Decouple poller from plugin manager.

Generate and store handshake key pair at startup if necessary

Closes #1538

See merge request briar/briar!1082

.idea/codeStyles/Project.xml

@@ -39,31 +39,6 @@
     <JetCodeStyleSettings>
       <option name="CODE_STYLE_DEFAULTS" value="KOTLIN_OFFICIAL" />
     </JetCodeStyleSettings>
-    <Objective-C-extensions>
-      <file>
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Import" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Macro" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Typedef" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Enum" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Constant" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Global" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Struct" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="FunctionPredecl" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Function" />
-      </file>
-      <class>
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Property" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="Synthesize" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="InitMethod" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="StaticMethod" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="InstanceMethod" />
-        <option name="com.jetbrains.cidr.lang.util.OCDeclarationKind" value="DeallocMethod" />
-      </class>
-      <extensions>
-        <pair source="cpp" header="h" fileNamingConvention="NONE" />
-        <pair source="c" header="h" fileNamingConvention="NONE" />
-      </extensions>
-    </Objective-C-extensions>
     <XML>
       <option name="XML_LEGACY_SETTINGS_IMPORTED" value="true" />
     </XML>

bramble-android/build.gradle

@@ -33,7 +33,7 @@ dependencies {
 	tor 'org.briarproject:tor-android:0.3.5.8@zip'
 	tor 'org.briarproject:obfs4proxy-android:0.0.9@zip'
 
-	annotationProcessor 'com.google.dagger:dagger-compiler:2.19'
+	annotationProcessor 'com.google.dagger:dagger-compiler:2.22.1'
 
 	compileOnly 'javax.annotation:jsr250-api:1.0'
 

bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/AndroidTorPlugin.java

@@ -32,9 +32,6 @@ import static java.util.concurrent.TimeUnit.MINUTES;
 @ParametersNotNullByDefault
 class AndroidTorPlugin extends TorPlugin {
 
-	// This tag may prevent Huawei's power manager from killing us
-	private static final String WAKE_LOCK_TAG = "LocationManagerService";
-
 	private final Context appContext;
 	private final RenewableWakeLock wakeLock;
 
@@ -55,7 +52,7 @@ class AndroidTorPlugin extends TorPlugin {
 				appContext.getSystemService(POWER_SERVICE);
 		if (pm == null) throw new AssertionError();
 		wakeLock = new RenewableWakeLock(pm, scheduler, PARTIAL_WAKE_LOCK,
-				WAKE_LOCK_TAG, 1, MINUTES);
+				getWakeLockTag(), 1, MINUTES);
 	}
 
 	@Override
@@ -87,4 +84,17 @@ class AndroidTorPlugin extends TorPlugin {
 		super.stop();
 		wakeLock.release();
 	}
+
+	private String getWakeLockTag() {
+		PackageManager pm = appContext.getPackageManager();
+		for (PackageInfo info : pm.getInstalledPackages(0)) {
+			String name = info.packageName.toLowerCase();
+			if (name.startsWith("com.huawei.powergenie")) {
+				return "LocationManagerService";
+			} else if (name.startsWith("com.evenwell.powermonitor")) {
+				return "AudioIn";
+			}
+		}
+		return getClass().getSimpleName();
+	}
 }

bramble-android/src/main/java/org/briarproject/bramble/system/AndroidSystemModule.java

@@ -1,10 +1,13 @@
 package org.briarproject.bramble.system;
 
+import org.briarproject.bramble.api.event.EventExecutor;
 import org.briarproject.bramble.api.system.AndroidExecutor;
 import org.briarproject.bramble.api.system.LocationUtils;
 import org.briarproject.bramble.api.system.ResourceProvider;
 import org.briarproject.bramble.api.system.SecureRandomProvider;
 
+import java.util.concurrent.Executor;
+
 import javax.inject.Singleton;
 
 import dagger.Module;
@@ -32,6 +35,13 @@ public class AndroidSystemModule {
 		return androidExecutor;
 	}
 
+	@Provides
+	@Singleton
+	@EventExecutor
+	Executor provideEventExecutor(AndroidExecutor androidExecutor) {
+		return androidExecutor::runOnUiThread;
+	}
+
 	@Provides
 	@Singleton
 	ResourceProvider provideResourceProvider(AndroidResourceProvider provider) {

bramble-android/witness.gradle

@@ -1,45 +1,45 @@
 dependencyVerification {
     verify = [
         'cglib:cglib:3.2.0:cglib-3.2.0.jar:adb13bab79712ad6bdf1bd59f2a3918018a8016e722e8a357065afb9e6690861',
-        'com.android.tools.analytics-library:protos:26.3.2:protos-26.3.2.jar:50238fb4298b297217b184b9cd93c14f83536fcee829eb0ca850bdb5b53251f0',
-        'com.android.tools.analytics-library:shared:26.3.2:shared-26.3.2.jar:ddd80dcf21905018b7c0583ba72b7282f446084d4952422609a09fbf8237ef71',
-        'com.android.tools.analytics-library:tracker:26.3.2:tracker-26.3.2.jar:28c575d2d1af003e96d7b375a668ee10b2673a2dd0f6438750aa8c3b42e7d0ad',
-        'com.android.tools.build:apksig:3.3.2:apksig-3.3.2.jar:84c4aaa20127c6c1fe6bdd334b3f5df71f54ad080be9029c8a10f43b6a908acd',
-        'com.android.tools.build:apkzlib:3.3.2:apkzlib-3.3.2.jar:d34e523278e5dff565eba3ef3c089d515b2b5cc7b47dc77e2f3465e5e47176ac',
-        'com.android.tools.build:builder-model:3.3.2:builder-model-3.3.2.jar:055e3db0ecee9e06b9f024034999a29cd92cb1885207b37542126bd8bcc57f46',
-        'com.android.tools.build:builder-test-api:3.3.2:builder-test-api-3.3.2.jar:0b2e4cd7615bbcad14a3c91fe45ae26693508d06e40ba06c5968b8bc24416618',
-        'com.android.tools.build:builder:3.3.2:builder-3.3.2.jar:65649704da7aef0487235fd326f0f2e99ed5cf958e80f204496e6e08a42bd9f5',
-        'com.android.tools.build:gradle-api:3.3.2:gradle-api-3.3.2.jar:3cbd47e41bb70330dd72ec2c9fe51e6173554b484a03829b5a2de9e00841e040',
-        'com.android.tools.build:manifest-merger:26.3.2:manifest-merger-26.3.2.jar:05c4a6d8b02fb9f08744876477d0a68547c03a8a9069b1f086684fa04af97c33',
-        'com.android.tools.ddms:ddmlib:26.3.2:ddmlib-26.3.2.jar:d248da8a563d6e46d2c7ebbf371a4877e00510f4ca763c0bb272d5a281bf8b85',
-        'com.android.tools.external.com-intellij:intellij-core:26.3.2:intellij-core-26.3.2.jar:6c5ecc968230e9f4dcd0fef28885379feace1f0cd8130de6f61d649c86139bf3',
-        'com.android.tools.external.com-intellij:kotlin-compiler:26.3.2:kotlin-compiler-26.3.2.jar:1007d9b07ccb49cd8eaf30fda10ed4681d4714f2f9ab2ecda39b4e539cc51bbe',
-        'com.android.tools.external.org-jetbrains:uast:26.3.2:uast-26.3.2.jar:5d1833e562ea4f38a89708dfde695f0a162cbd39d003d3dde818c3fdc2b05317',
-        'com.android.tools.layoutlib:layoutlib-api:26.3.2:layoutlib-api-26.3.2.jar:d7e61e874ab95f5c350dd38b6a95b5c9dbe0083a02001884264cdb390cb255b8',
-        'com.android.tools.lint:lint-api:26.3.2:lint-api-26.3.2.jar:5867dfd7fb4a4e161a816a5d29d045f9b542d34594c00a1efec46fb4cd0e1033',
-        'com.android.tools.lint:lint-checks:26.3.2:lint-checks-26.3.2.jar:4b163b9c93790d2771e92ba8de58a0d9e0671ffcf2ccef3cf496efd442e27517',
-        'com.android.tools.lint:lint-gradle-api:26.3.2:lint-gradle-api-26.3.2.jar:54cb282e0c054f9bed3f51302ce08b003c8ab7961dfd5a4f6de26c23cc23062f',
-        'com.android.tools.lint:lint-gradle:26.3.2:lint-gradle-26.3.2.jar:bb139615f4ce97d42cc394b9389b49b76a6eb85be6785a5d272991543b519013',
-        'com.android.tools.lint:lint:26.3.2:lint-26.3.2.jar:ef7b369f8a56a92ccb0f4c1c357666b9339e4a711a9d84747d446441746cfe4e',
-        'com.android.tools:annotations:26.3.2:annotations-26.3.2.jar:5bcce8e98b6a2f5ccf13ebcefd8f734e0b35f8b19e456575665631442ce1f7a1',
-        'com.android.tools:common:26.3.2:common-26.3.2.jar:d9f8e7f0669e9a701568e3db6a87c89cf12d8fa6811c9991e969f950215ecfac',
-        'com.android.tools:dvlib:26.3.2:dvlib-26.3.2.jar:d84aad56161c7773579303d69714ded6897c64c6ddfd7d456e453231e4dfe811',
-        'com.android.tools:repository:26.3.2:repository-26.3.2.jar:da611eeb06e9ab8750d25b9e2901e10db8e5ec6304eb4c8b7103d39e0921ea40',
-        'com.android.tools:sdk-common:26.3.2:sdk-common-26.3.2.jar:82823a3bf25e64fac33a286490f0cf5ac50c2cdb3c540149b030896bb44bf96c',
-        'com.android.tools:sdklib:26.3.2:sdklib-26.3.2.jar:424d15492af67321900963238646d27495ab60de2a5b19e6a416963bc5d6932b',
+        'com.android.tools.analytics-library:protos:26.4.0:protos-26.4.0.jar:ad760915586797d39319f402837b378bff3bb4ed583e3e0c48c965631fb2135f',
+        'com.android.tools.analytics-library:shared:26.4.0:shared-26.4.0.jar:1332106a905d48909c81268c9e414946de3e83487db394c6073b0a9b5c3d0ed2',
+        'com.android.tools.analytics-library:tracker:26.4.0:tracker-26.4.0.jar:d0020cfbfd4cd75935f2972d6a24089840d4a10df6f3ef2a796093217dd37796',
+        'com.android.tools.build:apksig:3.4.0:apksig-3.4.0.jar:91d5a1866139c69756280355a6f61b4d619d0516841580114f45a10f2177327e',
+        'com.android.tools.build:apkzlib:3.4.0:apkzlib-3.4.0.jar:8653c85f5fdf1dde840e8b8af7396aeb79c34b66e541b5860059616006535592',
+        'com.android.tools.build:builder-model:3.4.0:builder-model-3.4.0.jar:a88f138124a9f016a70bcb4760359a502f65c7deed56507ee4014f4dd9ea853b',
+        'com.android.tools.build:builder-test-api:3.4.0:builder-test-api-3.4.0.jar:31089ab1ec19ca7687a010867d2f3807513c805b8226979706f4247b5d4df26f',
+        'com.android.tools.build:builder:3.4.0:builder-3.4.0.jar:476221b5203a7f50089bf185ed95000a34b6f5020ef0a17815afd58606922679',
+        'com.android.tools.build:gradle-api:3.4.0:gradle-api-3.4.0.jar:215eca38f6719213c2f492b4d622cdd11676c66c9871f8a2aed0c66d00175628',
+        'com.android.tools.build:manifest-merger:26.4.0:manifest-merger-26.4.0.jar:29e45e690dedd165035e97c21c2ca94d0bd4ec16b6b210daa26669a582b6f220',
+        'com.android.tools.ddms:ddmlib:26.4.0:ddmlib-26.4.0.jar:93f56fe4630c3166adbd6c51d7bb602d96abb91b07ba5b1165fdcd071e88c940',
+        'com.android.tools.external.com-intellij:intellij-core:26.4.0:intellij-core-26.4.0.jar:30cb0e879d4424de9677a50b537fb628636b4a50f5470af5e52437980c41421f',
+        'com.android.tools.external.com-intellij:kotlin-compiler:26.4.0:kotlin-compiler-26.4.0.jar:dd1fe225c31a0e012dc025336363a5b783e2c5c20ffb69e77f8f57e89420d998',
+        'com.android.tools.external.org-jetbrains:uast:26.4.0:uast-26.4.0.jar:f25f3285b775a983327583ff6584dea54e447813ef69e0ce08b05a45b5f4aab0',
+        'com.android.tools.layoutlib:layoutlib-api:26.4.0:layoutlib-api-26.4.0.jar:52128f5cf293b224072be361919bfd416e59480ab7264ddcdbbf046b0d7a12e3',
+        'com.android.tools.lint:lint-api:26.4.0:lint-api-26.4.0.jar:fdb8fca8ae4c254f438338d03d72605e00ed106f2d5550405af41ca1c8509401',
+        'com.android.tools.lint:lint-checks:26.4.0:lint-checks-26.4.0.jar:4ff52d40488cd3e22b9c6b2eb67784e0c3269d0b42ef9d17689cd75a7b2bceb4',
+        'com.android.tools.lint:lint-gradle-api:26.4.0:lint-gradle-api-26.4.0.jar:714b7a85c7d2aa10daeab16e969fe7530c659d0728a7f24021da456870418d0f',
+        'com.android.tools.lint:lint-gradle:26.4.0:lint-gradle-26.4.0.jar:b8c130d273f522388734457e1b96790f41528fcec6fda9e8eaa4e4d95a07cfbb',
+        'com.android.tools.lint:lint:26.4.0:lint-26.4.0.jar:83aa062fb0405b60ed358d858c8c2955e1bae44a455b498068c6a60988755f00',
+        'com.android.tools:annotations:26.4.0:annotations-26.4.0.jar:a7955b8e19c3a2a861d6faa43a58b7c0d46ea9112188ee3e235c6f9f439ecc1a',
+        'com.android.tools:common:26.4.0:common-26.4.0.jar:ea40b94b3c1284ea7700f011388e2906a8363a66abd902891722b3c557984852',
+        'com.android.tools:dvlib:26.4.0:dvlib-26.4.0.jar:23af89c535b01ba36ceed1b6b309b672814eba624e643cd7dedf0519edad50cc',
+        'com.android.tools:repository:26.4.0:repository-26.4.0.jar:3d1763ab46199374dc6d94129bba11c70f1d5857e2c81a3ac4898abca40b176b',
+        'com.android.tools:sdk-common:26.4.0:sdk-common-26.4.0.jar:78a522525b30ffc6b7bf1299c831d24ce385f68a9f4878f8f752e9baefa31b0f',
+        'com.android.tools:sdklib:26.4.0:sdklib-26.4.0.jar:b854c23892013a326d761cf071c72cf3e038ed0469d10f4a356829fa56e4c132',
         'com.google.code.findbugs:jsr305:1.3.9:jsr305-1.3.9.jar:905721a0eea90a81534abb7ee6ef4ea2e5e645fa1def0a5cd88402df1b46c9ed',
         'com.google.code.findbugs:jsr305:3.0.2:jsr305-3.0.2.jar:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7',
         'com.google.code.gson:gson:2.8.0:gson-2.8.0.jar:c6221763bd79c4f1c3dc7f750b5f29a0bb38b367b81314c4f71896e340c40825',
-        'com.google.dagger:dagger-compiler:2.19:dagger-compiler-2.19.jar:27a4b202a2de908182edb261f8c0a264e08e5e4733d7514bc7fbf0d31da5c0fc',
-        'com.google.dagger:dagger-producers:2.19:dagger-producers-2.19.jar:a17663abe0fc38b676026950907d4c5f5e2bf338375415861eaff6e3bdb0b768',
-        'com.google.dagger:dagger-spi:2.19:dagger-spi-2.19.jar:e7a6379d82c841f6aac2866948ad1eed716528707814602842a8d844ce04e2e1',
-        'com.google.dagger:dagger:2.19:dagger-2.19.jar:514b6f1e0727c6572e1d65cb27e4ae668b7aeaeb93a29515182965265b609939',
+        'com.google.dagger:dagger-compiler:2.22.1:dagger-compiler-2.22.1.jar:e5f28302cbe70a79d3620cddebfb8ec0736814f3980ffe1e673bfe3342f507d3',
+        'com.google.dagger:dagger-producers:2.22.1:dagger-producers-2.22.1.jar:f834a0082014213a68ff06a0f048d750178d02196c58b0b15beb367d32b97e35',
+        'com.google.dagger:dagger-spi:2.22.1:dagger-spi-2.22.1.jar:4b0b922793b3bcb91b99fabb75dba77c68afd7ae4c5f0c4fd6ba681f0a291c7d',
+        'com.google.dagger:dagger:2.22.1:dagger-2.22.1.jar:329d4340f24c4f5717af016c097e90668bfea2a5376e6aa9964b01cef3fd241a',
         'com.google.errorprone:error_prone_annotations:2.1.3:error_prone_annotations-2.1.3.jar:03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8',
         'com.google.errorprone:javac-shaded:9-dev-r4023-3:javac-shaded-9-dev-r4023-3.jar:65bfccf60986c47fbc17c9ebab0be626afc41741e0a6ec7109e0768817a36f30',
         'com.google.googlejavaformat:google-java-format:1.5:google-java-format-1.5.jar:aa19ad7850fb85178aa22f2fddb163b84d6ce4d0035872f30d4408195ca1144e',
         'com.google.guava:guava:25.0-jre:guava-25.0-jre.jar:3fd4341776428c7e0e5c18a7c10de129475b69ab9d30aeafbb5c277bb6074fa9',
         'com.google.guava:guava:26.0-jre:guava-26.0-jre.jar:a0e9cabad665bc20bcd2b01f108e5fc03f756e13aea80abaadb9f407033bea2c',
-        'com.google.j2objc:j2objc-annotations:1.1:j2objc-annotations-1.1.jar:40ceb7157feb263949e0f503fe5f71689333a621021aa20ce0d0acee3badaa0f',
+        'com.google.j2objc:j2objc-annotations:1.1:j2objc-annotations-1.1.jar:2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6',
         'com.google.jimfs:jimfs:1.1:jimfs-1.1.jar:c4828e28d7c0a930af9387510b3bada7daa5c04d7c25a75c7b8b081f1c257ddd',
         'com.google.protobuf:protobuf-java:3.4.0:protobuf-java-3.4.0.jar:dce7e66b32456a1b1198da0caff3a8acb71548658391e798c79369241e6490a4',
         'com.googlecode.json-simple:json-simple:1.1:json-simple-1.1.jar:2d9484f4c649f708f47f9a479465fc729770ee65617dca3011836602264f6439',
@@ -48,7 +48,7 @@ dependencyVerification {
         'com.sun.activation:javax.activation:1.2.0:javax.activation-1.2.0.jar:993302b16cd7056f21e779cc577d175a810bb4900ef73cd8fbf2b50f928ba9ce',
         'com.sun.istack:istack-commons-runtime:2.21:istack-commons-runtime-2.21.jar:c33e67a0807095f02a0e2da139412dd7c4f9cc1a4c054b3e434f96831ba950f4',
         'com.sun.xml.fastinfoset:FastInfoset:1.2.13:FastInfoset-1.2.13.jar:27a77db909f3c2833c0b1a37c55af1db06045118ad2eed96ce567b6632bce038',
-        'commons-codec:commons-codec:1.9:commons-codec-1.9.jar:ad19d2601c3abf0b946b5c3a4113e226a8c1e3305e395b90013b78dd94a723ce',
+        'commons-codec:commons-codec:1.10:commons-codec-1.10.jar:4241dfa94e711d435f29a4604a3e2de5c4aa3c165e23bd066be6fc1fc4309569',
         'commons-logging:commons-logging:1.2:commons-logging-1.2.jar:daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636',
         'it.unimi.dsi:fastutil:7.2.0:fastutil-7.2.0.jar:74fa208043740642f7e6eb09faba15965218ad2f50ce3020efb100136e4b591c',
         'javax.annotation:jsr250-api:1.0:jsr250-api-1.0.jar:a1a922d0d9b6d183ed3800dfac01d1e1eb159f0e8c6f94736931c1def54a941f',
@@ -60,9 +60,9 @@ dependencyVerification {
         'org.apache.ant:ant-launcher:1.9.4:ant-launcher-1.9.4.jar:7bccea20b41801ca17bcbc909a78c835d0f443f12d639c77bd6ae3d05861608d',
         'org.apache.ant:ant:1.9.4:ant-1.9.4.jar:649ae0730251de07b8913f49286d46bba7b92d47c5f332610aa426c4f02161d8',
         'org.apache.commons:commons-compress:1.12:commons-compress-1.12.jar:2c1542faf343185b7cab9c3d55c8ae5471d6d095d3887a4adefdbdf2984dc0b6',
-        'org.apache.httpcomponents:httpclient:4.5.2:httpclient-4.5.2.jar:0dffc621400d6c632f55787d996b8aeca36b30746a716e079a985f24d8074057',
-        'org.apache.httpcomponents:httpcore:4.4.5:httpcore-4.4.5.jar:64d5453874cab7e40a7065cb01a9a9ca1053845a9786b478878b679e0580cec3',
-        'org.apache.httpcomponents:httpmime:4.5.2:httpmime-4.5.2.jar:231a3f7e4962053db2be8461d5422e68fc458a3a7dd7d8ada803a348e21f8f07',
+        'org.apache.httpcomponents:httpclient:4.5.6:httpclient-4.5.6.jar:c03f813195e7a80e3608d0ddd8da80b21696a4c92a6a2298865bf149071551c7',
+        'org.apache.httpcomponents:httpcore:4.4.10:httpcore-4.4.10.jar:78ba1096561957db1b55200a159b648876430342d15d461277e62360da19f6fd',
+        'org.apache.httpcomponents:httpmime:4.5.6:httpmime-4.5.6.jar:0b2b1102c18d3c7e05a77214b9b7501a6f6056174ae5604e0e256776eda7553e',
         'org.beanshell:bsh:1.3.0:bsh-1.3.0.jar:9b04edc75d19db54f1b4e8b5355e9364384c6cf71eb0a1b9724c159d779879f8',
         'org.bouncycastle:bcpkix-jdk15on:1.56:bcpkix-jdk15on-1.56.jar:7043dee4e9e7175e93e0b36f45b1ec1ecb893c5f755667e8b916eb8dd201c6ca',
         'org.bouncycastle:bcprov-jdk15on:1.56:bcprov-jdk15on-1.56.jar:963e1ee14f808ffb99897d848ddcdb28fa91ddda867eb18d303e82728f878349',

bramble-api/build.gradle

@@ -7,7 +7,7 @@ apply plugin: 'witness'
 apply from: 'witness.gradle'
 
 dependencies {
-	implementation "com.google.dagger:dagger:2.19"
+	implementation "com.google.dagger:dagger:2.22.1"
 	implementation 'com.google.code.findbugs:jsr305:3.0.2'
 
 	testImplementation 'junit:junit:4.12'

bramble-api/src/main/java/org/briarproject/bramble/api/UnsupportedVersionException.java

@@ -0,0 +1,18 @@
+package org.briarproject.bramble.api;
+
+/**
+ * Thrown when data being parsed uses a protocol or format version that is not
+ * supported.
+ */
+public class UnsupportedVersionException extends FormatException {
+
+	private final boolean tooOld;
+
+	public UnsupportedVersionException(boolean tooOld) {
+		this.tooOld = tooOld;
+	}
+
+	public boolean isTooOld() {
+		return tooOld;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/client/BdfIncomingMessageHook.java

@@ -33,7 +33,8 @@ public abstract class BdfIncomingMessageHook implements IncomingMessageHook {
 	/**
 	 * Called once for each incoming message that passes validation.
 	 *
-	 * @return whether or not this message should be shared
+	 * @param txn A read-write transaction
+	 * @return Whether or not this message should be shared
 	 * @throws DbException Should only be used for real database errors.
 	 * If this is thrown, delivery will be attempted again at next startup,
 	 * whereas if a FormatException is thrown, the message will be permanently

bramble-api/src/main/java/org/briarproject/bramble/api/contact/Contact.java

@@ -8,6 +8,7 @@ import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
+import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
 import static org.briarproject.bramble.util.StringUtils.toUtf8;
 
 @Immutable
@@ -19,21 +20,28 @@ public class Contact {
 	private final AuthorId localAuthorId;
 	@Nullable
 	private final String alias;
-	private final boolean verified, active;
+	@Nullable
+	private final byte[] handshakePublicKey;
+	private final boolean verified;
 
 	public Contact(ContactId id, Author author, AuthorId localAuthorId,
-			@Nullable String alias, boolean verified, boolean active) {
+			@Nullable String alias, @Nullable byte[] handshakePublicKey,
+			boolean verified) {
 		if (alias != null) {
 			int aliasLength = toUtf8(alias).length;
 			if (aliasLength == 0 || aliasLength > MAX_AUTHOR_NAME_LENGTH)
 				throw new IllegalArgumentException();
 		}
+		if (handshakePublicKey != null && (handshakePublicKey.length == 0 ||
+				handshakePublicKey.length > MAX_PUBLIC_KEY_LENGTH)) {
+			throw new IllegalArgumentException();
+		}
 		this.id = id;
 		this.author = author;
 		this.localAuthorId = localAuthorId;
 		this.alias = alias;
+		this.handshakePublicKey = handshakePublicKey;
 		this.verified = verified;
-		this.active = active;
 	}
 
 	public ContactId getId() {
@@ -53,12 +61,13 @@ public class Contact {
 		return alias;
 	}
 
-	public boolean isVerified() {
-		return verified;
+	@Nullable
+	public byte[] getHandshakePublicKey() {
+		return handshakePublicKey;
 	}
 
-	public boolean isActive() {
-		return active;
+	public boolean isVerified() {
+		return verified;
 	}
 
 	@Override

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java

@@ -18,30 +18,30 @@ public interface ContactExchangeTask {
 	byte PROTOCOL_VERSION = 1;
 
 	/**
-	 * Label for deriving Alice's header key from the master secret.
+	 * Label for deriving Alice's header key from the master key.
 	 */
 	String ALICE_KEY_LABEL =
 			"org.briarproject.bramble.contact/ALICE_HEADER_KEY";
 
 	/**
-	 * Label for deriving Bob's header key from the master secret.
+	 * Label for deriving Bob's header key from the master key.
 	 */
 	String BOB_KEY_LABEL = "org.briarproject.bramble.contact/BOB_HEADER_KEY";
 
 	/**
-	 * Label for deriving Alice's key binding nonce from the master secret.
+	 * Label for deriving Alice's key binding nonce from the master key.
 	 */
 	String ALICE_NONCE_LABEL = "org.briarproject.bramble.contact/ALICE_NONCE";
 
 	/**
-	 * Label for deriving Bob's key binding nonce from the master secret.
+	 * Label for deriving Bob's key binding nonce from the master key.
 	 */
 	String BOB_NONCE_LABEL = "org.briarproject.bramble.contact/BOB_NONCE";
 
 	/**
 	 * Exchanges contact information with a remote peer.
 	 */
-	void startExchange(LocalAuthor localAuthor, SecretKey masterSecret,
+	void startExchange(LocalAuthor localAuthor, SecretKey masterKey,
 			DuplexTransportConnection conn, TransportId transportId,
 			boolean alice);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactManager.java

@@ -1,7 +1,10 @@
 package org.briarproject.bramble.api.contact;
 
+import org.briarproject.bramble.api.FormatException;
+import org.briarproject.bramble.api.UnsupportedVersionException;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.db.NoSuchContactException;
 import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
@@ -13,8 +16,6 @@ import java.util.Collection;
 
 import javax.annotation.Nullable;
 
-import static org.briarproject.bramble.api.contact.PendingContact.PendingContactState.FAILED;
-
 @NotNullByDefault
 public interface ContactManager {
 
@@ -33,7 +34,7 @@ public interface ContactManager {
 	 * @param alice true if the local party is Alice
 	 */
 	ContactId addContact(Transaction txn, Author remote, AuthorId local,
-			SecretKey master, long timestamp, boolean alice, boolean verified,
+			SecretKey rootKey, long timestamp, boolean alice, boolean verified,
 			boolean active) throws DbException;
 
 	/**
@@ -41,7 +42,7 @@ public interface ContactManager {
 	 * and returns an ID for the contact.
 	 */
 	ContactId addContact(Transaction txn, Author remote, AuthorId local,
-			boolean verified, boolean active) throws DbException;
+			boolean verified) throws DbException;
 
 	/**
 	 * Stores a contact associated with the given local and remote pseudonyms,
@@ -50,38 +51,39 @@ public interface ContactManager {
 	 *
 	 * @param alice true if the local party is Alice
 	 */
-	ContactId addContact(Author remote, AuthorId local, SecretKey master,
+	ContactId addContact(Author remote, AuthorId local, SecretKey rootKey,
 			long timestamp, boolean alice, boolean verified, boolean active)
 			throws DbException;
 
 	/**
-	 * Returns the static link that needs to be sent to the contact to be added.
+	 * Returns the handshake link that needs to be sent to a contact we want
+	 * to add.
 	 */
-	String getRemoteContactLink();
+	String getHandshakeLink() throws DbException;
 
 	/**
-	 * Returns true if the given link is syntactically valid.
-	 */
-	boolean isValidRemoteContactLink(String link);
-
-	/**
-	 * Requests a new contact to be added via the given {@code link}.
+	 * Creates a {@link PendingContact} from the given handshake link and
+	 * alias, adds it to the database and returns it.
 	 *
-	 * @param link The link received from the contact we want to add.
-	 * @param alias The alias the user has given this contact.
-	 * @return A PendingContact representing the contact to be added.
+	 * @param link The handshake link received from the contact we want to add
+	 * @param alias The alias the user has given this contact
+	 * @return A PendingContact representing the contact to be added
+	 * @throws UnsupportedVersionException If the link uses a format version
+	 * that is not supported
+	 * @throws FormatException If the link is invalid
 	 */
-	PendingContact addRemoteContactRequest(String link, String alias);
+	PendingContact addPendingContact(String link, String alias)
+			throws DbException, FormatException;
 
 	/**
 	 * Returns a list of {@link PendingContact}s.
 	 */
-	Collection<PendingContact> getPendingContacts();
+	Collection<PendingContact> getPendingContacts() throws DbException;
 
 	/**
-	 * Removes a {@link PendingContact} that is in state {@link FAILED}.
+	 * Removes a {@link PendingContact}.
 	 */
-	void removePendingContact(PendingContact pendingContact);
+	void removePendingContact(PendingContactId p) throws DbException;
 
 	/**
 	 * Returns the contact with the given ID.
@@ -92,7 +94,7 @@ public interface ContactManager {
 	 * Returns the contact with the given remoteAuthorId
 	 * that was added by the LocalAuthor with the given localAuthorId
 	 *
-	 * @throws org.briarproject.bramble.api.db.NoSuchContactException
+	 * @throws NoSuchContactException If the contact is not in the database
 	 */
 	Contact getContact(AuthorId remoteAuthorId, AuthorId localAuthorId)
 			throws DbException;
@@ -101,7 +103,7 @@ public interface ContactManager {
 	 * Returns the contact with the given remoteAuthorId
 	 * that was added by the LocalAuthor with the given localAuthorId
 	 *
-	 * @throws org.briarproject.bramble.api.db.NoSuchContactException
+	 * @throws NoSuchContactException If the contact is not in the database
 	 */
 	Contact getContact(Transaction txn, AuthorId remoteAuthorId,
 			AuthorId localAuthorId) throws DbException;
@@ -109,7 +111,7 @@ public interface ContactManager {
 	/**
 	 * Returns all active contacts.
 	 */
-	Collection<Contact> getActiveContacts() throws DbException;
+	Collection<Contact> getContacts() throws DbException;
 
 	/**
 	 * Removes a contact and all associated state.
@@ -121,12 +123,6 @@ public interface ContactManager {
 	 */
 	void removeContact(Transaction txn, ContactId c) throws DbException;
 
-	/**
-	 * Marks a contact as active or inactive.
-	 */
-	void setContactActive(Transaction txn, ContactId c, boolean active)
-			throws DbException;
-
 	/**
 	 * Sets an alias name for the contact or unsets it if alias is null.
 	 */
@@ -163,8 +159,20 @@ public interface ContactManager {
 
 	interface ContactHook {
 
+		/**
+		 * Called when a contact is being added.
+		 *
+		 * @param txn A read-write transaction
+		 * @param c The contact that is being added
+		 */
 		void addingContact(Transaction txn, Contact c) throws DbException;
 
+		/**
+		 * Called when a contact is being removed
+		 *
+		 * @param txn A read-write transaction
+		 * @param c The contact that is being removed
+		 */
 		void removingContact(Transaction txn, Contact c) throws DbException;
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/HandshakeLinkConstants.java

@@ -0,0 +1,34 @@
+package org.briarproject.bramble.api.contact;
+
+import java.util.regex.Pattern;
+
+public interface HandshakeLinkConstants {
+
+	/**
+	 * The current version of the handshake link format.
+	 */
+	int FORMAT_VERSION = 0;
+
+	/**
+	 * The length of a base32-encoded handshake link in bytes, excluding the
+	 * 'briar://' prefix.
+	 */
+	int BASE32_LINK_BYTES = 53;
+
+	/**
+	 * The length of a raw handshake link in bytes, before base32 encoding.
+	 */
+	int RAW_LINK_BYTES = 33;
+
+	/**
+	 * Regular expression for matching handshake links, including or excluding
+	 * the 'briar://' prefix.
+	 */
+	Pattern LINK_REGEX =
+			Pattern.compile("(briar://)?([a-z2-7]{" + BASE32_LINK_BYTES + "})");
+
+	/**
+	 * Label for hashing handshake public keys to calculate their identifiers.
+	 */
+	String ID_LABEL = "org.briarproject.bramble/HANDSHAKE_KEY_ID";
+}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/PendingContact.java

@@ -8,26 +8,29 @@ import javax.annotation.concurrent.Immutable;
 @NotNullByDefault
 public class PendingContact {
 
-	public enum PendingContactState {
-		WAITING_FOR_CONNECTION,
-		CONNECTED,
-		ADDING_CONTACT,
-		FAILED
-	}
-
 	private final PendingContactId id;
+	private final byte[] publicKey;
 	private final String alias;
 	private final PendingContactState state;
 	private final long timestamp;
 
-	public PendingContact(PendingContactId id, String alias,
-			PendingContactState state, long timestamp) {
+	public PendingContact(PendingContactId id, byte[] publicKey,
+			String alias, PendingContactState state, long timestamp) {
 		this.id = id;
+		this.publicKey = publicKey;
 		this.alias = alias;
 		this.state = state;
 		this.timestamp = timestamp;
 	}
 
+	public PendingContactId getId() {
+		return id;
+	}
+
+	public byte[] getPublicKey() {
+		return publicKey;
+	}
+
 	public String getAlias() {
 		return alias;
 	}
@@ -50,5 +53,4 @@ public class PendingContact {
 		return o instanceof PendingContact &&
 				id.equals(((PendingContact) o).id);
 	}
-
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/PendingContactId.java

@@ -1,11 +1,25 @@
 package org.briarproject.bramble.api.contact;
 
 import org.briarproject.bramble.api.UniqueId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
+import javax.annotation.concurrent.ThreadSafe;
+
+/**
+ * Type-safe wrapper for a byte array that uniquely identifies a
+ * {@link PendingContact}.
+ */
+@ThreadSafe
+@NotNullByDefault
 public class PendingContactId extends UniqueId {
 
 	public PendingContactId(byte[] id) {
 		super(id);
 	}
 
+
+	@Override
+	public boolean equals(Object o) {
+		return o instanceof PendingContactId && super.equals(o);
+	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/PendingContactState.java

@@ -0,0 +1,30 @@
+package org.briarproject.bramble.api.contact;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+@Immutable
+@NotNullByDefault
+public enum PendingContactState {
+
+	WAITING_FOR_CONNECTION(0),
+	CONNECTED(1),
+	ADDING_CONTACT(2),
+	FAILED(3);
+
+	private final int value;
+
+	PendingContactState(int value) {
+		this.value = value;
+	}
+
+	public int getValue() {
+		return value;
+	}
+
+	public static PendingContactState fromValue(int value) {
+		for (PendingContactState s : values()) if (s.value == value) return s;
+		throw new IllegalArgumentException();
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/ContactAddedEvent.java

@@ -14,18 +14,12 @@ import javax.annotation.concurrent.Immutable;
 public class ContactAddedEvent extends Event {
 
 	private final ContactId contactId;
-	private final boolean active;
 
-	public ContactAddedEvent(ContactId contactId, boolean active) {
+	public ContactAddedEvent(ContactId contactId) {
 		this.contactId = contactId;
-		this.active = active;
 	}
 
 	public ContactId getContactId() {
 		return contactId;
 	}
-
-	public boolean isActive() {
-		return active;
-	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/ContactAddedRemotelyEvent.java

@@ -1,4 +1,4 @@
-package org.briarproject.briar.api.introduction.event;
+package org.briarproject.bramble.api.contact.event;
 
 import org.briarproject.bramble.api.contact.Contact;
 import org.briarproject.bramble.api.event.Event;
@@ -8,11 +8,11 @@ import javax.annotation.concurrent.Immutable;
 
 @Immutable
 @NotNullByDefault
-public class IntroductionSucceededEvent extends Event {
+public class ContactAddedRemotelyEvent extends Event {
 
 	private final Contact contact;
 
-	public IntroductionSucceededEvent(Contact contact) {
+	public ContactAddedRemotelyEvent(Contact contact) {
 		this.contact = contact;
 	}
 

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/ContactStatusChangedEvent.java

@@ -1,31 +0,0 @@
-package org.briarproject.bramble.api.contact.event;
-
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * An event that is broadcast when a contact is marked active or inactive.
- */
-@Immutable
-@NotNullByDefault
-public class ContactStatusChangedEvent extends Event {
-
-	private final ContactId contactId;
-	private final boolean active;
-
-	public ContactStatusChangedEvent(ContactId contactId, boolean active) {
-		this.contactId = contactId;
-		this.active = active;
-	}
-
-	public ContactId getContactId() {
-		return contactId;
-	}
-
-	public boolean isActive() {
-		return active;
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/PendingContactRemovedEvent.java

@@ -0,0 +1,26 @@
+package org.briarproject.bramble.api.contact.event;
+
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * An event that is broadcast when a pending contact is removed.
+ */
+@Immutable
+@NotNullByDefault
+public class PendingContactRemovedEvent extends Event {
+
+	private final PendingContactId id;
+
+	public PendingContactRemovedEvent(PendingContactId id) {
+		this.id = id;
+	}
+
+	public PendingContactId getId() {
+		return id;
+	}
+
+}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/event/PendingContactStateChangedEvent.java

@@ -1,7 +1,7 @@
 package org.briarproject.bramble.api.contact.event;
 
-import org.briarproject.bramble.api.contact.PendingContact.PendingContactState;
 import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.contact.PendingContactState;
 import org.briarproject.bramble.api.event.Event;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/KeyAgreementCrypto.java

@@ -2,7 +2,7 @@ package org.briarproject.bramble.api.crypto;
 
 /**
  * Crypto operations for the key agreement protocol - see
- * https://code.briarproject.org/akwizgran/briar-spec/blob/master/protocols/BQP.md
+ * https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BQP.md
  */
 public interface KeyAgreementCrypto {
 

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/TransportCrypto.java

@@ -1,29 +1,45 @@
 package org.briarproject.bramble.api.crypto;
 
 import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.transport.HandshakeKeys;
 import org.briarproject.bramble.api.transport.TransportKeys;
 
 /**
  * Crypto operations for the transport security protocol - see
- * https://code.briarproject.org/akwizgran/briar-spec/blob/master/protocols/BTP.md
+ * https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md
  */
 public interface TransportCrypto {
 
 	/**
 	 * Derives initial transport keys for the given transport in the given
-	 * rotation period from the given master secret.
+	 * time period from the given root key.
 	 *
 	 * @param alice whether the keys are for use by Alice or Bob.
 	 * @param active whether the keys are usable for outgoing streams.
 	 */
-	TransportKeys deriveTransportKeys(TransportId t, SecretKey master,
-			long rotationPeriod, boolean alice, boolean active);
+	TransportKeys deriveTransportKeys(TransportId t, SecretKey rootKey,
+			long timePeriod, boolean alice, boolean active);
 
 	/**
-	 * Rotates the given transport keys to the given rotation period. If the
-	 * keys are for the given period or any later period they are not rotated.
+	 * Rotates the given transport keys to the given time period. If the keys
+	 * are for the given period or any later period they are not rotated.
 	 */
-	TransportKeys rotateTransportKeys(TransportKeys k, long rotationPeriod);
+	TransportKeys rotateTransportKeys(TransportKeys k, long timePeriod);
+
+	/**
+	 * Derives handshake keys for the given transport in the given time period
+	 * from the given root key.
+	 *
+	 * @param alice whether the keys are for use by Alice or Bob.
+	 */
+	HandshakeKeys deriveHandshakeKeys(TransportId t, SecretKey rootKey,
+			long timePeriod, boolean alice);
+
+	/**
+	 * Updates the given handshake keys to the given time period. If the keys
+	 * are for the given period or any later period they are not updated.
+	 */
+	HandshakeKeys updateHandshakeKeys(HandshakeKeys k, long timePeriod);
 
 	/**
 	 * Encodes the pseudo-random tag that is used to recognise a stream.

bramble-api/src/main/java/org/briarproject/bramble/api/db/CommitAction.java

@@ -0,0 +1,20 @@
+package org.briarproject.bramble.api.db;
+
+import org.briarproject.bramble.api.event.EventExecutor;
+
+/**
+ * An action that's taken when a {@link Transaction} is committed.
+ */
+public interface CommitAction {
+
+	void accept(Visitor visitor);
+
+	interface Visitor {
+
+		@EventExecutor
+		void visit(EventAction a);
+
+		@EventExecutor
+		void visit(TaskAction a);
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseComponent.java

@@ -2,10 +2,12 @@ package org.briarproject.bramble.api.db;
 
 import org.briarproject.bramble.api.contact.Contact;
 import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContact;
+import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
-import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.identity.Identity;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.settings.Settings;
@@ -20,8 +22,11 @@ import org.briarproject.bramble.api.sync.MessageStatus;
 import org.briarproject.bramble.api.sync.Offer;
 import org.briarproject.bramble.api.sync.Request;
 import org.briarproject.bramble.api.sync.validation.MessageState;
-import org.briarproject.bramble.api.transport.KeySet;
-import org.briarproject.bramble.api.transport.KeySetId;
+import org.briarproject.bramble.api.transport.HandshakeKeySet;
+import org.briarproject.bramble.api.transport.HandshakeKeySetId;
+import org.briarproject.bramble.api.transport.HandshakeKeys;
+import org.briarproject.bramble.api.transport.TransportKeySet;
+import org.briarproject.bramble.api.transport.TransportKeySetId;
 import org.briarproject.bramble.api.transport.TransportKeys;
 
 import java.util.Collection;
@@ -101,7 +106,7 @@ public interface DatabaseComponent {
 	 * and returns an ID for the contact.
 	 */
 	ContactId addContact(Transaction txn, Author remote, AuthorId local,
-			boolean verified, boolean active) throws DbException;
+			boolean verified) throws DbException;
 
 	/**
 	 * Stores a group.
@@ -109,9 +114,23 @@ public interface DatabaseComponent {
 	void addGroup(Transaction txn, Group g) throws DbException;
 
 	/**
-	 * Stores a local pseudonym.
+	 * Stores the given handshake keys for the given contact and returns a
+	 * key set ID.
 	 */
-	void addLocalAuthor(Transaction txn, LocalAuthor a) throws DbException;
+	HandshakeKeySetId addHandshakeKeys(Transaction txn, ContactId c,
+			HandshakeKeys k) throws DbException;
+
+	/**
+	 * Stores the given handshake keys for the given pending contact and
+	 * returns a key set ID.
+	 */
+	HandshakeKeySetId addHandshakeKeys(Transaction txn, PendingContactId p,
+			HandshakeKeys k) throws DbException;
+
+	/**
+	 * Stores an identity.
+	 */
+	void addIdentity(Transaction txn, Identity i) throws DbException;
 
 	/**
 	 * Stores a local message.
@@ -119,6 +138,12 @@ public interface DatabaseComponent {
 	void addLocalMessage(Transaction txn, Message m, Metadata meta,
 			boolean shared) throws DbException;
 
+	/**
+	 * Stores a pending contact.
+	 */
+	void addPendingContact(Transaction txn, PendingContact p)
+			throws DbException;
+
 	/**
 	 * Stores a transport.
 	 */
@@ -129,25 +154,39 @@ public interface DatabaseComponent {
 	 * Stores the given transport keys for the given contact and returns a
 	 * key set ID.
 	 */
-	KeySetId addTransportKeys(Transaction txn, ContactId c,
+	TransportKeySetId addTransportKeys(Transaction txn, ContactId c,
 			TransportKeys k) throws DbException;
 
 	/**
 	 * Returns true if the database contains the given contact for the given
 	 * local pseudonym.
+	 * <p/>
+	 * Read-only.
 	 */
 	boolean containsContact(Transaction txn, AuthorId remote, AuthorId local)
 			throws DbException;
 
 	/**
 	 * Returns true if the database contains the given group.
+	 * <p/>
+	 * Read-only.
 	 */
 	boolean containsGroup(Transaction txn, GroupId g) throws DbException;
 
 	/**
-	 * Returns true if the database contains the given local author.
+	 * Returns true if the database contains an identity for the given
+	 * pseudonym.
+	 * <p/>
+	 * Read-only.
 	 */
-	boolean containsLocalAuthor(Transaction txn, AuthorId local)
+	boolean containsIdentity(Transaction txn, AuthorId a) throws DbException;
+
+	/**
+	 * Returns true if the database contains the given pending contact.
+	 * <p/>
+	 * Read-only.
+	 */
+	boolean containsPendingContact(Transaction txn, PendingContactId p)
 			throws DbException;
 
 	/**
@@ -270,18 +309,26 @@ public interface DatabaseComponent {
 			throws DbException;
 
 	/**
-	 * Returns the local pseudonym with the given ID.
+	 * Returns all handshake keys for the given transport.
 	 * <p/>
 	 * Read-only.
 	 */
-	LocalAuthor getLocalAuthor(Transaction txn, AuthorId a) throws DbException;
+	Collection<HandshakeKeySet> getHandshakeKeys(Transaction txn, TransportId t)
+			throws DbException;
 
 	/**
-	 * Returns all local pseudonyms.
+	 * Returns the identity for the local pseudonym with the given ID.
 	 * <p/>
 	 * Read-only.
 	 */
-	Collection<LocalAuthor> getLocalAuthors(Transaction txn) throws DbException;
+	Identity getIdentity(Transaction txn, AuthorId a) throws DbException;
+
+	/**
+	 * Returns the identities for all local pseudonyms.
+	 * <p/>
+	 * Read-only.
+	 */
+	Collection<Identity> getIdentities(Transaction txn) throws DbException;
 
 	/**
 	 * Returns the message with the given ID.
@@ -417,6 +464,14 @@ public interface DatabaseComponent {
 	 */
 	long getNextSendTime(Transaction txn, ContactId c) throws DbException;
 
+	/**
+	 * Returns all pending contacts.
+	 * <p/>
+	 * Read-only.
+	 */
+	Collection<PendingContact> getPendingContacts(Transaction txn)
+			throws DbException;
+
 	/**
 	 * Returns all settings in the given namespace.
 	 * <p/>
@@ -429,14 +484,20 @@ public interface DatabaseComponent {
 	 * <p/>
 	 * Read-only.
 	 */
-	Collection<KeySet> getTransportKeys(Transaction txn, TransportId t)
+	Collection<TransportKeySet> getTransportKeys(Transaction txn, TransportId t)
 			throws DbException;
 
+	/**
+	 * Increments the outgoing stream counter for the given handshake keys.
+	 */
+	void incrementStreamCounter(Transaction txn, TransportId t,
+			HandshakeKeySetId k) throws DbException;
+
 	/**
 	 * Increments the outgoing stream counter for the given transport keys.
 	 */
-	void incrementStreamCounter(Transaction txn, TransportId t, KeySetId k)
-			throws DbException;
+	void incrementStreamCounter(Transaction txn, TransportId t,
+			TransportKeySetId k) throws DbException;
 
 	/**
 	 * Merges the given metadata with the existing metadata for the given
@@ -492,15 +553,27 @@ public interface DatabaseComponent {
 	void removeGroup(Transaction txn, Group g) throws DbException;
 
 	/**
-	 * Removes a local pseudonym (and all associated state) from the database.
+	 * Removes the given handshake keys from the database.
 	 */
-	void removeLocalAuthor(Transaction txn, AuthorId a) throws DbException;
+	void removeHandshakeKeys(Transaction txn, TransportId t,
+			HandshakeKeySetId k) throws DbException;
+
+	/**
+	 * Removes an identity (and all associated state) from the database.
+	 */
+	void removeIdentity(Transaction txn, AuthorId a) throws DbException;
 
 	/**
 	 * Removes a message (and all associated state) from the database.
 	 */
 	void removeMessage(Transaction txn, MessageId m) throws DbException;
 
+	/**
+	 * Removes a pending contact (and all associated state) from the database.
+	 */
+	void removePendingContact(Transaction txn, PendingContactId p)
+			throws DbException;
+
 	/**
 	 * Removes a transport (and all associated state) from the database.
 	 */
@@ -509,20 +582,14 @@ public interface DatabaseComponent {
 	/**
 	 * Removes the given transport keys from the database.
 	 */
-	void removeTransportKeys(Transaction txn, TransportId t, KeySetId k)
-			throws DbException;
+	void removeTransportKeys(Transaction txn, TransportId t,
+			TransportKeySetId k) throws DbException;
 
 	/**
 	 * Marks the given contact as verified.
 	 */
 	void setContactVerified(Transaction txn, ContactId c) throws DbException;
 
-	/**
-	 * Marks the given contact as active or inactive.
-	 */
-	void setContactActive(Transaction txn, ContactId c, boolean active)
-			throws DbException;
-
 	/**
 	 * Sets an alias name for the contact or unsets it if alias is null.
 	 */
@@ -553,21 +620,42 @@ public interface DatabaseComponent {
 			Collection<MessageId> dependencies) throws DbException;
 
 	/**
-	 * Sets the reordering window for the given key set and transport in the
-	 * given rotation period.
+	 * Sets the handshake key pair for the identity with the given ID.
 	 */
-	void setReorderingWindow(Transaction txn, KeySetId k, TransportId t,
-			long rotationPeriod, long base, byte[] bitmap) throws DbException;
+	void setHandshakeKeyPair(Transaction txn, AuthorId local, byte[] publicKey,
+			byte[] privateKey) throws DbException;
+
+	/**
+	 * Sets the reordering window for the given transport key set in the given
+	 * time period.
+	 */
+	void setReorderingWindow(Transaction txn, TransportKeySetId k,
+			TransportId t, long timePeriod, long base, byte[] bitmap)
+			throws DbException;
+
+	/**
+	 * Sets the reordering window for the given handshake key set in the given
+	 * time period.
+	 */
+	void setReorderingWindow(Transaction txn, HandshakeKeySetId k,
+			TransportId t, long timePeriod, long base, byte[] bitmap)
+			throws DbException;
 
 	/**
 	 * Marks the given transport keys as usable for outgoing streams.
 	 */
-	void setTransportKeysActive(Transaction txn, TransportId t, KeySetId k)
+	void setTransportKeysActive(Transaction txn, TransportId t,
+			TransportKeySetId k) throws DbException;
+
+	/**
+	 * Stores the given handshake keys, deleting any keys they have replaced.
+	 */
+	void updateHandshakeKeys(Transaction txn, Collection<HandshakeKeySet> keys)
 			throws DbException;
 
 	/**
 	 * Stores the given transport keys, deleting any keys they have replaced.
 	 */
-	void updateTransportKeys(Transaction txn, Collection<KeySet> keys)
+	void updateTransportKeys(Transaction txn, Collection<TransportKeySet> keys)
 			throws DbException;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseConfig.java

@@ -10,6 +10,4 @@ public interface DatabaseConfig {
 	File getDatabaseDirectory();
 
 	File getDatabaseKeyDirectory();
-
-	long getMaxSize();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/db/EventAction.java

@@ -0,0 +1,24 @@
+package org.briarproject.bramble.api.db;
+
+import org.briarproject.bramble.api.event.Event;
+
+/**
+ * A {@link CommitAction} that broadcasts an event.
+ */
+public class EventAction implements CommitAction {
+
+	private final Event event;
+
+	EventAction(Event event) {
+		this.event = event;
+	}
+
+	public Event getEvent() {
+		return event;
+	}
+
+	@Override
+	public void accept(Visitor visitor) {
+		visitor.visit(this);
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/db/NoSuchIdentityException.java

@@ -1,9 +1,9 @@
 package org.briarproject.bramble.api.db;
 
 /**
- * Thrown when a database operation is attempted for a pseudonym that is not in
+ * Thrown when a database operation is attempted for an identity that is not in
  * the database. This exception may occur due to concurrent updates and does
  * not indicate a database error.
  */
-public class NoSuchLocalAuthorException extends DbException {
+public class NoSuchIdentityException extends DbException {
 }

bramble-api/src/main/java/org/briarproject/bramble/api/db/NoSuchPendingContactException.java

@@ -0,0 +1,9 @@
+package org.briarproject.bramble.api.db;
+
+/**
+ * Thrown when a database operation is attempted for a pending contact that is
+ * not in the database. This exception may occur due to concurrent updates and
+ * does not indicate a database error.
+ */
+public class NoSuchPendingContactException extends DbException {
+}

bramble-api/src/main/java/org/briarproject/bramble/api/db/PendingContactExistsException.java

@@ -0,0 +1,9 @@
+package org.briarproject.bramble.api.db;
+
+/**
+ * Thrown when a duplicate pending contact is added to the database. This
+ * exception may occur due to concurrent updates and does not indicate a
+ * database error.
+ */
+public class PendingContactExistsException extends DbException {
+}

bramble-api/src/main/java/org/briarproject/bramble/api/db/TaskAction.java

@@ -0,0 +1,24 @@
+package org.briarproject.bramble.api.db;
+
+import org.briarproject.bramble.api.event.EventExecutor;
+
+/**
+ * A {@link CommitAction} that submits a task to the {@link EventExecutor}.
+ */
+public class TaskAction implements CommitAction {
+
+	private final Runnable task;
+
+	TaskAction(Runnable task) {
+		this.task = task;
+	}
+
+	public Runnable getTask() {
+		return task;
+	}
+
+	@Override
+	public void accept(Visitor visitor) {
+		visitor.visit(this);
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/db/Transaction.java

@@ -1,13 +1,15 @@
 package org.briarproject.bramble.api.db;
 
 import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.event.EventExecutor;
 
 import java.util.ArrayList;
-import java.util.Collections;
 import java.util.List;
 
 import javax.annotation.concurrent.NotThreadSafe;
 
+import static java.util.Collections.emptyList;
+
 /**
  * A wrapper around a database transaction. Transactions are not thread-safe.
  */
@@ -17,7 +19,7 @@ public class Transaction {
 	private final Object txn;
 	private final boolean readOnly;
 
-	private List<Event> events = null;
+	private List<CommitAction> actions = null;
 	private boolean committed = false;
 
 	public Transaction(Object txn, boolean readOnly) {
@@ -42,19 +44,27 @@ public class Transaction {
 
 	/**
 	 * Attaches an event to be broadcast when the transaction has been
-	 * committed.
+	 * committed. The event will be broadcast on the {@link EventExecutor}.
 	 */
 	public void attach(Event e) {
-		if (events == null) events = new ArrayList<>();
-		events.add(e);
+		if (actions == null) actions = new ArrayList<>();
+		actions.add(new EventAction(e));
 	}
 
 	/**
-	 * Returns any events attached to the transaction.
+	 * Attaches a task to be executed when the transaction has been
+	 * committed. The task will be run on the {@link EventExecutor}.
 	 */
-	public List<Event> getEvents() {
-		if (events == null) return Collections.emptyList();
-		return events;
+	public void attach(Runnable r) {
+		if (actions == null) actions = new ArrayList<>();
+		actions.add(new TaskAction(r));
+	}
+
+	/**
+	 * Returns any actions attached to the transaction.
+	 */
+	public List<CommitAction> getActions() {
+		return actions == null ? emptyList() : actions;
 	}
 
 	/**

bramble-api/src/main/java/org/briarproject/bramble/api/event/EventBus.java

@@ -16,7 +16,8 @@ public interface EventBus {
 	void removeListener(EventListener l);
 
 	/**
-	 * Notifies all listeners of an event.
+	 * Asynchronously notifies all listeners of an event. Listeners are
+	 * notified on the {@link EventExecutor}.
 	 */
 	void broadcast(Event e);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/event/EventExecutor.java

@@ -0,0 +1,26 @@
+package org.briarproject.bramble.api.event;
+
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import javax.inject.Qualifier;
+
+import static java.lang.annotation.ElementType.FIELD;
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.ElementType.PARAMETER;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+/**
+ * Annotation for injecting the executor for broadcasting events and running
+ * tasks that need to run in a defined order with respect to events. Also used
+ * for annotating methods that should run on the event executor.
+ * <p>
+ * The contract of this executor is that tasks are run in the order they're
+ * submitted, tasks are not run concurrently, and submitting a task will never
+ * block. Tasks must not block. Tasks submitted during shutdown are discarded.
+ */
+@Qualifier
+@Target({FIELD, METHOD, PARAMETER})
+@Retention(RUNTIME)
+public @interface EventExecutor {
+}

bramble-api/src/main/java/org/briarproject/bramble/api/event/EventListener.java

@@ -12,5 +12,6 @@ public interface EventListener {
 	 * Called when an event is broadcast. Implementations of this method must
 	 * not block.
 	 */
+	@EventExecutor
 	void eventOccurred(Event e);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/identity/AuthorFactory.java

@@ -18,14 +18,7 @@ public interface AuthorFactory {
 
 	/**
 	 * Creates a local author with the current format version and the given
-	 * name and keys.
+	 * name.
 	 */
-	LocalAuthor createLocalAuthor(String name, byte[] publicKey,
-			byte[] privateKey);
-
-	/**
-	 * Creates a local author with the given format version, name and keys.
-	 */
-	LocalAuthor createLocalAuthor(int formatVersion, String name,
-			byte[] publicKey, byte[] privateKey);
+	LocalAuthor createLocalAuthor(String name);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/identity/Identity.java

@@ -0,0 +1,96 @@
+package org.briarproject.bramble.api.identity;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import java.util.Arrays;
+
+import javax.annotation.Nullable;
+import javax.annotation.concurrent.Immutable;
+
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
+
+@Immutable
+@NotNullByDefault
+public class Identity {
+
+	private final LocalAuthor localAuthor;
+	@Nullable
+	private final byte[] handshakePublicKey, handshakePrivateKey;
+	private final long created;
+
+	public Identity(LocalAuthor localAuthor,
+			@Nullable byte[] handshakePublicKey,
+			@Nullable byte[] handshakePrivateKey, long created) {
+		if (handshakePublicKey != null) {
+			int keyLength = handshakePublicKey.length;
+			if (keyLength == 0 || keyLength > MAX_AGREEMENT_PUBLIC_KEY_BYTES)
+				throw new IllegalArgumentException();
+		}
+		this.localAuthor = localAuthor;
+		this.handshakePublicKey = handshakePublicKey;
+		this.handshakePrivateKey = handshakePrivateKey;
+		this.created = created;
+	}
+
+	/**
+	 * Returns the ID of the user's pseudonym.
+	 */
+	public AuthorId getId() {
+		return localAuthor.getId();
+	}
+
+	/**
+	 * Returns the user's pseudonym.
+	 */
+	public LocalAuthor getLocalAuthor() {
+		return localAuthor;
+	}
+
+	/**
+	 * Returns true if the identity has a handshake key pair.
+	 */
+	public boolean hasHandshakeKeyPair() {
+		return handshakePublicKey != null && handshakePrivateKey != null;
+	}
+
+	/**
+	 * Returns the public key used for handshaking, or null if no key exists.
+	 */
+	@Nullable
+	public byte[] getHandshakePublicKey() {
+		return handshakePublicKey;
+	}
+
+	/**
+	 * Returns the private key used for handshaking, or null if no key exists.
+	 */
+	@Nullable
+	public byte[] getHandshakePrivateKey() {
+		return handshakePrivateKey;
+	}
+
+	/**
+	 * Returns the time the identity was created, in milliseconds since the
+	 * Unix epoch.
+	 */
+	public long getTimeCreated() {
+		return created;
+	}
+
+	@Override
+	public int hashCode() {
+		return localAuthor.getId().hashCode();
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		if (o instanceof Identity) {
+			Identity i = (Identity) o;
+			return created == i.created &&
+					localAuthor.equals(i.localAuthor) &&
+					Arrays.equals(handshakePublicKey, i.handshakePublicKey) &&
+					Arrays.equals(handshakePrivateKey, i.handshakePrivateKey);
+		}
+		return false;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/identity/IdentityManager.java

@@ -1,30 +1,29 @@
 package org.briarproject.bramble.api.identity;
 
 import org.briarproject.bramble.api.crypto.CryptoExecutor;
+import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Transaction;
+import org.briarproject.bramble.api.lifecycle.LifecycleManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
 @NotNullByDefault
 public interface IdentityManager {
 
 	/**
-	 * Creates a local identity with the given name.
+	 * Creates an identity with the given name. The identity includes a
+	 * handshake key pair.
 	 */
 	@CryptoExecutor
-	LocalAuthor createLocalAuthor(String name);
+	Identity createIdentity(String name);
 
 	/**
-	 * Registers the given local identity with the manager. The identity is
-	 * not stored until {@link #storeLocalAuthor()} is called.
+	 * Registers the given identity with the manager. This method should be
+	 * called before {@link LifecycleManager#startServices(SecretKey)}. The
+	 * identity is stored when {@link LifecycleManager#startServices(SecretKey)}
+	 * is called. The identity must include a handshake key pair.
 	 */
-	void registerLocalAuthor(LocalAuthor a);
-
-	/**
-	 * Stores the local identity registered with
-	 * {@link #registerLocalAuthor(LocalAuthor)}, if any.
-	 */
-	void storeLocalAuthor() throws DbException;
+	void registerIdentity(Identity i);
 
 	/**
 	 * Returns the cached local identity or loads it from the database.
@@ -33,7 +32,18 @@ public interface IdentityManager {
 
 	/**
 	 * Returns the cached local identity or loads it from the database.
+	 * <p/>
+	 * Read-only.
 	 */
 	LocalAuthor getLocalAuthor(Transaction txn) throws DbException;
 
+	/**
+	 * Returns the cached handshake keys or loads them from the database.
+	 * <p/>
+	 * Read-only.
+	 *
+	 * @return A two-element array containing the public key in the first
+	 * element and the private key in the second
+	 */
+	byte[][] getHandshakeKeys(Transaction txn) throws DbException;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/identity/LocalAuthor.java

@@ -12,13 +12,11 @@ import javax.annotation.concurrent.Immutable;
 public class LocalAuthor extends Author {
 
 	private final byte[] privateKey;
-	private final long created;
 
 	public LocalAuthor(AuthorId id, int formatVersion, String name,
-			byte[] publicKey, byte[] privateKey, long created) {
+			byte[] publicKey, byte[] privateKey) {
 		super(id, formatVersion, name, publicKey);
 		this.privateKey = privateKey;
-		this.created = created;
 	}
 
 	/**
@@ -27,12 +25,4 @@ public class LocalAuthor extends Author {
 	public byte[] getPrivateKey() {
 		return privateKey;
 	}
-
-	/**
-	 * Returns the time the pseudonym was created, in milliseconds since the
-	 * Unix epoch.
-	 */
-	public long getTimeCreated() {
-		return created;
-	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/identity/event/IdentityAddedEvent.java

@@ -7,15 +7,15 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import javax.annotation.concurrent.Immutable;
 
 /**
- * An event that is broadcast when a local pseudonym is added.
+ * An event that is broadcast when an identity is added.
  */
 @Immutable
 @NotNullByDefault
-public class LocalAuthorAddedEvent extends Event {
+public class IdentityAddedEvent extends Event {
 
 	private final AuthorId authorId;
 
-	public LocalAuthorAddedEvent(AuthorId authorId) {
+	public IdentityAddedEvent(AuthorId authorId) {
 		this.authorId = authorId;
 	}
 

bramble-api/src/main/java/org/briarproject/bramble/api/identity/event/IdentityRemovedEvent.java

@@ -7,15 +7,15 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import javax.annotation.concurrent.Immutable;
 
 /**
- * An event that is broadcast when a local pseudonym is removed.
+ * An event that is broadcast when an identity is removed.
  */
 @Immutable
 @NotNullByDefault
-public class LocalAuthorRemovedEvent extends Event {
+public class IdentityRemovedEvent extends Event {
 
 	private final AuthorId authorId;
 
-	public LocalAuthorRemovedEvent(AuthorId authorId) {
+	public IdentityRemovedEvent(AuthorId authorId) {
 		this.authorId = authorId;
 	}
 

bramble-api/src/main/java/org/briarproject/bramble/api/keyagreement/KeyAgreementConstants.java

@@ -40,8 +40,8 @@ public interface KeyAgreementConstants {
 			"org.briarproject.bramble.keyagreement/SHARED_SECRET";
 
 	/**
-	 * Label for deriving the master secret.
+	 * Label for deriving the master key.
 	 */
-	String MASTER_SECRET_LABEL =
+	String MASTER_KEY_LABEL =
 			"org.briarproject.bramble.keyagreement/MASTER_SECRET";
 }

bramble-api/src/main/java/org/briarproject/bramble/api/keyagreement/UnsupportedVersionException.java

@@ -1,20 +0,0 @@
-package org.briarproject.bramble.api.keyagreement;
-
-import java.io.IOException;
-
-/**
- * Thrown when a QR code that has been scanned uses a protocol version that is
- * not supported.
- */
-public class UnsupportedVersionException extends IOException {
-
-	private final boolean tooOld;
-
-	public UnsupportedVersionException(boolean tooOld) {
-		this.tooOld = tooOld;
-	}
-
-	public boolean isTooOld() {
-		return tooOld;
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/lifecycle/LifecycleManager.java

@@ -2,16 +2,16 @@ package org.briarproject.bramble.api.lifecycle;
 
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DatabaseComponent;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.sync.Client;
 
 import java.util.concurrent.ExecutorService;
 
 /**
- * Manages the lifecycle of the app, starting {@link Client Clients}, starting
- * and stopping {@link Service Services}, shutting down
- * {@link ExecutorService ExecutorServices}, and opening and closing the
- * {@link DatabaseComponent}.
+ * Manages the lifecycle of the app: opening and closing the
+ * {@link DatabaseComponent} starting and stopping {@link Service Services},
+ * and shutting down {@link ExecutorService ExecutorServices}.
  */
 @NotNullByDefault
 public interface LifecycleManager {
@@ -42,18 +42,19 @@ public interface LifecycleManager {
 		}
 	}
 
+	/**
+	 * Registers a hook to be called after the database is opened and before
+	 * {@link Service services} are started. This method should be called
+	 * before {@link #startServices(SecretKey)}.
+	 */
+	void registerOpenDatabaseHook(OpenDatabaseHook hook);
+
 	/**
 	 * Registers a {@link Service} to be started and stopped. This method
 	 * should be called before {@link #startServices(SecretKey)}.
 	 */
 	void registerService(Service s);
 
-	/**
-	 * Registers a {@link Client} to be started. This method should be called
-	 * before {@link #startServices(SecretKey)}.
-	 */
-	void registerClient(Client c);
-
 	/**
 	 * Registers an {@link ExecutorService} to be shut down. This method
 	 * should be called before {@link #startServices(SecretKey)}.
@@ -62,7 +63,7 @@ public interface LifecycleManager {
 
 	/**
 	 * Opens the {@link DatabaseComponent} using the given key and starts any
-	 * registered {@link Client Clients} and {@link Service Services}.
+	 * registered {@link Service Services}.
 	 */
 	StartResult startServices(SecretKey dbKey);
 
@@ -80,8 +81,7 @@ public interface LifecycleManager {
 
 	/**
 	 * Waits for the {@link DatabaseComponent} to be opened and all registered
-	 * {@link Client Clients} and {@link Service Services} to start before
-	 * returning.
+	 * {@link Service Services} to start before returning.
 	 */
 	void waitForStartup() throws InterruptedException;
 
@@ -97,4 +97,13 @@ public interface LifecycleManager {
 	 */
 	LifecycleState getLifecycleState();
 
+	interface OpenDatabaseHook {
+		/**
+		 * Called when the database is being opened, before
+		 * {@link #waitForDatabase()} returns.
+		 *
+		 * @param txn A read-write transaction
+		 */
+		void onDatabaseOpened(Transaction txn) throws DbException;
+	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/Client.java

@@ -1,14 +0,0 @@
-package org.briarproject.bramble.api.sync;
-
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.db.Transaction;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-@NotNullByDefault
-public interface Client {
-
-	/**
-	 * Called at startup to create any local state needed by the client.
-	 */
-	void createLocalState(Transaction txn) throws DbException;
-}

bramble-api/src/main/java/org/briarproject/bramble/api/sync/validation/IncomingMessageHook.java

@@ -11,7 +11,8 @@ public interface IncomingMessageHook {
 	/**
 	 * Called once for each incoming message that passes validation.
 	 *
-	 * @return whether or not this message should be shared
+	 * @param txn A read-write transaction
+	 * @return Whether or not this message should be shared
 	 * @throws DbException Should only be used for real database errors.
 	 * If this is thrown, delivery will be attempted again at next startup,
 	 * whereas if an InvalidMessageException is thrown,

bramble-api/src/main/java/org/briarproject/bramble/api/transport/AbstractTransportKeys.java

@@ -0,0 +1,57 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * Abstract superclass for {@link TransportKeys} and {@link HandshakeKeys}.
+ */
+@Immutable
+@NotNullByDefault
+public abstract class AbstractTransportKeys {
+
+	private final TransportId transportId;
+	private final IncomingKeys inPrev, inCurr, inNext;
+	private final OutgoingKeys outCurr;
+
+	AbstractTransportKeys(TransportId transportId, IncomingKeys inPrev,
+			IncomingKeys inCurr, IncomingKeys inNext, OutgoingKeys outCurr) {
+		if (inPrev.getTimePeriod() != outCurr.getTimePeriod() - 1)
+			throw new IllegalArgumentException();
+		if (inCurr.getTimePeriod() != outCurr.getTimePeriod())
+			throw new IllegalArgumentException();
+		if (inNext.getTimePeriod() != outCurr.getTimePeriod() + 1)
+			throw new IllegalArgumentException();
+		this.transportId = transportId;
+		this.inPrev = inPrev;
+		this.inCurr = inCurr;
+		this.inNext = inNext;
+		this.outCurr = outCurr;
+	}
+
+	public TransportId getTransportId() {
+		return transportId;
+	}
+
+	public IncomingKeys getPreviousIncomingKeys() {
+		return inPrev;
+	}
+
+	public IncomingKeys getCurrentIncomingKeys() {
+		return inCurr;
+	}
+
+	public IncomingKeys getNextIncomingKeys() {
+		return inNext;
+	}
+
+	public OutgoingKeys getCurrentOutgoingKeys() {
+		return outCurr;
+	}
+
+	public long getTimePeriod() {
+		return outCurr.getTimePeriod();
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/HandshakeKeySet.java

@@ -0,0 +1,70 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.Nullable;
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * A set of keys for handshaking with a given contact or pending contact over a
+ * given transport. Unlike a {@link TransportKeySet} these keys do not provide
+ * forward secrecy.
+ */
+@Immutable
+@NotNullByDefault
+public class HandshakeKeySet {
+
+	private final HandshakeKeySetId keySetId;
+	@Nullable
+	private final ContactId contactId;
+	@Nullable
+	private final PendingContactId pendingContactId;
+	private final HandshakeKeys keys;
+
+	public HandshakeKeySet(HandshakeKeySetId keySetId, ContactId contactId,
+			HandshakeKeys keys) {
+		this.keySetId = keySetId;
+		this.contactId = contactId;
+		this.keys = keys;
+		pendingContactId = null;
+	}
+
+	public HandshakeKeySet(HandshakeKeySetId keySetId,
+			PendingContactId pendingContactId, HandshakeKeys keys) {
+		this.keySetId = keySetId;
+		this.pendingContactId = pendingContactId;
+		this.keys = keys;
+		contactId = null;
+	}
+
+	public HandshakeKeySetId getKeySetId() {
+		return keySetId;
+	}
+
+	@Nullable
+	public ContactId getContactId() {
+		return contactId;
+	}
+
+	@Nullable
+	public PendingContactId getPendingContactId() {
+		return pendingContactId;
+	}
+
+	public HandshakeKeys getKeys() {
+		return keys;
+	}
+
+	@Override
+	public int hashCode() {
+		return keySetId.hashCode();
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		return o instanceof HandshakeKeySet &&
+				keySetId.equals(((HandshakeKeySet) o).keySetId);
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/HandshakeKeySetId.java

@@ -0,0 +1,36 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * Type-safe wrapper for an integer that uniquely identifies a
+ * {@link HandshakeKeySet set of handshake keys} within the scope of the local
+ * device.
+ */
+@Immutable
+@NotNullByDefault
+public class HandshakeKeySetId {
+
+	private final int id;
+
+	public HandshakeKeySetId(int id) {
+		this.id = id;
+	}
+
+	public int getInt() {
+		return id;
+	}
+
+	@Override
+	public int hashCode() {
+		return id;
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		return o instanceof HandshakeKeySetId &&
+				id == ((HandshakeKeySetId) o).id;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/HandshakeKeys.java

@@ -0,0 +1,36 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * Keys for handshaking with a given contact or pending contact over a given
+ * transport. Unlike {@link TransportKeys} these keys do not provide forward
+ * secrecy.
+ */
+@Immutable
+@NotNullByDefault
+public class HandshakeKeys extends AbstractTransportKeys {
+
+	private final SecretKey rootKey;
+	private final boolean alice;
+
+	public HandshakeKeys(TransportId transportId, IncomingKeys inPrev,
+			IncomingKeys inCurr, IncomingKeys inNext, OutgoingKeys outCurr,
+			SecretKey rootKey, boolean alice) {
+		super(transportId, inPrev, inCurr, inNext, outCurr);
+		this.rootKey = rootKey;
+		this.alice = alice;
+	}
+
+	public SecretKey getRootKey() {
+		return rootKey;
+	}
+
+	public boolean isAlice() {
+		return alice;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/IncomingKeys.java

@@ -1,30 +1,35 @@
 package org.briarproject.bramble.api.transport;
 
 import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
 
 import static org.briarproject.bramble.api.transport.TransportConstants.REORDERING_WINDOW_SIZE;
 
 /**
  * Contains transport keys for receiving streams from a given contact over a
- * given transport in a given rotation period.
+ * given transport in a given time period.
  */
+@Immutable
+@NotNullByDefault
 public class IncomingKeys {
 
 	private final SecretKey tagKey, headerKey;
-	private final long rotationPeriod, windowBase;
+	private final long timePeriod, windowBase;
 	private final byte[] windowBitmap;
 
 	public IncomingKeys(SecretKey tagKey, SecretKey headerKey,
-			long rotationPeriod) {
-		this(tagKey, headerKey, rotationPeriod, 0,
+			long timePeriod) {
+		this(tagKey, headerKey, timePeriod, 0,
 				new byte[REORDERING_WINDOW_SIZE / 8]);
 	}
 
 	public IncomingKeys(SecretKey tagKey, SecretKey headerKey,
-			long rotationPeriod, long windowBase, byte[] windowBitmap) {
+			long timePeriod, long windowBase, byte[] windowBitmap) {
 		this.tagKey = tagKey;
 		this.headerKey = headerKey;
-		this.rotationPeriod = rotationPeriod;
+		this.timePeriod = timePeriod;
 		this.windowBase = windowBase;
 		this.windowBitmap = windowBitmap;
 	}
@@ -37,8 +42,8 @@ public class IncomingKeys {
 		return headerKey;
 	}
 
-	public long getRotationPeriod() {
-		return rotationPeriod;
+	public long getTimePeriod() {
+		return timePeriod;
 	}
 
 	public long getWindowBase() {

bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeyManager.java

@@ -27,14 +27,14 @@ public interface KeyManager {
 	 * @param alice true if the local party is Alice
 	 * @param active whether the derived keys can be used for outgoing streams
 	 */
-	Map<TransportId, KeySetId> addContact(Transaction txn, ContactId c,
-			SecretKey master, long timestamp, boolean alice, boolean active)
+	Map<TransportId, TransportKeySetId> addContact(Transaction txn, ContactId c,
+			SecretKey rootKey, long timestamp, boolean alice, boolean active)
 			throws DbException;
 
 	/**
 	 * Marks the given transport keys as usable for outgoing streams.
 	 */
-	void activateKeys(Transaction txn, Map<TransportId, KeySetId> keys)
+	void activateKeys(Transaction txn, Map<TransportId, TransportKeySetId> keys)
 			throws DbException;
 
 	/**

bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeySet.java

@@ -1,47 +0,0 @@
-package org.briarproject.bramble.api.transport;
-
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * A set of transport keys for communicating with a contact.
- */
-@Immutable
-@NotNullByDefault
-public class KeySet {
-
-	private final KeySetId keySetId;
-	private final ContactId contactId;
-	private final TransportKeys transportKeys;
-
-	public KeySet(KeySetId keySetId, ContactId contactId,
-			TransportKeys transportKeys) {
-		this.keySetId = keySetId;
-		this.contactId = contactId;
-		this.transportKeys = transportKeys;
-	}
-
-	public KeySetId getKeySetId() {
-		return keySetId;
-	}
-
-	public ContactId getContactId() {
-		return contactId;
-	}
-
-	public TransportKeys getTransportKeys() {
-		return transportKeys;
-	}
-
-	@Override
-	public int hashCode() {
-		return keySetId.hashCode();
-	}
-
-	@Override
-	public boolean equals(Object o) {
-		return o instanceof KeySet && keySetId.equals(((KeySet) o).keySetId);
-	}
-}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/OutgoingKeys.java

@@ -1,27 +1,32 @@
 package org.briarproject.bramble.api.transport;
 
 import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
 
 /**
  * Contains transport keys for sending streams to a given contact over a given
- * transport in a given rotation period.
+ * transport in a given time period.
  */
+@Immutable
+@NotNullByDefault
 public class OutgoingKeys {
 
 	private final SecretKey tagKey, headerKey;
-	private final long rotationPeriod, streamCounter;
+	private final long timePeriod, streamCounter;
 	private final boolean active;
 
 	public OutgoingKeys(SecretKey tagKey, SecretKey headerKey,
-			long rotationPeriod, boolean active) {
-		this(tagKey, headerKey, rotationPeriod, 0, active);
+			long timePeriod, boolean active) {
+		this(tagKey, headerKey, timePeriod, 0, active);
 	}
 
 	public OutgoingKeys(SecretKey tagKey, SecretKey headerKey,
-			long rotationPeriod, long streamCounter, boolean active) {
+			long timePeriod, long streamCounter, boolean active) {
 		this.tagKey = tagKey;
 		this.headerKey = headerKey;
-		this.rotationPeriod = rotationPeriod;
+		this.timePeriod = timePeriod;
 		this.streamCounter = streamCounter;
 		this.active = active;
 	}
@@ -34,8 +39,8 @@ public class OutgoingKeys {
 		return headerKey;
 	}
 
-	public long getRotationPeriod() {
-		return rotationPeriod;
+	public long getTimePeriod() {
+		return timePeriod;
 	}
 
 	public long getStreamCounter() {

bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamContext.java

@@ -2,8 +2,13 @@ package org.briarproject.bramble.api.transport;
 
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
 
+import javax.annotation.concurrent.Immutable;
+
+@Immutable
+@NotNullByDefault
 public class StreamContext {
 
 	private final ContactId contactId;

bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportConstants.java

@@ -82,30 +82,58 @@ public interface TransportConstants {
 	int REORDERING_WINDOW_SIZE = 32;
 
 	/**
-	 * Label for deriving Alice's initial tag key from the master secret.
+	 * Label for deriving Alice's initial tag key from the root key in
+	 * rotation mode.
 	 */
 	String ALICE_TAG_LABEL = "org.briarproject.bramble.transport/ALICE_TAG_KEY";
 
 	/**
-	 * Label for deriving Bob's initial tag key from the master secret.
+	 * Label for deriving Bob's initial tag key from the root key in rotation
+	 * mode.
 	 */
 	String BOB_TAG_LABEL = "org.briarproject.bramble.transport/BOB_TAG_KEY";
 
 	/**
-	 * Label for deriving Alice's initial header key from the master secret.
+	 * Label for deriving Alice's initial header key from the root key in
+	 * rotation mode.
 	 */
 	String ALICE_HEADER_LABEL =
 			"org.briarproject.bramble.transport/ALICE_HEADER_KEY";
 
 	/**
-	 * Label for deriving Bob's initial header key from the master secret.
+	 * Label for deriving Bob's initial header key from the root key in
+	 * rotation mode.
 	 */
 	String BOB_HEADER_LABEL =
 			"org.briarproject.bramble.transport/BOB_HEADER_KEY";
 
 	/**
-	 * Label for deriving the next period's key in key rotation.
+	 * Label for deriving the next period's key in rotation mode.
 	 */
 	String ROTATE_LABEL = "org.briarproject.bramble.transport/ROTATE";
 
+	/**
+	 * Label for deriving Alice's tag key from the root key in handshake mode.
+	 */
+	String ALICE_HANDSHAKE_TAG_LABEL =
+			"org.briarproject.bramble.transport/ALICE_HANDSHAKE_TAG_KEY";
+
+	/**
+	 * Label for deriving Bob's tag key from the root key in handshake mode.
+	 */
+	String BOB_HANDSHAKE_TAG_LABEL =
+			"org.briarproject.bramble.transport/BOB_HANDSHAKE_TAG_KEY";
+
+	/**
+	 * Label for deriving Alice's header key from the root key in handshake
+	 * mode.
+	 */
+	String ALICE_HANDSHAKE_HEADER_LABEL =
+			"org.briarproject.bramble.transport/ALICE_HANDSHAKE_HEADER_KEY";
+
+	/**
+	 * Label for deriving Bob's header key from the root key in handshake mode.
+	 */
+	String BOB_HANDSHAKE_HEADER_LABEL =
+			"org.briarproject.bramble.transport/BOB_HANDSHAKE_HEADER_KEY";
 }

bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportKeySet.java

@@ -0,0 +1,49 @@
+package org.briarproject.bramble.api.transport;
+
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * A set of keys for communicating with a given contact over a given transport.
+ * Unlike a {@link HandshakeKeySet} these keys provide forward secrecy.
+ */
+@Immutable
+@NotNullByDefault
+public class TransportKeySet {
+
+	private final TransportKeySetId keySetId;
+	private final ContactId contactId;
+	private final TransportKeys keys;
+
+	public TransportKeySet(TransportKeySetId keySetId, ContactId contactId,
+			TransportKeys keys) {
+		this.keySetId = keySetId;
+		this.contactId = contactId;
+		this.keys = keys;
+	}
+
+	public TransportKeySetId getKeySetId() {
+		return keySetId;
+	}
+
+	public ContactId getContactId() {
+		return contactId;
+	}
+
+	public TransportKeys getKeys() {
+		return keys;
+	}
+
+	@Override
+	public int hashCode() {
+		return keySetId.hashCode();
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		return o instanceof TransportKeySet &&
+				keySetId.equals(((TransportKeySet) o).keySetId);
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportKeySetId.java

@@ -5,18 +5,19 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import javax.annotation.concurrent.Immutable;
 
 /**
- * Type-safe wrapper for an integer that uniquely identifies a set of transport
- * keys within the scope of the local device.
+ * Type-safe wrapper for an integer that uniquely identifies a
+ * {@link TransportKeySet set of transport keys} within the scope of the local
+ * device.
  * <p/>
  * Key sets created on a given device must have increasing identifiers.
  */
 @Immutable
 @NotNullByDefault
-public class KeySetId {
+public class TransportKeySetId {
 
 	private final int id;
 
-	public KeySetId(int id) {
+	public TransportKeySetId(int id) {
 		this.id = id;
 	}
 
@@ -31,6 +32,7 @@ public class KeySetId {
 
 	@Override
 	public boolean equals(Object o) {
-		return o instanceof KeySetId && id == ((KeySetId) o).id;
+		return o instanceof TransportKeySetId &&
+				id == ((TransportKeySetId) o).id;
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportKeys.java

@@ -1,52 +1,20 @@
 package org.briarproject.bramble.api.transport;
 
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
 
-/**
- * Keys for communicating with a given contact over a given transport.
- */
-public class TransportKeys {
+import javax.annotation.concurrent.Immutable;
 
-	private final TransportId transportId;
-	private final IncomingKeys inPrev, inCurr, inNext;
-	private final OutgoingKeys outCurr;
+/**
+ * Keys for communicating with a given contact over a given transport. Unlike
+ * {@link HandshakeKeys} these keys provide forward secrecy.
+ */
+@Immutable
+@NotNullByDefault
+public class TransportKeys extends AbstractTransportKeys {
 
 	public TransportKeys(TransportId transportId, IncomingKeys inPrev,
 			IncomingKeys inCurr, IncomingKeys inNext, OutgoingKeys outCurr) {
-		if (inPrev.getRotationPeriod() != inCurr.getRotationPeriod() - 1)
-			throw new IllegalArgumentException();
-		if (inNext.getRotationPeriod() != inCurr.getRotationPeriod() + 1)
-			throw new IllegalArgumentException();
-		if (outCurr.getRotationPeriod() != inCurr.getRotationPeriod())
-			throw new IllegalArgumentException();
-		this.transportId = transportId;
-		this.inPrev = inPrev;
-		this.inCurr = inCurr;
-		this.inNext = inNext;
-		this.outCurr = outCurr;
-	}
-
-	public TransportId getTransportId() {
-		return transportId;
-	}
-
-	public IncomingKeys getPreviousIncomingKeys() {
-		return inPrev;
-	}
-
-	public IncomingKeys getCurrentIncomingKeys() {
-		return inCurr;
-	}
-
-	public IncomingKeys getNextIncomingKeys() {
-		return inNext;
-	}
-
-	public OutgoingKeys getCurrentOutgoingKeys() {
-		return outCurr;
-	}
-
-	public long getRotationPeriod() {
-		return outCurr.getRotationPeriod();
+		super(transportId, inPrev, inCurr, inNext, outCurr);
 	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/versioning/ClientVersioningManager.java

@@ -46,7 +46,14 @@ public interface ClientVersioningManager {
 			ClientId clientId, int majorVersion) throws DbException;
 
 	interface ClientVersioningHook {
-
+		/**
+		 * Called when the visibility of a client with respect to a contact is
+		 * changing.
+		 *
+		 * @param txn A read-write transaction
+		 * @param c The contact affected by the visibility change
+		 * @param v The new visibility of the client
+		 */
 		void onClientVisibilityChanging(Transaction txn, Contact c,
 				Visibility v) throws DbException;
 	}

bramble-api/src/main/java/org/briarproject/bramble/util/Base32.java

@@ -0,0 +1,75 @@
+package org.briarproject.bramble.util;
+
+import java.io.ByteArrayOutputStream;
+
+public class Base32 {
+
+	private static final char[] DIGITS = {
+			'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L',
+			'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
+			'Y', 'Z', '2', '3', '4', '5', '6', '7'
+	};
+
+	public static String encode(byte[] b) {
+		StringBuilder s = new StringBuilder();
+		int byteIndex = 0, currentCode = 0x00;
+		int byteMask = 0x80, codeMask = 0x10;
+		while (byteIndex < b.length) {
+			if ((b[byteIndex] & byteMask) != 0) currentCode |= codeMask;
+			// After every 8 bits, move on to the next byte
+			if (byteMask == 0x01) {
+				byteMask = 0x80;
+				byteIndex++;
+			} else {
+				byteMask >>>= 1;
+			}
+			// After every 5 bits, move on to the next digit
+			if (codeMask == 0x01) {
+				s.append(DIGITS[currentCode]);
+				codeMask = 0x10;
+				currentCode = 0x00;
+			} else {
+				codeMask >>>= 1;
+			}
+		}
+		// If we're part-way through a digit, output it
+		if (codeMask != 0x10) s.append(DIGITS[currentCode]);
+		return s.toString();
+	}
+
+	public static byte[] decode(String s, boolean strict) {
+		ByteArrayOutputStream b = new ByteArrayOutputStream();
+		int digitIndex = 0, digitCount = s.length(), currentByte = 0x00;
+		int byteMask = 0x80, codeMask = 0x10;
+		while (digitIndex < digitCount) {
+			int code = decodeDigit(s.charAt(digitIndex));
+			if ((code & codeMask) != 0) currentByte |= byteMask;
+			// After every 8 bits, move on to the next byte
+			if (byteMask == 0x01) {
+				b.write(currentByte);
+				byteMask = 0x80;
+				currentByte = 0x00;
+			} else {
+				byteMask >>>= 1;
+			}
+			// After every 5 bits, move on to the next digit
+			if (codeMask == 0x01) {
+				codeMask = 0x10;
+				digitIndex++;
+			} else {
+				codeMask >>>= 1;
+			}
+		}
+		// If any extra bits were used for encoding, they should all be zero
+		if (strict && byteMask != 0x80 && currentByte != 0x00)
+			throw new IllegalArgumentException();
+		return b.toByteArray();
+	}
+
+	private static int decodeDigit(char c) {
+		if (c >= 'A' && c <= 'Z') return c - 'A';
+		if (c >= 'a' && c <= 'z') return c - 'a';
+		if (c >= '2' && c <= '7') return c - '2' + 26;
+		throw new IllegalArgumentException("Not a base32 digit: " + c);
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/util/StringUtils.java

@@ -153,4 +153,13 @@ public class StringUtils {
 		return new String(c);
 	}
 
+	public static String getRandomBase32String(int length) {
+		char[] c = new char[length];
+		for (int i = 0; i < length; i++) {
+			int character = random.nextInt(32);
+			if (character < 26) c[i] = (char) ('a' + character);
+			else c[i] = (char) ('2' + (character - 26));
+		}
+		return new String(c);
+	}
 }

bramble-api/src/test/java/org/briarproject/bramble/test/TestUtils.java

@@ -1,9 +1,14 @@
 package org.briarproject.bramble.test;
 
 import org.briarproject.bramble.api.UniqueId;
+import org.briarproject.bramble.api.contact.Contact;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContact;
+import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
+import org.briarproject.bramble.api.identity.Identity;
 import org.briarproject.bramble.api.identity.LocalAuthor;
 import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.properties.TransportProperties;
@@ -25,6 +30,8 @@ import java.util.Random;
 import java.util.concurrent.atomic.AtomicInteger;
 
 import static java.util.Arrays.asList;
+import static org.briarproject.bramble.api.contact.PendingContactState.WAITING_FOR_CONNECTION;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
 import static org.briarproject.bramble.api.identity.Author.FORMAT_VERSION;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
@@ -41,6 +48,7 @@ public class TestUtils {
 			new AtomicInteger((int) (Math.random() * 1000 * 1000));
 	private static final Random random = new Random();
 	private static final long timestamp = System.currentTimeMillis();
+	private static final AtomicInteger nextContactId = new AtomicInteger(1);
 
 	public static File getTestDirectory() {
 		int name = nextTestDir.getAndIncrement();
@@ -93,25 +101,26 @@ public class TestUtils {
 		return new SecretKey(getRandomBytes(SecretKey.LENGTH));
 	}
 
-	public static LocalAuthor getLocalAuthor() {
-		return getLocalAuthor(1 + random.nextInt(MAX_AUTHOR_NAME_LENGTH));
-	}
-
-	public static LocalAuthor getLocalAuthor(int nameLength) {
-		AuthorId id = new AuthorId(getRandomId());
-		String name = getRandomString(nameLength);
-		byte[] publicKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
-		byte[] privateKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
-		return new LocalAuthor(id, FORMAT_VERSION, name, publicKey, privateKey,
+	public static Identity getIdentity() {
+		LocalAuthor localAuthor = getLocalAuthor();
+		byte[] handshakePub = getRandomBytes(MAX_AGREEMENT_PUBLIC_KEY_BYTES);
+		byte[] handshakePriv = getRandomBytes(MAX_AGREEMENT_PUBLIC_KEY_BYTES);
+		return new Identity(localAuthor, handshakePub, handshakePriv,
 				timestamp);
 	}
 
-	public static Author getAuthor() {
-		return getAuthor(1 + random.nextInt(MAX_AUTHOR_NAME_LENGTH));
+	public static LocalAuthor getLocalAuthor() {
+		AuthorId id = new AuthorId(getRandomId());
+		int nameLength = 1 + random.nextInt(MAX_AUTHOR_NAME_LENGTH);
+		String name = getRandomString(nameLength);
+		byte[] publicKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
+		byte[] privateKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
+		return new LocalAuthor(id, FORMAT_VERSION, name, publicKey, privateKey);
 	}
 
-	public static Author getAuthor(int nameLength) {
+	public static Author getAuthor() {
 		AuthorId id = new AuthorId(getRandomId());
+		int nameLength = 1 + random.nextInt(MAX_AUTHOR_NAME_LENGTH);
 		String name = getRandomString(nameLength);
 		byte[] publicKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
 		return new Author(id, FORMAT_VERSION, name, publicKey);
@@ -140,6 +149,39 @@ public class TestUtils {
 		return new Message(id, groupId, timestamp, body);
 	}
 
+	public static PendingContact getPendingContact() {
+		return getPendingContact(1 + random.nextInt(MAX_AUTHOR_NAME_LENGTH));
+	}
+
+	public static PendingContact getPendingContact(int nameLength) {
+		PendingContactId id = new PendingContactId(getRandomId());
+		byte[] publicKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
+		String alias = getRandomString(nameLength);
+		return new PendingContact(id, publicKey, alias, WAITING_FOR_CONNECTION,
+				timestamp);
+	}
+
+	public static ContactId getContactId() {
+		return new ContactId(nextContactId.getAndIncrement());
+	}
+
+	public static Contact getContact() {
+		return getContact(getAuthor(), new AuthorId(getRandomId()),
+				random.nextBoolean());
+	}
+
+	public static Contact getContact(Author remote, AuthorId local,
+			boolean verified) {
+		return getContact(getContactId(), remote, local, verified);
+	}
+
+	public static Contact getContact(ContactId c, Author remote, AuthorId local,
+			boolean verified) {
+		return new Contact(c, remote, local,
+				getRandomString(MAX_AUTHOR_NAME_LENGTH),
+				getRandomBytes(MAX_PUBLIC_KEY_LENGTH), verified);
+	}
+
 	public static double getMedian(Collection<? extends Number> samples) {
 		int size = samples.size();
 		if (size == 0) throw new IllegalArgumentException();

bramble-api/witness.gradle

@@ -2,7 +2,7 @@ dependencyVerification {
     verify = [
         'cglib:cglib:3.2.0:cglib-3.2.0.jar:adb13bab79712ad6bdf1bd59f2a3918018a8016e722e8a357065afb9e6690861',
         'com.google.code.findbugs:jsr305:3.0.2:jsr305-3.0.2.jar:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7',
-        'com.google.dagger:dagger:2.19:dagger-2.19.jar:514b6f1e0727c6572e1d65cb27e4ae668b7aeaeb93a29515182965265b609939',
+        'com.google.dagger:dagger:2.22.1:dagger-2.22.1.jar:329d4340f24c4f5717af016c097e90668bfea2a5376e6aa9964b01cef3fd241a',
         'javax.inject:javax.inject:1:javax.inject-1.jar:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff',
         'junit:junit:4.12:junit-4.12.jar:59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a',
         'org.apache.ant:ant-launcher:1.9.4:ant-launcher-1.9.4.jar:7bccea20b41801ca17bcbc909a78c835d0f443f12d639c77bd6ae3d05861608d',

bramble-core/build.gradle

@@ -15,8 +15,9 @@ dependencies {
 	implementation 'org.bitlet:weupnp:0.1.4'
 	implementation 'net.i2p.crypto:eddsa:0.2.0'
 	implementation 'org.whispersystems:curve25519-java:0.5.0'
+	implementation 'org.briarproject:jtorctl:0.3'
 
-	annotationProcessor 'com.google.dagger:dagger-compiler:2.19'
+	annotationProcessor 'com.google.dagger:dagger-compiler:2.22.1'
 
 	testImplementation project(path: ':bramble-api', configuration: 'testOutput')
 	testImplementation 'org.hsqldb:hsqldb:2.3.5' // The last version that supports Java 1.6
@@ -25,7 +26,7 @@ dependencies {
 	testImplementation "org.jmock:jmock-junit4:2.8.2"
 	testImplementation "org.jmock:jmock-legacy:2.8.2"
 
-	testAnnotationProcessor 'com.google.dagger:dagger-compiler:2.19'
+	testAnnotationProcessor 'com.google.dagger:dagger-compiler:2.22.1'
 
 	signature 'org.codehaus.mojo.signature:java16:1.1@signature'
 }

bramble-core/src/main/java/net/freehaven/tor/control/.cvsignore

@@ -1 +0,0 @@
-*.class

bramble-core/src/main/java/net/freehaven/tor/control/Bytes.java

@@ -1,114 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control;
-
-import java.util.Arrays;
-import java.util.List;
-
-/**
- * Static class to do bytewise structure manipulation in Java.
- */
-/* XXXX There must be a better way to do most of this.
- * XXXX The string logic here uses default encoding, which is stupid.
- */
-final class Bytes {
-
-    /** Write the two-byte value in 's' into the byte array 'ba', starting at
-     * the index 'pos'. */
-    public static void setU16(byte[] ba, int pos, short s) {
-        ba[pos]   = (byte)((s >> 8) & 0xff);
-        ba[pos+1] = (byte)((s     ) & 0xff);
-    }
-
-    /** Write the four-byte value in 'i' into the byte array 'ba', starting at
-     * the index 'pos'. */
-    public static void setU32(byte[] ba, int pos, int i) {
-        ba[pos]   = (byte)((i >> 24) & 0xff);
-        ba[pos+1] = (byte)((i >> 16) & 0xff);
-        ba[pos+2] = (byte)((i >>  8) & 0xff);
-        ba[pos+3] = (byte)((i      ) & 0xff);
-    }
-
-    /** Return the four-byte value starting at index 'pos' within 'ba' */
-    public static int getU32(byte[] ba, int pos) {
-        return
-            ((ba[pos  ]&0xff)<<24) |
-            ((ba[pos+1]&0xff)<<16) |
-            ((ba[pos+2]&0xff)<< 8)  |
-            ((ba[pos+3]&0xff));
-    }
-
-    public static String getU32S(byte[] ba, int pos) {
-        return String.valueOf( (getU32(ba,pos))&0xffffffffL );
-    }
-
-    /** Return the two-byte value starting at index 'pos' within 'ba' */
-    public static int getU16(byte[] ba, int pos) {
-        return
-            ((ba[pos  ]&0xff)<<8) |
-            ((ba[pos+1]&0xff));
-    }
-
-    /** Return the string starting at position 'pos' of ba and extending
-     * until a zero byte or the end of the string. */
-    public static String getNulTerminatedStr(byte[] ba, int pos) {
-        int len, maxlen = ba.length-pos;
-        for (len=0; len<maxlen; ++len) {
-            if (ba[pos+len] == 0)
-                break;
-        }
-        return new String(ba, pos, len);
-    }
-
-    /**
-     * Read bytes from 'ba' starting at 'pos', dividing them into strings
-     * along the character in 'split' and writing them into 'lst'
-     */
-    public static void splitStr(List<String> lst, byte[] ba, int pos, byte split) {
-        while (pos < ba.length && ba[pos] != 0) {
-            int len;
-            for (len=0; pos+len < ba.length; ++len) {
-                if (ba[pos+len] == 0 || ba[pos+len] == split)
-                    break;
-            }
-            if (len>0)
-                lst.add(new String(ba, pos, len));
-            pos += len;
-            if (ba[pos] == split)
-                ++pos;
-        }
-    }
-
-    /**
-     * Read bytes from 'ba' starting at 'pos', dividing them into strings
-     * along the character in 'split' and writing them into 'lst'
-     */
-    public static List<String> splitStr(List<String> lst, String str) {
-        // split string on spaces, include trailing/leading
-        String[] tokenArray = str.split(" ", -1);
-        if (lst == null) {
-            lst = Arrays.asList( tokenArray );
-        } else {
-            lst.addAll( Arrays.asList( tokenArray ) );
-        }
-        return lst;
-    }
-
-    private static final char[] NYBBLES = {
-        '0', '1', '2', '3', '4', '5', '6', '7',
-        '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
-    };
-
-    public static final String hex(byte[] ba) {
-        StringBuffer buf = new StringBuffer();
-        for (int i = 0; i < ba.length; ++i) {
-            int b = (ba[i]) & 0xff;
-            buf.append(NYBBLES[b >> 4]);
-            buf.append(NYBBLES[b&0x0f]);
-        }
-        return buf.toString();
-    }
-
-    private Bytes() {};
-}
-

bramble-core/src/main/java/net/freehaven/tor/control/ConfigEntry.java

@@ -1,20 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control;
-
-/** A single key-value pair from Tor's configuration. */
-public class ConfigEntry {
-    public ConfigEntry(String k, String v) {
-        key = k;
-        value = v;
-        is_default = false;
-    }
-    public ConfigEntry(String k) {
-        key = k;
-        value = "";
-        is_default = true;
-    }
-    public final String key;
-    public final String value;
-    public final boolean is_default;
-}

bramble-core/src/main/java/net/freehaven/tor/control/EventHandler.java

@@ -1,75 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control;
-
-/**
- * Abstract interface whose methods are invoked when Tor sends us an event.
- *
- * @see TorControlConnection#setEventHandler
- * @see TorControlConnection#setEvents
- */
-public interface EventHandler {
-    /**
-     * Invoked when a circuit's status has changed.
-     * Possible values for <b>status</b> are:
-     * <ul>
-     *   <li>"LAUNCHED" :  circuit ID assigned to new circuit</li>
-     *   <li>"BUILT"    :  all hops finished, can now accept streams</li>
-     *   <li>"EXTENDED" :  one more hop has been completed</li>
-     *   <li>"FAILED"   :  circuit closed (was not built)</li>
-     *   <li>"CLOSED"   :  circuit closed (was built)</li>
-     *	</ul>
-     * 
-     * <b>circID</b> is the alphanumeric identifier of the affected circuit,
-     * and <b>path</b> is a comma-separated list of alphanumeric ServerIDs.
-     */
-    public void circuitStatus(String status, String circID, String path);
-    /**
-     * Invoked when a stream's status has changed.
-     * Possible values for <b>status</b> are:
-     * <ul>
-     *   <li>"NEW"         :  New request to connect</li>
-     *   <li>"NEWRESOLVE"  :  New request to resolve an address</li>
-     *   <li>"SENTCONNECT" :  Sent a connect cell along a circuit</li>
-     *   <li>"SENTRESOLVE" :  Sent a resolve cell along a circuit</li>
-     *   <li>"SUCCEEDED"   :  Received a reply; stream established</li>
-     *   <li>"FAILED"      :  Stream failed and not retriable.</li>
-     *   <li>"CLOSED"      :  Stream closed</li>
-     *   <li>"DETACHED"    :  Detached from circuit; still retriable.</li>
-     *	</ul>
-     *
-     * <b>streamID</b> is the alphanumeric identifier of the affected stream,
-     * and its <b>target</b> is specified as address:port.
-     */
-    public void streamStatus(String status, String streamID, String target);
-    /**
-     * Invoked when the status of a connection to an OR has changed.
-     * Possible values for <b>status</b> are ["LAUNCHED" | "CONNECTED" | "FAILED" | "CLOSED"].
-     * <b>orName</b> is the alphanumeric identifier of the OR affected.
-     */
-    public void orConnStatus(String status, String orName);
-    /**
-     * Invoked once per second. <b>read</b> and <b>written</b> are
-     * the number of bytes read and written, respectively, in
-     * the last second.
-     */
-    public void bandwidthUsed(long read, long written);
-    /**
-     * Invoked whenever Tor learns about new ORs.  The <b>orList</b> object
-     * contains the alphanumeric ServerIDs associated with the new ORs.
-     */
-    public void newDescriptors(java.util.List<String> orList);
-    /**
-     * Invoked when Tor logs a message.
-     * <b>severity</b> is one of ["DEBUG" | "INFO" | "NOTICE" | "WARN" | "ERR"],
-     * and <b>msg</b> is the message string.
-     */
-    public void message(String severity, String msg);
-    /**
-     * Invoked when an unspecified message is received.
-     * <type> is the message type, and <msg> is the message string.
-     */
-    public void unrecognized(String type, String msg);
-
-}
-

bramble-core/src/main/java/net/freehaven/tor/control/NullEventHandler.java

@@ -1,18 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control;
-
-/**
- * Implementation of EventHandler that ignores all events.  Useful
- * when you only want to override one method.
- */
-public class NullEventHandler implements EventHandler {
-    public void circuitStatus(String status, String circID, String path) {}
-    public void streamStatus(String status, String streamID, String target) {}
-    public void orConnStatus(String status, String orName) {}
-    public void bandwidthUsed(long read, long written) {}
-    public void newDescriptors(java.util.List<String> orList) {}
-    public void message(String severity, String msg) {}
-    public void unrecognized(String type, String msg) {}
-}
-

bramble-core/src/main/java/net/freehaven/tor/control/PasswordDigest.java

@@ -1,98 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control;
-
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-
-/**
- * A hashed digest of a secret password (used to set control connection
- * security.)
- *
- * For the actual hashing algorithm, see RFC2440's secret-to-key conversion.
- */
-public class PasswordDigest {
-
-    private final byte[] secret;
-    private final String hashedKey;
-
-    /** Return a new password digest with a random secret and salt. */
-    public static PasswordDigest generateDigest() {
-        byte[] secret = new byte[20];
-        SecureRandom rng = new SecureRandom();
-        rng.nextBytes(secret);
-        return new PasswordDigest(secret);
-    }
-
-    /** Construct a new password digest with a given secret and random salt */
-    public PasswordDigest(byte[] secret) {
-        this(secret, null);
-    }
-
-    /** Construct a new password digest with a given secret and random salt.
-     * Note that the 9th byte of the specifier determines the number of hash
-     * iterations as in RFC2440.
-     */
-    public PasswordDigest(byte[] secret, byte[] specifier) {
-        this.secret = secret.clone();
-        if (specifier == null) {
-            specifier = new byte[9];
-            SecureRandom rng = new SecureRandom();
-            rng.nextBytes(specifier);
-            specifier[8] = 96;
-        }
-        hashedKey = "16:"+encodeBytes(secretToKey(secret, specifier));
-    }
-
-    /** Return the secret used to generate this password hash.
-     */
-    public byte[] getSecret() {
-        return secret.clone();
-    }
-
-    /** Return the hashed password in the format used by Tor. */
-    public String getHashedPassword() {
-        return hashedKey;
-    }
-
-    /** Parameter used by RFC2440's s2k algorithm. */
-    private static final int EXPBIAS = 6;
-
-    /** Implement rfc2440 s2k */
-    public static byte[] secretToKey(byte[] secret, byte[] specifier) {
-        MessageDigest d;
-        try {
-            d = MessageDigest.getInstance("SHA-1");
-        } catch (NoSuchAlgorithmException ex) {
-            throw new RuntimeException("Can't run without sha-1.");
-        }
-        int c = (specifier[8])&0xff;
-        int count = (16 + (c&15)) << ((c>>4) + EXPBIAS);
-
-        byte[] tmp = new byte[8+secret.length];
-        System.arraycopy(specifier, 0, tmp, 0, 8);
-        System.arraycopy(secret, 0, tmp, 8, secret.length);
-        while (count > 0) {
-            if (count >= tmp.length) {
-                d.update(tmp);
-                count -= tmp.length;
-            } else {
-                d.update(tmp, 0, count);
-                count = 0;
-            }
-        }
-        byte[] key = new byte[20+9];
-        System.arraycopy(d.digest(), 0, key, 9, 20);
-        System.arraycopy(specifier, 0, key, 0, 9);
-        return key;
-    }
-
-    /** Return a hexadecimal encoding of a byte array. */
-    // XXX There must be a better way to do this in Java.
-    private static final String encodeBytes(byte[] ba) {
-        return Bytes.hex(ba);
-    }
-
-}
-

bramble-core/src/main/java/net/freehaven/tor/control/README

@@ -1,4 +0,0 @@
-We broke the version detection stuff in Tor 0.1.2.16 / 0.2.0.4-alpha.
-Somebody should rip out the v0 control protocol stuff from here, and
-it should start working again. -RD
-

bramble-core/src/main/java/net/freehaven/tor/control/TorControlCommands.java

@@ -1,151 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control;
-
-/** Interface defining constants used by the Tor controller protocol.
- */
-// XXXX Take documentation for these from control-spec.txt
-public interface TorControlCommands {
-
-    public static final short CMD_ERROR = 0x0000;
-    public static final short CMD_DONE = 0x0001;
-    public static final short CMD_SETCONF = 0x0002;
-    public static final short CMD_GETCONF = 0x0003;
-    public static final short CMD_CONFVALUE = 0x0004;
-    public static final short CMD_SETEVENTS = 0x0005;
-    public static final short CMD_EVENT = 0x0006;
-    public static final short CMD_AUTH = 0x0007;
-    public static final short CMD_SAVECONF = 0x0008;
-    public static final short CMD_SIGNAL = 0x0009;
-    public static final short CMD_MAPADDRESS = 0x000A;
-    public static final short CMD_GETINFO = 0x000B;
-    public static final short CMD_INFOVALUE = 0x000C;
-    public static final short CMD_EXTENDCIRCUIT = 0x000D;
-    public static final short CMD_ATTACHSTREAM = 0x000E;
-    public static final short CMD_POSTDESCRIPTOR = 0x000F;
-    public static final short CMD_FRAGMENTHEADER = 0x0010;
-    public static final short CMD_FRAGMENT = 0x0011;
-    public static final short CMD_REDIRECTSTREAM = 0x0012;
-    public static final short CMD_CLOSESTREAM = 0x0013;
-    public static final short CMD_CLOSECIRCUIT = 0x0014;
-
-    public static final String[] CMD_NAMES = {
-        "ERROR",
-        "DONE",
-        "SETCONF",
-        "GETCONF",
-        "CONFVALUE",
-        "SETEVENTS",
-        "EVENT",
-        "AUTH",
-        "SAVECONF",
-        "SIGNAL",
-        "MAPADDRESS",
-        "GETINFO",
-        "INFOVALUE",
-        "EXTENDCIRCUIT",
-        "ATTACHSTREAM",
-        "POSTDESCRIPTOR",
-        "FRAGMENTHEADER",
-        "FRAGMENT",
-        "REDIRECTSTREAM",
-        "CLOSESTREAM",
-        "CLOSECIRCUIT",
-    };
-
-    public static final short EVENT_CIRCSTATUS = 0x0001;
-    public static final short EVENT_STREAMSTATUS = 0x0002;
-    public static final short EVENT_ORCONNSTATUS = 0x0003;
-    public static final short EVENT_BANDWIDTH = 0x0004;
-    public static final short EVENT_NEWDESCRIPTOR = 0x0006;
-    public static final short EVENT_MSG_DEBUG = 0x0007;
-    public static final short EVENT_MSG_INFO = 0x0008;
-    public static final short EVENT_MSG_NOTICE = 0x0009;
-    public static final short EVENT_MSG_WARN = 0x000A;
-    public static final short EVENT_MSG_ERROR = 0x000B;
-
-    public static final String[] EVENT_NAMES = {
-        "(0)",
-        "CIRC",
-        "STREAM",
-        "ORCONN",
-        "BW",
-        "OLDLOG",
-        "NEWDESC",
-        "DEBUG",
-        "INFO",
-        "NOTICE",
-        "WARN",
-        "ERR",
-    };
-
-    public static final byte CIRC_STATUS_LAUNCHED = 0x01;
-    public static final byte CIRC_STATUS_BUILT = 0x02;
-    public static final byte CIRC_STATUS_EXTENDED = 0x03;
-    public static final byte CIRC_STATUS_FAILED = 0x04;
-    public static final byte CIRC_STATUS_CLOSED = 0x05;
-
-    public static final String[] CIRC_STATUS_NAMES = {
-        "LAUNCHED",
-        "BUILT",
-        "EXTENDED",
-        "FAILED",
-        "CLOSED",
-    };
-
-    public static final byte STREAM_STATUS_SENT_CONNECT = 0x00;
-    public static final byte STREAM_STATUS_SENT_RESOLVE = 0x01;
-    public static final byte STREAM_STATUS_SUCCEEDED = 0x02;
-    public static final byte STREAM_STATUS_FAILED = 0x03;
-    public static final byte STREAM_STATUS_CLOSED = 0x04;
-    public static final byte STREAM_STATUS_NEW_CONNECT = 0x05;
-    public static final byte STREAM_STATUS_NEW_RESOLVE = 0x06;
-    public static final byte STREAM_STATUS_DETACHED = 0x07;
-
-    public static final String[] STREAM_STATUS_NAMES = {
-        "SENT_CONNECT",
-        "SENT_RESOLVE",
-        "SUCCEEDED",
-        "FAILED",
-        "CLOSED",
-        "NEW_CONNECT",
-        "NEW_RESOLVE",
-        "DETACHED"
-    };
-
-    public static final byte OR_CONN_STATUS_LAUNCHED = 0x00;
-    public static final byte OR_CONN_STATUS_CONNECTED = 0x01;
-    public static final byte OR_CONN_STATUS_FAILED = 0x02;
-    public static final byte OR_CONN_STATUS_CLOSED = 0x03;
-
-    public static final String[] OR_CONN_STATUS_NAMES = {
-        "LAUNCHED","CONNECTED","FAILED","CLOSED"
-    };
-
-    public static final byte SIGNAL_HUP = 0x01;
-    public static final byte SIGNAL_INT = 0x02;
-    public static final byte SIGNAL_USR1 = 0x0A;
-    public static final byte SIGNAL_USR2 = 0x0C;
-    public static final byte SIGNAL_TERM = 0x0F;
-
-    public static final String ERROR_MSGS[] = {
-        "Unspecified error",
-        "Internal error",
-        "Unrecognized message type",
-        "Syntax error",
-        "Unrecognized configuration key",
-        "Invalid configuration value",
-        "Unrecognized byte code",
-        "Unauthorized",
-        "Failed authentication attempt",
-        "Resource exhausted",
-        "No such stream",
-        "No such circuit",
-        "No such OR",
-    };
-
-    public static final String HS_ADDRESS = "onionAddress";
-    public static final String HS_PRIVKEY = "onionPrivKey";
-
-}
-

bramble-core/src/main/java/net/freehaven/tor/control/TorControlConnection.java

@@ -1,998 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-import java.io.PrintStream;
-import java.io.PrintWriter;
-import java.io.Reader;
-import java.io.Writer;
-import java.net.Socket;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.StringTokenizer;
-import java.util.logging.Logger;
-
-import static java.util.logging.Logger.getLogger;
-
-/**
- * A connection to a running Tor process as specified in control-spec.txt.
- */
-public class TorControlConnection implements TorControlCommands {
-
-	private static final Logger LOG =
-			getLogger(TorControlConnection.class.getName());
-
-	private final LinkedList<Waiter> waiters;
-	private final BufferedReader input;
-	private final Writer output;
-
-	private ControlParseThread thread; // Locking: this
-
-	private volatile EventHandler handler;
-	private volatile PrintWriter debugOutput;
-	private volatile IOException parseThreadException;
-
-	static class Waiter {
-
-		List<ReplyLine> response; // Locking: this
-		boolean interrupted;
-
-		List<ReplyLine> getResponse() throws InterruptedException {
-			LOG.info("Entering synchronized (waiter " + hashCode() + ")");
-			synchronized (this) {
-				LOG.info("Entered synchronized (waiter " + hashCode() + ")");
-				while (response == null) {
-					LOG.info("Waiter " + hashCode() + " waiting for response");
-					wait();
-					if (interrupted) {
-						LOG.info("Waiter " + hashCode() + " interrupted");
-						throw new InterruptedException();
-					}
-				}
-				LOG.info("Waiter " + hashCode() + " got response " + response);
-				LOG.info("Leaving synchronized (waiter " + hashCode() + ")");
-				return response;
-			}
-		}
-
-		void setResponse(List<ReplyLine> response) {
-			LOG.info("Entering synchronized (waiter " + hashCode() + ")");
-			synchronized (this) {
-				LOG.info("Entered synchronized (waiter " + hashCode() + ")");
-				LOG.info("Setting response for waiter " + hashCode() + ": "
-						+ response);
-				this.response = response;
-				notifyAll();
-				LOG.info("Leaving synchronized (waiter " + hashCode() + ")");
-			}
-		}
-
-		void interrupt() {
-			LOG.info("Entering synchronized (waiter " + hashCode() + ")");
-			synchronized (this) {
-				LOG.info("Entered synchronized (waiter " + hashCode() + ")");
-				LOG.info("Interrupting waiter " + hashCode());
-				interrupted = true;
-				notifyAll();
-				LOG.info("Leaving synchronized (waiter " + hashCode() + ")");
-			}
-		}
-	}
-
-	static class ReplyLine {
-
-		final String status;
-		final String msg;
-		final String rest;
-
-		ReplyLine(String status, String msg, String rest) {
-			this.status = status;
-			this.msg = msg;
-			this.rest = rest;
-		}
-
-		@Override
-		public String toString() {
-			return status + " " + msg + " " + rest;
-		}
-	}
-
-	/**
-	 * Create a new TorControlConnection to communicate with Tor over
-	 * a given socket.  After calling this constructor, it is typical to
-	 * call launchThread and authenticate.
-	 */
-	public TorControlConnection(Socket connection) throws IOException {
-		this(connection.getInputStream(), connection.getOutputStream());
-	}
-
-	/**
-	 * Create a new TorControlConnection to communicate with Tor over
-	 * an arbitrary pair of data streams.
-	 */
-	public TorControlConnection(InputStream i, OutputStream o) {
-		this(new InputStreamReader(i), new OutputStreamWriter(o));
-	}
-
-	public TorControlConnection(Reader i, Writer o) {
-		this.output = o;
-		if (i instanceof BufferedReader)
-			this.input = (BufferedReader) i;
-		else
-			this.input = new BufferedReader(i);
-		this.waiters = new LinkedList<>();
-	}
-
-	protected final void writeEscaped(String s) throws IOException {
-		StringTokenizer st = new StringTokenizer(s, "\n");
-		while (st.hasMoreTokens()) {
-			String line = st.nextToken();
-			if (line.startsWith("."))
-				line = "." + line;
-			if (line.endsWith("\r"))
-				line += "\n";
-			else
-				line += "\r\n";
-			if (debugOutput != null)
-				debugOutput.print(">> " + line);
-			output.write(line);
-		}
-		output.write(".\r\n");
-		if (debugOutput != null)
-			debugOutput.print(">> .\n");
-	}
-
-	protected static String quote(String s) {
-		StringBuffer sb = new StringBuffer("\"");
-		for (int i = 0; i < s.length(); ++i) {
-			char c = s.charAt(i);
-			switch (c) {
-				case '\r':
-				case '\n':
-				case '\\':
-				case '\"':
-					sb.append('\\');
-			}
-			sb.append(c);
-		}
-		sb.append('\"');
-		return sb.toString();
-	}
-
-	protected final ArrayList<ReplyLine> readReply() throws IOException {
-		ArrayList<ReplyLine> reply = new ArrayList<>();
-		char c;
-		do {
-			String line = input.readLine();
-			if (line == null) {
-				// if line is null, the end of the stream has been reached, i.e.
-				// the connection to Tor has been closed!
-				if (reply.isEmpty()) {
-					// nothing received so far, can exit cleanly
-					return reply;
-				}
-				// received half of a reply before the connection broke down
-				throw new TorControlSyntaxError("Connection to Tor " +
-						" broke down while receiving reply!");
-			}
-			if (debugOutput != null)
-				debugOutput.println("<< " + line);
-			if (line.length() < 4)
-				throw new TorControlSyntaxError(
-						"Line (\"" + line + "\") too short");
-			String status = line.substring(0, 3);
-			c = line.charAt(3);
-			String msg = line.substring(4);
-			String rest = null;
-			if (c == '+') {
-				StringBuffer data = new StringBuffer();
-				while (true) {
-					line = input.readLine();
-					if (debugOutput != null)
-						debugOutput.print("<< " + line);
-					if (line.equals("."))
-						break;
-					else if (line.startsWith("."))
-						line = line.substring(1);
-					data.append(line).append('\n');
-				}
-				rest = data.toString();
-			}
-			reply.add(new ReplyLine(status, msg, rest));
-		} while (c != ' ');
-
-		return reply;
-	}
-
-	protected List<ReplyLine> sendAndWaitForResponse(String s,
-			String rest) throws IOException {
-		LOG.info("Entering synchronized (connection)");
-		synchronized (this) {
-			LOG.info("Entered synchronized (connection)");
-			LOG.info("Sending '" + s + "', '" + rest +
-					"' and waiting for response");
-			if (parseThreadException != null) {
-				LOG.info("Throwing previously caught exception "
-						+ parseThreadException);
-				throw parseThreadException;
-			}
-			checkThread();
-			Waiter w = new Waiter();
-			LOG.info("Created waiter " + w.hashCode());
-			if (debugOutput != null)
-				debugOutput.print(">> " + s);
-			LOG.info("Entering synchronized (waiters)");
-			synchronized (waiters) {
-				LOG.info("Entered synchronized (waiters)");
-				output.write(s);
-				LOG.info("Wrote '" + s + "'");
-				if (rest != null) {
-					writeEscaped(rest);
-					LOG.info("Wrote escaped '" + rest + "'");
-				}
-				output.flush();
-				LOG.info("Flushed output");
-				waiters.addLast(w);
-				LOG.info("Added waiter, " + waiters.size() + " waiting");
-				LOG.info("Leaving synchronized (waiters)");
-			}
-			List<ReplyLine> lst;
-			try {
-				LOG.info("Getting response from waiter " + w.hashCode());
-				lst = w.getResponse();
-				LOG.info("Got response from waiter " + w.hashCode() + ": " +
-						lst);
-			} catch (InterruptedException ex) {
-				throw new IOException("Interrupted");
-			}
-			for (Iterator<ReplyLine> i = lst.iterator(); i.hasNext(); ) {
-				ReplyLine c = i.next();
-				if (!c.status.startsWith("2"))
-					throw new TorControlError("Error reply: " + c.msg);
-			}
-			LOG.info("Leaving synchronized (connection)");
-			return lst;
-		}
-	}
-
-	/**
-	 * Helper: decode a CMD_EVENT command and dispatch it to our
-	 * EventHandler (if any).
-	 */
-	protected void handleEvent(ArrayList<ReplyLine> events) {
-		if (handler == null)
-			return;
-
-		for (Iterator<ReplyLine> i = events.iterator(); i.hasNext(); ) {
-			ReplyLine line = i.next();
-			int idx = line.msg.indexOf(' ');
-			String tp = line.msg.substring(0, idx).toUpperCase();
-			String rest = line.msg.substring(idx + 1);
-			if (tp.equals("CIRC")) {
-				List<String> lst = Bytes.splitStr(null, rest);
-				handler.circuitStatus(lst.get(1),
-						lst.get(0),
-						lst.get(1).equals("LAUNCHED")
-								|| lst.size() < 3 ? ""
-								: lst.get(2));
-			} else if (tp.equals("STREAM")) {
-				List<String> lst = Bytes.splitStr(null, rest);
-				handler.streamStatus(lst.get(1),
-						lst.get(0),
-						lst.get(3));
-				// XXXX circID.
-			} else if (tp.equals("ORCONN")) {
-				List<String> lst = Bytes.splitStr(null, rest);
-				handler.orConnStatus(lst.get(1), lst.get(0));
-			} else if (tp.equals("BW")) {
-				List<String> lst = Bytes.splitStr(null, rest);
-				handler.bandwidthUsed(Integer.parseInt(lst.get(0)),
-						Integer.parseInt(lst.get(1)));
-			} else if (tp.equals("NEWDESC")) {
-				List<String> lst = Bytes.splitStr(null, rest);
-				handler.newDescriptors(lst);
-			} else if (tp.equals("DEBUG") ||
-					tp.equals("INFO") ||
-					tp.equals("NOTICE") ||
-					tp.equals("WARN") ||
-					tp.equals("ERR")) {
-				handler.message(tp, rest);
-			} else {
-				handler.unrecognized(tp, rest);
-			}
-		}
-	}
-
-
-	/**
-	 * Sets <b>w</b> as the PrintWriter for debugging output,
-	 * which writes out all messages passed between Tor and the controller.
-	 * Outgoing messages are preceded by "\>\>" and incoming messages are preceded
-	 * by "\<\<"
-	 */
-	public void setDebugging(PrintWriter w) {
-		debugOutput = w;
-	}
-
-	/**
-	 * Sets <b>s</b> as the PrintStream for debugging output,
-	 * which writes out all messages passed between Tor and the controller.
-	 * Outgoing messages are preceded by "\>\>" and incoming messages are preceded
-	 * by "\<\<"
-	 */
-	public void setDebugging(PrintStream s) {
-		debugOutput = new PrintWriter(s, true);
-	}
-
-	/**
-	 * Set the EventHandler object that will be notified of any
-	 * events Tor delivers to this connection.  To make Tor send us
-	 * events, call setEvents().
-	 */
-	public void setEventHandler(EventHandler handler) {
-		this.handler = handler;
-	}
-
-	/**
-	 * Start a thread to react to Tor's responses in the background.
-	 * This is necessary to handle asynchronous events and synchronous
-	 * responses that arrive independantly over the same socket.
-	 */
-	public Thread launchThread(boolean daemon) {
-		LOG.info("Entering synchronized (connection)");
-		synchronized (this) {
-			LOG.info("Entered synchronized (connection)");
-			ControlParseThread th = new ControlParseThread();
-			LOG.info("Launching parse thread " + th.hashCode());
-			if (daemon)
-				th.setDaemon(true);
-			th.start();
-			this.thread = th;
-			LOG.info("Leaving synchronized (connection)");
-			return th;
-		}
-	}
-
-	protected class ControlParseThread extends Thread {
-
-		@Override
-		public void run() {
-			try {
-				react();
-			} catch (IOException ex) {
-				LOG.info("Parse thread " + hashCode()
-						+ " caught exception " + ex);
-				parseThreadException = ex;
-			}
-		}
-	}
-
-	protected void checkThread() {
-		LOG.info("Entering synchronized (connection)");
-		synchronized (this) {
-			LOG.info("Entered synchronized (connection)");
-			if (thread == null)
-				launchThread(true);
-			LOG.info("Leaving synchronized (connection)");
-		}
-	}
-
-	/**
-	 * helper: implement the main background loop.
-	 */
-	protected void react() throws IOException {
-		while (true) {
-			ArrayList<ReplyLine> lst = readReply();
-			LOG.info("Read reply: " + lst);
-			if (lst.isEmpty()) {
-				// interrupted queued waiters, there won't be any response.
-				LOG.info("Entering synchronized (waiters)");
-				synchronized (waiters) {
-					LOG.info("Entered synchronized (waiters)");
-					if (!waiters.isEmpty()) {
-						for (Waiter w : waiters) {
-							LOG.info("Interrupting waiter " + w.hashCode());
-							w.interrupt();
-						}
-					} else {
-						LOG.info("No waiters");
-					}
-					LOG.info("Leaving synchronized (waiters)");
-				}
-				throw new IOException("Tor is no longer running");
-			}
-			if ((lst.get(0)).status.startsWith("6")) {
-				LOG.info("Reply is an event");
-				handleEvent(lst);
-			} else {
-				LOG.info("Entering synchronized (waiters)");
-				synchronized (waiters) {
-					LOG.info("Entered synchronized (waiters)");
-					if (!waiters.isEmpty()) {
-						Waiter w;
-						w = waiters.removeFirst();
-						LOG.info("Setting response for waiter " + w.hashCode());
-						w.setResponse(lst);
-					} else {
-						LOG.info("No waiters");
-					}
-					LOG.info("Leaving synchronized (waiters)");
-				}
-
-			}
-		}
-	}
-
-	/**
-	 * Change the value of the configuration option 'key' to 'val'.
-	 */
-	public void setConf(String key, String value) throws IOException {
-		List<String> lst = new ArrayList<>();
-		lst.add(key + " " + value);
-		setConf(lst);
-	}
-
-	/**
-	 * Change the values of the configuration options stored in kvMap.
-	 */
-	public void setConf(Map<String, String> kvMap) throws IOException {
-		List<String> lst = new ArrayList<>();
-		for (Iterator<Map.Entry<String, String>> it =
-				kvMap.entrySet().iterator(); it.hasNext(); ) {
-			Map.Entry<String, String> ent = it.next();
-			lst.add(ent.getKey() + " " + ent.getValue() + "\n");
-		}
-		setConf(lst);
-	}
-
-	/**
-	 * Changes the values of the configuration options stored in
-	 * <b>kvList</b>.  Each list element in <b>kvList</b> is expected to be
-	 * String of the format "key value".
-	 * <p>
-	 * Tor behaves as though it had just read each of the key-value pairs
-	 * from its configuration file.  Keywords with no corresponding values have
-	 * their configuration values reset to their defaults.  setConf is
-	 * all-or-nothing: if there is an error in any of the configuration settings,
-	 * Tor sets none of them.
-	 * <p>
-	 * When a configuration option takes multiple values, or when multiple
-	 * configuration keys form a context-sensitive group (see getConf below), then
-	 * setting any of the options in a setConf command is taken to reset all of
-	 * the others.  For example, if two ORBindAddress values are configured, and a
-	 * command arrives containing a single ORBindAddress value, the new
-	 * command's value replaces the two old values.
-	 * <p>
-	 * To remove all settings for a given option entirely (and go back to its
-	 * default value), include a String in <b>kvList</b> containing the key and no value.
-	 */
-	public void setConf(Collection<String> kvList) throws IOException {
-		if (kvList.size() == 0)
-			return;
-		StringBuffer b = new StringBuffer("SETCONF");
-		for (Iterator<String> it = kvList.iterator(); it.hasNext(); ) {
-			String kv = it.next();
-			int i = kv.indexOf(' ');
-			if (i == -1)
-				b.append(" ").append(kv);
-			b.append(" ").append(kv.substring(0, i)).append("=")
-					.append(quote(kv.substring(i + 1)));
-		}
-		b.append("\r\n");
-		sendAndWaitForResponse(b.toString(), null);
-	}
-
-	/**
-	 * Try to reset the values listed in the collection 'keys' to their
-	 * default values.
-	 **/
-	public void resetConf(Collection<String> keys) throws IOException {
-		if (keys.size() == 0)
-			return;
-		StringBuffer b = new StringBuffer("RESETCONF");
-		for (Iterator<String> it = keys.iterator(); it.hasNext(); ) {
-			String key = it.next();
-			b.append(" ").append(key);
-		}
-		b.append("\r\n");
-		sendAndWaitForResponse(b.toString(), null);
-	}
-
-	/**
-	 * Return the value of the configuration option 'key'
-	 */
-	public List<ConfigEntry> getConf(String key) throws IOException {
-		List<String> lst = new ArrayList<>();
-		lst.add(key);
-		return getConf(lst);
-	}
-
-	/**
-	 * Requests the values of the configuration variables listed in <b>keys</b>.
-	 * Results are returned as a list of ConfigEntry objects.
-	 * <p>
-	 * If an option appears multiple times in the configuration, all of its
-	 * key-value pairs are returned in order.
-	 * <p>
-	 * Some options are context-sensitive, and depend on other options with
-	 * different keywords.  These cannot be fetched directly.  Currently there
-	 * is only one such option: clients should use the "HiddenServiceOptions"
-	 * virtual keyword to get all HiddenServiceDir, HiddenServicePort,
-	 * HiddenServiceNodes, and HiddenServiceExcludeNodes option settings.
-	 */
-	public List<ConfigEntry> getConf(Collection<String> keys)
-			throws IOException {
-		StringBuffer sb = new StringBuffer("GETCONF");
-		for (Iterator<String> it = keys.iterator(); it.hasNext(); ) {
-			String key = it.next();
-			sb.append(" ").append(key);
-		}
-		sb.append("\r\n");
-		List<ReplyLine> lst = sendAndWaitForResponse(sb.toString(), null);
-		List<ConfigEntry> result = new ArrayList<>();
-		for (Iterator<ReplyLine> it = lst.iterator(); it.hasNext(); ) {
-			String kv = (it.next()).msg;
-			int idx = kv.indexOf('=');
-			if (idx >= 0)
-				result.add(new ConfigEntry(kv.substring(0, idx),
-						kv.substring(idx + 1)));
-			else
-				result.add(new ConfigEntry(kv));
-		}
-		return result;
-	}
-
-	/**
-	 * Request that the server inform the client about interesting events.
-	 * Each element of <b>events</b> is one of the following Strings:
-	 * ["CIRC" | "STREAM" | "ORCONN" | "BW" | "DEBUG" |
-	 * "INFO" | "NOTICE" | "WARN" | "ERR" | "NEWDESC" | "ADDRMAP"] .
-	 * <p>
-	 * Any events not listed in the <b>events</b> are turned off; thus, calling
-	 * setEvents with an empty <b>events</b> argument turns off all event reporting.
-	 */
-	public void setEvents(List<String> events) throws IOException {
-		StringBuffer sb = new StringBuffer("SETEVENTS");
-		for (Iterator<String> it = events.iterator(); it.hasNext(); ) {
-			sb.append(" ").append(it.next());
-		}
-		sb.append("\r\n");
-		sendAndWaitForResponse(sb.toString(), null);
-	}
-
-	/**
-	 * Authenticates the controller to the Tor server.
-	 * <p>
-	 * By default, the current Tor implementation trusts all local users, and
-	 * the controller can authenticate itself by calling authenticate(new byte[0]).
-	 * <p>
-	 * If the 'CookieAuthentication' option is true, Tor writes a "magic cookie"
-	 * file named "control_auth_cookie" into its data directory.  To authenticate,
-	 * the controller must send the contents of this file in <b>auth</b>.
-	 * <p>
-	 * If the 'HashedControlPassword' option is set, <b>auth</b> must contain the salted
-	 * hash of a secret password.  The salted hash is computed according to the
-	 * S2K algorithm in RFC 2440 (OpenPGP), and prefixed with the s2k specifier.
-	 * This is then encoded in hexadecimal, prefixed by the indicator sequence
-	 * "16:".
-	 * <p>
-	 * You can generate the salt of a password by calling
-	 * 'tor --hash-password <password>'
-	 * or by using the provided PasswordDigest class.
-	 * To authenticate under this scheme, the controller sends Tor the original
-	 * secret that was used to generate the password.
-	 */
-	public void authenticate(byte[] auth) throws IOException {
-		String cmd = "AUTHENTICATE " + Bytes.hex(auth) + "\r\n";
-		sendAndWaitForResponse(cmd, null);
-	}
-
-	/**
-	 * Instructs the server to write out its configuration options into its torrc.
-	 */
-	public void saveConf() throws IOException {
-		sendAndWaitForResponse("SAVECONF\r\n", null);
-	}
-
-	/**
-	 * Sends a signal from the controller to the Tor server.
-	 * <b>signal</b> is one of the following Strings:
-	 * <ul>
-	 * <li>"RELOAD" or "HUP" :  Reload config items, refetch directory</li>
-	 * <li>"SHUTDOWN" or "INT" : Controlled shutdown: if server is an OP, exit immediately.
-	 * If it's an OR, close listeners and exit after 30 seconds</li>
-	 * <li>"DUMP" or "USR1" : Dump stats: log information about open connections and circuits</li>
-	 * <li>"DEBUG" or "USR2" : Debug: switch all open logs to loglevel debug</li>
-	 * <li>"HALT" or "TERM" : Immediate shutdown: clean up and exit now</li>
-	 * </ul>
-	 */
-	public void signal(String signal) throws IOException {
-		String cmd = "SIGNAL " + signal + "\r\n";
-		sendAndWaitForResponse(cmd, null);
-	}
-
-	/**
-	 * Send a signal to the Tor process to shut it down or halt it.
-	 * Does not wait for a response.
-	 */
-	public void shutdownTor(String signal) throws IOException {
-		String s = "SIGNAL " + signal + "\r\n";
-		Waiter w = new Waiter();
-		if (debugOutput != null)
-			debugOutput.print(">> " + s);
-		LOG.info("Entering synchronized (waiters)");
-		synchronized (waiters) {
-			LOG.info("Entered synchronized (waiters)");
-			output.write(s);
-			output.flush();
-			LOG.info("Leaving synchronized (waiters)");
-		}
-	}
-
-	/**
-	 * Tells the Tor server that future SOCKS requests for connections to a set of original
-	 * addresses should be replaced with connections to the specified replacement
-	 * addresses.  Each element of <b>kvLines</b> is a String of the form
-	 * "old-address new-address".  This function returns the new address mapping.
-	 * <p>
-	 * The client may decline to provide a body for the original address, and
-	 * instead send a special null address ("0.0.0.0" for IPv4, "::0" for IPv6, or
-	 * "." for hostname), signifying that the server should choose the original
-	 * address itself, and return that address in the reply.  The server
-	 * should ensure that it returns an element of address space that is unlikely
-	 * to be in actual use.  If there is already an address mapped to the
-	 * destination address, the server may reuse that mapping.
-	 * <p>
-	 * If the original address is already mapped to a different address, the old
-	 * mapping is removed.  If the original address and the destination address
-	 * are the same, the server removes any mapping in place for the original
-	 * address.
-	 * <p>
-	 * Mappings set by the controller last until the Tor process exits:
-	 * they never expire. If the controller wants the mapping to last only
-	 * a certain time, then it must explicitly un-map the address when that
-	 * time has elapsed.
-	 */
-	public Map<String, String> mapAddresses(Collection<String> kvLines)
-			throws IOException {
-		StringBuffer sb = new StringBuffer("MAPADDRESS");
-		for (Iterator<String> it = kvLines.iterator(); it.hasNext(); ) {
-			String kv = it.next();
-			int i = kv.indexOf(' ');
-			sb.append(" ").append(kv.substring(0, i)).append("=")
-					.append(quote(kv.substring(i + 1)));
-		}
-		sb.append("\r\n");
-		List<ReplyLine> lst = sendAndWaitForResponse(sb.toString(), null);
-		Map<String, String> result = new HashMap<>();
-		for (Iterator<ReplyLine> it = lst.iterator(); it.hasNext(); ) {
-			String kv = (it.next()).msg;
-			int idx = kv.indexOf('=');
-			result.put(kv.substring(0, idx),
-					kv.substring(idx + 1));
-		}
-		return result;
-	}
-
-	public Map<String, String> mapAddresses(Map<String, String> addresses)
-			throws IOException {
-		List<String> kvList = new ArrayList<>();
-		for (Iterator<Map.Entry<String, String>> it =
-				addresses.entrySet().iterator(); it.hasNext(); ) {
-			Map.Entry<String, String> e = it.next();
-			kvList.add(e.getKey() + " " + e.getValue());
-		}
-		return mapAddresses(kvList);
-	}
-
-	public String mapAddress(String fromAddr, String toAddr)
-			throws IOException {
-		List<String> lst = new ArrayList<>();
-		lst.add(fromAddr + " " + toAddr + "\n");
-		Map<String, String> m = mapAddresses(lst);
-		return m.get(fromAddr);
-	}
-
-	/**
-	 * Queries the Tor server for keyed values that are not stored in the torrc
-	 * configuration file.  Returns a map of keys to values.
-	 * <p>
-	 * Recognized keys include:
-	 * <ul>
-	 * <li>"version" : The version of the server's software, including the name
-	 * of the software. (example: "Tor 0.0.9.4")</li>
-	 * <li>"desc/id/<OR identity>" or "desc/name/<OR nickname>" : the latest server
-	 * descriptor for a given OR, NUL-terminated.  If no such OR is known, the
-	 * corresponding value is an empty string.</li>
-	 * <li>"network-status" : a space-separated list of all known OR identities.
-	 * This is in the same format as the router-status line in directories;
-	 * see tor-spec.txt for details.</li>
-	 * <li>"addr-mappings/all"</li>
-	 * <li>"addr-mappings/config"</li>
-	 * <li>"addr-mappings/cache"</li>
-	 * <li>"addr-mappings/control" : a space-separated list of address mappings, each
-	 * in the form of "from-address=to-address".  The 'config' key
-	 * returns those address mappings set in the configuration; the 'cache'
-	 * key returns the mappings in the client-side DNS cache; the 'control'
-	 * key returns the mappings set via the control interface; the 'all'
-	 * target returns the mappings set through any mechanism.</li>
-	 * <li>"circuit-status" : A series of lines as for a circuit status event. Each line is of the form:
-	 * "CircuitID CircStatus Path"</li>
-	 * <li>"stream-status" : A series of lines as for a stream status event.  Each is of the form:
-	 * "StreamID StreamStatus CircID Target"</li>
-	 * <li>"orconn-status" : A series of lines as for an OR connection status event.  Each is of the
-	 * form: "ServerID ORStatus"</li>
-	 * </ul>
-	 */
-	public Map<String, String> getInfo(Collection<String> keys)
-			throws IOException {
-		StringBuffer sb = new StringBuffer("GETINFO");
-		for (Iterator<String> it = keys.iterator(); it.hasNext(); ) {
-			sb.append(" ").append(it.next());
-		}
-		sb.append("\r\n");
-		List<ReplyLine> lst = sendAndWaitForResponse(sb.toString(), null);
-		Map<String, String> m = new HashMap<>();
-		for (Iterator<ReplyLine> it = lst.iterator(); it.hasNext(); ) {
-			ReplyLine line = it.next();
-			int idx = line.msg.indexOf('=');
-			if (idx < 0)
-				break;
-			String k = line.msg.substring(0, idx);
-			String v;
-			if (line.rest != null) {
-				v = line.rest;
-			} else {
-				v = line.msg.substring(idx + 1);
-			}
-			m.put(k, v);
-		}
-		return m;
-	}
-
-
-	/**
-	 * Return the value of the information field 'key'
-	 */
-	public String getInfo(String key) throws IOException {
-		List<String> lst = new ArrayList<>();
-		lst.add(key);
-		Map<String, String> m = getInfo(lst);
-		return m.get(key);
-	}
-
-	/**
-	 * An extendCircuit request takes one of two forms: either the <b>circID</b> is zero, in
-	 * which case it is a request for the server to build a new circuit according
-	 * to the specified path, or the <b>circID</b> is nonzero, in which case it is a
-	 * request for the server to extend an existing circuit with that ID according
-	 * to the specified <b>path</b>.
-	 * <p>
-	 * If successful, returns the Circuit ID of the (maybe newly created) circuit.
-	 */
-	public String extendCircuit(String circID, String path) throws IOException {
-		List<ReplyLine> lst = sendAndWaitForResponse(
-				"EXTENDCIRCUIT " + circID + " " + path + "\r\n", null);
-		return (lst.get(0)).msg;
-	}
-
-	/**
-	 * Informs the Tor server that the stream specified by <b>streamID</b> should be
-	 * associated with the circuit specified by <b>circID</b>.
-	 * <p>
-	 * Each stream may be associated with
-	 * at most one circuit, and multiple streams may share the same circuit.
-	 * Streams can only be attached to completed circuits (that is, circuits that
-	 * have sent a circuit status "BUILT" event or are listed as built in a
-	 * getInfo circuit-status request).
-	 * <p>
-	 * If <b>circID</b> is 0, responsibility for attaching the given stream is
-	 * returned to Tor.
-	 * <p>
-	 * By default, Tor automatically attaches streams to
-	 * circuits itself, unless the configuration variable
-	 * "__LeaveStreamsUnattached" is set to "1".  Attempting to attach streams
-	 * via TC when "__LeaveStreamsUnattached" is false may cause a race between
-	 * Tor and the controller, as both attempt to attach streams to circuits.
-	 */
-	public void attachStream(String streamID, String circID)
-			throws IOException {
-		sendAndWaitForResponse(
-				"ATTACHSTREAM " + streamID + " " + circID + "\r\n", null);
-	}
-
-	/**
-	 * Tells Tor about the server descriptor in <b>desc</b>.
-	 * <p>
-	 * The descriptor, when parsed, must contain a number of well-specified
-	 * fields, including fields for its nickname and identity.
-	 */
-	// More documentation here on format of desc?
-	// No need for return value?  control-spec.txt says reply is merely "250 OK" on success...
-	public String postDescriptor(String desc) throws IOException {
-		List<ReplyLine> lst =
-				sendAndWaitForResponse("+POSTDESCRIPTOR\r\n", desc);
-		return (lst.get(0)).msg;
-	}
-
-	/**
-	 * Tells Tor to change the exit address of the stream identified by <b>streamID</b>
-	 * to <b>address</b>. No remapping is performed on the new provided address.
-	 * <p>
-	 * To be sure that the modified address will be used, this event must be sent
-	 * after a new stream event is received, and before attaching this stream to
-	 * a circuit.
-	 */
-	public void redirectStream(String streamID, String address)
-			throws IOException {
-		sendAndWaitForResponse(
-				"REDIRECTSTREAM " + streamID + " " + address + "\r\n",
-				null);
-	}
-
-	/**
-	 * Tells Tor to close the stream identified by <b>streamID</b>.
-	 * <b>reason</b> should be one of the Tor RELAY_END reasons given in tor-spec.txt, as a decimal:
-	 * <ul>
-	 * <li>1 -- REASON_MISC           (catch-all for unlisted reasons)</li>
-	 * <li>2 -- REASON_RESOLVEFAILED  (couldn't look up hostname)</li>
-	 * <li>3 -- REASON_CONNECTREFUSED (remote host refused connection)</li>
-	 * <li>4 -- REASON_EXITPOLICY     (OR refuses to connect to host or port)</li>
-	 * <li>5 -- REASON_DESTROY        (Circuit is being destroyed)</li>
-	 * <li>6 -- REASON_DONE           (Anonymized TCP connection was closed)</li>
-	 * <li>7 -- REASON_TIMEOUT        (Connection timed out, or OR timed out while connecting)</li>
-	 * <li>8 -- (unallocated)</li>
-	 * <li>9 -- REASON_HIBERNATING    (OR is temporarily hibernating)</li>
-	 * <li>10 -- REASON_INTERNAL       (Internal error at the OR)</li>
-	 * <li>11 -- REASON_RESOURCELIMIT  (OR has no resources to fulfill request)</li>
-	 * <li>12 -- REASON_CONNRESET      (Connection was unexpectedly reset)</li>
-	 * <li>13 -- REASON_TORPROTOCOL    (Sent when closing connection because of Tor protocol violations)</li>
-	 * </ul>
-	 * <p>
-	 * Tor may hold the stream open for a while to flush any data that is pending.
-	 */
-	public void closeStream(String streamID, byte reason)
-			throws IOException {
-		sendAndWaitForResponse(
-				"CLOSESTREAM " + streamID + " " + reason + "\r\n", null);
-	}
-
-	/**
-	 * Tells Tor to close the circuit identified by <b>circID</b>.
-	 * If <b>ifUnused</b> is true, do not close the circuit unless it is unused.
-	 */
-	public void closeCircuit(String circID, boolean ifUnused)
-			throws IOException {
-		sendAndWaitForResponse("CLOSECIRCUIT " + circID +
-				(ifUnused ? " IFUNUSED" : "") + "\r\n", null);
-	}
-
-	/**
-	 * Tells Tor to exit when this control connection is closed. This command
-	 * was added in Tor 0.2.2.28-beta.
-	 */
-	public void takeOwnership() throws IOException {
-		sendAndWaitForResponse("TAKEOWNERSHIP\r\n", null);
-	}
-
-	/**
-	 * Tells Tor to generate and set up a new onion service using the best
-	 * supported algorithm.
-	 * <p/>
-	 * ADD_ONION was added in Tor 0.2.7.1-alpha.
-	 */
-	public Map<String, String> addOnion(Map<Integer, String> portLines)
-			throws IOException {
-		return addOnion("NEW:BEST", portLines, null);
-	}
-
-	/**
-	 * Tells Tor to generate and set up a new onion service using the best
-	 * supported algorithm.
-	 * <p/>
-	 * ADD_ONION was added in Tor 0.2.7.1-alpha.
-	 */
-	public Map<String, String> addOnion(Map<Integer, String> portLines,
-			boolean ephemeral, boolean detach)
-			throws IOException {
-		return addOnion("NEW:BEST", portLines, ephemeral, detach);
-	}
-
-	/**
-	 * Tells Tor to set up an onion service using the provided private key.
-	 * <p/>
-	 * ADD_ONION was added in Tor 0.2.7.1-alpha.
-	 */
-	public Map<String, String> addOnion(String privKey,
-			Map<Integer, String> portLines)
-			throws IOException {
-		return addOnion(privKey, portLines, null);
-	}
-
-	/**
-	 * Tells Tor to set up an onion service using the provided private key.
-	 * <p/>
-	 * ADD_ONION was added in Tor 0.2.7.1-alpha.
-	 */
-	public Map<String, String> addOnion(String privKey,
-			Map<Integer, String> portLines,
-			boolean ephemeral, boolean detach)
-			throws IOException {
-		List<String> flags = new ArrayList<>();
-		if (ephemeral)
-			flags.add("DiscardPK");
-		if (detach)
-			flags.add("Detach");
-		return addOnion(privKey, portLines, flags);
-	}
-
-	/**
-	 * Tells Tor to set up an onion service.
-	 * <p/>
-	 * ADD_ONION was added in Tor 0.2.7.1-alpha.
-	 */
-	public Map<String, String> addOnion(String privKey,
-			Map<Integer, String> portLines,
-			List<String> flags)
-			throws IOException {
-		if (privKey.indexOf(':') < 0)
-			throw new IllegalArgumentException("Invalid privKey");
-		if (portLines == null || portLines.size() < 1)
-			throw new IllegalArgumentException(
-					"Must provide at least one port line");
-		StringBuilder b = new StringBuilder();
-		b.append("ADD_ONION ").append(privKey);
-		if (flags != null && flags.size() > 0) {
-			b.append(" Flags=");
-			String separator = "";
-			for (String flag : flags) {
-				b.append(separator).append(flag);
-				separator = ",";
-			}
-		}
-		for (Map.Entry<Integer, String> portLine : portLines.entrySet()) {
-			int virtPort = portLine.getKey();
-			String target = portLine.getValue();
-			b.append(" Port=").append(virtPort);
-			if (target != null && target.length() > 0)
-				b.append(",").append(target);
-		}
-		b.append("\r\n");
-		List<ReplyLine> lst = sendAndWaitForResponse(b.toString(), null);
-		Map<String, String> ret = new HashMap<>();
-		ret.put(HS_ADDRESS, (lst.get(0)).msg.split("=", 2)[1]);
-		if (lst.size() > 2)
-			ret.put(HS_PRIVKEY, (lst.get(1)).msg.split("=", 2)[1]);
-		return ret;
-	}
-
-	/**
-	 * Tells Tor to take down an onion service previously set up with
-	 * addOnion(). The hostname excludes the .onion extension.
-	 * <p/>
-	 * DEL_ONION was added in Tor 0.2.7.1-alpha.
-	 */
-	public void delOnion(String hostname) throws IOException {
-		sendAndWaitForResponse("DEL_ONION " + hostname + "\r\n", null);
-	}
-
-	/**
-	 * Tells Tor to forget any cached client state relating to the hidden
-	 * service with the given hostname (excluding the .onion extension).
-	 */
-	public void forgetHiddenService(String hostname) throws IOException {
-		sendAndWaitForResponse("HSFORGET " + hostname + "\r\n", null);
-	}
-}
-

bramble-core/src/main/java/net/freehaven/tor/control/TorControlError.java

@@ -1,39 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control;
-
-import java.io.IOException;
-
-/**
- * An exception raised when Tor tells us about an error.
- */
-public class TorControlError extends IOException {
-
-    static final long serialVersionUID = 3;
-
-    private final int errorType;
-
-    public TorControlError(int type, String s) {
-        super(s);
-        errorType = type;
-    }
-
-    public TorControlError(String s) {
-        this(-1, s);
-    }
-
-    public int getErrorType() {
-        return errorType;
-    }
-
-    public String getErrorMsg() {
-        try {
-            if (errorType == -1)
-                return null;
-            return TorControlCommands.ERROR_MSGS[errorType];
-        } catch (ArrayIndexOutOfBoundsException ex) {
-            return "Unrecongized error #"+errorType;
-        }
-    }
-}
-

bramble-core/src/main/java/net/freehaven/tor/control/TorControlSyntaxError.java

@@ -1,16 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control;
-
-import java.io.IOException;
-
-/**
- * An exception raised when Tor behaves in an unexpected way.
- */
-public class TorControlSyntaxError extends IOException {
-
-    static final long serialVersionUID = 3;
-
-    public TorControlSyntaxError(String s) { super(s); }
-}
-

bramble-core/src/main/java/net/freehaven/tor/control/examples/.cvsignore

@@ -1 +0,0 @@
-*.class

bramble-core/src/main/java/net/freehaven/tor/control/examples/DebuggingEventHandler.java

@@ -1,44 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control.examples;
-
-import java.io.PrintWriter;
-import java.util.Iterator;
-import net.freehaven.tor.control.EventHandler;
-
-public class DebuggingEventHandler implements EventHandler {
-
-    private final PrintWriter out;
-
-    public DebuggingEventHandler(PrintWriter p) {
-        out = p;
-    }
-
-    public void circuitStatus(String status, String circID, String path) {
-        out.println("Circuit "+circID+" is now "+status+" (path="+path+")");
-    }
-    public void streamStatus(String status, String streamID, String target) {
-        out.println("Stream "+streamID+" is now "+status+" (target="+target+")");
-    }
-    public void orConnStatus(String status, String orName) {
-        out.println("OR connection to "+orName+" is now "+status);
-    }
-    public void bandwidthUsed(long read, long written) {
-        out.println("Bandwidth usage: "+read+" bytes read; "+
-                    written+" bytes written.");
-    }
-    public void newDescriptors(java.util.List<String> orList) {
-        out.println("New descriptors for routers:");
-        for (Iterator<String> i = orList.iterator(); i.hasNext(); )
-            out.println("   "+i.next());
-    }
-    public void message(String type, String msg) {
-        out.println("["+type+"] "+msg.trim());
-    }
-
-    public void unrecognized(String type, String msg) {
-        out.println("unrecognized event ["+type+"] "+msg.trim());
-    }
-
-}
-

bramble-core/src/main/java/net/freehaven/tor/control/examples/Main.java

@@ -1,146 +0,0 @@
-// Copyright 2005 Nick Mathewson, Roger Dingledine
-// See LICENSE file for copying information
-package net.freehaven.tor.control.examples;
-
-import net.freehaven.tor.control.*;
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.net.Socket;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Arrays;
-import java.util.Map;
-import java.util.Iterator;
-
-public class Main implements TorControlCommands {
-
-    public static void main(String args[]) {
-        if (args.length < 1) {
-            System.err.println("No command given.");
-            return;
-        }
-        try {
-            if (args[0].equals("set-config")) {
-                setConfig(args);
-            } else if (args[0].equals("get-config")) {
-                getConfig(args);
-            } else if (args[0].equals("get-info")) {
-                getInfo(args);
-            } else if (args[0].equals("listen")) {
-                listenForEvents(args);
-            } else if (args[0].equals("signal")) {
-                signal(args);
-            } else if (args[0].equals("auth")) {
-                authDemo(args);
-            } else {
-                System.err.println("Unrecognized command: "+args[0]);
-            }
-        } catch (EOFException ex) {
-            System.out.println("Control socket closed by Tor.");
-        } catch (TorControlError ex) {
-            System.err.println("Error from Tor process: "+
-                               ex+" ["+ex.getErrorMsg()+"]");
-        } catch (IOException ex) {
-            System.err.println("IO exception when talking to Tor process: "+
-                               ex);
-            ex.printStackTrace(System.err);
-        }
-    }
-
-    private static TorControlConnection getConnection(String[] args,
-        boolean daemon) throws IOException {
-        Socket s = new Socket("127.0.0.1", 9100);
-        TorControlConnection conn = new TorControlConnection(s);
-        conn.launchThread(daemon);
-        conn.authenticate(new byte[0]);
-        return conn;
-    }
-
-    private static TorControlConnection getConnection(String[] args)
-        throws IOException {
-        return getConnection(args, true);
-    }
-
-    public static void setConfig(String[] args) throws IOException {
-        // Usage: "set-config [-save] key value key value key value"
-        TorControlConnection conn = getConnection(args);
-        ArrayList<String> lst = new ArrayList<String>();
-        int i = 1;
-        boolean save = false;
-        if (args[i].equals("-save")) {
-            save = true;
-            ++i;
-        }
-        for (; i < args.length; i +=2) {
-            lst.add(args[i]+" "+args[i+1]);
-        }
-        conn.setConf(lst);
-        if (save) {
-            conn.saveConf();
-        }
-    }
-
-    public static void getConfig(String[] args) throws IOException {
-        // Usage: get-config key key key
-        TorControlConnection conn = getConnection(args);
-        List<ConfigEntry> lst = conn.getConf(Arrays.asList(args).subList(1,args.length));
-        for (Iterator<ConfigEntry> i = lst.iterator(); i.hasNext(); ) {
-            ConfigEntry e = i.next();
-            System.out.println("KEY: "+e.key);
-            System.out.println("VAL: "+e.value);
-        }
-    }
-
-    public static void getInfo(String[] args) throws IOException {
-        TorControlConnection conn = getConnection(args);
-        Map<String,String> m = conn.getInfo(Arrays.asList(args).subList(1,args.length));
-        for (Iterator<Map.Entry<String, String>> i = m.entrySet().iterator(); i.hasNext(); ) {
-            Map.Entry<String,String> e = i.next();
-            System.out.println("KEY: "+e.getKey());
-            System.out.println("VAL: "+e.getValue());
-        }
-    }
-
-    public static void listenForEvents(String[] args) throws IOException {
-        // Usage: listen [circ|stream|orconn|bw|newdesc|info|notice|warn|error]*
-        TorControlConnection conn = getConnection(args, false);
-        ArrayList<String> lst = new ArrayList<String>();
-        for (int i = 1; i < args.length; ++i) {
-            lst.add(args[i]);
-        }
-        conn.setEventHandler(
-            new DebuggingEventHandler(new PrintWriter(System.out, true)));
-        conn.setEvents(lst);
-    }
-
-    public static void signal(String[] args) throws IOException {
-        // Usage signal [reload|shutdown|dump|debug|halt]
-        TorControlConnection conn = getConnection(args, false);
-        // distinguish shutdown signal from other signals
-        if ("SHUTDOWN".equalsIgnoreCase(args[1])
-        		|| "HALT".equalsIgnoreCase(args[1])) {
-        	conn.shutdownTor(args[1].toUpperCase());
-        } else {
-        	conn.signal(args[1].toUpperCase());
-        }
-    }
-
-    public static void authDemo(String[] args) throws IOException {
-
-        PasswordDigest pwd = PasswordDigest.generateDigest();
-        Socket s = new Socket("127.0.0.1", 9100);
-        TorControlConnection conn = new TorControlConnection(s);
-        conn.launchThread(true);
-        conn.authenticate(new byte[0]);
-
-        conn.setConf("HashedControlPassword", pwd.getHashedPassword());
-
-        s = new Socket("127.0.0.1", 9100);
-        conn = new TorControlConnection(s);
-        conn.launchThread(true);
-        conn.authenticate(pwd.getSecret());
-    }
-
-}
-

bramble-core/src/main/java/org/briarproject/bramble/account/AccountManagerImpl.java

@@ -4,8 +4,8 @@ import org.briarproject.bramble.api.account.AccountManager;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DatabaseConfig;
+import org.briarproject.bramble.api.identity.Identity;
 import org.briarproject.bramble.api.identity.IdentityManager;
-import org.briarproject.bramble.api.identity.LocalAuthor;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.util.IoUtils;
@@ -161,8 +161,8 @@ class AccountManagerImpl implements AccountManager {
 		synchronized (stateChangeLock) {
 			if (hasDatabaseKey())
 				throw new AssertionError("Already have a database key");
-			LocalAuthor localAuthor = identityManager.createLocalAuthor(name);
-			identityManager.registerLocalAuthor(localAuthor);
+			Identity identity = identityManager.createIdentity(name);
+			identityManager.registerIdentity(identity);
 			SecretKey key = crypto.generateSecretKey();
 			if (!encryptAndStoreDatabaseKey(key, password)) return false;
 			databaseKey = key;

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java

@@ -77,7 +77,7 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 	private volatile LocalAuthor localAuthor;
 	private volatile DuplexTransportConnection conn;
 	private volatile TransportId transportId;
-	private volatile SecretKey masterSecret;
+	private volatile SecretKey masterKey;
 	private volatile boolean alice;
 
 	@Inject
@@ -104,13 +104,13 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 	}
 
 	@Override
-	public void startExchange(LocalAuthor localAuthor, SecretKey masterSecret,
+	public void startExchange(LocalAuthor localAuthor, SecretKey masterKey,
 			DuplexTransportConnection conn, TransportId transportId,
 			boolean alice) {
 		this.localAuthor = localAuthor;
 		this.conn = conn;
 		this.transportId = transportId;
-		this.masterSecret = masterSecret;
+		this.masterKey = masterKey;
 		this.alice = alice;
 		start();
 	}
@@ -142,9 +142,9 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 		}
 
 		// Derive the header keys for the transport streams
-		SecretKey aliceHeaderKey = crypto.deriveKey(ALICE_KEY_LABEL,
-				masterSecret, new byte[] {PROTOCOL_VERSION});
-		SecretKey bobHeaderKey = crypto.deriveKey(BOB_KEY_LABEL, masterSecret,
+		SecretKey aliceHeaderKey = crypto.deriveKey(ALICE_KEY_LABEL, masterKey,
+				new byte[] {PROTOCOL_VERSION});
+		SecretKey bobHeaderKey = crypto.deriveKey(BOB_KEY_LABEL, masterKey,
 				new byte[] {PROTOCOL_VERSION});
 
 		// Create the readers
@@ -163,9 +163,9 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 						.createRecordWriter(streamWriter.getOutputStream());
 
 		// Derive the nonces to be signed
-		byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterSecret,
+		byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterKey,
 				new byte[] {PROTOCOL_VERSION});
-		byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterSecret,
+		byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterKey,
 				new byte[] {PROTOCOL_VERSION});
 		byte[] localNonce = alice ? aliceNonce : bobNonce;
 		byte[] remoteNonce = alice ? bobNonce : aliceNonce;
@@ -293,7 +293,7 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 			throws DbException {
 		return db.transactionWithResult(false, txn -> {
 			ContactId contactId = contactManager.addContact(txn, remoteAuthor,
-					localAuthor.getId(), masterSecret, timestamp, alice,
+					localAuthor.getId(), masterKey, timestamp, alice,
 					true, true);
 			transportPropertyManager.addRemoteProperties(txn, contactId,
 					remoteProperties);

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactManagerImpl.java

@@ -1,5 +1,6 @@
 package org.briarproject.bramble.contact;
 
+import org.briarproject.bramble.api.FormatException;
 import org.briarproject.bramble.api.contact.Contact;
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.contact.ContactManager;
@@ -18,47 +19,44 @@ import org.briarproject.bramble.api.identity.LocalAuthor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.transport.KeyManager;
 
-import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
-import java.util.Random;
 import java.util.concurrent.CopyOnWriteArrayList;
-import java.util.regex.Pattern;
 
 import javax.annotation.Nullable;
 import javax.annotation.concurrent.ThreadSafe;
 import javax.inject.Inject;
 
-import static java.util.Collections.emptyList;
-import static org.briarproject.bramble.api.contact.PendingContact.PendingContactState.WAITING_FOR_CONNECTION;
+import static org.briarproject.bramble.api.contact.HandshakeLinkConstants.BASE32_LINK_BYTES;
 import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
 import static org.briarproject.bramble.api.identity.AuthorInfo.Status.OURSELVES;
 import static org.briarproject.bramble.api.identity.AuthorInfo.Status.UNKNOWN;
 import static org.briarproject.bramble.api.identity.AuthorInfo.Status.UNVERIFIED;
 import static org.briarproject.bramble.api.identity.AuthorInfo.Status.VERIFIED;
+import static org.briarproject.bramble.util.StringUtils.getRandomBase32String;
 import static org.briarproject.bramble.util.StringUtils.toUtf8;
 
 @ThreadSafe
 @NotNullByDefault
 class ContactManagerImpl implements ContactManager {
 
-	private static final int LINK_LENGTH = 64;
 	private static final String REMOTE_CONTACT_LINK =
-			"briar://" + getRandomBase32String(LINK_LENGTH);
-	private static final Pattern LINK_REGEX =
-			Pattern.compile("(briar://)?([a-z2-7]{" + LINK_LENGTH + "})");
+			"briar://" + getRandomBase32String(BASE32_LINK_BYTES);
 
 	private final DatabaseComponent db;
 	private final KeyManager keyManager;
 	private final IdentityManager identityManager;
+	private final PendingContactFactory pendingContactFactory;
 	private final List<ContactHook> hooks;
 
 	@Inject
 	ContactManagerImpl(DatabaseComponent db, KeyManager keyManager,
-			IdentityManager identityManager) {
+			IdentityManager identityManager,
+			PendingContactFactory pendingContactFactory) {
 		this.db = db;
 		this.keyManager = keyManager;
 		this.identityManager = identityManager;
+		this.pendingContactFactory = pendingContactFactory;
 		hooks = new CopyOnWriteArrayList<>();
 	}
 
@@ -69,10 +67,10 @@ class ContactManagerImpl implements ContactManager {
 
 	@Override
 	public ContactId addContact(Transaction txn, Author remote, AuthorId local,
-			SecretKey master, long timestamp, boolean alice, boolean verified,
+			SecretKey rootKey, long timestamp, boolean alice, boolean verified,
 			boolean active) throws DbException {
-		ContactId c = db.addContact(txn, remote, local, verified, active);
-		keyManager.addContact(txn, c, master, timestamp, alice, active);
+		ContactId c = db.addContact(txn, remote, local, verified);
+		keyManager.addContact(txn, c, rootKey, timestamp, alice, active);
 		Contact contact = db.getContact(txn, c);
 		for (ContactHook hook : hooks) hook.addingContact(txn, contact);
 		return c;
@@ -80,62 +78,45 @@ class ContactManagerImpl implements ContactManager {
 
 	@Override
 	public ContactId addContact(Transaction txn, Author remote, AuthorId local,
-			boolean verified, boolean active) throws DbException {
-		ContactId c = db.addContact(txn, remote, local, verified, active);
+			boolean verified) throws DbException {
+		ContactId c = db.addContact(txn, remote, local, verified);
 		Contact contact = db.getContact(txn, c);
 		for (ContactHook hook : hooks) hook.addingContact(txn, contact);
 		return c;
 	}
 
 	@Override
-	public ContactId addContact(Author remote, AuthorId local, SecretKey master,
-			long timestamp, boolean alice, boolean verified, boolean active)
-			throws DbException {
+	public ContactId addContact(Author remote, AuthorId local,
+			SecretKey rootKey, long timestamp, boolean alice, boolean verified,
+			boolean active) throws DbException {
 		return db.transactionWithResult(false, txn ->
-				addContact(txn, remote, local, master, timestamp, alice,
+				addContact(txn, remote, local, rootKey, timestamp, alice,
 						verified, active));
 	}
 
 	@Override
-	public String getRemoteContactLink() {
+	public String getHandshakeLink() {
 		// TODO replace with real implementation
 		return REMOTE_CONTACT_LINK;
 	}
 
-	@SuppressWarnings("SameParameterValue")
-	private static String getRandomBase32String(int length) {
-		Random random = new Random();
-		char[] c = new char[length];
-		for (int i = 0; i < length; i++) {
-			int character = random.nextInt(32);
-			if (character < 26) c[i] = (char) ('a' + character);
-			else c[i] = (char) ('2' + (character - 26));
-		}
-		return new String(c);
+	@Override
+	public PendingContact addPendingContact(String link, String alias)
+			throws DbException, FormatException {
+		PendingContact p =
+				pendingContactFactory.createPendingContact(link, alias);
+		db.transaction(false, txn -> db.addPendingContact(txn, p));
+		return p;
 	}
 
 	@Override
-	public boolean isValidRemoteContactLink(String link) {
-		return LINK_REGEX.matcher(link).matches();
+	public Collection<PendingContact> getPendingContacts() throws DbException {
+		return db.transactionWithResult(true, db::getPendingContacts);
 	}
 
 	@Override
-	public PendingContact addRemoteContactRequest(String link, String alias) {
-		// TODO replace with real implementation
-		PendingContactId id = new PendingContactId(link.getBytes());
-		return new PendingContact(id, alias, WAITING_FOR_CONNECTION,
-				System.currentTimeMillis());
-	}
-
-	@Override
-	public Collection<PendingContact> getPendingContacts() {
-		// TODO replace with real implementation
-		return emptyList();
-	}
-
-	@Override
-	public void removePendingContact(PendingContact pendingContact) {
-		// TODO replace with real implementation
+	public void removePendingContact(PendingContactId p) throws DbException {
+		db.transaction(false, txn -> db.removePendingContact(txn, p));
 	}
 
 	@Override
@@ -164,12 +145,8 @@ class ContactManagerImpl implements ContactManager {
 	}
 
 	@Override
-	public Collection<Contact> getActiveContacts() throws DbException {
-		Collection<Contact> contacts =
-				db.transactionWithResult(true, db::getContacts);
-		List<Contact> active = new ArrayList<>(contacts.size());
-		for (Contact c : contacts) if (c.isActive()) active.add(c);
-		return active;
+	public Collection<Contact> getContacts() throws DbException {
+		return db.transactionWithResult(true, db::getContacts);
 	}
 
 	@Override
@@ -177,12 +154,6 @@ class ContactManagerImpl implements ContactManager {
 		db.transaction(false, txn -> removeContact(txn, c));
 	}
 
-	@Override
-	public void setContactActive(Transaction txn, ContactId c, boolean active)
-			throws DbException {
-		db.setContactActive(txn, c, active);
-	}
-
 	@Override
 	public void setContactAlias(Transaction txn, ContactId c,
 			@Nullable String alias) throws DbException {

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactModule.java

@@ -28,4 +28,10 @@ public class ContactModule {
 			ContactExchangeTaskImpl contactExchangeTask) {
 		return contactExchangeTask;
 	}
+
+	@Provides
+	PendingContactFactory providePendingContactFactory(
+			PendingContactFactoryImpl pendingContactFactory) {
+		return pendingContactFactory;
+	}
 }

bramble-core/src/main/java/org/briarproject/bramble/contact/PendingContactFactory.java

@@ -0,0 +1,18 @@
+package org.briarproject.bramble.contact;
+
+import org.briarproject.bramble.api.FormatException;
+import org.briarproject.bramble.api.UnsupportedVersionException;
+import org.briarproject.bramble.api.contact.PendingContact;
+
+interface PendingContactFactory {
+
+	/**
+	 * Creates a {@link PendingContact} from the given handshake link and alias.
+	 *
+	 * @throws UnsupportedVersionException If the link uses a format version
+	 * that is not supported
+	 * @throws FormatException If the link is invalid
+	 */
+	PendingContact createPendingContact(String link, String alias)
+			throws FormatException;
+}

bramble-core/src/main/java/org/briarproject/bramble/contact/PendingContactFactoryImpl.java

@@ -0,0 +1,70 @@
+package org.briarproject.bramble.contact;
+
+import org.briarproject.bramble.api.FormatException;
+import org.briarproject.bramble.api.UnsupportedVersionException;
+import org.briarproject.bramble.api.contact.PendingContact;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.crypto.KeyParser;
+import org.briarproject.bramble.api.crypto.PublicKey;
+import org.briarproject.bramble.api.system.Clock;
+import org.briarproject.bramble.util.Base32;
+
+import java.security.GeneralSecurityException;
+import java.util.regex.Matcher;
+
+import javax.inject.Inject;
+
+import static java.lang.System.arraycopy;
+import static org.briarproject.bramble.api.contact.HandshakeLinkConstants.FORMAT_VERSION;
+import static org.briarproject.bramble.api.contact.HandshakeLinkConstants.ID_LABEL;
+import static org.briarproject.bramble.api.contact.HandshakeLinkConstants.LINK_REGEX;
+import static org.briarproject.bramble.api.contact.HandshakeLinkConstants.RAW_LINK_BYTES;
+import static org.briarproject.bramble.api.contact.PendingContactState.WAITING_FOR_CONNECTION;
+
+class PendingContactFactoryImpl implements PendingContactFactory {
+
+	private final CryptoComponent crypto;
+	private final Clock clock;
+
+	@Inject
+	PendingContactFactoryImpl(CryptoComponent crypto, Clock clock) {
+		this.crypto = crypto;
+		this.clock = clock;
+	}
+
+	@Override
+	public PendingContact createPendingContact(String link, String alias)
+			throws FormatException {
+		PublicKey publicKey = parseHandshakeLink(link);
+		PendingContactId id = getPendingContactId(publicKey);
+		long timestamp = clock.currentTimeMillis();
+		return new PendingContact(id, publicKey.getEncoded(), alias,
+				WAITING_FOR_CONNECTION, timestamp);
+	}
+
+	private PublicKey parseHandshakeLink(String link) throws FormatException {
+		Matcher matcher = LINK_REGEX.matcher(link);
+		if (!matcher.find()) throw new FormatException();
+		// Discard 'briar://' and anything before or after the link
+		link = matcher.group(2);
+		byte[] base32 = Base32.decode(link, false);
+		if (base32.length != RAW_LINK_BYTES) throw new AssertionError();
+		byte version = base32[0];
+		if (version != FORMAT_VERSION)
+			throw new UnsupportedVersionException(version < FORMAT_VERSION);
+		byte[] publicKeyBytes = new byte[base32.length - 1];
+		arraycopy(base32, 1, publicKeyBytes, 0, publicKeyBytes.length);
+		try {
+			KeyParser parser = crypto.getAgreementKeyParser();
+			return parser.parsePublicKey(publicKeyBytes);
+		} catch (GeneralSecurityException e) {
+			throw new FormatException();
+		}
+	}
+
+	private PendingContactId getPendingContactId(PublicKey publicKey) {
+		byte[] hash = crypto.hash(ID_LABEL, publicKey.getEncoded());
+		return new PendingContactId(hash);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java

@@ -4,18 +4,22 @@ import org.briarproject.bramble.api.crypto.CryptoComponent;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.crypto.TransportCrypto;
 import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.transport.HandshakeKeys;
 import org.briarproject.bramble.api.transport.IncomingKeys;
 import org.briarproject.bramble.api.transport.OutgoingKeys;
 import org.briarproject.bramble.api.transport.TransportKeys;
-import org.briarproject.bramble.util.ByteUtils;
-import org.briarproject.bramble.util.StringUtils;
 import org.spongycastle.crypto.Digest;
 import org.spongycastle.crypto.digests.Blake2bDigest;
 
 import javax.inject.Inject;
 
+import static java.lang.System.arraycopy;
+import static org.briarproject.bramble.api.transport.TransportConstants.ALICE_HANDSHAKE_HEADER_LABEL;
+import static org.briarproject.bramble.api.transport.TransportConstants.ALICE_HANDSHAKE_TAG_LABEL;
 import static org.briarproject.bramble.api.transport.TransportConstants.ALICE_HEADER_LABEL;
 import static org.briarproject.bramble.api.transport.TransportConstants.ALICE_TAG_LABEL;
+import static org.briarproject.bramble.api.transport.TransportConstants.BOB_HANDSHAKE_HEADER_LABEL;
+import static org.briarproject.bramble.api.transport.TransportConstants.BOB_HANDSHAKE_TAG_LABEL;
 import static org.briarproject.bramble.api.transport.TransportConstants.BOB_HEADER_LABEL;
 import static org.briarproject.bramble.api.transport.TransportConstants.BOB_TAG_LABEL;
 import static org.briarproject.bramble.api.transport.TransportConstants.ROTATE_LABEL;
@@ -24,6 +28,9 @@ import static org.briarproject.bramble.util.ByteUtils.INT_16_BYTES;
 import static org.briarproject.bramble.util.ByteUtils.INT_64_BYTES;
 import static org.briarproject.bramble.util.ByteUtils.MAX_16_BIT_UNSIGNED;
 import static org.briarproject.bramble.util.ByteUtils.MAX_32_BIT_UNSIGNED;
+import static org.briarproject.bramble.util.ByteUtils.writeUint16;
+import static org.briarproject.bramble.util.ByteUtils.writeUint64;
+import static org.briarproject.bramble.util.StringUtils.toUtf8;
 
 class TransportCryptoImpl implements TransportCrypto {
 
@@ -36,45 +43,44 @@ class TransportCryptoImpl implements TransportCrypto {
 
 	@Override
 	public TransportKeys deriveTransportKeys(TransportId t,
-			SecretKey master, long rotationPeriod, boolean alice,
+			SecretKey rootKey, long timePeriod, boolean weAreAlice,
 			boolean active) {
-		// Keys for the previous period are derived from the master secret
-		SecretKey inTagPrev = deriveTagKey(master, t, !alice);
-		SecretKey inHeaderPrev = deriveHeaderKey(master, t, !alice);
-		SecretKey outTagPrev = deriveTagKey(master, t, alice);
-		SecretKey outHeaderPrev = deriveHeaderKey(master, t, alice);
+		// Keys for the previous period are derived from the root key
+		SecretKey inTagPrev = deriveTagKey(rootKey, t, !weAreAlice);
+		SecretKey inHeaderPrev = deriveHeaderKey(rootKey, t, !weAreAlice);
+		SecretKey outTagPrev = deriveTagKey(rootKey, t, weAreAlice);
+		SecretKey outHeaderPrev = deriveHeaderKey(rootKey, t, weAreAlice);
 		// Derive the keys for the current and next periods
-		SecretKey inTagCurr = rotateKey(inTagPrev, rotationPeriod);
-		SecretKey inHeaderCurr = rotateKey(inHeaderPrev, rotationPeriod);
-		SecretKey inTagNext = rotateKey(inTagCurr, rotationPeriod + 1);
-		SecretKey inHeaderNext = rotateKey(inHeaderCurr, rotationPeriod + 1);
-		SecretKey outTagCurr = rotateKey(outTagPrev, rotationPeriod);
-		SecretKey outHeaderCurr = rotateKey(outHeaderPrev, rotationPeriod);
+		SecretKey inTagCurr = rotateKey(inTagPrev, timePeriod);
+		SecretKey inHeaderCurr = rotateKey(inHeaderPrev, timePeriod);
+		SecretKey inTagNext = rotateKey(inTagCurr, timePeriod + 1);
+		SecretKey inHeaderNext = rotateKey(inHeaderCurr, timePeriod + 1);
+		SecretKey outTagCurr = rotateKey(outTagPrev, timePeriod);
+		SecretKey outHeaderCurr = rotateKey(outHeaderPrev, timePeriod);
 		// Initialise the reordering windows and stream counters
 		IncomingKeys inPrev = new IncomingKeys(inTagPrev, inHeaderPrev,
-				rotationPeriod - 1);
+				timePeriod - 1);
 		IncomingKeys inCurr = new IncomingKeys(inTagCurr, inHeaderCurr,
-				rotationPeriod);
+				timePeriod);
 		IncomingKeys inNext = new IncomingKeys(inTagNext, inHeaderNext,
-				rotationPeriod + 1);
+				timePeriod + 1);
 		OutgoingKeys outCurr = new OutgoingKeys(outTagCurr, outHeaderCurr,
-				rotationPeriod, active);
+				timePeriod, active);
 		// Collect and return the keys
 		return new TransportKeys(t, inPrev, inCurr, inNext, outCurr);
 	}
 
 	@Override
-	public TransportKeys rotateTransportKeys(TransportKeys k,
-			long rotationPeriod) {
-		if (k.getRotationPeriod() >= rotationPeriod) return k;
+	public TransportKeys rotateTransportKeys(TransportKeys k, long timePeriod) {
+		if (k.getTimePeriod() >= timePeriod) return k;
 		IncomingKeys inPrev = k.getPreviousIncomingKeys();
 		IncomingKeys inCurr = k.getCurrentIncomingKeys();
 		IncomingKeys inNext = k.getNextIncomingKeys();
 		OutgoingKeys outCurr = k.getCurrentOutgoingKeys();
-		long startPeriod = outCurr.getRotationPeriod();
+		long startPeriod = outCurr.getTimePeriod();
 		boolean active = outCurr.isActive();
 		// Rotate the keys
-		for (long p = startPeriod + 1; p <= rotationPeriod; p++) {
+		for (long p = startPeriod + 1; p <= timePeriod; p++) {
 			inPrev = inCurr;
 			inCurr = inNext;
 			SecretKey inNextTag = rotateKey(inNext.getTagKey(), p + 1);
@@ -89,24 +95,117 @@ class TransportCryptoImpl implements TransportCrypto {
 				outCurr);
 	}
 
-	private SecretKey rotateKey(SecretKey k, long rotationPeriod) {
+	private SecretKey rotateKey(SecretKey k, long timePeriod) {
 		byte[] period = new byte[INT_64_BYTES];
-		ByteUtils.writeUint64(rotationPeriod, period, 0);
+		writeUint64(timePeriod, period, 0);
 		return crypto.deriveKey(ROTATE_LABEL, k, period);
 	}
 
-	private SecretKey deriveTagKey(SecretKey master, TransportId t,
-			boolean alice) {
-		String label = alice ? ALICE_TAG_LABEL : BOB_TAG_LABEL;
-		byte[] id = StringUtils.toUtf8(t.getString());
-		return crypto.deriveKey(label, master, id);
+	private SecretKey deriveTagKey(SecretKey rootKey, TransportId t,
+			boolean keyBelongsToAlice) {
+		String label = keyBelongsToAlice ? ALICE_TAG_LABEL : BOB_TAG_LABEL;
+		byte[] id = toUtf8(t.getString());
+		return crypto.deriveKey(label, rootKey, id);
 	}
 
-	private SecretKey deriveHeaderKey(SecretKey master, TransportId t,
-			boolean alice) {
-		String label = alice ? ALICE_HEADER_LABEL : BOB_HEADER_LABEL;
-		byte[] id = StringUtils.toUtf8(t.getString());
-		return crypto.deriveKey(label, master, id);
+	private SecretKey deriveHeaderKey(SecretKey rootKey, TransportId t,
+			boolean keyBelongsToAlice) {
+		String label = keyBelongsToAlice ? ALICE_HEADER_LABEL :
+				BOB_HEADER_LABEL;
+		byte[] id = toUtf8(t.getString());
+		return crypto.deriveKey(label, rootKey, id);
+	}
+
+	@Override
+	public HandshakeKeys deriveHandshakeKeys(TransportId t, SecretKey rootKey,
+			long timePeriod, boolean weAreAlice) {
+		if (timePeriod < 1) throw new IllegalArgumentException();
+		IncomingKeys inPrev = deriveIncomingHandshakeKeys(t, rootKey,
+				weAreAlice, timePeriod - 1);
+		IncomingKeys inCurr = deriveIncomingHandshakeKeys(t, rootKey,
+				weAreAlice, timePeriod);
+		IncomingKeys inNext = deriveIncomingHandshakeKeys(t, rootKey,
+				weAreAlice, timePeriod + 1);
+		OutgoingKeys outCurr = deriveOutgoingHandshakeKeys(t, rootKey,
+				weAreAlice, timePeriod);
+		return new HandshakeKeys(t, inPrev, inCurr, inNext, outCurr, rootKey,
+				weAreAlice);
+	}
+
+	private IncomingKeys deriveIncomingHandshakeKeys(TransportId t,
+			SecretKey rootKey, boolean weAreAlice, long timePeriod) {
+		SecretKey tag = deriveHandshakeTagKey(t, rootKey, !weAreAlice,
+				timePeriod);
+		SecretKey header = deriveHandshakeHeaderKey(t, rootKey, !weAreAlice,
+				timePeriod);
+		return new IncomingKeys(tag, header, timePeriod);
+	}
+
+	private OutgoingKeys deriveOutgoingHandshakeKeys(TransportId t,
+			SecretKey rootKey, boolean weAreAlice, long timePeriod) {
+		SecretKey tag = deriveHandshakeTagKey(t, rootKey, weAreAlice,
+				timePeriod);
+		SecretKey header = deriveHandshakeHeaderKey(t, rootKey, weAreAlice,
+				timePeriod);
+		return new OutgoingKeys(tag, header, timePeriod, true);
+	}
+
+	private SecretKey deriveHandshakeTagKey(TransportId t, SecretKey rootKey,
+			boolean keyBelongsToAlice, long timePeriod) {
+		String label = keyBelongsToAlice ? ALICE_HANDSHAKE_TAG_LABEL :
+				BOB_HANDSHAKE_TAG_LABEL;
+		byte[] id = toUtf8(t.getString());
+		byte[] period = new byte[INT_64_BYTES];
+		writeUint64(timePeriod, period, 0);
+		return crypto.deriveKey(label, rootKey, id, period);
+	}
+
+	private SecretKey deriveHandshakeHeaderKey(TransportId t, SecretKey rootKey,
+			boolean keyBelongsToAlice, long timePeriod) {
+		String label = keyBelongsToAlice ? ALICE_HANDSHAKE_HEADER_LABEL :
+				BOB_HANDSHAKE_HEADER_LABEL;
+		byte[] id = toUtf8(t.getString());
+		byte[] period = new byte[INT_64_BYTES];
+		writeUint64(timePeriod, period, 0);
+		return crypto.deriveKey(label, rootKey, id, period);
+	}
+
+	@Override
+	public HandshakeKeys updateHandshakeKeys(HandshakeKeys k, long timePeriod) {
+		long elapsed = timePeriod - k.getTimePeriod();
+		TransportId t = k.getTransportId();
+		SecretKey rootKey = k.getRootKey();
+		boolean weAreAlice = k.isAlice();
+		if (elapsed <= 0) {
+			// The keys are for the given period or later - don't update them
+			return k;
+		} else if (elapsed == 1) {
+			// The keys are one period old - shift by one period, keeping the
+			// reordering windows for keys we retain
+			IncomingKeys inPrev = k.getCurrentIncomingKeys();
+			IncomingKeys inCurr = k.getNextIncomingKeys();
+			IncomingKeys inNext = deriveIncomingHandshakeKeys(t, rootKey,
+					weAreAlice, timePeriod + 1);
+			OutgoingKeys outCurr = deriveOutgoingHandshakeKeys(t, rootKey,
+					weAreAlice, timePeriod);
+			return new HandshakeKeys(t, inPrev, inCurr, inNext, outCurr,
+					rootKey, weAreAlice);
+		} else if (elapsed == 2) {
+			// The keys are two periods old - shift by two periods, keeping
+			// the reordering windows for keys we retain
+			IncomingKeys inPrev = k.getNextIncomingKeys();
+			IncomingKeys inCurr = deriveIncomingHandshakeKeys(t, rootKey,
+					weAreAlice, timePeriod);
+			IncomingKeys inNext = deriveIncomingHandshakeKeys(t, rootKey,
+					weAreAlice, timePeriod + 1);
+			OutgoingKeys outCurr = deriveOutgoingHandshakeKeys(t, rootKey,
+					weAreAlice, timePeriod);
+			return new HandshakeKeys(t, inPrev, inCurr, inNext, outCurr,
+					rootKey, weAreAlice);
+		} else {
+			// The keys are more than two periods old - derive fresh keys
+			return deriveHandshakeKeys(t, rootKey, timePeriod, weAreAlice);
+		}
 	}
 
 	@Override
@@ -125,14 +224,14 @@ class TransportCryptoImpl implements TransportCrypto {
 		// The input is the protocol version as a 16-bit integer, followed by
 		// the stream number as a 64-bit integer
 		byte[] protocolVersionBytes = new byte[INT_16_BYTES];
-		ByteUtils.writeUint16(protocolVersion, protocolVersionBytes, 0);
+		writeUint16(protocolVersion, protocolVersionBytes, 0);
 		prf.update(protocolVersionBytes, 0, protocolVersionBytes.length);
 		byte[] streamNumberBytes = new byte[INT_64_BYTES];
-		ByteUtils.writeUint64(streamNumber, streamNumberBytes, 0);
+		writeUint64(streamNumber, streamNumberBytes, 0);
 		prf.update(streamNumberBytes, 0, streamNumberBytes.length);
 		byte[] mac = new byte[macLength];
 		prf.doFinal(mac, 0);
 		// The output is the first TAG_LENGTH bytes of the MAC
-		System.arraycopy(mac, 0, tag, 0, TAG_LENGTH);
+		arraycopy(mac, 0, tag, 0, TAG_LENGTH);
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/db/Database.java

@@ -2,16 +2,20 @@ package org.briarproject.bramble.db;
 
 import org.briarproject.bramble.api.contact.Contact;
 import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContact;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.contact.PendingContactState;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DataTooNewException;
 import org.briarproject.bramble.api.db.DataTooOldException;
+import org.briarproject.bramble.api.db.DatabaseComponent;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.MessageDeletedException;
 import org.briarproject.bramble.api.db.Metadata;
 import org.briarproject.bramble.api.db.MigrationListener;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
-import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.identity.Identity;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.settings.Settings;
@@ -23,8 +27,11 @@ import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.MessageId;
 import org.briarproject.bramble.api.sync.MessageStatus;
 import org.briarproject.bramble.api.sync.validation.MessageState;
-import org.briarproject.bramble.api.transport.KeySet;
-import org.briarproject.bramble.api.transport.KeySetId;
+import org.briarproject.bramble.api.transport.HandshakeKeySet;
+import org.briarproject.bramble.api.transport.HandshakeKeySetId;
+import org.briarproject.bramble.api.transport.HandshakeKeys;
+import org.briarproject.bramble.api.transport.TransportKeySet;
+import org.briarproject.bramble.api.transport.TransportKeySetId;
 import org.briarproject.bramble.api.transport.TransportKeys;
 
 import java.util.Collection;
@@ -33,11 +40,14 @@ import java.util.Map;
 import javax.annotation.Nullable;
 
 /**
- * A low-level interface to the database (DatabaseComponent provides a
- * high-level interface). Most operations take a transaction argument, which is
- * obtained by calling {@link #startTransaction()}. Every transaction must be
- * terminated by calling either {@link #abortTransaction(Object) abortTransaction(T)} or
- * {@link #commitTransaction(Object) commitTransaction(T)}, even if an exception is thrown.
+ * A low-level interface to the database ({@link DatabaseComponent} provides a
+ * high-level interface).
+ * <p/>
+ * Most operations take a transaction argument, which is obtained by calling
+ * {@link #startTransaction()}. Every transaction must be terminated by calling
+ * either {@link #abortTransaction(Object) abortTransaction(T)} or
+ * {@link #commitTransaction(Object) commitTransaction(T)}, even if an
+ * exception is thrown.
  */
 @NotNullByDefault
 interface Database<T> {
@@ -80,8 +90,8 @@ interface Database<T> {
 	 * Stores a contact associated with the given local and remote pseudonyms,
 	 * and returns an ID for the contact.
 	 */
-	ContactId addContact(T txn, Author remote, AuthorId local, boolean verified,
-			boolean active) throws DbException;
+	ContactId addContact(T txn, Author remote, AuthorId local, boolean verified)
+			throws DbException;
 
 	/**
 	 * Stores a group.
@@ -96,9 +106,23 @@ interface Database<T> {
 			throws DbException;
 
 	/**
-	 * Stores a local pseudonym.
+	 * Stores the given handshake keys for the given contact and returns a
+	 * key set ID.
 	 */
-	void addLocalAuthor(T txn, LocalAuthor a) throws DbException;
+	HandshakeKeySetId addHandshakeKeys(T txn, ContactId c, HandshakeKeys k)
+			throws DbException;
+
+	/**
+	 * Stores the given handshake keys for the given pending contact and
+	 * returns a key set ID.
+	 */
+	HandshakeKeySetId addHandshakeKeys(T txn, PendingContactId p,
+			HandshakeKeys k) throws DbException;
+
+	/**
+	 * Stores an identity.
+	 */
+	void addIdentity(T txn, Identity i) throws DbException;
 
 	/**
 	 * Stores a message.
@@ -121,6 +145,11 @@ interface Database<T> {
 	 */
 	void addOfferedMessage(T txn, ContactId c, MessageId m) throws DbException;
 
+	/**
+	 * Stores a pending contact.
+	 */
+	void addPendingContact(T txn, PendingContact p) throws DbException;
+
 	/**
 	 * Stores a transport.
 	 */
@@ -131,7 +160,7 @@ interface Database<T> {
 	 * Stores the given transport keys for the given contact and returns a
 	 * key set ID.
 	 */
-	KeySetId addTransportKeys(T txn, ContactId c, TransportKeys k)
+	TransportKeySetId addTransportKeys(T txn, ContactId c, TransportKeys k)
 			throws DbException;
 
 	/**
@@ -158,11 +187,12 @@ interface Database<T> {
 	boolean containsGroup(T txn, GroupId g) throws DbException;
 
 	/**
-	 * Returns true if the database contains the given local pseudonym.
+	 * Returns true if the database contains an identity for the given
+	 * pseudonym.
 	 * <p/>
 	 * Read-only.
 	 */
-	boolean containsLocalAuthor(T txn, AuthorId a) throws DbException;
+	boolean containsIdentity(T txn, AuthorId a) throws DbException;
 
 	/**
 	 * Returns true if the database contains the given message.
@@ -171,6 +201,14 @@ interface Database<T> {
 	 */
 	boolean containsMessage(T txn, MessageId m) throws DbException;
 
+	/**
+	 * Returns true if the database contains the given pending contact.
+	 * <p/>
+	 * Read-only.
+	 */
+	boolean containsPendingContact(T txn, PendingContactId p)
+			throws DbException;
+
 	/**
 	 * Returns true if the database contains the given transport.
 	 * <p/>
@@ -237,13 +275,6 @@ interface Database<T> {
 	 */
 	Collection<ContactId> getContacts(T txn, AuthorId a) throws DbException;
 
-	/**
-	 * Returns the amount of free storage space available to the database, in
-	 * bytes. This is based on the minimum of the space available on the device
-	 * where the database is stored and the database's configured size.
-	 */
-	long getFreeSpace() throws DbException;
-
 	/**
 	 * Returns the group with the given ID.
 	 * <p/>
@@ -285,18 +316,26 @@ interface Database<T> {
 			throws DbException;
 
 	/**
-	 * Returns the local pseudonym with the given ID.
+	 * Returns all handshake keys for the given transport.
 	 * <p/>
 	 * Read-only.
 	 */
-	LocalAuthor getLocalAuthor(T txn, AuthorId a) throws DbException;
+	Collection<HandshakeKeySet> getHandshakeKeys(T txn, TransportId t)
+			throws DbException;
 
 	/**
-	 * Returns all local pseudonyms.
+	 * Returns the identity for local pseudonym with the given ID.
 	 * <p/>
 	 * Read-only.
 	 */
-	Collection<LocalAuthor> getLocalAuthors(T txn) throws DbException;
+	Identity getIdentity(T txn, AuthorId a) throws DbException;
+
+	/**
+	 * Returns the identities for all local pseudonyms.
+	 * <p/>
+	 * Read-only.
+	 */
+	Collection<Identity> getIdentities(T txn) throws DbException;
 
 	/**
 	 * Returns the message with the given ID.
@@ -474,6 +513,13 @@ interface Database<T> {
 	 */
 	long getNextSendTime(T txn, ContactId c) throws DbException;
 
+	/**
+	 * Returns all pending contacts.
+	 * <p/>
+	 * Read-only.
+	 */
+	Collection<PendingContact> getPendingContacts(T txn) throws DbException;
+
 	/**
 	 * Returns the IDs of some messages that are eligible to be sent to the
 	 * given contact and have been requested by the contact, up to the given
@@ -496,13 +542,19 @@ interface Database<T> {
 	 * <p/>
 	 * Read-only.
 	 */
-	Collection<KeySet> getTransportKeys(T txn, TransportId t)
+	Collection<TransportKeySet> getTransportKeys(T txn, TransportId t)
+			throws DbException;
+
+	/**
+	 * Increments the outgoing stream counter for the given handshake keys.
+	 */
+	void incrementStreamCounter(T txn, TransportId t, HandshakeKeySetId k)
 			throws DbException;
 
 	/**
 	 * Increments the outgoing stream counter for the given transport keys.
 	 */
-	void incrementStreamCounter(T txn, TransportId t, KeySetId k)
+	void incrementStreamCounter(T txn, TransportId t, TransportKeySetId k)
 			throws DbException;
 
 	/**
@@ -572,9 +624,15 @@ interface Database<T> {
 			throws DbException;
 
 	/**
-	 * Removes a local pseudonym (and all associated state) from the database.
+	 * Removes the given handshake keys from the database.
 	 */
-	void removeLocalAuthor(T txn, AuthorId a) throws DbException;
+	void removeHandshakeKeys(T txn, TransportId t, HandshakeKeySetId k)
+			throws DbException;
+
+	/**
+	 * Removes an identity (and all associated state) from the database.
+	 */
+	void removeIdentity(T txn, AuthorId a) throws DbException;
 
 	/**
 	 * Removes a message (and all associated state) from the database.
@@ -588,6 +646,11 @@ interface Database<T> {
 	void removeOfferedMessages(T txn, ContactId c,
 			Collection<MessageId> requested) throws DbException;
 
+	/**
+	 * Removes a pending contact (and all associated state) from the database.
+	 */
+	void removePendingContact(T txn, PendingContactId p) throws DbException;
+
 	/**
 	 * Removes a transport (and all associated state) from the database.
 	 */
@@ -596,7 +659,7 @@ interface Database<T> {
 	/**
 	 * Removes the given transport keys from the database.
 	 */
-	void removeTransportKeys(T txn, TransportId t, KeySetId k)
+	void removeTransportKeys(T txn, TransportId t, TransportKeySetId k)
 			throws DbException;
 
 	/**
@@ -610,12 +673,6 @@ interface Database<T> {
 	 */
 	void setContactVerified(T txn, ContactId c) throws DbException;
 
-	/**
-	 * Marks the given contact as active or inactive.
-	 */
-	void setContactActive(T txn, ContactId c, boolean active)
-			throws DbException;
-
 	/**
 	 * Sets an alias name for a contact.
 	 */
@@ -629,6 +686,12 @@ interface Database<T> {
 	void setGroupVisibility(T txn, ContactId c, GroupId g, boolean shared)
 			throws DbException;
 
+	/**
+	 * Sets the handshake key pair for the identity with the given ID.
+	 */
+	void setHandshakeKeyPair(T txn, AuthorId local, byte[] publicKey,
+			byte[] privateKey) throws DbException;
+
 	/**
 	 * Marks the given message as shared.
 	 */
@@ -641,16 +704,29 @@ interface Database<T> {
 			throws DbException;
 
 	/**
-	 * Sets the reordering window for the given key set and transport in the
-	 * given rotation period.
+	 * Sets the state of the given pending contact.
 	 */
-	void setReorderingWindow(T txn, KeySetId k, TransportId t,
-			long rotationPeriod, long base, byte[] bitmap) throws DbException;
+	void setPendingContactState(T txn, PendingContactId p,
+			PendingContactState state) throws DbException;
+
+	/**
+	 * Sets the reordering window for the given transport key set in the given
+	 * time period.
+	 */
+	void setReorderingWindow(T txn, TransportKeySetId k, TransportId t,
+			long timePeriod, long base, byte[] bitmap) throws DbException;
+
+	/**
+	 * Sets the reordering window for the given handshake key set in the given
+	 * time period.
+	 */
+	void setReorderingWindow(T txn, HandshakeKeySetId k, TransportId t,
+			long timePeriod, long base, byte[] bitmap) throws DbException;
 
 	/**
 	 * Marks the given transport keys as usable for outgoing streams.
 	 */
-	void setTransportKeysActive(T txn, TransportId t, KeySetId k)
+	void setTransportKeysActive(T txn, TransportId t, TransportKeySetId k)
 			throws DbException;
 
 	/**
@@ -661,8 +737,13 @@ interface Database<T> {
 	void updateExpiryTimeAndEta(T txn, ContactId c, MessageId m, int maxLatency)
 			throws DbException;
 
+	/**
+	 * Updates the given handshake keys.
+	 */
+	void updateHandshakeKeys(T txn, HandshakeKeySet ks) throws DbException;
+
 	/**
 	 * Updates the given transport keys following key rotation.
 	 */
-	void updateTransportKeys(T txn, KeySet ks) throws DbException;
+	void updateTransportKeys(T txn, TransportKeySet ks) throws DbException;
 }

bramble-core/src/main/java/org/briarproject/bramble/db/DatabaseComponentImpl.java

@@ -2,32 +2,39 @@ package org.briarproject.bramble.db;
 
 import org.briarproject.bramble.api.contact.Contact;
 import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContact;
+import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.contact.event.ContactAddedEvent;
 import org.briarproject.bramble.api.contact.event.ContactRemovedEvent;
-import org.briarproject.bramble.api.contact.event.ContactStatusChangedEvent;
 import org.briarproject.bramble.api.contact.event.ContactVerifiedEvent;
 import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.db.CommitAction;
+import org.briarproject.bramble.api.db.CommitAction.Visitor;
 import org.briarproject.bramble.api.db.ContactExistsException;
 import org.briarproject.bramble.api.db.DatabaseComponent;
 import org.briarproject.bramble.api.db.DbCallable;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.DbRunnable;
+import org.briarproject.bramble.api.db.EventAction;
 import org.briarproject.bramble.api.db.Metadata;
 import org.briarproject.bramble.api.db.MigrationListener;
 import org.briarproject.bramble.api.db.NoSuchContactException;
 import org.briarproject.bramble.api.db.NoSuchGroupException;
-import org.briarproject.bramble.api.db.NoSuchLocalAuthorException;
+import org.briarproject.bramble.api.db.NoSuchIdentityException;
 import org.briarproject.bramble.api.db.NoSuchMessageException;
+import org.briarproject.bramble.api.db.NoSuchPendingContactException;
 import org.briarproject.bramble.api.db.NoSuchTransportException;
 import org.briarproject.bramble.api.db.NullableDbCallable;
+import org.briarproject.bramble.api.db.PendingContactExistsException;
+import org.briarproject.bramble.api.db.TaskAction;
 import org.briarproject.bramble.api.db.Transaction;
-import org.briarproject.bramble.api.event.Event;
 import org.briarproject.bramble.api.event.EventBus;
+import org.briarproject.bramble.api.event.EventExecutor;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
-import org.briarproject.bramble.api.identity.LocalAuthor;
-import org.briarproject.bramble.api.identity.event.LocalAuthorAddedEvent;
-import org.briarproject.bramble.api.identity.event.LocalAuthorRemovedEvent;
+import org.briarproject.bramble.api.identity.Identity;
+import org.briarproject.bramble.api.identity.event.IdentityAddedEvent;
+import org.briarproject.bramble.api.identity.event.IdentityRemovedEvent;
 import org.briarproject.bramble.api.lifecycle.ShutdownManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
@@ -55,8 +62,11 @@ import org.briarproject.bramble.api.sync.event.MessageToRequestEvent;
 import org.briarproject.bramble.api.sync.event.MessagesAckedEvent;
 import org.briarproject.bramble.api.sync.event.MessagesSentEvent;
 import org.briarproject.bramble.api.sync.validation.MessageState;
-import org.briarproject.bramble.api.transport.KeySet;
-import org.briarproject.bramble.api.transport.KeySetId;
+import org.briarproject.bramble.api.transport.HandshakeKeySet;
+import org.briarproject.bramble.api.transport.HandshakeKeySetId;
+import org.briarproject.bramble.api.transport.HandshakeKeys;
+import org.briarproject.bramble.api.transport.TransportKeySet;
+import org.briarproject.bramble.api.transport.TransportKeySetId;
 import org.briarproject.bramble.api.transport.TransportKeys;
 
 import java.util.ArrayList;
@@ -64,6 +74,7 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.concurrent.Executor;
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
 import java.util.logging.Logger;
@@ -92,25 +103,29 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	private final Database<T> db;
 	private final Class<T> txnClass;
 	private final EventBus eventBus;
-	private final ShutdownManager shutdown;
+	private final Executor eventExecutor;
+	private final ShutdownManager shutdownManager;
 	private final AtomicBoolean closed = new AtomicBoolean(false);
 	private final ReentrantReadWriteLock lock =
 			new ReentrantReadWriteLock(true);
+	private final Visitor visitor = new CommitActionVisitor();
 
 	@Inject
 	DatabaseComponentImpl(Database<T> db, Class<T> txnClass, EventBus eventBus,
-			ShutdownManager shutdown) {
+			@EventExecutor Executor eventExecutor,
+			ShutdownManager shutdownManager) {
 		this.db = db;
 		this.txnClass = txnClass;
 		this.eventBus = eventBus;
-		this.shutdown = shutdown;
+		this.eventExecutor = eventExecutor;
+		this.shutdownManager = shutdownManager;
 	}
 
 	@Override
 	public boolean open(SecretKey key, @Nullable MigrationListener listener)
 			throws DbException {
 		boolean reopened = db.open(key, listener);
-		shutdown.addShutdownHook(() -> {
+		shutdownManager.addShutdownHook(() -> {
 			try {
 				close();
 			} catch (DbException e) {
@@ -160,13 +175,16 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	public void endTransaction(Transaction transaction) {
 		try {
 			T txn = txnClass.cast(transaction.unbox());
-			if (!transaction.isCommitted()) db.abortTransaction(txn);
+			if (transaction.isCommitted()) {
+				for (CommitAction a : transaction.getActions())
+					a.accept(visitor);
+			} else {
+				db.abortTransaction(txn);
+			}
 		} finally {
 			if (transaction.isReadOnly()) lock.readLock().unlock();
 			else lock.writeLock().unlock();
 		}
-		if (transaction.isCommitted())
-			for (Event e : transaction.getEvents()) eventBus.broadcast(e);
 	}
 
 	@Override
@@ -215,19 +233,18 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 
 	@Override
 	public ContactId addContact(Transaction transaction, Author remote,
-			AuthorId local, boolean verified, boolean active)
+			AuthorId local, boolean verified)
 			throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
-		if (!db.containsLocalAuthor(txn, local))
-			throw new NoSuchLocalAuthorException();
-		if (db.containsLocalAuthor(txn, remote.getId()))
+		if (!db.containsIdentity(txn, local))
+			throw new NoSuchIdentityException();
+		if (db.containsIdentity(txn, remote.getId()))
 			throw new ContactExistsException();
 		if (db.containsContact(txn, remote.getId(), local))
 			throw new ContactExistsException();
-		ContactId c = db.addContact(txn, remote, local, verified, active);
-		transaction.attach(new ContactAddedEvent(c, active));
-		if (active) transaction.attach(new ContactStatusChangedEvent(c, true));
+		ContactId c = db.addContact(txn, remote, local, verified);
+		transaction.attach(new ContactAddedEvent(c));
 		return c;
 	}
 
@@ -242,13 +259,37 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	}
 
 	@Override
-	public void addLocalAuthor(Transaction transaction, LocalAuthor a)
+	public HandshakeKeySetId addHandshakeKeys(Transaction transaction,
+			ContactId c, HandshakeKeys k) throws DbException {
+		if (transaction.isReadOnly()) throw new IllegalArgumentException();
+		T txn = unbox(transaction);
+		if (!db.containsContact(txn, c))
+			throw new NoSuchContactException();
+		if (!db.containsTransport(txn, k.getTransportId()))
+			throw new NoSuchTransportException();
+		return db.addHandshakeKeys(txn, c, k);
+	}
+
+	@Override
+	public HandshakeKeySetId addHandshakeKeys(Transaction transaction,
+			PendingContactId p, HandshakeKeys k) throws DbException {
+		if (transaction.isReadOnly()) throw new IllegalArgumentException();
+		T txn = unbox(transaction);
+		if (!db.containsPendingContact(txn, p))
+			throw new NoSuchPendingContactException();
+		if (!db.containsTransport(txn, k.getTransportId()))
+			throw new NoSuchTransportException();
+		return db.addHandshakeKeys(txn, p, k);
+	}
+
+	@Override
+	public void addIdentity(Transaction transaction, Identity i)
 			throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
-		if (!db.containsLocalAuthor(txn, a.getId())) {
-			db.addLocalAuthor(txn, a);
-			transaction.attach(new LocalAuthorAddedEvent(a.getId()));
+		if (!db.containsIdentity(txn, i.getId())) {
+			db.addIdentity(txn, i);
+			transaction.attach(new IdentityAddedEvent(i.getId()));
 		}
 	}
 
@@ -269,6 +310,16 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 		db.mergeMessageMetadata(txn, m.getId(), meta);
 	}
 
+	@Override
+	public void addPendingContact(Transaction transaction, PendingContact p)
+			throws DbException {
+		if (transaction.isReadOnly()) throw new IllegalArgumentException();
+		T txn = unbox(transaction);
+		if (db.containsPendingContact(txn, p.getId()))
+			throw new PendingContactExistsException();
+		db.addPendingContact(txn, p);
+	}
+
 	@Override
 	public void addTransport(Transaction transaction, TransportId t,
 			int maxLatency) throws DbException {
@@ -279,8 +330,8 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	}
 
 	@Override
-	public KeySetId addTransportKeys(Transaction transaction, ContactId c,
-			TransportKeys k) throws DbException {
+	public TransportKeySetId addTransportKeys(Transaction transaction,
+			ContactId c, TransportKeys k) throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
 		if (!db.containsContact(txn, c))
@@ -294,8 +345,8 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	public boolean containsContact(Transaction transaction, AuthorId remote,
 			AuthorId local) throws DbException {
 		T txn = unbox(transaction);
-		if (!db.containsLocalAuthor(txn, local))
-			throw new NoSuchLocalAuthorException();
+		if (!db.containsIdentity(txn, local))
+			throw new NoSuchIdentityException();
 		return db.containsContact(txn, remote, local);
 	}
 
@@ -307,10 +358,17 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	}
 
 	@Override
-	public boolean containsLocalAuthor(Transaction transaction, AuthorId local)
+	public boolean containsIdentity(Transaction transaction, AuthorId a)
 			throws DbException {
 		T txn = unbox(transaction);
-		return db.containsLocalAuthor(txn, local);
+		return db.containsIdentity(txn, a);
+	}
+
+	@Override
+	public boolean containsPendingContact(Transaction transaction,
+			PendingContactId p) throws DbException {
+		T txn = unbox(transaction);
+		return db.containsPendingContact(txn, p);
 	}
 
 	@Override
@@ -447,8 +505,8 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	public Collection<ContactId> getContacts(Transaction transaction,
 			AuthorId a) throws DbException {
 		T txn = unbox(transaction);
-		if (!db.containsLocalAuthor(txn, a))
-			throw new NoSuchLocalAuthorException();
+		if (!db.containsIdentity(txn, a))
+			throw new NoSuchIdentityException();
 		return db.getContacts(txn, a);
 	}
 
@@ -487,19 +545,28 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	}
 
 	@Override
-	public LocalAuthor getLocalAuthor(Transaction transaction, AuthorId a)
-			throws DbException {
+	public Collection<HandshakeKeySet> getHandshakeKeys(Transaction transaction,
+			TransportId t) throws DbException {
 		T txn = unbox(transaction);
-		if (!db.containsLocalAuthor(txn, a))
-			throw new NoSuchLocalAuthorException();
-		return db.getLocalAuthor(txn, a);
+		if (!db.containsTransport(txn, t))
+			throw new NoSuchTransportException();
+		return db.getHandshakeKeys(txn, t);
 	}
 
 	@Override
-	public Collection<LocalAuthor> getLocalAuthors(Transaction transaction)
+	public Identity getIdentity(Transaction transaction, AuthorId a)
 			throws DbException {
 		T txn = unbox(transaction);
-		return db.getLocalAuthors(txn);
+		if (!db.containsIdentity(txn, a))
+			throw new NoSuchIdentityException();
+		return db.getIdentity(txn, a);
+	}
+
+	@Override
+	public Collection<Identity> getIdentities(Transaction transaction)
+			throws DbException {
+		T txn = unbox(transaction);
+		return db.getIdentities(txn);
 	}
 
 	@Override
@@ -643,6 +710,13 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 		return db.getNextSendTime(txn, c);
 	}
 
+	@Override
+	public Collection<PendingContact> getPendingContacts(
+			Transaction transaction) throws DbException {
+		T txn = unbox(transaction);
+		return db.getPendingContacts(txn);
+	}
+
 	@Override
 	public Settings getSettings(Transaction transaction, String namespace)
 			throws DbException {
@@ -651,7 +725,7 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	}
 
 	@Override
-	public Collection<KeySet> getTransportKeys(Transaction transaction,
+	public Collection<TransportKeySet> getTransportKeys(Transaction transaction,
 			TransportId t) throws DbException {
 		T txn = unbox(transaction);
 		if (!db.containsTransport(txn, t))
@@ -661,7 +735,17 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 
 	@Override
 	public void incrementStreamCounter(Transaction transaction, TransportId t,
-			KeySetId k) throws DbException {
+			HandshakeKeySetId k) throws DbException {
+		if (transaction.isReadOnly()) throw new IllegalArgumentException();
+		T txn = unbox(transaction);
+		if (!db.containsTransport(txn, t))
+			throw new NoSuchTransportException();
+		db.incrementStreamCounter(txn, t, k);
+	}
+
+	@Override
+	public void incrementStreamCounter(Transaction transaction, TransportId t,
+			TransportKeySetId k) throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
 		if (!db.containsTransport(txn, t))
@@ -811,14 +895,24 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	}
 
 	@Override
-	public void removeLocalAuthor(Transaction transaction, AuthorId a)
+	public void removeHandshakeKeys(Transaction transaction,
+			TransportId t, HandshakeKeySetId k) throws DbException {
+		if (transaction.isReadOnly()) throw new IllegalArgumentException();
+		T txn = unbox(transaction);
+		if (!db.containsTransport(txn, t))
+			throw new NoSuchTransportException();
+		db.removeHandshakeKeys(txn, t, k);
+	}
+
+	@Override
+	public void removeIdentity(Transaction transaction, AuthorId a)
 			throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
-		if (!db.containsLocalAuthor(txn, a))
-			throw new NoSuchLocalAuthorException();
-		db.removeLocalAuthor(txn, a);
-		transaction.attach(new LocalAuthorRemovedEvent(a));
+		if (!db.containsIdentity(txn, a))
+			throw new NoSuchIdentityException();
+		db.removeIdentity(txn, a);
+		transaction.attach(new IdentityRemovedEvent(a));
 	}
 
 	@Override
@@ -832,6 +926,16 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 		db.removeMessage(txn, m);
 	}
 
+	@Override
+	public void removePendingContact(Transaction transaction,
+			PendingContactId p) throws DbException {
+		if (transaction.isReadOnly()) throw new IllegalArgumentException();
+		T txn = unbox(transaction);
+		if (!db.containsPendingContact(txn, p))
+			throw new NoSuchPendingContactException();
+		db.removePendingContact(txn, p);
+	}
+
 	@Override
 	public void removeTransport(Transaction transaction, TransportId t)
 			throws DbException {
@@ -844,7 +948,7 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 
 	@Override
 	public void removeTransportKeys(Transaction transaction,
-			TransportId t, KeySetId k) throws DbException {
+			TransportId t, TransportKeySetId k) throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
 		if (!db.containsTransport(txn, t))
@@ -863,17 +967,6 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 		transaction.attach(new ContactVerifiedEvent(c));
 	}
 
-	@Override
-	public void setContactActive(Transaction transaction, ContactId c,
-			boolean active) throws DbException {
-		if (transaction.isReadOnly()) throw new IllegalArgumentException();
-		T txn = unbox(transaction);
-		if (!db.containsContact(txn, c))
-			throw new NoSuchContactException();
-		db.setContactActive(txn, c, active);
-		transaction.attach(new ContactStatusChangedEvent(c, active));
-	}
-
 	@Override
 	public void setContactAlias(Transaction transaction, ContactId c,
 			@Nullable String alias) throws DbException {
@@ -943,19 +1036,40 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	}
 
 	@Override
-	public void setReorderingWindow(Transaction transaction, KeySetId k,
-			TransportId t, long rotationPeriod, long base, byte[] bitmap)
-			throws DbException {
+	public void setHandshakeKeyPair(Transaction transaction, AuthorId local,
+			byte[] publicKey, byte[] privateKey) throws DbException {
+		if (transaction.isReadOnly()) throw new IllegalArgumentException();
+		T txn = unbox(transaction);
+		if (!db.containsIdentity(txn, local))
+			throw new NoSuchIdentityException();
+		db.setHandshakeKeyPair(txn, local, publicKey, privateKey);
+	}
+
+	@Override
+	public void setReorderingWindow(Transaction transaction,
+			TransportKeySetId k, TransportId t, long timePeriod, long base,
+			byte[] bitmap) throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
 		if (!db.containsTransport(txn, t))
 			throw new NoSuchTransportException();
-		db.setReorderingWindow(txn, k, t, rotationPeriod, base, bitmap);
+		db.setReorderingWindow(txn, k, t, timePeriod, base, bitmap);
+	}
+
+	@Override
+	public void setReorderingWindow(Transaction transaction,
+			HandshakeKeySetId k, TransportId t, long timePeriod, long base,
+			byte[] bitmap) throws DbException {
+		if (transaction.isReadOnly()) throw new IllegalArgumentException();
+		T txn = unbox(transaction);
+		if (!db.containsTransport(txn, t))
+			throw new NoSuchTransportException();
+		db.setReorderingWindow(txn, k, t, timePeriod, base, bitmap);
 	}
 
 	@Override
 	public void setTransportKeysActive(Transaction transaction, TransportId t,
-			KeySetId k) throws DbException {
+			TransportKeySetId k) throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
 		if (!db.containsTransport(txn, t))
@@ -964,14 +1078,39 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	}
 
 	@Override
-	public void updateTransportKeys(Transaction transaction,
-			Collection<KeySet> keys) throws DbException {
+	public void updateHandshakeKeys(Transaction transaction,
+			Collection<HandshakeKeySet> keys) throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
-		for (KeySet ks : keys) {
-			TransportId t = ks.getTransportKeys().getTransportId();
+		for (HandshakeKeySet ks : keys) {
+			TransportId t = ks.getKeys().getTransportId();
+			if (db.containsTransport(txn, t))
+				db.updateHandshakeKeys(txn, ks);
+		}
+	}
+
+	@Override
+	public void updateTransportKeys(Transaction transaction,
+			Collection<TransportKeySet> keys) throws DbException {
+		if (transaction.isReadOnly()) throw new IllegalArgumentException();
+		T txn = unbox(transaction);
+		for (TransportKeySet ks : keys) {
+			TransportId t = ks.getKeys().getTransportId();
 			if (db.containsTransport(txn, t))
 				db.updateTransportKeys(txn, ks);
 		}
 	}
+
+	private class CommitActionVisitor implements Visitor {
+
+		@Override
+		public void visit(EventAction a) {
+			eventBus.broadcast(a.getEvent());
+		}
+
+		@Override
+		public void visit(TaskAction a) {
+			eventExecutor.execute(a.getTask());
+		}
+	}
 }

bramble-core/src/main/java/org/briarproject/bramble/db/DatabaseModule.java

@@ -3,11 +3,13 @@ package org.briarproject.bramble.db;
 import org.briarproject.bramble.api.db.DatabaseComponent;
 import org.briarproject.bramble.api.db.DatabaseConfig;
 import org.briarproject.bramble.api.event.EventBus;
+import org.briarproject.bramble.api.event.EventExecutor;
 import org.briarproject.bramble.api.lifecycle.ShutdownManager;
 import org.briarproject.bramble.api.sync.MessageFactory;
 import org.briarproject.bramble.api.system.Clock;
 
 import java.sql.Connection;
+import java.util.concurrent.Executor;
 
 import javax.inject.Singleton;
 
@@ -27,8 +29,9 @@ public class DatabaseModule {
 	@Provides
 	@Singleton
 	DatabaseComponent provideDatabaseComponent(Database<Connection> db,
-			EventBus eventBus, ShutdownManager shutdown) {
+			EventBus eventBus, @EventExecutor Executor eventExecutor,
+			ShutdownManager shutdownManager) {
 		return new DatabaseComponentImpl<>(db, Connection.class, eventBus,
-				shutdown);
+				eventExecutor, shutdownManager);
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/db/H2Database.java

@@ -76,30 +76,6 @@ class H2Database extends JdbcDatabase {
 		}
 	}
 
-	@Override
-	public long getFreeSpace() {
-		File dir = config.getDatabaseDirectory();
-		long maxSize = config.getMaxSize();
-		long free = dir.getFreeSpace();
-		long used = getDiskSpace(dir);
-		long quota = maxSize - used;
-		return Math.min(free, quota);
-	}
-
-	private long getDiskSpace(File f) {
-		if (f.isDirectory()) {
-			long total = 0;
-			File[] children = f.listFiles();
-			if (children != null)
-				for (File child : children) total += getDiskSpace(child);
-			return total;
-		} else if (f.isFile()) {
-			return f.length();
-		} else {
-			return 0;
-		}
-	}
-
 	@Override
 	protected Connection createConnection() throws SQLException {
 		SecretKey key = this.key;

bramble-core/src/main/java/org/briarproject/bramble/db/HyperSqlDatabase.java

@@ -86,30 +86,6 @@ class HyperSqlDatabase extends JdbcDatabase {
 		}
 	}
 
-	@Override
-	public long getFreeSpace() {
-		File dir = config.getDatabaseDirectory();
-		long maxSize = config.getMaxSize();
-		long free = dir.getFreeSpace();
-		long used = getDiskSpace(dir);
-		long quota = maxSize - used;
-		return Math.min(free, quota);
-	}
-
-	private long getDiskSpace(File f) {
-		if (f.isDirectory()) {
-			long total = 0;
-			File[] children = f.listFiles();
-			if (children != null)
-				for (File child : children) total += getDiskSpace(child);
-			return total;
-		} else if (f.isFile()) {
-			return f.length();
-		} else {
-			return 0;
-		}
-	}
-
 	@Override
 	protected Connection createConnection() throws SQLException {
 		SecretKey key = this.key;

bramble-core/src/main/java/org/briarproject/bramble/db/Migration40_41.java

@@ -17,7 +17,7 @@ class Migration40_41 implements Migration<Connection> {
 
 	private final DatabaseTypes dbTypes;
 
-	public Migration40_41(DatabaseTypes databaseTypes) {
+	Migration40_41(DatabaseTypes databaseTypes) {
 		this.dbTypes = databaseTypes;
 	}
 

bramble-core/src/main/java/org/briarproject/bramble/db/Migration41_42.java

@@ -0,0 +1,97 @@
+package org.briarproject.bramble.db;
+
+import org.briarproject.bramble.api.db.DbException;
+
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.sql.Statement;
+import java.util.logging.Logger;
+
+import static java.util.logging.Level.WARNING;
+import static java.util.logging.Logger.getLogger;
+import static org.briarproject.bramble.db.JdbcUtils.tryToClose;
+
+class Migration41_42 implements Migration<Connection> {
+
+	private static final Logger LOG = getLogger(Migration41_42.class.getName());
+
+	private final DatabaseTypes dbTypes;
+
+	Migration41_42(DatabaseTypes dbTypes) {
+		this.dbTypes = dbTypes;
+	}
+
+	@Override
+	public int getStartVersion() {
+		return 41;
+	}
+
+	@Override
+	public int getEndVersion() {
+		return 42;
+	}
+
+	@Override
+	public void migrate(Connection txn) throws DbException {
+		Statement s = null;
+		try {
+			s = txn.createStatement();
+			s.execute("ALTER TABLE outgoingKeys"
+					+ " ALTER COLUMN rotationPeriod"
+					+ " RENAME TO timePeriod");
+			s.execute("ALTER TABLE incomingKeys"
+					+ " ALTER COLUMN rotationPeriod"
+					+ " RENAME TO timePeriod");
+			s.execute("ALTER TABLE incomingKeys"
+					+ " DROP COLUMN contactId");
+			s.execute(dbTypes.replaceTypes("CREATE TABLE pendingContacts"
+					+ " (pendingContactId _HASH NOT NULL,"
+					+ " publicKey _BINARY NOT NULL,"
+					+ " alias _STRING NOT NULL,"
+					+ " state INT NOT NULL,"
+					+ " timestamp BIGINT NOT NULL,"
+					+ " PRIMARY KEY (pendingContactId))"));
+			s.execute(dbTypes.replaceTypes("CREATE TABLE outgoingHandshakeKeys"
+					+ " (transportId _STRING NOT NULL,"
+					+ " keySetId _COUNTER,"
+					+ " timePeriod BIGINT NOT NULL,"
+					+ " contactId INT," // Null if contact is pending
+					+ " pendingContactId _HASH," // Null if not pending
+					+ " rootKey _SECRET NOT NULL,"
+					+ " alice BOOLEAN NOT NULL,"
+					+ " tagKey _SECRET NOT NULL,"
+					+ " headerKey _SECRET NOT NULL,"
+					+ " stream BIGINT NOT NULL,"
+					+ " PRIMARY KEY (transportId, keySetId),"
+					+ " FOREIGN KEY (transportId)"
+					+ " REFERENCES transports (transportId)"
+					+ " ON DELETE CASCADE,"
+					+ " UNIQUE (keySetId),"
+					+ " FOREIGN KEY (contactId)"
+					+ " REFERENCES contacts (contactId)"
+					+ " ON DELETE CASCADE,"
+					+ " FOREIGN KEY (pendingContactId)"
+					+ " REFERENCES pendingContacts (pendingContactId)"
+					+ " ON DELETE CASCADE)"));
+			s.execute(dbTypes.replaceTypes("CREATE TABLE incomingHandshakeKeys"
+					+ " (transportId _STRING NOT NULL,"
+					+ " keySetId INT NOT NULL,"
+					+ " timePeriod BIGINT NOT NULL,"
+					+ " tagKey _SECRET NOT NULL,"
+					+ " headerKey _SECRET NOT NULL,"
+					+ " base BIGINT NOT NULL,"
+					+ " bitmap _BINARY NOT NULL,"
+					+ " periodOffset INT NOT NULL,"
+					+ " PRIMARY KEY (transportId, keySetId, periodOffset),"
+					+ " FOREIGN KEY (transportId)"
+					+ " REFERENCES transports (transportId)"
+					+ " ON DELETE CASCADE,"
+					+ " FOREIGN KEY (keySetId)"
+					+ " REFERENCES outgoingHandshakeKeys (keySetId)"
+					+ " ON DELETE CASCADE)"));
+		} catch (SQLException e) {
+			tryToClose(s, LOG, WARNING);
+			throw new DbException(e);
+		}
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/db/Migration42_43.java

@@ -0,0 +1,52 @@
+package org.briarproject.bramble.db;
+
+import org.briarproject.bramble.api.db.DbException;
+
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.sql.Statement;
+import java.util.logging.Logger;
+
+import static java.util.logging.Level.WARNING;
+import static java.util.logging.Logger.getLogger;
+import static org.briarproject.bramble.db.JdbcUtils.tryToClose;
+
+class Migration42_43 implements Migration<Connection> {
+
+	private static final Logger LOG = getLogger(Migration42_43.class.getName());
+
+	private final DatabaseTypes dbTypes;
+
+	Migration42_43(DatabaseTypes dbTypes) {
+		this.dbTypes = dbTypes;
+	}
+
+	@Override
+	public int getStartVersion() {
+		return 42;
+	}
+
+	@Override
+	public int getEndVersion() {
+		return 43;
+	}
+
+	@Override
+	public void migrate(Connection txn) throws DbException {
+		Statement s = null;
+		try {
+			s = txn.createStatement();
+			s.execute(dbTypes.replaceTypes("ALTER TABLE localAuthors"
+					+ " ADD COLUMN handshakePublicKey _BINARY"));
+			s.execute(dbTypes.replaceTypes("ALTER TABLE localAuthors"
+					+ " ADD COLUMN handshakePrivateKey _BINARY"));
+			s.execute(dbTypes.replaceTypes("ALTER TABLE contacts"
+					+ " ADD COLUMN handshakePublicKey _BINARY"));
+			s.execute("ALTER TABLE contacts"
+					+ " DROP COLUMN active");
+		} catch (SQLException e) {
+			tryToClose(s, LOG, WARNING);
+			throw new DbException(e);
+		}
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/event/DefaultEventExecutorModule.java

@@ -0,0 +1,32 @@
+package org.briarproject.bramble.event;
+
+import org.briarproject.bramble.api.event.EventExecutor;
+
+import java.util.concurrent.Executor;
+
+import javax.inject.Singleton;
+
+import dagger.Module;
+import dagger.Provides;
+
+import static java.util.concurrent.Executors.newSingleThreadExecutor;
+
+/**
+ * Default implementation of {@link EventExecutor} that uses a dedicated thread
+ * to notify listeners of events. Applications may prefer to supply an
+ * implementation that uses an existing thread, such as the UI thread.
+ */
+@Module
+public class DefaultEventExecutorModule {
+
+	@Provides
+	@Singleton
+	@EventExecutor
+	Executor provideEventExecutor() {
+		return newSingleThreadExecutor(r -> {
+			Thread t = new Thread(r);
+			t.setDaemon(true);
+			return t;
+		});
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/event/EventBusImpl.java

@@ -2,13 +2,16 @@ package org.briarproject.bramble.event;
 
 import org.briarproject.bramble.api.event.Event;
 import org.briarproject.bramble.api.event.EventBus;
+import org.briarproject.bramble.api.event.EventExecutor;
 import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
 import java.util.Collection;
 import java.util.concurrent.CopyOnWriteArrayList;
+import java.util.concurrent.Executor;
 
 import javax.annotation.concurrent.ThreadSafe;
+import javax.inject.Inject;
 
 @ThreadSafe
 @NotNullByDefault
@@ -16,6 +19,12 @@ class EventBusImpl implements EventBus {
 
 	private final Collection<EventListener> listeners =
 			new CopyOnWriteArrayList<>();
+	private final Executor eventExecutor;
+
+	@Inject
+	EventBusImpl(@EventExecutor Executor eventExecutor) {
+		this.eventExecutor = eventExecutor;
+	}
 
 	@Override
 	public void addListener(EventListener l) {
@@ -29,6 +38,8 @@ class EventBusImpl implements EventBus {
 
 	@Override
 	public void broadcast(Event e) {
-		for (EventListener l : listeners) l.eventOccurred(e);
+		eventExecutor.execute(() -> {
+			for (EventListener l : listeners) l.eventOccurred(e);
+		});
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/event/EventModule.java

@@ -12,7 +12,7 @@ public class EventModule {
 
 	@Provides
 	@Singleton
-	EventBus provideEventBus() {
-		return new EventBusImpl();
+	EventBus provideEventBus(EventBusImpl eventBus) {
+		return eventBus;
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/identity/AuthorFactoryImpl.java

@@ -1,12 +1,12 @@
 package org.briarproject.bramble.identity;
 
 import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.crypto.KeyPair;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorFactory;
 import org.briarproject.bramble.api.identity.AuthorId;
 import org.briarproject.bramble.api.identity.LocalAuthor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.system.Clock;
 import org.briarproject.bramble.util.ByteUtils;
 import org.briarproject.bramble.util.StringUtils;
 
@@ -22,12 +22,10 @@ import static org.briarproject.bramble.util.ByteUtils.INT_32_BYTES;
 class AuthorFactoryImpl implements AuthorFactory {
 
 	private final CryptoComponent crypto;
-	private final Clock clock;
 
 	@Inject
-	AuthorFactoryImpl(CryptoComponent crypto, Clock clock) {
+	AuthorFactoryImpl(CryptoComponent crypto) {
 		this.crypto = crypto;
-		this.clock = clock;
 	}
 
 	@Override
@@ -43,17 +41,12 @@ class AuthorFactoryImpl implements AuthorFactory {
 	}
 
 	@Override
-	public LocalAuthor createLocalAuthor(String name, byte[] publicKey,
-			byte[] privateKey) {
-		return createLocalAuthor(FORMAT_VERSION, name, publicKey, privateKey);
-	}
-
-	@Override
-	public LocalAuthor createLocalAuthor(int formatVersion, String name,
-			byte[] publicKey, byte[] privateKey) {
-		AuthorId id = getId(formatVersion, name, publicKey);
-		return new LocalAuthor(id, formatVersion, name, publicKey, privateKey,
-				clock.currentTimeMillis());
+	public LocalAuthor createLocalAuthor(String name) {
+		KeyPair signatureKeyPair = crypto.generateSignatureKeyPair();
+		byte[] publicKey = signatureKeyPair.getPublic().getEncoded();
+		byte[] privateKey = signatureKeyPair.getPrivate().getEncoded();
+		AuthorId id = getId(FORMAT_VERSION, name, publicKey);
+		return new LocalAuthor(id, FORMAT_VERSION, name, publicKey, privateKey);
 	}
 
 	private AuthorId getId(int formatVersion, String name, byte[] publicKey) {

bramble-core/src/main/java/org/briarproject/bramble/identity/IdentityManagerImpl.java

@@ -6,97 +6,164 @@ import org.briarproject.bramble.api.db.DatabaseComponent;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.identity.AuthorFactory;
+import org.briarproject.bramble.api.identity.Identity;
 import org.briarproject.bramble.api.identity.IdentityManager;
 import org.briarproject.bramble.api.identity.LocalAuthor;
+import org.briarproject.bramble.api.lifecycle.LifecycleManager.OpenDatabaseHook;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.system.Clock;
 
+import java.util.Collection;
 import java.util.logging.Logger;
 
 import javax.annotation.Nullable;
 import javax.annotation.concurrent.ThreadSafe;
 import javax.inject.Inject;
 
+import static java.util.logging.Logger.getLogger;
+import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
 import static org.briarproject.bramble.util.LogUtils.logDuration;
 import static org.briarproject.bramble.util.LogUtils.now;
 
 @ThreadSafe
 @NotNullByDefault
-class IdentityManagerImpl implements IdentityManager {
+class IdentityManagerImpl implements IdentityManager, OpenDatabaseHook {
 
 	private static final Logger LOG =
-			Logger.getLogger(IdentityManagerImpl.class.getName());
+			getLogger(IdentityManagerImpl.class.getName());
 
 	private final DatabaseComponent db;
 	private final CryptoComponent crypto;
 	private final AuthorFactory authorFactory;
+	private final Clock clock;
 
-	// The local author is immutable so we can cache it
+	/**
+	 * The user's identity, or null if no identity has been registered or
+	 * loaded. If non-null, this identity always has handshake keys.
+	 */
 	@Nullable
-	private volatile LocalAuthor cachedAuthor;
+	private volatile Identity cachedIdentity = null;
+
+	/**
+	 * True if {@code cachedIdentity} was registered via
+	 * {@link #registerIdentity(Identity)} and should be stored when
+	 * {@link #onDatabaseOpened(Transaction)} is called.
+	 */
+
+	private volatile boolean shouldStoreIdentity = false;
+
+	/**
+	 * True if the handshake keys in {@code cachedIdentity} were generated
+	 * when the identity was loaded and should be stored when
+	 * {@link #onDatabaseOpened(Transaction)} is called.
+	 */
+	private volatile boolean shouldStoreKeys = false;
 
 	@Inject
 	IdentityManagerImpl(DatabaseComponent db, CryptoComponent crypto,
-			AuthorFactory authorFactory) {
+			AuthorFactory authorFactory, Clock clock) {
 		this.db = db;
 		this.crypto = crypto;
 		this.authorFactory = authorFactory;
+		this.clock = clock;
 	}
 
 	@Override
-	public LocalAuthor createLocalAuthor(String name) {
+	public Identity createIdentity(String name) {
 		long start = now();
-		KeyPair keyPair = crypto.generateSignatureKeyPair();
-		byte[] publicKey = keyPair.getPublic().getEncoded();
-		byte[] privateKey = keyPair.getPrivate().getEncoded();
-		LocalAuthor localAuthor = authorFactory.createLocalAuthor(name,
-				publicKey, privateKey);
-		logDuration(LOG, "Creating local author", start);
-		return localAuthor;
+		LocalAuthor localAuthor = authorFactory.createLocalAuthor(name);
+		KeyPair handshakeKeyPair = crypto.generateAgreementKeyPair();
+		byte[] handshakePub = handshakeKeyPair.getPublic().getEncoded();
+		byte[] handshakePriv = handshakeKeyPair.getPrivate().getEncoded();
+		logDuration(LOG, "Creating identity", start);
+		return new Identity(localAuthor, handshakePub, handshakePriv,
+				clock.currentTimeMillis());
 	}
 
 	@Override
-	public void registerLocalAuthor(LocalAuthor a) {
-		cachedAuthor = a;
-		LOG.info("Local author registered");
+	public void registerIdentity(Identity i) {
+		if (!i.hasHandshakeKeyPair()) throw new IllegalArgumentException();
+		cachedIdentity = i;
+		shouldStoreIdentity = true;
+		LOG.info("Identity registered");
 	}
 
 	@Override
-	public void storeLocalAuthor() throws DbException {
-		LocalAuthor cached = cachedAuthor;
-		if (cached == null) {
-			LOG.info("No local author to store");
-			return;
+	public void onDatabaseOpened(Transaction txn) throws DbException {
+		Identity cached = getCachedIdentity(txn);
+		if (shouldStoreIdentity) {
+			// The identity was registered at startup - store it
+			db.addIdentity(txn, cached);
+			LOG.info("Identity stored");
+		} else if (shouldStoreKeys) {
+			// Handshake keys were generated when loading the identity -
+			// store them
+			byte[] handshakePub =
+					requireNonNull(cached.getHandshakePublicKey());
+			byte[] handshakePriv =
+					requireNonNull(cached.getHandshakePrivateKey());
+			db.setHandshakeKeyPair(txn, cached.getId(), handshakePub,
+					handshakePriv);
+			LOG.info("Handshake key pair stored");
 		}
-		db.transaction(false, txn -> db.addLocalAuthor(txn, cached));
-		LOG.info("Local author stored");
 	}
 
 	@Override
 	public LocalAuthor getLocalAuthor() throws DbException {
-		if (cachedAuthor == null) {
-			cachedAuthor =
-					db.transactionWithResult(true, this::loadLocalAuthor);
-			LOG.info("Local author loaded");
-		}
-		LocalAuthor cached = cachedAuthor;
-		if (cached == null) throw new AssertionError();
-		return cached;
+		Identity cached = cachedIdentity;
+		if (cached == null)
+			cached = db.transactionWithResult(true, this::getCachedIdentity);
+		return cached.getLocalAuthor();
 	}
 
-
 	@Override
 	public LocalAuthor getLocalAuthor(Transaction txn) throws DbException {
-		if (cachedAuthor == null) {
-			cachedAuthor = loadLocalAuthor(txn);
-			LOG.info("Local author loaded");
-		}
-		LocalAuthor cached = cachedAuthor;
-		if (cached == null) throw new AssertionError();
+		return getCachedIdentity(txn).getLocalAuthor();
+	}
+
+	@Override
+	public byte[][] getHandshakeKeys(Transaction txn) throws DbException {
+		Identity cached = getCachedIdentity(txn);
+		return new byte[][] {
+				cached.getHandshakePublicKey(),
+				cached.getHandshakePrivateKey()
+		};
+	}
+
+	/**
+	 * Loads the identity if necessary and returns it. If
+	 * {@code cachedIdentity} was not already set by calling
+	 * {@link #registerIdentity(Identity)}, this method sets it. If
+	 * {@code cachedIdentity} was already set, either by calling
+	 * {@link #registerIdentity(Identity)} or by a previous call to this
+	 * method, then this method returns the cached identity without hitting
+	 * the database.
+	 */
+	private Identity getCachedIdentity(Transaction txn) throws DbException {
+		Identity cached = cachedIdentity;
+		if (cached == null)
+			cachedIdentity = cached = loadIdentityWithKeyPair(txn);
 		return cached;
 	}
 
-	private LocalAuthor loadLocalAuthor(Transaction txn) throws DbException {
-		return db.getLocalAuthors(txn).iterator().next();
+	/**
+	 * Loads and returns the identity, generating a handshake key pair if
+	 * necessary and setting {@code shouldStoreKeys} if a handshake key pair
+	 * was generated.
+	 */
+	private Identity loadIdentityWithKeyPair(Transaction txn)
+			throws DbException {
+		Collection<Identity> identities = db.getIdentities(txn);
+		if (identities.size() != 1) throw new DbException();
+		Identity i = identities.iterator().next();
+		LOG.info("Identity loaded");
+		if (i.hasHandshakeKeyPair()) return i;
+		KeyPair handshakeKeyPair = crypto.generateAgreementKeyPair();
+		byte[] handshakePub = handshakeKeyPair.getPublic().getEncoded();
+		byte[] handshakePriv = handshakeKeyPair.getPrivate().getEncoded();
+		LOG.info("Handshake key pair generated");
+		shouldStoreKeys = true;
+		return new Identity(i.getLocalAuthor(), handshakePub, handshakePriv,
+				i.getTimeCreated());
 	}
-
 }

bramble-core/src/main/java/org/briarproject/bramble/identity/IdentityModule.java

@@ -2,6 +2,7 @@ package org.briarproject.bramble.identity;
 
 import org.briarproject.bramble.api.identity.AuthorFactory;
 import org.briarproject.bramble.api.identity.IdentityManager;
+import org.briarproject.bramble.api.lifecycle.LifecycleManager;
 
 import javax.inject.Inject;
 import javax.inject.Singleton;
@@ -24,8 +25,9 @@ public class IdentityModule {
 
 	@Provides
 	@Singleton
-	IdentityManager provideIdentityManager(
+	IdentityManager provideIdentityManager(LifecycleManager lifecycleManager,
 			IdentityManagerImpl identityManager) {
+		lifecycleManager.registerOpenDatabaseHook(identityManager);
 		return identityManager;
 	}
 }