packet.
connection was recognised.
plugin.
This will enable asynchronous access to the database for IO threads.
This ensures the frame number is covered by the MAC, cleanly separating encryption from authentication (previously we depended on the encryption layer to garble frames if they were reordered).
And I rewrote the locking in ConnectionRecogniserImpl again. I hate that class so much.
This prevents an attacker from replaying connections to test whether a transport endpoint has the same owner as an endpoint on another transport (eg probing a Bluetooth device to see whether it has the same owner as a given internet host).
still exist.)
Each connection's keys are derived from a secret that is erased after deriving the keys and the secret for the next connection.
be included in this context in the near future).
This is less memory-efficient but necessary for the coming forward secrecy changes.
and TransportIndex (locally unique). This is the first step towards forward secrecy. Also removed the Writable interface and unnecessary user-defined types, moved various constants to ProtocolConstants and renamed some classes.