] readRaw(int maxLength) throws IOException;
+	byte[] readRaw() throws IOException;
 
 	void skipRaw() throws IOException;
 

bramble-api/src/main/java/org/briarproject/bramble/api/data/BdfReaderFactory.java

@@ -9,5 +9,6 @@ public interface BdfReaderFactory {
 
 	BdfReader createReader(InputStream in);
 
-	BdfReader createReader(InputStream in, int nestedLimit);
+	BdfReader createReader(InputStream in, int nestedLimit,
+			int maxBufferSize);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseComponent.java

@@ -18,7 +18,8 @@ import org.briarproject.bramble.api.sync.MessageId;
 import org.briarproject.bramble.api.sync.MessageStatus;
 import org.briarproject.bramble.api.sync.Offer;
 import org.briarproject.bramble.api.sync.Request;
-import org.briarproject.bramble.api.sync.ValidationManager;
+import org.briarproject.bramble.api.transport.KeySet;
+import org.briarproject.bramble.api.transport.KeySetId;
 import org.briarproject.bramble.api.transport.TransportKeys;
 
 import java.util.Collection;
@@ -43,7 +44,7 @@ public interface DatabaseComponent {
 	 * @throws DataTooOldException if the data uses an older schema than the
 	 * current code and cannot be migrated
 	 */
-	boolean open() throws DbException;
+	boolean open(@Nullable MigrationListener listener) throws DbException;
 
 	/**
 	 * Waits for any open transactions to finish and closes the database.
@@ -103,10 +104,11 @@ public interface DatabaseComponent {
 			throws DbException;
 
 	/**
-	 * Stores transport keys for a newly added contact.
+	 * Stores the given transport keys for the given contact and returns a
+	 * key set ID.
 	 */
-	void addTransportKeys(Transaction txn, ContactId c, TransportKeys k)
-			throws DbException;
+	KeySetId addTransportKeys(Transaction txn, ContactId c,
+			TransportKeys k) throws DbException;
 
 	/**
 	 * Returns true if the database contains the given contact for the given
@@ -128,8 +130,8 @@ public interface DatabaseComponent {
 
 	/**
 	 * Deletes the message with the given ID. Unlike
-	 * {@link #removeMessage(Transaction, MessageId)}, the message ID and any
-	 * other associated data are not deleted.
+	 * {@link #removeMessage(Transaction, MessageId)}, the message ID,
+	 * dependencies, metadata, and any other associated state are not deleted.
 	 */
 	void deleteMessage(Transaction txn, MessageId m) throws DbException;
 
@@ -233,7 +235,8 @@ public interface DatabaseComponent {
 	 * <p/>
 	 * Read-only.
 	 */
-	Collection<Group> getGroups(Transaction txn, ClientId c) throws DbException;
+	Collection<Group> getGroups(Transaction txn, ClientId c, int majorVersion)
+			throws DbException;
 
 	/**
 	 * Returns the given group's visibility to the given contact, or
@@ -259,31 +262,38 @@ public interface DatabaseComponent {
 	Collection<LocalAuthor> getLocalAuthors(Transaction txn) throws DbException;
 
 	/**
-	 * Returns the IDs of any messages that need to be validated by the given
-	 * client.
+	 * Returns the IDs of all delivered messages in the given group.
 	 * <p/>
 	 * Read-only.
 	 */
-	Collection<MessageId> getMessagesToValidate(Transaction txn, ClientId c)
+	Collection<MessageId> getMessageIds(Transaction txn, GroupId g)
+		throws DbException;
+
+	/**
+	 * Returns the IDs of any messages that need to be validated.
+	 * <p/>
+	 * Read-only.
+	 */
+	Collection<MessageId> getMessagesToValidate(Transaction txn)
 			throws DbException;
 
 	/**
-	 * Returns the IDs of any messages that are valid but pending delivery due
-	 * to dependencies on other messages for the given client.
+	 * Returns the IDs of any messages that are pending delivery due to
+	 * dependencies on other messages.
 	 * <p/>
 	 * Read-only.
 	 */
-	Collection<MessageId> getPendingMessages(Transaction txn, ClientId c)
+	Collection<MessageId> getPendingMessages(Transaction txn)
 			throws DbException;
 
 	/**
-	 * Returns the IDs of any messages from the given client
-	 * that have a shared dependent, but are still not shared themselves.
+	 * Returns the IDs of any messages that have shared dependents but have
+	 * not yet been shared themselves.
 	 * <p/>
 	 * Read-only.
 	 */
-	Collection<MessageId> getMessagesToShare(Transaction txn,
-			ClientId c) throws DbException;
+	Collection<MessageId> getMessagesToShare(Transaction txn)
+			throws DbException;
 
 	/**
 	 * Returns the message with the given ID, in serialised form, or null if
@@ -303,9 +313,9 @@ public interface DatabaseComponent {
 			throws DbException;
 
 	/**
-	 * Returns the metadata for any messages in the given group with metadata
-	 * that matches all entries in the given query. If the query is empty, the
-	 * metadata for all messages is returned.
+	 * Returns the metadata for any delivered messages in the given group with
+	 * metadata that matches all entries in the given query. If the query is
+	 * empty, the metadata for all delivered messages is returned.
 	 * <p/>
 	 * Read-only.
 	 */
@@ -321,8 +331,8 @@ public interface DatabaseComponent {
 			throws DbException;
 
 	/**
-	 * Returns the metadata for the given delivered and pending message.
-	 * This is meant to be only used by the ValidationManager
+	 * Returns the metadata for the given delivered or pending message.
+	 * This is only meant to be used by the ValidationManager.
 	 * <p/>
 	 * Read-only.
 	 */
@@ -330,8 +340,8 @@ public interface DatabaseComponent {
 			throws DbException;
 
 	/**
-	 * Returns the status of all messages in the given group with respect to
-	 * the given contact.
+	 * Returns the status of all delivered messages in the given group with
+	 * respect to the given contact.
 	 * <p/>
 	 * Read-only.
 	 */
@@ -340,12 +350,8 @@ public interface DatabaseComponent {
 
 	/**
 	 * Returns the IDs and states of all dependencies of the given message.
-	 * Missing dependencies have the state
-	 * {@link ValidationManager.State UNKNOWN}.
-	 * Dependencies in other groups have the state
-	 * {@link ValidationManager.State INVALID}.
-	 * Note that these states are not set on the dependencies themselves; the
-	 * returned states should only be taken in the context of the given message.
+	 * For missing dependencies and dependencies in other groups, the state
+	 * {@link State UNKNOWN} is returned.
 	 * <p/>
 	 * Read-only.
 	 */
@@ -353,9 +359,9 @@ public interface DatabaseComponent {
 			throws DbException;
 
 	/**
-	 * Returns all IDs of messages that depend on the given message.
-	 * Messages in other groups that declare a dependency on the given message
-	 * will be returned even though such dependencies are invalid.
+	 * Returns the IDs and states of all dependents of the given message.
+	 * Dependents in other groups are not returned. If the given message is
+	 * missing, no dependents are returned.
 	 * <p/>
 	 * Read-only.
 	 */
@@ -370,8 +376,8 @@ public interface DatabaseComponent {
 	State getMessageState(Transaction txn, MessageId m) throws DbException;
 
 	/**
-	 * Returns the status of the given message with respect to the given
-	 * contact.
+	 * Returns the status of the given delivered message with respect to the
+	 * given contact.
 	 * <p/>
 	 * Read-only.
 	 */
@@ -400,15 +406,14 @@ public interface DatabaseComponent {
 	 * <p/>
 	 * Read-only.
 	 */
-	Map<ContactId, TransportKeys> getTransportKeys(Transaction txn,
-			TransportId t) throws DbException;
+	Collection<KeySet> getTransportKeys(Transaction txn, TransportId t)
+			throws DbException;
 
 	/**
-	 * Increments the outgoing stream counter for the given contact and
-	 * transport in the given rotation period .
+	 * Increments the outgoing stream counter for the given transport keys.
 	 */
-	void incrementStreamCounter(Transaction txn, ContactId c, TransportId t,
-			long rotationPeriod) throws DbException;
+	void incrementStreamCounter(Transaction txn, TransportId t, KeySetId k)
+			throws DbException;
 
 	/**
 	 * Merges the given metadata with the existing metadata for the given
@@ -478,6 +483,12 @@ public interface DatabaseComponent {
 	 */
 	void removeTransport(Transaction txn, TransportId t) throws DbException;
 
+	/**
+	 * Removes the given transport keys from the database.
+	 */
+	void removeTransportKeys(Transaction txn, TransportId t, KeySetId k)
+		throws DbException;
+
 	/**
 	 * Marks the given contact as verified.
 	 */
@@ -513,15 +524,21 @@ public interface DatabaseComponent {
 			Collection<MessageId> dependencies) throws DbException;
 
 	/**
-	 * Sets the reordering window for the given contact and transport in the
+	 * Sets the reordering window for the given key set and transport in the
 	 * given rotation period.
 	 */
-	void setReorderingWindow(Transaction txn, ContactId c, TransportId t,
+	void setReorderingWindow(Transaction txn, KeySetId k, TransportId t,
 			long rotationPeriod, long base, byte[] bitmap) throws DbException;
 
+	/**
+	 * Marks the given transport keys as usable for outgoing streams.
+	 */
+	void setTransportKeysActive(Transaction txn, TransportId t, KeySetId k)
+		throws DbException;
+
 	/**
 	 * Stores the given transport keys, deleting any keys they have replaced.
 	 */
-	void updateTransportKeys(Transaction txn,
-			Map<ContactId, TransportKeys> keys) throws DbException;
+	void updateTransportKeys(Transaction txn, Collection<KeySet> keys)
+			throws DbException;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseConfig.java

@@ -14,6 +14,8 @@ public interface DatabaseConfig {
 
 	File getDatabaseDirectory();
 
+	File getDatabaseKeyDirectory();
+
 	void setEncryptionKey(SecretKey key);
 
 	@Nullable

bramble-api/src/main/java/org/briarproject/bramble/api/db/MigrationListener.java

@@ -0,0 +1,11 @@
+package org.briarproject.bramble.api.db;
+
+public interface MigrationListener {
+
+	/**
+	 * This is called when a migration is started while opening the database.
+	 * It will be called once for each migration being applied.
+	 */
+	void onMigrationRun();
+
+}

bramble-api/src/main/java/org/briarproject/bramble/api/keyagreement/KeyAgreementListener.java

@@ -2,7 +2,7 @@ package org.briarproject.bramble.api.keyagreement;
 
 import org.briarproject.bramble.api.data.BdfList;
 
-import java.util.concurrent.Callable;
+import java.io.IOException;
 
 /**
  * An class for managing a particular key agreement listener.
@@ -24,11 +24,11 @@ public abstract class KeyAgreementListener {
 	}
 
 	/**
-	 * Starts listening for incoming connections, and returns a Callable that
-	 * will return a KeyAgreementConnection when an incoming connection is
-	 * received.
+	 * Blocks until an incoming connection is received and returns it.
+	 *
+	 * @throws IOException if an error occurs or {@link #close()} is called.
 	 */
-	public abstract Callable<KeyAgreementConnection> listen();
+	public abstract KeyAgreementConnection accept() throws IOException;
 
 	/**
 	 * Closes the underlying server socket.

bramble-api/src/main/java/org/briarproject/bramble/api/keyagreement/event/KeyAgreementStoppedListeningEvent.java

@@ -0,0 +1,9 @@
+package org.briarproject.bramble.api.keyagreement.event;
+
+import org.briarproject.bramble.api.event.Event;
+
+/**
+ * An event that is broadcast when a BQP task stops listening.
+ */
+public class KeyAgreementStoppedListeningEvent extends Event {
+}

bramble-api/src/main/java/org/briarproject/bramble/api/lifecycle/LifecycleManager.java

@@ -21,21 +21,42 @@ public interface LifecycleManager {
 	 * The result of calling {@link #startServices(String)}.
 	 */
 	enum StartResult {
-		ALREADY_RUNNING, DB_ERROR, SERVICE_ERROR, SUCCESS
+		ALREADY_RUNNING,
+		DB_ERROR,
+		DATA_TOO_OLD_ERROR,
+		DATA_TOO_NEW_ERROR,
+		SERVICE_ERROR,
+		SUCCESS
 	}
 
 	/**
-	 * Registers a {@link Service} to be started and stopped.
+	 * The state the lifecycle can be in.
+	 * Returned by {@link #getLifecycleState()}
+	 */
+	enum LifecycleState {
+
+		STARTING, MIGRATING_DATABASE, STARTING_SERVICES, RUNNING, STOPPING;
+
+		public boolean isAfter(LifecycleState state) {
+			return ordinal() > state.ordinal();
+		}
+	}
+
+	/**
+	 * Registers a {@link Service} to be started and stopped. This method
+	 * should be called before {@link #startServices(String)}.
 	 */
 	void registerService(Service s);
 
 	/**
-	 * Registers a {@link Client} to be started.
+	 * Registers a {@link Client} to be started. This method should be called
+	 * before {@link #startServices(String)}.
 	 */
 	void registerClient(Client c);
 
 	/**
-	 * Registers an {@link ExecutorService} to be shut down.
+	 * Registers an {@link ExecutorService} to be shut down. This method
+	 * should be called before {@link #startServices(String)}.
 	 */
 	void registerForShutdown(ExecutorService e);
 
@@ -71,4 +92,10 @@ public interface LifecycleManager {
 	 * the {@link DatabaseComponent} to be closed before returning.
 	 */
 	void waitForShutdown() throws InterruptedException;
+
+	/**
+	 * Returns the current state of the lifecycle.
+	 */
+	LifecycleState getLifecycleState();
+
 }

bramble-api/src/main/java/org/briarproject/bramble/api/lifecycle/event/LifecycleEvent.java

@@ -0,0 +1,20 @@
+package org.briarproject.bramble.api.lifecycle.event;
+
+import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.lifecycle.LifecycleManager.LifecycleState;
+
+/**
+ * An event that is broadcast when the app enters a new lifecycle state.
+ */
+public class LifecycleEvent extends Event {
+
+	private final LifecycleState state;
+
+	public LifecycleEvent(LifecycleState state) {
+		this.state = state;
+	}
+
+	public LifecycleState getLifecycleState() {
+		return state;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/lifecycle/event/ShutdownEvent.java

@@ -1,9 +0,0 @@
-package org.briarproject.bramble.api.lifecycle.event;
-
-import org.briarproject.bramble.api.event.Event;
-
-/**
- * An event that is broadcast when the app is shutting down.
- */
-public class ShutdownEvent extends Event {
-}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/FileConstants.java

@@ -0,0 +1,6 @@
+package org.briarproject.bramble.api.plugin;
+
+public interface FileConstants {
+
+	String PROP_PATH = "path";
+}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/Plugin.java

@@ -2,8 +2,9 @@ package org.briarproject.bramble.api.plugin;
 
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.properties.TransportProperties;
 
-import java.util.Collection;
+import java.util.Map;
 
 @NotNullByDefault
 public interface Plugin {
@@ -39,21 +40,19 @@ public interface Plugin {
 	boolean isRunning();
 
 	/**
-	 * Returns true if the plugin's {@link #poll(Collection)} method should be
-	 * called periodically to attempt to establish connections.
+	 * Returns true if the plugin should be polled periodically to attempt to
+	 * establish connections.
 	 */
 	boolean shouldPoll();
 
 	/**
-	 * Returns the desired interval in milliseconds between calls to the
-	 * plugin's {@link #poll(Collection)} method.
+	 * Returns the desired interval in milliseconds between polling attempts.
 	 */
 	int getPollingInterval();
 
 	/**
-	 * Attempts to establish connections to contacts, passing any created
-	 * connections to the callback. To avoid creating redundant connections,
-	 * the plugin may exclude the given contacts from polling.
+	 * Attempts to establish connections to the given contacts, passing any
+	 * created connections to the callback.
 	 */
-	void poll(Collection<ContactId> connected);
+	void poll(Map<ContactId, TransportProperties> contacts);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginCallback.java

@@ -1,12 +1,9 @@
 package org.briarproject.bramble.api.plugin;
 
-import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.settings.Settings;
 
-import java.util.Map;
-
 /**
  * An interface through which a transport plugin interacts with the rest of
  * the application.
@@ -25,17 +22,7 @@ public interface PluginCallback {
 	TransportProperties getLocalProperties();
 
 	/**
-	 * Returns the plugin's remote transport properties.
-	 */
-	Map<ContactId, TransportProperties> getRemoteProperties();
-
-	/**
-	 * Returns the plugin's remote transport properties for the given contact.
-	 */
-	TransportProperties getRemoteProperties(ContactId c);
-
-	/**
-	 * Merges the given settings with the namespaced settings
+	 * Merges the given settings with the plugin's settings
 	 */
 	void mergeSettings(Settings s);
 
@@ -45,34 +32,12 @@ public interface PluginCallback {
 	void mergeLocalProperties(TransportProperties p);
 
 	/**
-	 * Presents the user with a choice among two or more named options and
-	 * returns the user's response. The message may consist of a translatable
-	 * format string and arguments.
-	 *
-	 * @return an index into the array of options indicating the user's choice,
-	 * or -1 if the user cancelled the choice.
-	 */
-	int showChoice(String[] options, String... message);
-
-	/**
-	 * Asks the user to confirm an action and returns the user's response. The
-	 * message may consist of a translatable format string and arguments.
-	 */
-	boolean showConfirmationMessage(String... message);
-
-	/**
-	 * Shows a message to the user. The message may consist of a translatable
-	 * format string and arguments.
-	 */
-	void showMessage(String... message);
-
-	/**
-	 * Signal that the transport got enabled.
+	 * Signals that the transport is enabled.
 	 */
 	void transportEnabled();
 
 	/**
-	 * Signal that the transport got disabled.
+	 * Signals that the transport is disabled.
 	 */
 	void transportDisabled();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginConfig.java

@@ -12,4 +12,6 @@ public interface PluginConfig {
 	Collection<DuplexPluginFactory> getDuplexFactories();
 
 	Collection<SimplexPluginFactory> getSimplexFactories();
+
+	boolean shouldPoll();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/TransportConnectionWriter.java

@@ -22,11 +22,6 @@ public interface TransportConnectionWriter {
 	 */
 	int getMaxIdleTime();
 
-	/**
-	 * Returns the capacity of the transport connection in bytes.
-	 */
-	long getCapacity();
-
 	/**
 	 * Returns an output stream for writing to the transport connection.
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/TransportId.java

@@ -1,22 +1,23 @@
 package org.briarproject.bramble.api.plugin;
 
-import java.nio.charset.Charset;
+import org.briarproject.bramble.util.StringUtils;
 
 /**
- * Type-safe wrapper for a string that uniquely identifies a transport plugin.
+ * Type-safe wrapper for a namespaced string that uniquely identifies a
+ * transport plugin.
  */
 public class TransportId {
 
 	/**
-	 * The maximum length of transport identifier in UTF-8 bytes.
+	 * The maximum length of a transport identifier in UTF-8 bytes.
 	 */
-	public static int MAX_TRANSPORT_ID_LENGTH = 64;
+	public static int MAX_TRANSPORT_ID_LENGTH = 100;
 
 	private final String id;
 
 	public TransportId(String id) {
-		byte[] b = id.getBytes(Charset.forName("UTF-8"));
-		if (b.length == 0 || b.length > MAX_TRANSPORT_ID_LENGTH)
+		int length = StringUtils.toUtf8(id).length;
+		if (length == 0 || length > MAX_TRANSPORT_ID_LENGTH)
 			throw new IllegalArgumentException();
 		this.id = id;
 	}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/AbstractDuplexTransportConnection.java

@@ -71,11 +71,6 @@ public abstract class AbstractDuplexTransportConnection
 			return plugin.getMaxIdleTime();
 		}
 
-		@Override
-		public long getCapacity() {
-			return Long.MAX_VALUE;
-		}
-
 		@Override
 		public OutputStream getOutputStream() throws IOException {
 			return AbstractDuplexTransportConnection.this.getOutputStream();

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/DuplexPlugin.java

@@ -1,10 +1,10 @@
 package org.briarproject.bramble.api.plugin.duplex;
 
-import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementListener;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Plugin;
+import org.briarproject.bramble.api.properties.TransportProperties;
 
 import javax.annotation.Nullable;
 
@@ -15,12 +15,11 @@ import javax.annotation.Nullable;
 public interface DuplexPlugin extends Plugin {
 
 	/**
-	 * Attempts to create and return a connection to the given contact using
-	 * the current transport and configuration properties. Returns null if a
-	 * connection cannot be created.
+	 * Attempts to create and return a connection using the given transport
+	 * properties. Returns null if a connection cannot be created.
 	 */
 	@Nullable
-	DuplexTransportConnection createConnection(ContactId c);
+	DuplexTransportConnection createConnection(TransportProperties p);
 
 	/**
 	 * Returns true if the plugin supports short-range key agreement.
@@ -36,9 +35,9 @@ public interface DuplexPlugin extends Plugin {
 
 	/**
 	 * Attempts to connect to the remote peer specified in the given descriptor.
-	 * Returns null if no connection can be established within the given time.
+	 * Returns null if no connection can be established.
 	 */
 	@Nullable
 	DuplexTransportConnection createKeyAgreementConnection(
-			byte[] remoteCommitment, BdfList descriptor, long timeout);
+			byte[] remoteCommitment, BdfList descriptor);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/DuplexPluginCallback.java

@@ -5,7 +5,8 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.PluginCallback;
 
 /**
- * An interface for handling connections created by a duplex transport plugin.
+ * An interface through which a duplex plugin interacts with the rest of the
+ * application.
  */
 @NotNullByDefault
 public interface DuplexPluginCallback extends PluginCallback {

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/simplex/SimplexPlugin.java

@@ -1,10 +1,10 @@
 package org.briarproject.bramble.api.plugin.simplex;
 
-import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.TransportConnectionReader;
 import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.properties.TransportProperties;
 
 import javax.annotation.Nullable;
 
@@ -15,18 +15,16 @@ import javax.annotation.Nullable;
 public interface SimplexPlugin extends Plugin {
 
 	/**
-	 * Attempts to create and return a reader for the given contact using the
-	 * current transport and configuration properties. Returns null if a reader
-	 * cannot be created.
+	 * Attempts to create and return a reader for the given transport
+	 * properties. Returns null if a reader cannot be created.
 	 */
 	@Nullable
-	TransportConnectionReader createReader(ContactId c);
+	TransportConnectionReader createReader(TransportProperties p);
 
 	/**
-	 * Attempts to create and return a writer for the given contact using the
-	 * current transport and configuration properties. Returns null if a writer
-	 * cannot be created.
+	 * Attempts to create and return a writer for the given transport
+	 * properties. Returns null if a writer cannot be created.
 	 */
 	@Nullable
-	TransportConnectionWriter createWriter(ContactId c);
+	TransportConnectionWriter createWriter(TransportProperties p);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/simplex/SimplexPluginCallback.java

@@ -7,8 +7,8 @@ import org.briarproject.bramble.api.plugin.TransportConnectionReader;
 import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
 
 /**
- * An interface for handling readers and writers created by a simplex transport
- * plugin.
+ * An interface through which a simplex plugin interacts with the rest of the
+ * application.
  */
 @NotNullByDefault
 public interface SimplexPluginCallback extends PluginCallback {

bramble-api/src/main/java/org/briarproject/bramble/api/properties/TransportPropertyManager.java

@@ -15,12 +15,17 @@ public interface TransportPropertyManager {
 	/**
 	 * The unique ID of the transport property client.
 	 */
-	ClientId CLIENT_ID = new ClientId("org.briarproject.briar.properties");
+	ClientId CLIENT_ID = new ClientId("org.briarproject.bramble.properties");
 
 	/**
-	 * The current version of the transport property client.
+	 * The current major version of the transport property client.
 	 */
-	int CLIENT_VERSION = 0;
+	int MAJOR_VERSION = 0;
+
+	/**
+	 * The current minor version of the transport property client.
+	 */
+	int MINOR_VERSION = 0;
 
 	/**
 	 * Stores the given properties received while adding a contact - they will
@@ -37,8 +42,8 @@ public interface TransportPropertyManager {
 
 	/**
 	 * Returns the local transport properties for all transports.
-	 * <br/>
-	 * TODO: Transaction can be read-only when code is simplified
+	 * <p/>
+	 * Read-only.
 	 */
 	Map<TransportId, TransportProperties> getLocalProperties(Transaction txn)
 			throws DbException;

bramble-api/src/main/java/org/briarproject/bramble/api/record/Record.java

@@ -0,0 +1,36 @@
+package org.briarproject.bramble.api.record;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+@Immutable
+@NotNullByDefault
+public class Record {
+
+	public static final int RECORD_HEADER_BYTES = 4;
+	public static final int MAX_RECORD_PAYLOAD_BYTES = 48 * 1024; // 48 KiB
+
+	private final byte protocolVersion, recordType;
+	private final byte[] payload;
+
+	public Record(byte protocolVersion, byte recordType, byte[] payload) {
+		if (payload.length > MAX_RECORD_PAYLOAD_BYTES)
+			throw new IllegalArgumentException();
+		this.protocolVersion = protocolVersion;
+		this.recordType = recordType;
+		this.payload = payload;
+	}
+
+	public byte getProtocolVersion() {
+		return protocolVersion;
+	}
+
+	public byte getRecordType() {
+		return recordType;
+	}
+
+	public byte[] getPayload() {
+		return payload;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/record/RecordReader.java

@@ -0,0 +1,20 @@
+package org.briarproject.bramble.api.record;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import java.io.EOFException;
+import java.io.IOException;
+
+@NotNullByDefault
+public interface RecordReader {
+
+	/**
+	 * Reads and returns the next record.
+	 *
+	 * @throws EOFException if the end of the stream is reached without reading
+	 * a complete record
+	 */
+	Record readRecord() throws IOException;
+
+	void close() throws IOException;
+}

bramble-api/src/main/java/org/briarproject/bramble/api/record/RecordReaderFactory.java

@@ -0,0 +1,8 @@
+package org.briarproject.bramble.api.record;
+
+import java.io.InputStream;
+
+public interface RecordReaderFactory {
+
+	RecordReader createRecordReader(InputStream in);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/record/RecordWriter.java

@@ -0,0 +1,15 @@
+package org.briarproject.bramble.api.record;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import java.io.IOException;
+
+@NotNullByDefault
+public interface RecordWriter {
+
+	void writeRecord(Record r) throws IOException;
+
+	void flush() throws IOException;
+
+	void close() throws IOException;
+}

bramble-api/src/main/java/org/briarproject/bramble/api/record/RecordWriterFactory.java

@@ -0,0 +1,8 @@
+package org.briarproject.bramble.api.record;
+
+import java.io.OutputStream;
+
+public interface RecordWriterFactory {
+
+	RecordWriter createRecordWriter(OutputStream out);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/reporting/DevConfig.java

@@ -3,10 +3,14 @@ package org.briarproject.bramble.api.reporting;
 import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
+import java.io.File;
+
 @NotNullByDefault
 public interface DevConfig {
 
 	PublicKey getDevPublicKey();
 
 	String getDevOnionAddress();
+
+	File getReportDir();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/reporting/DevReporter.java

@@ -23,8 +23,6 @@ public interface DevReporter {
 
 	/**
 	 * Sends any reports previously stored on disk.
-	 *
-	 * @param reportDir the directory where reports are stored.
 	 */
-	void sendReports(File reportDir);
+	void sendReports();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/ClientId.java

@@ -1,19 +1,29 @@
 package org.briarproject.bramble.api.sync;
 
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.util.StringUtils;
 
 import javax.annotation.concurrent.Immutable;
 
 /**
- * Wrapper for a name-spaced string that uniquely identifies a sync client.
+ * Type-safe wrapper for a namespaced string that uniquely identifies a sync
+ * client.
  */
 @Immutable
 @NotNullByDefault
 public class ClientId implements Comparable<ClientId> {
 
+	/**
+	 * The maximum length of a client identifier in UTF-8 bytes.
+	 */
+	public static int MAX_CLIENT_ID_LENGTH = 100;
+
 	private final String id;
 
 	public ClientId(String id) {
+		int length = StringUtils.toUtf8(id).length;
+		if (length == 0 || length > MAX_CLIENT_ID_LENGTH)
+			throw new IllegalArgumentException();
 		this.id = id;
 	}
 

bramble-api/src/main/java/org/briarproject/bramble/api/sync/Group.java

@@ -5,20 +5,43 @@ import static org.briarproject.bramble.api.sync.SyncConstants.MAX_GROUP_DESCRIPT
 public class Group {
 
 	public enum Visibility {
-		INVISIBLE, // The group is not visible
-		VISIBLE, // The group is visible but messages are not shared
-		SHARED // The group is visible and messages are shared
+
+		INVISIBLE(0), // The group is not visible
+		VISIBLE(1), // The group is visible, messages are accepted but not sent
+		SHARED(2); // The group is visible, messages are accepted and sent
+
+		private final int value;
+
+		Visibility(int value) {
+			this.value = value;
+		}
+
+		public int getValue() {
+			return value;
+		}
+
+		public static Visibility min(Visibility a, Visibility b) {
+			return a.getValue() < b.getValue() ? a : b;
+		}
 	}
 
+	/**
+	 * The current version of the group format.
+	 */
+	public static final int FORMAT_VERSION = 1;
+
 	private final GroupId id;
 	private final ClientId clientId;
+	private final int majorVersion;
 	private final byte[] descriptor;
 
-	public Group(GroupId id, ClientId clientId, byte[] descriptor) {
+	public Group(GroupId id, ClientId clientId, int majorVersion,
+			byte[] descriptor) {
 		if (descriptor.length > MAX_GROUP_DESCRIPTOR_LENGTH)
 			throw new IllegalArgumentException();
 		this.id = id;
 		this.clientId = clientId;
+		this.majorVersion = majorVersion;
 		this.descriptor = descriptor;
 	}
 
@@ -36,6 +59,13 @@ public class Group {
 		return clientId;
 	}
 
+	/**
+	 * Returns the major version of the client to which the group belongs.
+	 */
+	public int getMajorVersion() {
+		return majorVersion;
+	}
+
 	/**
 	 * Returns the group's descriptor.
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/sync/GroupFactory.java

@@ -6,7 +6,7 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 public interface GroupFactory {
 
 	/**
-	 * Creates a group with the given client ID, client version and descriptor.
+	 * Creates a group with the given client ID, major version and descriptor.
 	 */
-	Group createGroup(ClientId c, int clientVersion, byte[] descriptor);
+	Group createGroup(ClientId c, int majorVersion, byte[] descriptor);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/Message.java

@@ -5,6 +5,11 @@ import static org.briarproject.bramble.api.sync.SyncConstants.MESSAGE_HEADER_LEN
 
 public class Message {
 
+	/**
+	 * The current version of the message format.
+	 */
+	public static final int FORMAT_VERSION = 1;
+
 	private final MessageId id;
 	private final GroupId groupId;
 	private final long timestamp;

bramble-api/src/main/java/org/briarproject/bramble/api/sync/MessageFactory.java

@@ -7,5 +7,7 @@ public interface MessageFactory {
 
 	Message createMessage(GroupId g, long timestamp, byte[] body);
 
+	Message createMessage(byte[] raw);
+
 	Message createMessage(MessageId m, byte[] raw);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/MessageId.java

@@ -16,7 +16,13 @@ public class MessageId extends UniqueId {
 	/**
 	 * Label for hashing messages to calculate their identifiers.
 	 */
-	public static final String LABEL = "org.briarproject.bramble/MESSAGE_ID";
+	public static final String ID_LABEL = "org.briarproject.bramble/MESSAGE_ID";
+
+	/**
+	 * Label for hashing blocks of messages.
+	 */
+	public static final String BLOCK_LABEL =
+			"org.briarproject.bramble/MESSAGE_BLOCK";
 
 	public MessageId(byte[] id) {
 		super(id);

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncConstants.java

@@ -2,6 +2,8 @@ package org.briarproject.bramble.api.sync;
 
 import org.briarproject.bramble.api.UniqueId;
 
+import static org.briarproject.bramble.api.record.Record.MAX_RECORD_PAYLOAD_BYTES;
+
 public interface SyncConstants {
 
 	/**
@@ -10,16 +12,8 @@ public interface SyncConstants {
 	byte PROTOCOL_VERSION = 0;
 
 	/**
-	 * The length of the record header in bytes.
+	 * The maximum length of a group descriptor in bytes.
 	 */
-	int RECORD_HEADER_LENGTH = 4;
-
-	/**
-	 * The maximum length of the record payload in bytes.
-	 */
-	int MAX_RECORD_PAYLOAD_LENGTH = 48 * 1024; // 48 KiB
-
-	/** The maximum length of a group descriptor in bytes. */
 	int MAX_GROUP_DESCRIPTOR_LENGTH = 16 * 1024; // 16 KiB
 
 	/**
@@ -40,5 +34,5 @@ public interface SyncConstants {
 	/**
 	 * The maximum number of message IDs in an ack, offer or request record.
 	 */
-	int MAX_MESSAGE_IDS = MAX_RECORD_PAYLOAD_LENGTH / UniqueId.LENGTH;
+	int MAX_MESSAGE_IDS = MAX_RECORD_PAYLOAD_BYTES / UniqueId.LENGTH;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordReader.java

@@ -5,7 +5,7 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import java.io.IOException;
 
 @NotNullByDefault
-public interface RecordReader {
+public interface SyncRecordReader {
 
 	boolean eof() throws IOException;
 

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordReaderFactory.java

@@ -5,7 +5,7 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import java.io.InputStream;
 
 @NotNullByDefault
-public interface RecordReaderFactory {
+public interface SyncRecordReaderFactory {
 
-	RecordReader createRecordReader(InputStream in);
+	SyncRecordReader createRecordReader(InputStream in);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordWriter.java

@@ -5,7 +5,7 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import java.io.IOException;
 
 @NotNullByDefault
-public interface RecordWriter {
+public interface SyncRecordWriter {
 
 	void writeAck(Ack a) throws IOException;
 

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordWriterFactory.java

@@ -5,7 +5,7 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import java.io.OutputStream;
 
 @NotNullByDefault
-public interface RecordWriterFactory {
+public interface SyncRecordWriterFactory {
 
-	RecordWriter createRecordWriter(OutputStream out);
+	SyncRecordWriter createRecordWriter(OutputStream out);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncSessionFactory.java

@@ -2,9 +2,9 @@ package org.briarproject.bramble.api.sync;
 
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.transport.StreamWriter;
 
 import java.io.InputStream;
-import java.io.OutputStream;
 
 @NotNullByDefault
 public interface SyncSessionFactory {
@@ -12,8 +12,8 @@ public interface SyncSessionFactory {
 	SyncSession createIncomingSession(ContactId c, InputStream in);
 
 	SyncSession createSimplexOutgoingSession(ContactId c, int maxLatency,
-			OutputStream out);
+			StreamWriter streamWriter);
 
 	SyncSession createDuplexOutgoingSession(ContactId c, int maxLatency,
-			int maxIdleTime, OutputStream out);
+			int maxIdleTime, StreamWriter streamWriter);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/ValidationManager.java

@@ -3,6 +3,7 @@ package org.briarproject.bramble.api.sync;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Metadata;
 import org.briarproject.bramble.api.db.Transaction;
+import org.briarproject.bramble.api.lifecycle.LifecycleManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
 /**
@@ -33,15 +34,20 @@ public interface ValidationManager {
 	}
 
 	/**
-	 * Sets the message validator for the given client.
+	 * Registers the message validator for the given client. This method
+	 * should be called before {@link LifecycleManager#startServices(String)}.
 	 */
-	void registerMessageValidator(ClientId c, MessageValidator v);
+	void registerMessageValidator(ClientId c, int majorVersion,
+			MessageValidator v);
 
 	/**
-	 * Sets the incoming message hook for the given client. The hook will be
-	 * called once for each incoming message that passes validation.
+	 * Registers the incoming message hook for the given client. The hook will
+	 * be called once for each incoming message that passes validation. This
+	 * method should be called before
+	 * {@link LifecycleManager#startServices(String)}.
 	 */
-	void registerIncomingMessageHook(ClientId c, IncomingMessageHook hook);
+	void registerIncomingMessageHook(ClientId c, int majorVersion,
+			IncomingMessageHook hook);
 
 	interface MessageValidator {
 

bramble-api/src/main/java/org/briarproject/bramble/api/system/Clock.java

@@ -7,12 +7,12 @@ package org.briarproject.bramble.api.system;
 public interface Clock {
 
 	/**
-	 * @see {@link System#currentTimeMillis()}
+	 * @see System#currentTimeMillis()
 	 */
 	long currentTimeMillis();
 
 	/**
-	 * @see {@link Thread#sleep(long)}
+	 * @see Thread#sleep(long)
 	 */
 	void sleep(long milliseconds) throws InterruptedException;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeyManager.java

@@ -6,6 +6,8 @@ import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.plugin.TransportId;
 
+import java.util.Map;
+
 import javax.annotation.Nullable;
 
 /**
@@ -16,12 +18,30 @@ public interface KeyManager {
 
 	/**
 	 * Informs the key manager that a new contact has been added. Derives and
-	 * stores transport keys for communicating with the contact.
+	 * stores a set of transport keys for communicating with the contact over
+	 * each transport and returns the key set IDs.
+	 * <p/>
 	 * {@link StreamContext StreamContexts} for the contact can be created
 	 * after this method has returned.
+	 *
+	 * @param alice true if the local party is Alice
+	 * @param active whether the derived keys can be used for outgoing streams
 	 */
-	void addContact(Transaction txn, ContactId c, SecretKey master,
-			long timestamp, boolean alice) throws DbException;
+	Map<TransportId, KeySetId> addContact(Transaction txn, ContactId c,
+			SecretKey master, long timestamp, boolean alice, boolean active)
+			throws DbException;
+
+	/**
+	 * Marks the given transport keys as usable for outgoing streams.
+	 */
+	void activateKeys(Transaction txn, Map<TransportId, KeySetId> keys)
+			throws DbException;
+
+	/**
+	 * Returns true if we have keys that can be used for outgoing streams to
+	 * the given contact over the given transport.
+	 */
+	boolean canSendOutgoingStreams(ContactId c, TransportId t);
 
 	/**
 	 * Returns a {@link StreamContext} for sending a stream to the given

bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeySet.java

@@ -0,0 +1,47 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * A set of transport keys for communicating with a contact.
+ */
+@Immutable
+@NotNullByDefault
+public class KeySet {
+
+	private final KeySetId keySetId;
+	private final ContactId contactId;
+	private final TransportKeys transportKeys;
+
+	public KeySet(KeySetId keySetId, ContactId contactId,
+			TransportKeys transportKeys) {
+		this.keySetId = keySetId;
+		this.contactId = contactId;
+		this.transportKeys = transportKeys;
+	}
+
+	public KeySetId getKeySetId() {
+		return keySetId;
+	}
+
+	public ContactId getContactId() {
+		return contactId;
+	}
+
+	public TransportKeys getTransportKeys() {
+		return transportKeys;
+	}
+
+	@Override
+	public int hashCode() {
+		return keySetId.hashCode();
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		return o instanceof KeySet && keySetId.equals(((KeySet) o).keySetId);
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeySetId.java

@@ -0,0 +1,36 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * Type-safe wrapper for an integer that uniquely identifies a set of transport
+ * keys within the scope of the local device.
+ * <p/>
+ * Key sets created on a given device must have increasing identifiers.
+ */
+@Immutable
+@NotNullByDefault
+public class KeySetId {
+
+	private final int id;
+
+	public KeySetId(int id) {
+		this.id = id;
+	}
+
+	public int getInt() {
+		return id;
+	}
+
+	@Override
+	public int hashCode() {
+		return id;
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		return o instanceof KeySetId && id == ((KeySetId) o).id;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/OutgoingKeys.java

@@ -10,18 +10,20 @@ public class OutgoingKeys {
 
 	private final SecretKey tagKey, headerKey;
 	private final long rotationPeriod, streamCounter;
+	private final boolean active;
 
 	public OutgoingKeys(SecretKey tagKey, SecretKey headerKey,
-			long rotationPeriod) {
-		this(tagKey, headerKey, rotationPeriod, 0);
+			long rotationPeriod, boolean active) {
+		this(tagKey, headerKey, rotationPeriod, 0, active);
 	}
 
 	public OutgoingKeys(SecretKey tagKey, SecretKey headerKey,
-			long rotationPeriod, long streamCounter) {
+			long rotationPeriod, long streamCounter, boolean active) {
 		this.tagKey = tagKey;
 		this.headerKey = headerKey;
 		this.rotationPeriod = rotationPeriod;
 		this.streamCounter = streamCounter;
+		this.active = active;
 	}
 
 	public SecretKey getTagKey() {
@@ -39,4 +41,8 @@ public class OutgoingKeys {
 	public long getStreamCounter() {
 		return streamCounter;
 	}
+
+	public boolean isActive() {
+		return active;
+	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamWriter.java

@@ -0,0 +1,19 @@
+package org.briarproject.bramble.api.transport;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * An interface for writing data to a transport connection. Data will be
+ * encrypted and authenticated before being written to the connection.
+ */
+public interface StreamWriter {
+
+	OutputStream getOutputStream();
+
+	/**
+	 * Sends the end of stream marker, informing the recipient that no more
+	 * data will be sent. The connection is flushed but not closed.
+	 */
+	void sendEndOfStream() throws IOException;
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamWriterFactory.java

@@ -12,12 +12,12 @@ public interface StreamWriterFactory {
 	 * Creates an {@link OutputStream OutputStream} for writing to a
 	 * transport stream
 	 */
-	OutputStream createStreamWriter(OutputStream out, StreamContext ctx);
+	StreamWriter createStreamWriter(OutputStream out, StreamContext ctx);
 
 	/**
 	 * Creates an {@link OutputStream OutputStream} for writing to a contact
 	 * exchange stream.
 	 */
-	OutputStream createContactExchangeStreamWriter(OutputStream out,
+	StreamWriter createContactExchangeStreamWriter(OutputStream out,
 			SecretKey headerKey);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/ui/UiCallback.java

@@ -1,26 +0,0 @@
-package org.briarproject.bramble.api.ui;
-
-public interface UiCallback {
-
-	/**
-	 * Presents the user with a choice among two or more named options and
-	 * returns the user's response. The message may consist of a translatable
-	 * format string and arguments.
-	 *
-	 * @return an index into the array of options indicating the user's choice,
-	 * or -1 if the user cancelled the choice.
-	 */
-	int showChoice(String[] options, String... message);
-
-	/**
-	 * Asks the user to confirm an action and returns the user's response. The
-	 * message may consist of a translatable format string and arguments.
-	 */
-	boolean showConfirmationMessage(String... message);
-
-	/**
-	 * Shows a message to the user. The message may consist of a translatable
-	 * format string and arguments.
-	 */
-	void showMessage(String... message);
-}

bramble-api/src/main/java/org/briarproject/bramble/api/versioning/ClientMajorVersion.java

@@ -0,0 +1,50 @@
+package org.briarproject.bramble.api.versioning;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.sync.ClientId;
+
+import javax.annotation.concurrent.Immutable;
+
+@Immutable
+@NotNullByDefault
+public class ClientMajorVersion implements Comparable<ClientMajorVersion> {
+
+	private final ClientId clientId;
+	private final int majorVersion;
+
+	public ClientMajorVersion(ClientId clientId, int majorVersion) {
+		this.clientId = clientId;
+		this.majorVersion = majorVersion;
+	}
+
+	public ClientId getClientId() {
+		return clientId;
+	}
+
+	public int getMajorVersion() {
+		return majorVersion;
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		if (o instanceof ClientMajorVersion) {
+			ClientMajorVersion cv = (ClientMajorVersion) o;
+			return clientId.equals(cv.clientId)
+					&& majorVersion == cv.majorVersion;
+		}
+		return false;
+	}
+
+	@Override
+	public int hashCode() {
+		return (clientId.hashCode() << 16) + majorVersion;
+	}
+
+	@Override
+	public int compareTo(ClientMajorVersion cv) {
+		int compare = clientId.compareTo(cv.clientId);
+		if (compare != 0) return compare;
+		return majorVersion - cv.majorVersion;
+	}
+}
+

bramble-api/src/main/java/org/briarproject/bramble/api/versioning/ClientVersioningManager.java

@@ -0,0 +1,45 @@
+package org.briarproject.bramble.api.versioning;
+
+import org.briarproject.bramble.api.contact.Contact;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.db.Transaction;
+import org.briarproject.bramble.api.lifecycle.LifecycleManager;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.sync.ClientId;
+import org.briarproject.bramble.api.sync.Group.Visibility;
+
+@NotNullByDefault
+public interface ClientVersioningManager {
+
+	/**
+	 * The unique ID of the versioning client.
+	 */
+	ClientId CLIENT_ID = new ClientId("org.briarproject.bramble.versioning");
+
+	/**
+	 * The current major version of the versioning client.
+	 */
+	int MAJOR_VERSION = 0;
+
+	/**
+	 * Registers a client that will be advertised to contacts. The hook will
+	 * be called when the visibility of the client changes. This method should
+	 * be called before {@link LifecycleManager#startServices(String)}.
+	 */
+	void registerClient(ClientId clientId, int majorVersion, int minorVersion,
+			ClientVersioningHook hook);
+
+	/**
+	 * Returns the visibility of the given client with respect to the given
+	 * contact.
+	 */
+	Visibility getClientVisibility(Transaction txn, ContactId contactId,
+			ClientId clientId, int majorVersion) throws DbException;
+
+	interface ClientVersioningHook {
+
+		void onClientVisibilityChanging(Transaction txn, Contact c,
+				Visibility v) throws DbException;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/util/IoUtils.java

@@ -9,25 +9,40 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.net.Socket;
+import java.util.logging.Logger;
 
 import javax.annotation.Nullable;
 
+import static java.util.logging.Level.WARNING;
+
 @NotNullByDefault
 public class IoUtils {
 
+	private static final Logger LOG = Logger.getLogger(IoUtils.class.getName());
+
 	public static void deleteFileOrDir(File f) {
 		if (f.isFile()) {
-			f.delete();
+			delete(f);
 		} else if (f.isDirectory()) {
 			File[] children = f.listFiles();
-			if (children != null)
+			if (children == null) {
+				if (LOG.isLoggable(WARNING)) {
+					LOG.warning("Could not list files in "
+							+ f.getAbsolutePath());
+				}
+			} else {
 				for (File child : children) deleteFileOrDir(child);
-			f.delete();
+			}
+			delete(f);
 		}
 	}
 
-	public static void copyAndClose(InputStream in, OutputStream out)
-			throws IOException {
+	private static void delete(File f) {
+		if (!f.delete() && LOG.isLoggable(WARNING))
+			LOG.warning("Could not delete " + f.getAbsolutePath());
+	}
+
+	public static void copyAndClose(InputStream in, OutputStream out) {
 		byte[] buf = new byte[4096];
 		try {
 			while (true) {

bramble-api/src/main/java/org/briarproject/bramble/util/OsUtils.java

@@ -22,19 +22,6 @@ public class OsUtils {
 		return os != null && os.contains("Mac OS");
 	}
 
-	public static boolean isMacLeopardOrNewer() {
-		if (!isMac() || version == null) return false;
-		try {
-			String[] v = version.split("\\.");
-			if (v.length != 3) return false;
-			int major = Integer.parseInt(v[0]);
-			int minor = Integer.parseInt(v[1]);
-			return major >= 10 && minor >= 5;
-		} catch (NumberFormatException e) {
-			return false;
-		}
-	}
-
 	public static boolean isLinux() {
 		return os != null && os.contains("Linux") && !isAndroid();
 	}

bramble-api/src/test/java/org/briarproject/bramble/test/TestUtils.java

@@ -5,6 +5,8 @@ import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
 import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.sync.ClientId;
 import org.briarproject.bramble.api.sync.Group;
 import org.briarproject.bramble.api.sync.GroupId;
@@ -16,13 +18,18 @@ import java.io.File;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import java.util.Random;
 import java.util.concurrent.atomic.AtomicInteger;
 
 import static org.briarproject.bramble.api.identity.Author.FORMAT_VERSION;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
+import static org.briarproject.bramble.api.plugin.TransportId.MAX_TRANSPORT_ID_LENGTH;
+import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MAX_PROPERTY_LENGTH;
+import static org.briarproject.bramble.api.sync.ClientId.MAX_CLIENT_ID_LENGTH;
 import static org.briarproject.bramble.api.sync.SyncConstants.MAX_GROUP_DESCRIPTOR_LENGTH;
 import static org.briarproject.bramble.api.sync.SyncConstants.MAX_MESSAGE_BODY_LENGTH;
 import static org.briarproject.bramble.api.sync.SyncConstants.MESSAGE_HEADER_LENGTH;
@@ -54,6 +61,33 @@ public class TestUtils {
 		return getRandomBytes(UniqueId.LENGTH);
 	}
 
+	public static ClientId getClientId() {
+		return new ClientId(getRandomString(MAX_CLIENT_ID_LENGTH));
+	}
+
+	public static TransportId getTransportId() {
+		return new TransportId(getRandomString(MAX_TRANSPORT_ID_LENGTH));
+	}
+
+	public static TransportProperties getTransportProperties(int number) {
+		TransportProperties tp = new TransportProperties();
+		for (int i = 0; i < number; i++) {
+			tp.put(getRandomString(1 + random.nextInt(MAX_PROPERTY_LENGTH)),
+					getRandomString(1 + random.nextInt(MAX_PROPERTY_LENGTH))
+			);
+		}
+		return tp;
+	}
+
+	public static Map<TransportId, TransportProperties> getTransportPropertiesMap(
+			int number) {
+		Map<TransportId, TransportProperties> map = new HashMap<>();
+		for (int i = 0; i < number; i++) {
+			map.put(getTransportId(), getTransportProperties(number));
+		}
+		return map;
+	}
+
 	public static SecretKey getSecretKey() {
 		return new SecretKey(getRandomBytes(SecretKey.LENGTH));
 	}
@@ -83,15 +117,16 @@ public class TestUtils {
 		return new Author(id, FORMAT_VERSION, name, publicKey);
 	}
 
-	public static Group getGroup(ClientId clientId) {
+	public static Group getGroup(ClientId clientId, int majorVersion) {
 		int descriptorLength = 1 + random.nextInt(MAX_GROUP_DESCRIPTOR_LENGTH);
-		return getGroup(clientId, descriptorLength);
+		return getGroup(clientId, majorVersion, descriptorLength);
 	}
 
-	public static Group getGroup(ClientId clientId, int descriptorLength) {
+	public static Group getGroup(ClientId clientId, int majorVersion,
+			int descriptorLength) {
 		GroupId groupId = new GroupId(getRandomId());
 		byte[] descriptor = getRandomBytes(descriptorLength);
-		return new Group(groupId, clientId, descriptor);
+		return new Group(groupId, clientId, majorVersion, descriptor);
 	}
 
 	public static Message getMessage(GroupId groupId) {

bramble-core/build.gradle

@@ -2,6 +2,7 @@ apply plugin: 'java-library'
 sourceCompatibility = 1.8
 targetCompatibility = 1.8
 
+apply plugin: 'ru.vyarus.animalsniffer'
 apply plugin: 'net.ltgt.apt'
 apply plugin: 'idea'
 apply plugin: 'witness'
@@ -26,12 +27,13 @@ dependencies {
 	testImplementation "org.hamcrest:hamcrest-core:1.3"
 
 	testApt 'com.google.dagger:dagger-compiler:2.0.2'
+
+	signature 'org.codehaus.mojo.signature:java16:1.1@signature'
 }
 
 dependencyVerification {
 	verify = [
 			'cglib:cglib:3.2.0:cglib-3.2.0.jar:adb13bab79712ad6bdf1bd59f2a3918018a8016e722e8a357065afb9e6690861',
-			'com.google.code.findbugs:jsr305:3.0.2:jsr305-3.0.2.jar:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7',
 			'com.google.dagger:dagger-compiler:2.0.2:dagger-compiler-2.0.2.jar:b74bc9de063dd4c6400b232231f2ef5056145b8fbecbf5382012007dd1c071b3',
 			'com.google.dagger:dagger-producers:2.0-beta:dagger-producers-2.0-beta.jar:99ec15e8a0507ba569e7655bc1165ee5e5ca5aa914b3c8f7e2c2458f724edd6b',
 			'com.google.dagger:dagger:2.0.2:dagger-2.0.2.jar:84c0282ed8be73a29e0475d639da030b55dee72369e58dd35ae7d4fe6243dcf9',
@@ -45,6 +47,9 @@ dependencyVerification {
 			'org.apache.ant:ant:1.9.4:ant-1.9.4.jar:649ae0730251de07b8913f49286d46bba7b92d47c5f332610aa426c4f02161d8',
 			'org.beanshell:bsh:1.3.0:bsh-1.3.0.jar:9b04edc75d19db54f1b4e8b5355e9364384c6cf71eb0a1b9724c159d779879f8',
 			'org.bitlet:weupnp:0.1.4:weupnp-0.1.4.jar:88df7e6504929d00bdb832863761385c68ab92af945b04f0770b126270a444fb',
+			'org.codehaus.mojo.signature:java16:1.1:java16-1.1.signature:53799223a2c98dba2d0add810bed76315460df285c69e4f397ae6098f87dd619',
+			'org.codehaus.mojo:animal-sniffer-ant-tasks:1.16:animal-sniffer-ant-tasks-1.16.jar:890040976fbe2d584619a6a61b1fd2e925b3b5eb342a85eb2762c467c0d64e90',
+			'org.codehaus.mojo:animal-sniffer:1.16:animal-sniffer-1.16.jar:72be8bcc226ba43b937c722a08a07852bfa1b11400089265d5df0ee7b38b1d52',
 			'org.hamcrest:hamcrest-core:1.3:hamcrest-core-1.3.jar:66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9',
 			'org.hamcrest:hamcrest-library:1.3:hamcrest-library-1.3.jar:711d64522f9ec410983bd310934296da134be4254a125080a0416ec178dfad1c',
 			'org.hsqldb:hsqldb:2.3.5:hsqldb-2.3.5.jar:6676a6977ac98997a80f827ddbd3fe8ca1e0853dad1492512135fd1a222ccfad',
@@ -53,6 +58,7 @@ dependencyVerification {
 			'org.jmock:jmock-testjar:2.8.2:jmock-testjar-2.8.2.jar:8900860f72c474e027cf97fe78dcbf154a1aa7fc62b6845c5fb4e4f3c7bc8760',
 			'org.jmock:jmock:2.8.2:jmock-2.8.2.jar:6c73cb4a2e6dbfb61fd99c9a768539c170ab6568e57846bd60dbf19596b65b16',
 			'org.objenesis:objenesis:2.1:objenesis-2.1.jar:c74330cc6b806c804fd37e74487b4fe5d7c2750c5e15fbc6efa13bdee1bdef80',
+			'org.ow2.asm:asm-all:5.2:asm-all-5.2.jar:7fbffbc1db3422e2101689fd88df8384b15817b52b9b2b267b9f6d2511dc198d',
 			'org.ow2.asm:asm:5.0.4:asm-5.0.4.jar:896618ed8ae62702521a78bc7be42b7c491a08e6920a15f89a3ecdec31e9a220',
 			'org.whispersystems:curve25519-java:0.4.1:curve25519-java-0.4.1.jar:7dd659d8822c06c3aea1a47f18fac9e5761e29cab8100030b877db445005f03e',
 	]
@@ -69,8 +75,3 @@ task jarTest(type: Jar, dependsOn: testClasses) {
 artifacts {
 	testOutput jarTest
 }
-
-// If a Java 6 JRE is available, check we're not using any Java 7 or 8 APIs
-tasks.withType(JavaCompile) {
-	useJava6StandardLibrary(it)
-}

bramble-core/src/main/java/org/briarproject/bramble/BrambleCoreEagerSingletons.java

@@ -1,21 +1,23 @@
 package org.briarproject.bramble;
 
 import org.briarproject.bramble.contact.ContactModule;
-import org.briarproject.bramble.crypto.CryptoModule;
+import org.briarproject.bramble.crypto.CryptoExecutorModule;
 import org.briarproject.bramble.db.DatabaseExecutorModule;
 import org.briarproject.bramble.identity.IdentityModule;
 import org.briarproject.bramble.lifecycle.LifecycleModule;
 import org.briarproject.bramble.plugin.PluginModule;
 import org.briarproject.bramble.properties.PropertiesModule;
+import org.briarproject.bramble.reporting.ReportingModule;
 import org.briarproject.bramble.sync.SyncModule;
 import org.briarproject.bramble.system.SystemModule;
 import org.briarproject.bramble.transport.TransportModule;
+import org.briarproject.bramble.versioning.VersioningModule;
 
 public interface BrambleCoreEagerSingletons {
 
 	void inject(ContactModule.EagerSingletons init);
 
-	void inject(CryptoModule.EagerSingletons init);
+	void inject(CryptoExecutorModule.EagerSingletons init);
 
 	void inject(DatabaseExecutorModule.EagerSingletons init);
 
@@ -27,9 +29,13 @@ public interface BrambleCoreEagerSingletons {
 
 	void inject(PropertiesModule.EagerSingletons init);
 
+	void inject(ReportingModule.EagerSingletons init);
+
 	void inject(SyncModule.EagerSingletons init);
 
 	void inject(SystemModule.EagerSingletons init);
 
 	void inject(TransportModule.EagerSingletons init);
+
+	void inject(VersioningModule.EagerSingletons init);
 }

bramble-core/src/main/java/org/briarproject/bramble/BrambleCoreModule.java

@@ -2,6 +2,7 @@ package org.briarproject.bramble;
 
 import org.briarproject.bramble.client.ClientModule;
 import org.briarproject.bramble.contact.ContactModule;
+import org.briarproject.bramble.crypto.CryptoExecutorModule;
 import org.briarproject.bramble.crypto.CryptoModule;
 import org.briarproject.bramble.data.DataModule;
 import org.briarproject.bramble.db.DatabaseExecutorModule;
@@ -12,6 +13,7 @@ import org.briarproject.bramble.keyagreement.KeyAgreementModule;
 import org.briarproject.bramble.lifecycle.LifecycleModule;
 import org.briarproject.bramble.plugin.PluginModule;
 import org.briarproject.bramble.properties.PropertiesModule;
+import org.briarproject.bramble.record.RecordModule;
 import org.briarproject.bramble.reliability.ReliabilityModule;
 import org.briarproject.bramble.reporting.ReportingModule;
 import org.briarproject.bramble.settings.SettingsModule;
@@ -19,6 +21,7 @@ import org.briarproject.bramble.socks.SocksModule;
 import org.briarproject.bramble.sync.SyncModule;
 import org.briarproject.bramble.system.SystemModule;
 import org.briarproject.bramble.transport.TransportModule;
+import org.briarproject.bramble.versioning.VersioningModule;
 
 import dagger.Module;
 
@@ -26,6 +29,7 @@ import dagger.Module;
 		ClientModule.class,
 		ContactModule.class,
 		CryptoModule.class,
+		CryptoExecutorModule.class,
 		DataModule.class,
 		DatabaseModule.class,
 		DatabaseExecutorModule.class,
@@ -35,26 +39,30 @@ import dagger.Module;
 		LifecycleModule.class,
 		PluginModule.class,
 		PropertiesModule.class,
+		RecordModule.class,
 		ReliabilityModule.class,
 		ReportingModule.class,
 		SettingsModule.class,
 		SocksModule.class,
 		SyncModule.class,
 		SystemModule.class,
-		TransportModule.class
+		TransportModule.class,
+		VersioningModule.class
 })
 public class BrambleCoreModule {
 
 	public static void initEagerSingletons(BrambleCoreEagerSingletons c) {
 		c.inject(new ContactModule.EagerSingletons());
-		c.inject(new CryptoModule.EagerSingletons());
+		c.inject(new CryptoExecutorModule.EagerSingletons());
 		c.inject(new DatabaseExecutorModule.EagerSingletons());
 		c.inject(new IdentityModule.EagerSingletons());
 		c.inject(new LifecycleModule.EagerSingletons());
 		c.inject(new PluginModule.EagerSingletons());
 		c.inject(new PropertiesModule.EagerSingletons());
+		c.inject(new ReportingModule.EagerSingletons());
 		c.inject(new SyncModule.EagerSingletons());
 		c.inject(new SystemModule.EagerSingletons());
 		c.inject(new TransportModule.EagerSingletons());
+		c.inject(new VersioningModule.EagerSingletons());
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/client/ClientHelperImpl.java

@@ -18,6 +18,8 @@ import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorFactory;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.sync.GroupId;
 import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.MessageFactory;
@@ -37,6 +39,8 @@ import javax.inject.Inject;
 import static org.briarproject.bramble.api.identity.Author.FORMAT_VERSION;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
+import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MAX_PROPERTIES_PER_TRANSPORT;
+import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MAX_PROPERTY_LENGTH;
 import static org.briarproject.bramble.api.sync.SyncConstants.MESSAGE_HEADER_LENGTH;
 import static org.briarproject.bramble.util.ValidationUtils.checkLength;
 import static org.briarproject.bramble.util.ValidationUtils.checkSize;
@@ -324,6 +328,20 @@ class ClientHelperImpl implements ClientHelper {
 		}
 	}
 
+	@Override
+	public BdfDictionary toDictionary(TransportProperties transportProperties) {
+		return new BdfDictionary(transportProperties);
+	}
+
+	@Override
+	public BdfDictionary toDictionary(
+			Map<TransportId, TransportProperties> map) {
+		BdfDictionary d = new BdfDictionary();
+		for (Entry<TransportId, TransportProperties> e : map.entrySet())
+			d.put(e.getKey().getString(), new BdfDictionary(e.getValue()));
+		return d;
+	}
+
 	@Override
 	public BdfList toList(byte[] b, int off, int len) throws FormatException {
 		ByteArrayInputStream in = new ByteArrayInputStream(b, off, len);
@@ -363,9 +381,10 @@ class ClientHelperImpl implements ClientHelper {
 	}
 
 	@Override
-	public void verifySignature(String label, byte[] sig, byte[] publicKey,
-			BdfList signed) throws FormatException, GeneralSecurityException {
-		if (!crypto.verify(label, toByteArray(signed), publicKey, sig)) {
+	public void verifySignature(byte[] signature, String label, BdfList signed,
+			byte[] publicKey) throws FormatException, GeneralSecurityException {
+		if (!crypto.verifySignature(signature, label, toByteArray(signed),
+				publicKey)) {
 			throw new GeneralSecurityException("Invalid signature");
 		}
 	}
@@ -382,4 +401,33 @@ class ClientHelperImpl implements ClientHelper {
 		checkLength(publicKey, 1, MAX_PUBLIC_KEY_LENGTH);
 		return authorFactory.createAuthor(formatVersion, name, publicKey);
 	}
+
+	@Override
+	public TransportProperties parseAndValidateTransportProperties(
+			BdfDictionary properties) throws FormatException {
+		checkSize(properties, 0, MAX_PROPERTIES_PER_TRANSPORT);
+		TransportProperties p = new TransportProperties();
+		for (String key : properties.keySet()) {
+			checkLength(key, 1, MAX_PROPERTY_LENGTH);
+			String value = properties.getString(key);
+			checkLength(value, 1, MAX_PROPERTY_LENGTH);
+			p.put(key, value);
+		}
+		return p;
+	}
+
+	@Override
+	public Map<TransportId, TransportProperties> parseAndValidateTransportPropertiesMap(
+			BdfDictionary properties) throws FormatException {
+		Map<TransportId, TransportProperties> tpMap = new HashMap<>();
+		for (String key : properties.keySet()) {
+			TransportId transportId = new TransportId(key);
+			TransportProperties transportProperties =
+					parseAndValidateTransportProperties(
+							properties.getDictionary(key));
+			tpMap.put(transportId, transportProperties);
+		}
+		return tpMap;
+	}
+
 }

bramble-core/src/main/java/org/briarproject/bramble/client/ContactGroupFactoryImpl.java

@@ -32,25 +32,25 @@ class ContactGroupFactoryImpl implements ContactGroupFactory {
 	}
 
 	@Override
-	public Group createLocalGroup(ClientId clientId, int clientVersion) {
-		return groupFactory.createGroup(clientId, clientVersion,
+	public Group createLocalGroup(ClientId clientId, int majorVersion) {
+		return groupFactory.createGroup(clientId, majorVersion,
 				LOCAL_GROUP_DESCRIPTOR);
 	}
 
 	@Override
-	public Group createContactGroup(ClientId clientId, int clientVersion,
+	public Group createContactGroup(ClientId clientId, int majorVersion,
 			Contact contact) {
 		AuthorId local = contact.getLocalAuthorId();
 		AuthorId remote = contact.getAuthor().getId();
 		byte[] descriptor = createGroupDescriptor(local, remote);
-		return groupFactory.createGroup(clientId, clientVersion, descriptor);
+		return groupFactory.createGroup(clientId, majorVersion, descriptor);
 	}
 
 	@Override
-	public Group createContactGroup(ClientId clientId, int clientVersion,
+	public Group createContactGroup(ClientId clientId, int majorVersion,
 			AuthorId authorId1, AuthorId authorId2) {
 		byte[] descriptor = createGroupDescriptor(authorId1, authorId2);
-		return groupFactory.createGroup(clientId, clientVersion, descriptor);
+		return groupFactory.createGroup(clientId, majorVersion, descriptor);
 	}
 
 	private byte[] createGroupDescriptor(AuthorId local, AuthorId remote) {

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java

@@ -1,23 +1,20 @@
 package org.briarproject.bramble.contact;
 
 import org.briarproject.bramble.api.FormatException;
+import org.briarproject.bramble.api.client.ClientHelper;
 import org.briarproject.bramble.api.contact.ContactExchangeListener;
 import org.briarproject.bramble.api.contact.ContactExchangeTask;
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.contact.ContactManager;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
 import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.data.BdfDictionary;
 import org.briarproject.bramble.api.data.BdfList;
-import org.briarproject.bramble.api.data.BdfReader;
-import org.briarproject.bramble.api.data.BdfReaderFactory;
-import org.briarproject.bramble.api.data.BdfWriter;
-import org.briarproject.bramble.api.data.BdfWriterFactory;
 import org.briarproject.bramble.api.db.ContactExistsException;
 import org.briarproject.bramble.api.db.DatabaseComponent;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.identity.Author;
-import org.briarproject.bramble.api.identity.AuthorFactory;
 import org.briarproject.bramble.api.identity.LocalAuthor;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
@@ -26,30 +23,31 @@ import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.properties.TransportPropertyManager;
+import org.briarproject.bramble.api.record.Record;
+import org.briarproject.bramble.api.record.RecordReader;
+import org.briarproject.bramble.api.record.RecordReaderFactory;
+import org.briarproject.bramble.api.record.RecordWriter;
+import org.briarproject.bramble.api.record.RecordWriterFactory;
 import org.briarproject.bramble.api.system.Clock;
 import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriter;
 import org.briarproject.bramble.api.transport.StreamWriterFactory;
 
+import java.io.EOFException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.security.GeneralSecurityException;
-import java.util.HashMap;
 import java.util.Map;
-import java.util.Map.Entry;
 import java.util.logging.Logger;
 
 import javax.inject.Inject;
 
-import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.api.identity.Author.FORMAT_VERSION;
-import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
-import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
+import static org.briarproject.bramble.api.contact.RecordTypes.CONTACT_INFO;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH;
-import static org.briarproject.bramble.api.plugin.TransportId.MAX_TRANSPORT_ID_LENGTH;
-import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MAX_PROPERTIES_PER_TRANSPORT;
-import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MAX_PROPERTY_LENGTH;
+import static org.briarproject.bramble.util.ValidationUtils.checkLength;
+import static org.briarproject.bramble.util.ValidationUtils.checkSize;
 
 @MethodsNotNullByDefault
 @ParametersNotNullByDefault
@@ -62,9 +60,9 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 			"org.briarproject.briar.contact/EXCHANGE";
 
 	private final DatabaseComponent db;
-	private final AuthorFactory authorFactory;
-	private final BdfReaderFactory bdfReaderFactory;
-	private final BdfWriterFactory bdfWriterFactory;
+	private final ClientHelper clientHelper;
+	private final RecordReaderFactory recordReaderFactory;
+	private final RecordWriterFactory recordWriterFactory;
 	private final Clock clock;
 	private final ConnectionManager connectionManager;
 	private final ContactManager contactManager;
@@ -81,17 +79,17 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 	private volatile boolean alice;
 
 	@Inject
-	ContactExchangeTaskImpl(DatabaseComponent db,
-			AuthorFactory authorFactory, BdfReaderFactory bdfReaderFactory,
-			BdfWriterFactory bdfWriterFactory, Clock clock,
+	ContactExchangeTaskImpl(DatabaseComponent db, ClientHelper clientHelper,
+			RecordReaderFactory recordReaderFactory,
+			RecordWriterFactory recordWriterFactory, Clock clock,
 			ConnectionManager connectionManager, ContactManager contactManager,
 			TransportPropertyManager transportPropertyManager,
 			CryptoComponent crypto, StreamReaderFactory streamReaderFactory,
 			StreamWriterFactory streamWriterFactory) {
 		this.db = db;
-		this.authorFactory = authorFactory;
-		this.bdfReaderFactory = bdfReaderFactory;
-		this.bdfWriterFactory = bdfWriterFactory;
+		this.clientHelper = clientHelper;
+		this.recordReaderFactory = recordReaderFactory;
+		this.recordWriterFactory = recordWriterFactory;
 		this.clock = clock;
 		this.connectionManager = connectionManager;
 		this.contactManager = contactManager;
@@ -126,18 +124,18 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 		} catch (IOException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 			listener.contactExchangeFailed();
-			tryToClose(conn, true);
+			tryToClose(conn);
 			return;
 		}
 
 		// Get the local transport properties
-		Map<TransportId, TransportProperties> localProperties, remoteProperties;
+		Map<TransportId, TransportProperties> localProperties;
 		try {
 			localProperties = transportPropertyManager.getLocalProperties();
 		} catch (DbException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 			listener.contactExchangeFailed();
-			tryToClose(conn, true);
+			tryToClose(conn);
 			return;
 		}
 
@@ -151,158 +149,138 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 		InputStream streamReader =
 				streamReaderFactory.createContactExchangeStreamReader(in,
 						alice ? bobHeaderKey : aliceHeaderKey);
-		BdfReader r = bdfReaderFactory.createReader(streamReader);
+		RecordReader recordReader =
+				recordReaderFactory.createRecordReader(streamReader);
+
 		// Create the writers
-		OutputStream streamWriter =
+		StreamWriter streamWriter =
 				streamWriterFactory.createContactExchangeStreamWriter(out,
 						alice ? aliceHeaderKey : bobHeaderKey);
-		BdfWriter w = bdfWriterFactory.createWriter(streamWriter);
+		RecordWriter recordWriter =
+				recordWriterFactory.createRecordWriter(streamWriter.getOutputStream());
 
 		// Derive the nonces to be signed
 		byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterSecret,
 				new byte[] {PROTOCOL_VERSION});
 		byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterSecret,
 				new byte[] {PROTOCOL_VERSION});
+		byte[] localNonce = alice ? aliceNonce : bobNonce;
+		byte[] remoteNonce = alice ? bobNonce : aliceNonce;
 
-		// Exchange pseudonyms, signed nonces, and timestamps
+		// Sign the nonce
+		byte[] localSignature = sign(localAuthor, localNonce);
+
+		// Exchange contact info
 		long localTimestamp = clock.currentTimeMillis();
-		Author remoteAuthor;
-		long remoteTimestamp;
+		ContactInfo remoteInfo;
 		try {
 			if (alice) {
-				sendPseudonym(w, aliceNonce);
-				sendTimestamp(w, localTimestamp);
-				sendTransportProperties(w, localProperties);
-				w.flush();
-				remoteAuthor = receivePseudonym(r, bobNonce);
-				remoteTimestamp = receiveTimestamp(r);
-				remoteProperties = receiveTransportProperties(r);
+				sendContactInfo(recordWriter, localAuthor, localProperties,
+						localSignature, localTimestamp);
+				recordWriter.flush();
+				remoteInfo = receiveContactInfo(recordReader);
 			} else {
-				remoteAuthor = receivePseudonym(r, aliceNonce);
-				remoteTimestamp = receiveTimestamp(r);
-				remoteProperties = receiveTransportProperties(r);
-				sendPseudonym(w, bobNonce);
-				sendTimestamp(w, localTimestamp);
-				sendTransportProperties(w, localProperties);
-				w.flush();
+				remoteInfo = receiveContactInfo(recordReader);
+				sendContactInfo(recordWriter, localAuthor, localProperties,
+						localSignature, localTimestamp);
+				recordWriter.flush();
 			}
-			// Close the outgoing stream and expect EOF on the incoming stream
-			w.close();
-			if (!r.eof()) LOG.warning("Unexpected data at end of connection");
-		} catch (GeneralSecurityException | IOException e) {
+			// Send EOF on the outgoing stream
+			streamWriter.sendEndOfStream();
+			// Skip any remaining records from the incoming stream
+			try {
+				while (true) recordReader.readRecord();
+			} catch (EOFException expected) {
+				LOG.info("End of stream");
+			}
+		} catch (IOException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 			listener.contactExchangeFailed();
-			tryToClose(conn, true);
+			tryToClose(conn);
+			return;
+		}
+
+		// Verify the contact's signature
+		if (!verify(remoteInfo.author, remoteNonce, remoteInfo.signature)) {
+			LOG.warning("Invalid signature");
+			listener.contactExchangeFailed();
+			tryToClose(conn);
 			return;
 		}
 
 		// The agreed timestamp is the minimum of the peers' timestamps
-		long timestamp = Math.min(localTimestamp, remoteTimestamp);
+		long timestamp = Math.min(localTimestamp, remoteInfo.timestamp);
 
 		try {
 			// Add the contact
-			ContactId contactId = addContact(remoteAuthor, timestamp,
-					remoteProperties);
+			ContactId contactId = addContact(remoteInfo.author, timestamp,
+					remoteInfo.properties);
 			// Reuse the connection as a transport connection
 			connectionManager.manageOutgoingConnection(contactId, transportId,
 					conn);
 			// Pseudonym exchange succeeded
 			LOG.info("Pseudonym exchange succeeded");
-			listener.contactExchangeSucceeded(remoteAuthor);
+			listener.contactExchangeSucceeded(remoteInfo.author);
 		} catch (ContactExistsException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
-			tryToClose(conn, true);
-			listener.duplicateContact(remoteAuthor);
+			tryToClose(conn);
+			listener.duplicateContact(remoteInfo.author);
 		} catch (DbException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
-			tryToClose(conn, true);
+			tryToClose(conn);
 			listener.contactExchangeFailed();
 		}
 	}
 
-	private void sendPseudonym(BdfWriter w, byte[] nonce)
-			throws GeneralSecurityException, IOException {
-		// Sign the nonce
-		byte[] privateKey = localAuthor.getPrivateKey();
-		byte[] sig = crypto.sign(SIGNING_LABEL_EXCHANGE, nonce, privateKey);
-
-		// Write the name, public key and signature
-		w.writeListStart();
-		w.writeLong(localAuthor.getFormatVersion());
-		w.writeString(localAuthor.getName());
-		w.writeRaw(localAuthor.getPublicKey());
-		w.writeRaw(sig);
-		w.writeListEnd();
-		LOG.info("Sent pseudonym");
-	}
-
-	private Author receivePseudonym(BdfReader r, byte[] nonce)
-			throws GeneralSecurityException, IOException {
-		// Read the format version, name, public key and signature
-		r.readListStart();
-		int formatVersion = (int) r.readLong();
-		if (formatVersion != FORMAT_VERSION) throw new FormatException();
-		String name = r.readString(MAX_AUTHOR_NAME_LENGTH);
-		if (name.isEmpty()) throw new FormatException();
-		byte[] publicKey = r.readRaw(MAX_PUBLIC_KEY_LENGTH);
-		if (publicKey.length == 0) throw new FormatException();
-		byte[] sig = r.readRaw(MAX_SIGNATURE_LENGTH);
-		if (sig.length == 0) throw new FormatException();
-		r.readListEnd();
-		LOG.info("Received pseudonym");
-		// Verify the signature
-		if (!crypto.verify(SIGNING_LABEL_EXCHANGE, nonce, publicKey, sig)) {
-			if (LOG.isLoggable(INFO))
-				LOG.info("Invalid signature");
-			throw new GeneralSecurityException();
+	private byte[] sign(LocalAuthor author, byte[] nonce) {
+		try {
+			return crypto.sign(SIGNING_LABEL_EXCHANGE, nonce,
+					author.getPrivateKey());
+		} catch (GeneralSecurityException e) {
+			throw new AssertionError();
 		}
-		return authorFactory.createAuthor(formatVersion, name, publicKey);
 	}
 
-	private void sendTimestamp(BdfWriter w, long timestamp)
+	private boolean verify(Author author, byte[] nonce, byte[] signature) {
+		try {
+			return crypto.verifySignature(signature, SIGNING_LABEL_EXCHANGE,
+					nonce, author.getPublicKey());
+		} catch (GeneralSecurityException e) {
+			return false;
+		}
+	}
+
+	private void sendContactInfo(RecordWriter recordWriter, Author author,
+			Map<TransportId, TransportProperties> properties, byte[] signature,
+			long timestamp) throws IOException {
+		BdfList authorList = clientHelper.toList(author);
+		BdfDictionary props = clientHelper.toDictionary(properties);
+		BdfList payload = BdfList.of(authorList, props, signature, timestamp);
+		recordWriter.writeRecord(new Record(PROTOCOL_VERSION, CONTACT_INFO,
+				clientHelper.toByteArray(payload)));
+		LOG.info("Sent contact info");
+	}
+
+	private ContactInfo receiveContactInfo(RecordReader recordReader)
 			throws IOException {
-		w.writeLong(timestamp);
-		LOG.info("Sent timestamp");
-	}
-
-	private long receiveTimestamp(BdfReader r) throws IOException {
-		long timestamp = r.readLong();
+		Record record;
+		do {
+			record = recordReader.readRecord();
+			if (record.getProtocolVersion() != PROTOCOL_VERSION)
+				throw new FormatException();
+		} while (record.getRecordType() != CONTACT_INFO);
+		LOG.info("Received contact info");
+		BdfList payload = clientHelper.toList(record.getPayload());
+		checkSize(payload, 4);
+		Author author = clientHelper.parseAndValidateAuthor(payload.getList(0));
+		BdfDictionary props = payload.getDictionary(1);
+		Map<TransportId, TransportProperties> properties =
+				clientHelper.parseAndValidateTransportPropertiesMap(props);
+		byte[] signature = payload.getRaw(2);
+		checkLength(signature, 1, MAX_SIGNATURE_LENGTH);
+		long timestamp = payload.getLong(3);
 		if (timestamp < 0) throw new FormatException();
-		LOG.info("Received timestamp");
-		return timestamp;
-	}
-
-	private void sendTransportProperties(BdfWriter w,
-			Map<TransportId, TransportProperties> local) throws IOException {
-		w.writeListStart();
-		for (Entry<TransportId, TransportProperties> e : local.entrySet())
-			w.writeList(BdfList.of(e.getKey().getString(), e.getValue()));
-		w.writeListEnd();
-	}
-
-	private Map<TransportId, TransportProperties> receiveTransportProperties(
-			BdfReader r) throws IOException {
-		Map<TransportId, TransportProperties> remote = new HashMap<>();
-		r.readListStart();
-		while (!r.hasListEnd()) {
-			r.readListStart();
-			String id = r.readString(MAX_TRANSPORT_ID_LENGTH);
-			if (id.isEmpty()) throw new FormatException();
-			TransportProperties p = new TransportProperties();
-			r.readDictionaryStart();
-			while (!r.hasDictionaryEnd()) {
-				if (p.size() == MAX_PROPERTIES_PER_TRANSPORT)
-					throw new FormatException();
-				String key = r.readString(MAX_PROPERTY_LENGTH);
-				String value = r.readString(MAX_PROPERTY_LENGTH);
-				p.put(key, value);
-			}
-			r.readDictionaryEnd();
-			r.readListEnd();
-			remote.put(new TransportId(id), p);
-		}
-		r.readListEnd();
-		return remote;
+		return new ContactInfo(author, properties, signature, timestamp);
 	}
 
 	private ContactId addContact(Author remoteAuthor, long timestamp,
@@ -323,13 +301,30 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 		return contactId;
 	}
 
-	private void tryToClose(DuplexTransportConnection conn, boolean exception) {
+	private void tryToClose(DuplexTransportConnection conn) {
 		try {
 			LOG.info("Closing connection");
-			conn.getReader().dispose(exception, true);
-			conn.getWriter().dispose(exception);
+			conn.getReader().dispose(true, true);
+			conn.getWriter().dispose(true);
 		} catch (IOException e) {
 			if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
 		}
 	}
+
+	private static class ContactInfo {
+
+		private final Author author;
+		private final Map<TransportId, TransportProperties> properties;
+		private final byte[] signature;
+		private final long timestamp;
+
+		private ContactInfo(Author author,
+				Map<TransportId, TransportProperties> properties,
+				byte[] signature, long timestamp) {
+			this.author = author;
+			this.properties = properties;
+			this.signature = signature;
+			this.timestamp = timestamp;
+		}
+	}
 }

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactManagerImpl.java

@@ -27,36 +27,37 @@ class ContactManagerImpl implements ContactManager {
 
 	private final DatabaseComponent db;
 	private final KeyManager keyManager;
-	private final List<AddContactHook> addHooks;
-	private final List<RemoveContactHook> removeHooks;
+	private final List<ContactHook> hooks;
 
 	@Inject
 	ContactManagerImpl(DatabaseComponent db, KeyManager keyManager) {
 		this.db = db;
 		this.keyManager = keyManager;
-		addHooks = new CopyOnWriteArrayList<>();
-		removeHooks = new CopyOnWriteArrayList<>();
+		hooks = new CopyOnWriteArrayList<>();
 	}
 
 	@Override
-	public void registerAddContactHook(AddContactHook hook) {
-		addHooks.add(hook);
-	}
-
-	@Override
-	public void registerRemoveContactHook(RemoveContactHook hook) {
-		removeHooks.add(hook);
+	public void registerContactHook(ContactHook hook) {
+		hooks.add(hook);
 	}
 
 	@Override
 	public ContactId addContact(Transaction txn, Author remote, AuthorId local,
-			SecretKey master,long timestamp, boolean alice, boolean verified,
+			SecretKey master, long timestamp, boolean alice, boolean verified,
 			boolean active) throws DbException {
 		ContactId c = db.addContact(txn, remote, local, verified, active);
-		keyManager.addContact(txn, c, master, timestamp, alice);
+		keyManager.addContact(txn, c, master, timestamp, alice, active);
 		Contact contact = db.getContact(txn, c);
-		for (AddContactHook hook : addHooks)
-			hook.addingContact(txn, contact);
+		for (ContactHook hook : hooks) hook.addingContact(txn, contact);
+		return c;
+	}
+
+	@Override
+	public ContactId addContact(Transaction txn, Author remote, AuthorId local,
+			boolean verified, boolean active) throws DbException {
+		ContactId c = db.addContact(txn, remote, local, verified, active);
+		Contact contact = db.getContact(txn, c);
+		for (ContactHook hook : hooks) hook.addingContact(txn, contact);
 		return c;
 	}
 
@@ -156,7 +157,7 @@ class ContactManagerImpl implements ContactManager {
 	@Override
 	public boolean contactExists(AuthorId remoteAuthorId,
 			AuthorId localAuthorId) throws DbException {
-		boolean exists = false;
+		boolean exists;
 		Transaction txn = db.startTransaction(true);
 		try {
 			exists = contactExists(txn, remoteAuthorId, localAuthorId);
@@ -171,8 +172,7 @@ class ContactManagerImpl implements ContactManager {
 	public void removeContact(Transaction txn, ContactId c)
 			throws DbException {
 		Contact contact = db.getContact(txn, c);
-		for (RemoveContactHook hook : removeHooks)
-			hook.removingContact(txn, contact);
+		for (ContactHook hook : hooks) hook.removingContact(txn, contact);
 		db.removeContact(txn, c);
 	}
 

bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java

@@ -205,12 +205,12 @@ class CryptoComponentImpl implements CryptoComponent {
 	}
 
 	@Override
-	public boolean verify(String label, byte[] signedData, byte[] publicKey,
-			byte[] signature) throws GeneralSecurityException {
+	public boolean verifySignature(byte[] signature, String label,
+			byte[] signed, byte[] publicKey) throws GeneralSecurityException {
 		PublicKey key = signatureKeyParser.parsePublicKey(publicKey);
 		Signature sig = new EdSignature();
 		sig.initVerify(key);
-		updateSignature(sig, label, signedData);
+		updateSignature(sig, label, signed);
 		return sig.verify(signature);
 	}
 
@@ -262,6 +262,17 @@ class CryptoComponentImpl implements CryptoComponent {
 		return output;
 	}
 
+	@Override
+	public boolean verifyMac(byte[] mac, String label, SecretKey macKey,
+			byte[]... inputs) {
+		byte[] expected = mac(label, macKey, inputs);
+		if (mac.length != expected.length) return false;
+		// Constant-time comparison
+		int cmp = 0;
+		for (int i = 0; i < mac.length; i++) cmp |= mac[i] ^ expected[i];
+		return cmp == 0;
+	}
+
 	@Override
 	public byte[] encryptWithPassword(byte[] input, String password) {
 		AuthenticatedCipher cipher = new XSalsa20Poly1305AuthenticatedCipher();

bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoExecutorModule.java

@@ -0,0 +1,67 @@
+package org.briarproject.bramble.crypto;
+
+import org.briarproject.bramble.TimeLoggingExecutor;
+import org.briarproject.bramble.api.crypto.CryptoExecutor;
+import org.briarproject.bramble.api.lifecycle.LifecycleManager;
+
+import java.util.concurrent.BlockingQueue;
+import java.util.concurrent.Executor;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.LinkedBlockingQueue;
+import java.util.concurrent.RejectedExecutionHandler;
+import java.util.concurrent.ThreadPoolExecutor;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+
+import dagger.Module;
+import dagger.Provides;
+
+import static java.util.concurrent.TimeUnit.SECONDS;
+
+@Module
+public class CryptoExecutorModule {
+
+	public static class EagerSingletons {
+		@Inject
+		@CryptoExecutor
+		ExecutorService cryptoExecutor;
+	}
+
+	/**
+	 * The maximum number of executor threads.
+	 * <p>
+	 * The number of available processors can change during the lifetime of the
+	 * JVM, so this is just a reasonable guess.
+	 */
+	private static final int MAX_EXECUTOR_THREADS =
+			Math.max(1, Runtime.getRuntime().availableProcessors() - 1);
+
+	private final ExecutorService cryptoExecutor;
+
+	public CryptoExecutorModule() {
+		// Use an unbounded queue
+		BlockingQueue<Runnable> queue = new LinkedBlockingQueue<>();
+		// Discard tasks that are submitted during shutdown
+		RejectedExecutionHandler policy =
+				new ThreadPoolExecutor.DiscardPolicy();
+		// Create a limited # of threads and keep them in the pool for 60 secs
+		cryptoExecutor = new TimeLoggingExecutor("CryptoExecutor", 0,
+				MAX_EXECUTOR_THREADS, 60, SECONDS, queue, policy);
+	}
+
+	@Provides
+	@Singleton
+	@CryptoExecutor
+	ExecutorService provideCryptoExecutorService(
+			LifecycleManager lifecycleManager) {
+		lifecycleManager.registerForShutdown(cryptoExecutor);
+		return cryptoExecutor;
+	}
+
+	@Provides
+	@CryptoExecutor
+	Executor provideCryptoExecutor() {
+		return cryptoExecutor;
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoModule.java

@@ -1,64 +1,24 @@
 package org.briarproject.bramble.crypto;
 
-import org.briarproject.bramble.TimeLoggingExecutor;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
-import org.briarproject.bramble.api.crypto.CryptoExecutor;
 import org.briarproject.bramble.api.crypto.KeyAgreementCrypto;
 import org.briarproject.bramble.api.crypto.PasswordStrengthEstimator;
 import org.briarproject.bramble.api.crypto.StreamDecrypterFactory;
 import org.briarproject.bramble.api.crypto.StreamEncrypterFactory;
 import org.briarproject.bramble.api.crypto.TransportCrypto;
-import org.briarproject.bramble.api.lifecycle.LifecycleManager;
 import org.briarproject.bramble.api.system.SecureRandomProvider;
 
 import java.security.SecureRandom;
-import java.util.concurrent.BlockingQueue;
-import java.util.concurrent.Executor;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.LinkedBlockingQueue;
-import java.util.concurrent.RejectedExecutionHandler;
-import java.util.concurrent.ThreadPoolExecutor;
 
-import javax.inject.Inject;
 import javax.inject.Provider;
 import javax.inject.Singleton;
 
 import dagger.Module;
 import dagger.Provides;
 
-import static java.util.concurrent.TimeUnit.SECONDS;
-
 @Module
 public class CryptoModule {
 
-	public static class EagerSingletons {
-		@Inject
-		@CryptoExecutor
-		ExecutorService cryptoExecutor;
-	}
-
-	/**
-	 * The maximum number of executor threads.
-	 * <p>
-	 * The number of available processors can change during the lifetime of the
-	 * JVM, so this is just a reasonable guess.
-	 */
-	private static final int MAX_EXECUTOR_THREADS =
-			Math.max(1, Runtime.getRuntime().availableProcessors() - 1);
-
-	private final ExecutorService cryptoExecutor;
-
-	public CryptoModule() {
-		// Use an unbounded queue
-		BlockingQueue<Runnable> queue = new LinkedBlockingQueue<>();
-		// Discard tasks that are submitted during shutdown
-		RejectedExecutionHandler policy =
-				new ThreadPoolExecutor.DiscardPolicy();
-		// Create a limited # of threads and keep them in the pool for 60 secs
-		cryptoExecutor = new TimeLoggingExecutor("CryptoExecutor", 0,
-				MAX_EXECUTOR_THREADS, 60, SECONDS, queue, policy);
-	}
-
 	@Provides
 	AuthenticatedCipher provideAuthenticatedCipher() {
 		return new XSalsa20Poly1305AuthenticatedCipher();
@@ -103,21 +63,6 @@ public class CryptoModule {
 		return keyAgreementCrypto;
 	}
 
-	@Provides
-	@Singleton
-	@CryptoExecutor
-	ExecutorService getCryptoExecutorService(
-			LifecycleManager lifecycleManager) {
-		lifecycleManager.registerForShutdown(cryptoExecutor);
-		return cryptoExecutor;
-	}
-
-	@Provides
-	@CryptoExecutor
-	Executor getCryptoExecutor() {
-		return cryptoExecutor;
-	}
-
 	@Provides
 	SecureRandom getSecureRandom(CryptoComponent crypto) {
 		return crypto.getSecureRandom();

bramble-core/src/main/java/org/briarproject/bramble/crypto/MessageEncrypter.java

@@ -152,59 +152,47 @@ public class MessageEncrypter {
 		}
 	}
 
-	public static void main(String[] args) throws Exception {
+	public static void main(String[] args) {
 		if (args.length < 1) {
 			printUsage();
-			return;
+			System.exit(1);
 		}
-		SecureRandom random = new SecureRandom();
-		MessageEncrypter encrypter = new MessageEncrypter(random);
 		if (args[0].equals("generate")) {
 			if (args.length != 3) {
 				printUsage();
-				return;
+				System.exit(1);
+			}
+			try {
+				generateKeyPair(args[1], args[2]);
+			} catch (Exception e) {
+				e.printStackTrace();
+				System.exit(2);
 			}
-			// Generate a key pair
-			KeyPair keyPair = encrypter.generateKeyPair();
-			PrintStream out = new PrintStream(new FileOutputStream(args[1]));
-			out.print(
-					StringUtils.toHexString(keyPair.getPublic().getEncoded()));
-			out.flush();
-			out.close();
-			out = new PrintStream(new FileOutputStream(args[2]));
-			out.print(
-					StringUtils.toHexString(keyPair.getPrivate().getEncoded()));
-			out.flush();
-			out.close();
 		} else if (args[0].equals("encrypt")) {
 			if (args.length != 2) {
 				printUsage();
-				return;
+				System.exit(1);
+			}
+			try {
+				encryptMessage(args[1]);
+			} catch (Exception e) {
+				e.printStackTrace();
+				System.exit(2);
 			}
-			// Encrypt a decrypted message
-			InputStream in = new FileInputStream(args[1]);
-			byte[] keyBytes = StringUtils.fromHexString(readFully(in).trim());
-			PublicKey publicKey =
-					encrypter.getKeyParser().parsePublicKey(keyBytes);
-			String message = readFully(System.in);
-			byte[] plaintext = message.getBytes(Charset.forName("UTF-8"));
-			byte[] ciphertext = encrypter.encrypt(publicKey, plaintext);
-			System.out.println(AsciiArmour.wrap(ciphertext, LINE_LENGTH));
 		} else if (args[0].equals("decrypt")) {
 			if (args.length != 2) {
 				printUsage();
-				return;
+				System.exit(1);
+			}
+			try {
+				decryptMessage(args[1]);
+			} catch (Exception e) {
+				e.printStackTrace();
+				System.exit(2);
 			}
-			// Decrypt an encrypted message
-			InputStream in = new FileInputStream(args[1]);
-			byte[] keyBytes = StringUtils.fromHexString(readFully(in).trim());
-			PrivateKey privateKey =
-					encrypter.getKeyParser().parsePrivateKey(keyBytes);
-			byte[] ciphertext = AsciiArmour.unwrap(readFully(System.in));
-			byte[] plaintext = encrypter.decrypt(privateKey, ciphertext);
-			System.out.println(new String(plaintext, Charset.forName("UTF-8")));
 		} else {
 			printUsage();
+			System.exit(1);
 		}
 	}
 
@@ -216,6 +204,46 @@ public class MessageEncrypter {
 		System.err.println("MessageEncrypter decrypt <private_key_file>");
 	}
 
+	private static void generateKeyPair(String publicKeyFile,
+			String privateKeyFile) throws Exception {
+		SecureRandom random = new SecureRandom();
+		MessageEncrypter encrypter = new MessageEncrypter(random);
+		KeyPair keyPair = encrypter.generateKeyPair();
+		PrintStream out = new PrintStream(new FileOutputStream(publicKeyFile));
+		out.print(StringUtils.toHexString(keyPair.getPublic().getEncoded()));
+		out.flush();
+		out.close();
+		out = new PrintStream(new FileOutputStream(privateKeyFile));
+		out.print(StringUtils.toHexString(keyPair.getPrivate().getEncoded()));
+		out.flush();
+		out.close();
+	}
+
+	private static void encryptMessage(String publicKeyFile) throws Exception {
+		SecureRandom random = new SecureRandom();
+		MessageEncrypter encrypter = new MessageEncrypter(random);
+		InputStream in = new FileInputStream(publicKeyFile);
+		byte[] keyBytes = StringUtils.fromHexString(readFully(in).trim());
+		PublicKey publicKey =
+				encrypter.getKeyParser().parsePublicKey(keyBytes);
+		String message = readFully(System.in);
+		byte[] plaintext = message.getBytes(Charset.forName("UTF-8"));
+		byte[] ciphertext = encrypter.encrypt(publicKey, plaintext);
+		System.out.println(AsciiArmour.wrap(ciphertext, LINE_LENGTH));
+	}
+
+	private static void decryptMessage(String privateKeyFile) throws Exception {
+		SecureRandom random = new SecureRandom();
+		MessageEncrypter encrypter = new MessageEncrypter(random);
+		InputStream in = new FileInputStream(privateKeyFile);
+		byte[] keyBytes = StringUtils.fromHexString(readFully(in).trim());
+		PrivateKey privateKey =
+				encrypter.getKeyParser().parsePrivateKey(keyBytes);
+		byte[] ciphertext = AsciiArmour.unwrap(readFully(System.in));
+		byte[] plaintext = encrypter.decrypt(privateKey, ciphertext);
+		System.out.println(new String(plaintext, Charset.forName("UTF-8")));
+	}
+
 	private static String readFully(InputStream in) throws IOException {
 		String newline = System.getProperty("line.separator");
 		StringBuilder stringBuilder = new StringBuilder();

bramble-core/src/main/java/org/briarproject/bramble/crypto/Signature.java

@@ -10,37 +10,37 @@ import java.security.GeneralSecurityException;
 interface Signature {
 
 	/**
-	 * @see {@link java.security.Signature#initSign(java.security.PrivateKey)}
+	 * @see java.security.Signature#initSign(java.security.PrivateKey)
 	 */
 	void initSign(PrivateKey k) throws GeneralSecurityException;
 
 	/**
-	 * @see {@link java.security.Signature#initVerify(java.security.PublicKey)}
+	 * @see java.security.Signature#initVerify(java.security.PublicKey)
 	 */
 	void initVerify(PublicKey k) throws GeneralSecurityException;
 
 	/**
-	 * @see {@link java.security.Signature#update(byte)}
+	 * @see java.security.Signature#update(byte)
 	 */
 	void update(byte b) throws GeneralSecurityException;
 
 	/**
-	 * @see {@link java.security.Signature#update(byte[])}
+	 * @see java.security.Signature#update(byte[])
 	 */
 	void update(byte[] b) throws GeneralSecurityException;
 
 	/**
-	 * @see {@link java.security.Signature#update(byte[], int, int)}
+	 * @see java.security.Signature#update(byte[], int, int)
 	 */
 	void update(byte[] b, int off, int len) throws GeneralSecurityException;
 
 	/**
-	 * @see {@link java.security.Signature#sign()}
+	 * @see java.security.Signature#sign()}
 	 */
 	byte[] sign() throws GeneralSecurityException;
 
 	/**
-	 * @see {@link java.security.Signature#verify(byte[])}
+	 * @see java.security.Signature#verify(byte[])
 	 */
 	boolean verify(byte[] signature) throws GeneralSecurityException;
 }

bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java

@@ -36,7 +36,8 @@ class TransportCryptoImpl implements TransportCrypto {
 
 	@Override
 	public TransportKeys deriveTransportKeys(TransportId t,
-			SecretKey master, long rotationPeriod, boolean alice) {
+			SecretKey master, long rotationPeriod, boolean alice,
+			boolean active) {
 		// Keys for the previous period are derived from the master secret
 		SecretKey inTagPrev = deriveTagKey(master, t, !alice);
 		SecretKey inHeaderPrev = deriveHeaderKey(master, t, !alice);
@@ -57,7 +58,7 @@ class TransportCryptoImpl implements TransportCrypto {
 		IncomingKeys inNext = new IncomingKeys(inTagNext, inHeaderNext,
 				rotationPeriod + 1);
 		OutgoingKeys outCurr = new OutgoingKeys(outTagCurr, outHeaderCurr,
-				rotationPeriod);
+				rotationPeriod, active);
 		// Collect and return the keys
 		return new TransportKeys(t, inPrev, inCurr, inNext, outCurr);
 	}
@@ -71,6 +72,7 @@ class TransportCryptoImpl implements TransportCrypto {
 		IncomingKeys inNext = k.getNextIncomingKeys();
 		OutgoingKeys outCurr = k.getCurrentOutgoingKeys();
 		long startPeriod = outCurr.getRotationPeriod();
+		boolean active = outCurr.isActive();
 		// Rotate the keys
 		for (long p = startPeriod + 1; p <= rotationPeriod; p++) {
 			inPrev = inCurr;
@@ -80,7 +82,7 @@ class TransportCryptoImpl implements TransportCrypto {
 			inNext = new IncomingKeys(inNextTag, inNextHeader, p + 1);
 			SecretKey outCurrTag = rotateKey(outCurr.getTagKey(), p);
 			SecretKey outCurrHeader = rotateKey(outCurr.getHeaderKey(), p);
-			outCurr = new OutgoingKeys(outCurrTag, outCurrHeader, p);
+			outCurr = new OutgoingKeys(outCurrTag, outCurrHeader, p, active);
 		}
 		// Collect and return the keys
 		return new TransportKeys(k.getTransportId(), inPrev, inCurr, inNext,

bramble-core/src/main/java/org/briarproject/bramble/data/BdfReaderFactoryImpl.java

@@ -8,6 +8,7 @@ import java.io.InputStream;
 
 import javax.annotation.concurrent.Immutable;
 
+import static org.briarproject.bramble.api.data.BdfReader.DEFAULT_MAX_BUFFER_SIZE;
 import static org.briarproject.bramble.api.data.BdfReader.DEFAULT_NESTED_LIMIT;
 
 @Immutable
@@ -16,11 +17,13 @@ class BdfReaderFactoryImpl implements BdfReaderFactory {
 
 	@Override
 	public BdfReader createReader(InputStream in) {
-		return new BdfReaderImpl(in, DEFAULT_NESTED_LIMIT);
+		return new BdfReaderImpl(in, DEFAULT_NESTED_LIMIT,
+				DEFAULT_MAX_BUFFER_SIZE);
 	}
 
 	@Override
-	public BdfReader createReader(InputStream in, int nestedLimit) {
-		return new BdfReaderImpl(in, nestedLimit);
+	public BdfReader createReader(InputStream in, int nestedLimit,
+			int maxBufferSize) {
+		return new BdfReaderImpl(in, nestedLimit, maxBufferSize);
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/data/BdfReaderImpl.java

@@ -37,15 +37,16 @@ class BdfReaderImpl implements BdfReader {
 	private static final byte[] EMPTY_BUFFER = new byte[0];
 
 	private final InputStream in;
-	private final int nestedLimit;
+	private final int nestedLimit, maxBufferSize;
 
 	private boolean hasLookahead = false, eof = false;
 	private byte next;
 	private byte[] buf = new byte[8];
 
-	BdfReaderImpl(InputStream in, int nestedLimit) {
+	BdfReaderImpl(InputStream in, int nestedLimit, int maxBufferSize) {
 		this.in = in;
 		this.nestedLimit = nestedLimit;
+		this.maxBufferSize = maxBufferSize;
 	}
 
 	private void readLookahead() throws IOException {
@@ -91,8 +92,8 @@ class BdfReaderImpl implements BdfReader {
 		if (hasBoolean()) return readBoolean();
 		if (hasLong()) return readLong();
 		if (hasDouble()) return readDouble();
-		if (hasString()) return readString(Integer.MAX_VALUE);
-		if (hasRaw()) return readRaw(Integer.MAX_VALUE);
+		if (hasString()) return readString();
+		if (hasRaw()) return readRaw();
 		if (hasList()) return readList(level);
 		if (hasDictionary()) return readDictionary(level);
 		throw new FormatException();
@@ -245,11 +246,11 @@ class BdfReaderImpl implements BdfReader {
 	}
 
 	@Override
-	public String readString(int maxLength) throws IOException {
+	public String readString() throws IOException {
 		if (!hasString()) throw new FormatException();
 		hasLookahead = false;
 		int length = readStringLength();
-		if (length < 0 || length > maxLength) throw new FormatException();
+		if (length < 0 || length > maxBufferSize) throw new FormatException();
 		if (length == 0) return "";
 		readIntoBuffer(length);
 		return new String(buf, 0, length, "UTF-8");
@@ -279,11 +280,11 @@ class BdfReaderImpl implements BdfReader {
 	}
 
 	@Override
-	public byte[] readRaw(int maxLength) throws IOException {
+	public byte[] readRaw() throws IOException {
 		if (!hasRaw()) throw new FormatException();
 		hasLookahead = false;
 		int length = readRawLength();
-		if (length < 0 || length > maxLength) throw new FormatException();
+		if (length < 0 || length > maxBufferSize) throw new FormatException();
 		if (length == 0) return EMPTY_BUFFER;
 		byte[] b = new byte[length];
 		readIntoBuffer(b, length);
@@ -381,7 +382,7 @@ class BdfReaderImpl implements BdfReader {
 		BdfDictionary dictionary = new BdfDictionary();
 		readDictionaryStart();
 		while (!hasDictionaryEnd())
-			dictionary.put(readString(Integer.MAX_VALUE), readObject(level + 1));
+			dictionary.put(readString(), readObject(level + 1));
 		readDictionaryEnd();
 		return dictionary;
 	}

bramble-core/src/main/java/org/briarproject/bramble/data/MetadataParserImpl.java

@@ -59,8 +59,8 @@ class MetadataParserImpl implements MetadataParser {
 		if (reader.hasBoolean()) return reader.readBoolean();
 		if (reader.hasLong()) return reader.readLong();
 		if (reader.hasDouble()) return reader.readDouble();
-		if (reader.hasString()) return reader.readString(Integer.MAX_VALUE);
-		if (reader.hasRaw()) return reader.readRaw(Integer.MAX_VALUE);
+		if (reader.hasString()) return reader.readString();
+		if (reader.hasRaw()) return reader.readRaw();
 		if (reader.hasList()) return reader.readList();
 		if (reader.hasDictionary()) return reader.readDictionary();
 		throw new FormatException();