Bumping version to 2.1.0

// FREEBIE

.travis.yml

@@ -0,0 +1,7 @@
+language: android
+android:
+  components:
+    - platform-tools
+    - build-tools-19.1.0
+    - android-19
+    - extra-android-m2repository

AndroidManifest.xml

@@ -2,8 +2,8 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
           xmlns:tools="http://schemas.android.com/tools"
           package="org.thoughtcrime.securesms"
-      android:versionCode="67"
-      android:versionName="2.0.4">
+      android:versionCode="72"
+      android:versionName="2.1.0">
 
     <uses-sdk android:minSdkVersion="9" android:targetSdkVersion="19"/>
 
@@ -69,9 +69,9 @@
                 <category android:name="android.intent.category.DEFAULT"/>
                 <data android:mimeType="audio/*" />
                 <data android:mimeType="image/*" />
-                <data android:mimeType="text/*" />
+                <data android:mimeType="text/plain" />
                 <data android:mimeType="video/*" />
-            </intent-filter>            
+            </intent-filter>
 
         </activity>
 
@@ -90,14 +90,21 @@
               android:windowSoftInputMode="stateUnchanged"              
               android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
 
-     <activity android:name=".MmsPreferencesActivity"
+    <activity android:name=".MmsPreferencesActivity"
                android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
 
-    <activity android:name=".ConversationListActivity"
-              android:label="@string/app_name"
+    <activity android:name=".ShareActivity"
+              android:excludeFromRecents="true"
               android:launchMode="singleTask"
+              android:noHistory="true"
+              android:windowSoftInputMode="stateHidden"
               android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
 
+    <activity android:name=".ConversationListActivity"
+          android:label="@string/app_name"
+          android:launchMode="singleTask"
+          android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
+
     <activity android:name=".ConversationActivity"
               android:windowSoftInputMode="stateUnchanged"
               android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
@@ -126,8 +133,8 @@
     <activity android:name=".PassphrasePromptActivity"
               android:label="@string/AndroidManifest__enter_passphrase"
               android:launchMode="singleTop"
-              android:theme="@style/NoAnimation.Theme.Sherlock.Light.DarkActionBar"              
-              android:windowSoftInputMode="stateUnchanged"
+              android:theme="@style/TextSecure.IntroTheme"
+              android:windowSoftInputMode="stateAlwaysVisible"
               android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
 
     <activity android:name=".ContactSelectionActivity"
@@ -135,15 +142,15 @@
               android:windowSoftInputMode="stateHidden"
               android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
 
-    <activity android:name=".SingleContactSelectionActivity"
-              android:label="@string/AndroidManifest__select_contact"
+    <activity android:name=".NewConversationActivity"
+              android:label="@string/AndroidManifest__select_contacts"
               android:windowSoftInputMode="stateHidden"
               android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
 
     <activity android:name=".PushContactSelectionActivity"
-              android:label="@string/AndroidManifest__select_contacts"
-              android:windowSoftInputMode="stateHidden"
-              android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
+          android:label="@string/AndroidManifest__select_contacts"
+          android:windowSoftInputMode="stateHidden"
+          android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
 
     <activity android:name=".AutoInitiateActivity"
               android:theme="@style/TextSecure.Light.Dialog"
@@ -165,11 +172,7 @@
               android:label="@string/AndroidManifest__verify_identity"
               android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
 
-    <activity android:name=".ReviewIdentitiesActivity"
-              android:label="@string/AndroidManifest__manage_identity_keys"
-              android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
-
-    <activity android:name=".ReceiveKeyActivity" 
+    <activity android:name=".ReceiveKeyActivity"
               android:label="@string/AndroidManifest__complete_key_exchange"
               android:theme="@style/TextSecure.Light.Dialog"
               android:configChanges="touchscreen|keyboard|keyboardHidden|orientation|screenLayout|screenSize"/>
@@ -205,6 +208,7 @@
     <service android:enabled="true" android:name=".service.SendReceiveService"/>
     <service android:enabled="true" android:name=".service.RegistrationService"/>
     <service android:enabled="true" android:name=".service.DirectoryRefreshService"/>
+    <service android:enabled="true" android:name=".service.PreKeyService"/>
     <service android:enabled="true" android:name=".gcm.GcmIntentService"/>
 
     <service android:name=".service.QuickResponseService"

BUILDING.md

@@ -1,11 +1,30 @@
 Building TextSecure
-===================
+=====================
 
-1. Ensure the 'Android Support Repository' is installed from the Android SDK manager.
+Basics
+------
 
-Execute Gradle:
+TextSecure uses [Gradle](http://gradle.org) to build the project and to maintain
+dependencies.
 
-    ./gradlew build
+Building TextSecure
+-------------------
+
+The following steps should help you (re)build TextSecure from the command line.
+
+1. Checkout the source somewhere on your filesystem with 
+
+        git clone https://github.com/WhisperSystems/TextSecure.git
+
+2. Make sure you have the [Android SDK](https://developer.android.com/sdk/index.html) installed somewhere on your system.
+3. Ensure the "Android Support Repository" and "Android SDK Build-tools" are installed from the Android SDK manager.
+4. Create a local.properties file at the root of your source checkout and add an sdk.dir entry to it.
+
+        sdk.dir=\<path to your sdk installation\>
+
+5. Execute Gradle:
+
+        ./gradlew build
 
 Re-building native components
 -----------------------------
@@ -20,3 +39,29 @@ Execute ndk-build:
     ndk-build
 
 Afterwards, execute Gradle as above to re-create the APK.
+
+Setting up a development environment
+------------------------------------
+
+[Android Studio](https://developer.android.com/sdk/installing/studio.html) is the recommended development environment.
+
+1. Install Android Studio
+2. Make sure the "Android Support Repository" is installed in the Android Studio SDK.
+3. Make sure the latest "Android SDK build-tools" is installed in the Android Studio SDK.
+4. Create a new Android Studio project. from the Quickstart pannel (use File > Close Project to see it), choose "Checkout from Version Control" then "git".
+5. Paste the URL for the TextSecure project when prompted (https://github.com/WhisperSystems/TextSecure.git)
+6. Android studio should detect the presence of a project file and ask you wethere to open it. Click "yes".
+7. Default config options should be good enough.
+8. Project initialisation and build should proceed.
+
+Contributing code
+-----------------
+
+Code contributions should be sent via github as pull requests, from feature branches [as explained here](https://help.github.com/articles/using-pull-requests).
+
+Mailing list
+------------
+
+Development discussion happens on the whispersystems mailing list.
+[To join](https://lists.riseup.net/www/info/whispersystems)
+Send emails to whispersystems@lists.riseup.net

README.md

@@ -1,70 +1,73 @@
-TextSecure
-=================
+# TextSecure [![Build Status](https://travis-ci.org/WhisperSystems/TextSecure.svg?branch=master)](https://travis-ci.org/WhisperSystems/TextSecure)
 
-A secure text messaging application for Android.
+TextSecure is a messaging app for easy private communicate with friends.
 
-TextSecure is a replacement for the standard text messaging application, allowing you to send and receive text messages as normal.  Additionally, TextSecure provides:
+TextSecure can use either data (WiFi/3G/4G) or SMS to communicate securely, and all TextSecure
+messages can also be encrypted locally on your device.
 
-1. *Local Encryption* -- All text messages, regardless of destination, that are sent or received with TextSecure are stored in an encrypted database on your phone.
-2. *Wire Encryption* -- When communicating with a recipient who is also using TextSecure, text messages are encrypted during transmission.
+Currently available on the Play store.
 
-Current BitHub Payment For Commit:
-=================
-[![Current Price](https://bithub.herokuapp.com/v1/status/payment/commit/)](https://whispersystems.org/blog/bithub/)
+*[![Play Store Badge](https://developer.android.com/images/brand/en_app_rgb_wo_60.png)](https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms)*
 
-
-Bug tracker
------------
-
-Have a bug? Please create an issue here on GitHub!
+## Contributing Bug reports
+We use GitHub for bug tracking. Please search the existing issues for your bug and create a new one if the issue is not yet tracked!
 
 https://github.com/WhisperSystems/TextSecure/issues
 
+## Contributing Translations
+Interested in helping to translate TextSecure? Contribute here:
 
-Documentation
--------------
+https://www.transifex.com/projects/p/textsecure-official/
 
-Looking for documentation? Check out the wiki!
+## Contributing Code
+Instructions on how to setup your development environment and build TextSecure can be found in  [BUILDING.md](https://github.com/WhisperSystems/TextSecure/blob/master/BUILDING.md).
 
-https://github.com/WhisperSystems/TextSecure/wiki
+If you're new to the TextSecure codebase, we recommend going through our issues and picking out a simple bug to fix (check the "easy" label in our issues) in order to get yourself familiar.
 
-Mailing list
-------------
+For larger changes and feature ideas, we ask that you propose it on the mailing list for a high-level discussion before implementation.
 
-Have a question? Ask on our mailing list!
+This repository is set up with [BitHub](https://whispersystems.org/blog/bithub/), so you can make money for committing to TextSecure. The current BitHub price for an accepted pull request is:
+
+[![Current BitHub Price](https://bithub.herokuapp.com/v1/status/payment/commit/)](https://whispersystems.org/blog/bithub/)
+
+## Contributing Ideas
+Have something you want to say about Open Whisper Systems projects or want to be part of the conversation? Get involved in the mailing list!
 
 whispersystems@lists.riseup.net
 
 https://lists.riseup.net/www/info/whispersystems
 
-Translation
-------------
+## Contributing Funds
+[![Donate](https://coinbase.com/assets/buttons/donation_large-6ec72b1a9eec516944e50a22aca7db35.png)](https://whispersystems.org/blog/bithub/)
 
-Interested in helping to translate TextSecure? Contribute here:
+You can add funds to BitHub to directly help further development efforts.
 
-https://www.transifex.com/projects/p/textsecure-official/
+Help
+====
+## Support
+For troubleshooting and questions, please visit our support center!
 
-Downloads
-------------
+http://support.whispersystems.org/
 
-TextSecure can be downloaded from the Play Store here:
+## Documentation
+Looking for documentation? Check out the wiki!
 
-https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms
+https://github.com/WhisperSystems/TextSecure/wiki
 
-Cryptography Notice
-------------
+# Legal things
+## Cryptography Notice
 
-This distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. 
-BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted. 
+This distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software.
+BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted.
 See <http://www.wassenaar.org/> for more information.
 
-The U.S. Government Department of Commerce, Bureau of Industry and Security (BIS), has classified this software as Export Commodity Control Number (ECCN) 5D002.C.1, which includes information security software using or performing cryptographic functions with asymmetric algorithms. 
+The U.S. Government Department of Commerce, Bureau of Industry and Security (BIS), has classified this software as Export Commodity Control Number (ECCN) 5D002.C.1, which includes information security software using or performing cryptographic functions with asymmetric algorithms.
 The form and manner of this distribution makes it eligible for export under the License Exception ENC Technology Software Unrestricted (TSU) exception (see the BIS Export Administration Regulations, Section 740.13) for both object code and source code.
 
-License
----------------------
+## License
 
 Copyright 2011 Whisper Systems
-Copyright 2013 Open WhisperSystems
+
+Copyright 2013-2014 Open Whisper Systems
 
 Licensed under the GPLv3: http://www.gnu.org/licenses/gpl-3.0.html

androidTest/org/thoughtcrime/securesms/database/CanonicalAddressDatabaseTest.java

@@ -0,0 +1,118 @@
+package org.thoughtcrime.securesms.database;
+
+import android.test.InstrumentationTestCase;
+
+import static org.fest.assertions.api.Assertions.assertThat;
+
+public class CanonicalAddressDatabaseTest extends InstrumentationTestCase {
+  private static final String AMBIGUOUS_NUMBER = "222-3333";
+  private static final String SPECIFIC_NUMBER  = "+49 444 222 3333";
+  private static final String EMAIL            = "a@b.fom";
+  private static final String SIMILAR_EMAIL    = "a@b.com";
+  private static final String GROUP            = "__textsecure_group__!000111222333";
+  private static final String SIMILAR_GROUP    = "__textsecure_group__!100111222333";
+  private static final String ALPHA            = "T-Mobile";
+  private static final String SIMILAR_ALPHA    = "T-Mobila";
+
+  private CanonicalAddressDatabase db;
+
+  public void setUp() throws Exception {
+    super.setUp();
+    this.db = CanonicalAddressDatabase.getInstance(getInstrumentation().getTargetContext());
+  }
+
+  public void tearDown() throws Exception {
+
+  }
+
+  /**
+   * Throw two equivalent numbers (one without locale info, one with full info) at the canonical
+   * address db and see that the caching and DB operations work properly in revealing the right
+   * addresses. This is run twice to ensure cache logic is hit.
+   *
+   * @throws Exception
+   */
+  public void testNumberAddressUpdates() throws Exception {
+    final long id = db.getCanonicalAddressId(AMBIGUOUS_NUMBER);
+
+    assertThat(db.getAddressFromId(id)).isEqualTo(AMBIGUOUS_NUMBER);
+    assertThat(db.getCanonicalAddressId(SPECIFIC_NUMBER)).isEqualTo(id);
+    assertThat(db.getAddressFromId(id)).isEqualTo(SPECIFIC_NUMBER);
+    assertThat(db.getCanonicalAddressId(AMBIGUOUS_NUMBER)).isEqualTo(id);
+
+    assertThat(db.getCanonicalAddressId(AMBIGUOUS_NUMBER)).isEqualTo(id);
+    assertThat(db.getAddressFromId(id)).isEqualTo(AMBIGUOUS_NUMBER);
+    assertThat(db.getCanonicalAddressId(SPECIFIC_NUMBER)).isEqualTo(id);
+    assertThat(db.getAddressFromId(id)).isEqualTo(SPECIFIC_NUMBER);
+    assertThat(db.getCanonicalAddressId(AMBIGUOUS_NUMBER)).isEqualTo(id);
+  }
+
+  public void testSimilarNumbers() throws Exception {
+    assertThat(db.getCanonicalAddressId("This is a phone number 222-333-444"))
+        .isNotEqualTo(db.getCanonicalAddressId("222-333-4444"));
+    assertThat(db.getCanonicalAddressId("222-333-444"))
+        .isNotEqualTo(db.getCanonicalAddressId("222-333-4444"));
+    assertThat(db.getCanonicalAddressId("222-333-44"))
+        .isNotEqualTo(db.getCanonicalAddressId("222-333-4444"));
+    assertThat(db.getCanonicalAddressId("222-333-4"))
+        .isNotEqualTo(db.getCanonicalAddressId("222-333-4444"));
+    assertThat(db.getCanonicalAddressId("+49 222-333-4444"))
+        .isNotEqualTo(db.getCanonicalAddressId("+1 222-333-4444"));
+
+    assertThat(db.getCanonicalAddressId("1 222-333-4444"))
+        .isEqualTo(db.getCanonicalAddressId("222-333-4444"));
+    assertThat(db.getCanonicalAddressId("1 (222) 333-4444"))
+        .isEqualTo(db.getCanonicalAddressId("222-333-4444"));
+    assertThat(db.getCanonicalAddressId("+12223334444"))
+        .isEqualTo(db.getCanonicalAddressId("222-333-4444"));
+    assertThat(db.getCanonicalAddressId("+1 (222) 333.4444"))
+        .isEqualTo(db.getCanonicalAddressId("222-333-4444"));
+    assertThat(db.getCanonicalAddressId("+49 (222) 333.4444"))
+        .isEqualTo(db.getCanonicalAddressId("222-333-4444"));
+
+  }
+
+  public void testEmailAddresses() throws Exception {
+    final long emailId        = db.getCanonicalAddressId(EMAIL);
+    final long similarEmailId = db.getCanonicalAddressId(SIMILAR_EMAIL);
+
+    assertThat(emailId).isNotEqualTo(similarEmailId);
+
+    assertThat(db.getAddressFromId(emailId)).isEqualTo(EMAIL);
+    assertThat(db.getAddressFromId(similarEmailId)).isEqualTo(SIMILAR_EMAIL);
+  }
+
+  public void testGroups() throws Exception {
+    final long groupId        = db.getCanonicalAddressId(GROUP);
+    final long similarGroupId = db.getCanonicalAddressId(SIMILAR_GROUP);
+
+    assertThat(groupId).isNotEqualTo(similarGroupId);
+
+    assertThat(db.getAddressFromId(groupId)).isEqualTo(GROUP);
+    assertThat(db.getAddressFromId(similarGroupId)).isEqualTo(SIMILAR_GROUP);
+  }
+
+  public void testAlpha() throws Exception {
+    final long id        = db.getCanonicalAddressId(ALPHA);
+    final long similarId = db.getCanonicalAddressId(SIMILAR_ALPHA);
+
+    assertThat(id).isNotEqualTo(similarId);
+
+    assertThat(db.getAddressFromId(id)).isEqualTo(ALPHA);
+    assertThat(db.getAddressFromId(similarId)).isEqualTo(SIMILAR_ALPHA);
+  }
+
+  public void testIsNumber() throws Exception {
+    assertThat(CanonicalAddressDatabase.isNumberAddress("+495556666777")).isTrue();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("(222) 333-4444")).isTrue();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("1 (222) 333-4444")).isTrue();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("T-Mobile123")).isTrue();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("333-4444")).isTrue();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("12345")).isTrue();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("T-Mobile")).isFalse();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("T-Mobile1")).isFalse();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("Wherever bank")).isFalse();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("__textsecure_group__!afafafafafaf")).isFalse();
+    assertThat(CanonicalAddressDatabase.isNumberAddress("email@domain.com")).isFalse();
+  }
+}

androidTest/org/thoughtcrime/securesms/util/PhoneNumberFormatterTest.java

@@ -0,0 +1,33 @@
+package org.thoughtcrime.securesms.util;
+
+import android.test.AndroidTestCase;
+
+import junit.framework.AssertionFailedError;
+
+import org.whispersystems.textsecure.util.InvalidNumberException;
+import org.whispersystems.textsecure.util.PhoneNumberFormatter;
+import static org.fest.assertions.api.Assertions.assertThat;
+
+public class PhoneNumberFormatterTest extends AndroidTestCase {
+  private static final String LOCAL_NUMBER = "+15555555555";
+
+  public void testFormatNumberE164() throws Exception, InvalidNumberException {
+    assertThat(PhoneNumberFormatter.formatNumber("(555) 555-5555", LOCAL_NUMBER)).isEqualTo(LOCAL_NUMBER);
+    assertThat(PhoneNumberFormatter.formatNumber("555-5555", LOCAL_NUMBER)).isEqualTo(LOCAL_NUMBER);
+    assertThat(PhoneNumberFormatter.formatNumber("(123) 555-5555", LOCAL_NUMBER)).isNotEqualTo(LOCAL_NUMBER);
+  }
+
+  public void testFormatNumberEmail() throws Exception {
+    try {
+      PhoneNumberFormatter.formatNumber("person@domain.com", LOCAL_NUMBER);
+      throw new AssertionFailedError("should have thrown on email");
+    } catch (InvalidNumberException ine) {
+      // success
+    }
+  }
+
+  @Override
+  public void setUp() throws Exception {
+    super.setUp();
+  }
+}

androidTest/org/thoughtcrime/securesms/util/UtilTest.java

@@ -0,0 +1,9 @@
+package org.thoughtcrime.securesms.util;
+
+import android.test.AndroidTestCase;
+
+import static org.fest.assertions.api.Assertions.assertThat;
+
+public class UtilTest extends AndroidTestCase {
+
+}

build.gradle

@@ -3,11 +3,13 @@ buildscript {
         mavenCentral()
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:0.8.+'
+        classpath 'com.android.tools.build:gradle:0.11.+'
+        classpath files('libs/gradle-witness.jar')
     }
 }
 
 apply plugin: 'android'
+apply plugin: 'witness'
 
 repositories {
     mavenCentral()
@@ -21,15 +23,31 @@ repositories {
 
 dependencies {
     compile 'com.actionbarsherlock:actionbarsherlock:4.4.0@aar'
-    compile 'com.android.support:support-v4:19.0.1'
+    compile 'com.android.support:support-v4:19.1.0'
     compile 'com.google.android.gcm:gcm-client:1.0.2'
+    compile 'se.emilsjolander:stickylistheaders:2.2.0'
+
+    androidTestCompile 'com.squareup:fest-android:1.0.8'
 
     compile project(':library')
 }
 
+dependencyVerification {
+    verify = [
+        'com.actionbarsherlock:actionbarsherlock:5ab04d74101f70024b222e3ff9c87bee151ec43331b4a2134b6cc08cf8565819',
+        'com.android.support:support-v4:3f40fa7b3a4ead01ce15dce9453b061646e7fe2e7c51cb75ca01ee1e77037f3f',
+        'com.google.android.gcm:gcm-client:5ff578202f93dcba1c210d015deb4241c7cdad9b7867bd1b32e0a5f4c16986ca',
+        'se.emilsjolander:stickylistheaders:89146b46c96fea0e40200474a2625cda10fe94891e4128f53cdb42375091b9b6',
+        'com.google.protobuf:protobuf-java:ad9769a22989e688a46af4d3accc348cc501ced22118033230542bc916e33f0b',
+        'com.madgag:sc-light-jdk15on:931f39d351429fb96c2f749e7ecb1a256a8ebbf5edca7995c9cc085b94d1841d',
+        'com.googlecode.libphonenumber:libphonenumber:eba17eae81dd622ea89a00a3a8c025b2f25d342e0d9644c5b62e16f15687c3ab',
+        'org.whispersystems:gson:08f4f7498455d1539c9233e5aac18e9b1805815ef29221572996508eb512fe51',
+    ]
+}
+
 android {
     compileSdkVersion 19
-    buildToolsVersion '19.0.2'
+    buildToolsVersion '19.1.0'
 
     defaultConfig {
         minSdkVersion 9
@@ -47,6 +65,12 @@ android {
                 res.srcDirs = ['res']
                 assets.srcDirs = ['assets']
             }
+            androidTest {
+                java.srcDirs = ['androidTest']
+                resources.srcDirs = ['androidTest']
+                aidl.srcDirs = ['androidTest']
+                renderscript.srcDirs = ['androidTest']
+            }
         }
     }
 

contributing.md

@@ -1,3 +1,30 @@
 ##Translations
 
 Please do not submit issues or pull requests for translation fixes. Anyone can update the translations in [Transifex](https://www.transifex.com/projects/p/textsecure-official/). Please submit your corrections there.
+
+## Submitting useful bug reports
+1. Search our issues first to make sure this is not a duplicate.
+1. Read the [Submitting useful bug reports guide](https://github.com/WhisperSystems/TextSecure/wiki/Submitting-useful-bug-reports) before posting a bug.
+
+## Development Ideology
+
+Truths which we believe to be self-evident:
+
+1. **The answer is not more options.**  If you feel compelled to add a
+   preference that's exposed to the user, it's very possible you've made
+   a wrong turn somewhere.
+1. **The user doesn't know what a key is.**  We need to minimize the points
+   at which a user is exposed to this sort of terminology as extremely as
+   possible.
+1. **There are no power users.** The idea that some users "understand"
+   concepts better than others has proven to be, for the most part, false.
+   If anything, "power users" are more dangerous than the rest, and we
+   should avoid exposing dangerous functionality to them.
+1. **If it's "like PGP," it's wrong.**  PGP is our spirit guide for what
+   not to do.
+1. **It's an asynchronous world.**  Be wary of anything that is
+   anti-asynchronous: ACKs, protocol confirmations, or any protocol-level
+   "advisory" message.
+1. **There is no such thing as time.** Protocol ideas that require synchronized
+   clocks are doomed to failure. 
+

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
-#Sat Dec 21 23:48:05 PST 2013
+#Mon Jun 09 23:26:49 PDT 2014
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=http\://services.gradle.org/distributions/gradle-1.10-bin.zip
+distributionUrl=http\://services.gradle.org/distributions/gradle-1.12-all.zip

library/build.gradle

@@ -4,7 +4,7 @@ buildscript {
     }
 
     dependencies {
-        classpath 'com.android.tools.build:gradle:0.8.+'
+        classpath 'com.android.tools.build:gradle:0.11.+'
     }
 }
 
@@ -21,13 +21,13 @@ repositories {
 dependencies {
     compile 'com.google.protobuf:protobuf-java:2.4.1'
     compile 'com.madgag:sc-light-jdk15on:1.47.0.2'
-    compile 'com.googlecode.libphonenumber:libphonenumber:5.3'
+    compile 'com.googlecode.libphonenumber:libphonenumber:6.1'
     compile 'org.whispersystems:gson:2.2.4'
 }
 
 android {
     compileSdkVersion 19
-    buildToolsVersion '19.0.2'
+    buildToolsVersion '19.1.0'
 
     android {
         sourceSets {

library/jni/curve25519-donna-jni.c

@@ -22,11 +22,16 @@
 #include "curve25519-donna.h"
 
 JNIEXPORT jbyteArray JNICALL Java_org_whispersystems_textsecure_crypto_ecc_Curve25519_generatePrivateKey
-  (JNIEnv *env, jclass clazz, jbyteArray random)
+  (JNIEnv *env, jclass clazz, jbyteArray random, jboolean ephemeral)
 {
   uint8_t* privateKey = (uint8_t*)(*env)->GetByteArrayElements(env, random, 0);
 
   privateKey[0] &= 248;
+
+  if (ephemeral) {
+    privateKey[0] |= 1;
+  }
+
   privateKey[31] &= 127;
   privateKey[31] |= 64;
 

library/jni/curve25519-donna.c

@@ -720,9 +720,6 @@ curve25519_donna(u8 *mypublic, const u8 *secret, const u8 *basepoint) {
   int i;
 
   for (i = 0; i < 32; ++i) e[i] = secret[i];
-  e[0] &= 248;
-  e[31] &= 127;
-  e[31] |= 64;
 
   fexpand(bp, basepoint);
   cmult(x, z, e, bp);

library/protobuf/LocalStorageProtocol.proto

@@ -54,6 +54,13 @@ message SessionStructure {
 
   optional uint32 remoteRegistrationId = 10;
   optional uint32 localRegistrationId  = 11;
+
+  optional bool needsRefresh = 12;
+}
+
+message RecordStructure {
+  optional SessionStructure currentSession   = 1;
+  repeated SessionStructure previousSessions = 2;
 }
 
 message PreKeyRecordStructure {

library/src/org/whispersystems/textsecure/crypto/DuplicateMessageException.java

@@ -0,0 +1,7 @@
+package org.whispersystems.textsecure.crypto;
+
+public class DuplicateMessageException extends Exception {
+  public DuplicateMessageException(String s) {
+    super(s);
+  }
+}

library/src/org/whispersystems/textsecure/crypto/IdentityKey.java

@@ -23,7 +23,6 @@ import android.os.Parcelable;
 import org.whispersystems.textsecure.crypto.ecc.Curve;
 import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
 import org.whispersystems.textsecure.util.Hex;
-import org.whispersystems.textsecure.util.Util;
 
 /**
  * A class for representing an identity key.
@@ -80,14 +79,7 @@ public class IdentityKey implements Parcelable, SerializableKey {
   }
 	
   public byte[] serialize() {
-    if (publicKey.getType() == Curve.NIST_TYPE) {
-      byte[] versionBytes = {0x01};
-      byte[] encodedKey   = publicKey.serialize();
-
-      return Util.combine(versionBytes, encodedKey);
-    } else {
-      return publicKey.serialize();
-    }
+    return publicKey.serialize();
   }
 
   public String getFingerprint() {

library/src/org/whispersystems/textsecure/crypto/KeyPair.java

@@ -1,81 +0,0 @@
-/** 
- * Copyright (C) 2011 Whisper Systems
- * Copyright (C) 2013 Open Whisper Systems
- * 
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package org.whispersystems.textsecure.crypto;
-
-import android.util.Log;
-
-import org.whispersystems.textsecure.crypto.ecc.ECKeyPair;
-import org.whispersystems.textsecure.crypto.ecc.ECPrivateKey;
-import org.whispersystems.textsecure.util.Hex;
-import org.whispersystems.textsecure.util.Util;
-
-/**
- * Represents a session's active KeyPair.
- * 
- * @author Moxie Marlinspike
- */
-
-public class KeyPair {
-
-  private PublicKey    publicKey;
-  private ECPrivateKey privateKey;
-
-  private final MasterCipher masterCipher;
-	
-  public KeyPair(int keyPairId, ECKeyPair keyPair, MasterSecret masterSecret) {
-    this.masterCipher = new MasterCipher(masterSecret);
-    this.publicKey    = new PublicKey(keyPairId, keyPair.getPublicKey());
-    this.privateKey   = keyPair.getPrivateKey();
-  }
-	
-  public KeyPair(byte[] bytes, MasterCipher masterCipher) throws InvalidKeyException {
-    this.masterCipher = masterCipher;
-    deserialize(bytes);
-  }
-	
-  public int getId() {
-    return publicKey.getId();
-  }
-	
-  public PublicKey getPublicKey() {
-    return publicKey;
-  }
-
-  public ECPrivateKey getPrivateKey() {
-    return privateKey;
-  }
-
-  public byte[] toBytes() {
-    return serialize();
-  }
-	
-  private void deserialize(byte[] bytes) throws InvalidKeyException {
-    this.publicKey         = new PublicKey(bytes);
-    byte[] privateKeyBytes = new byte[bytes.length - PublicKey.KEY_SIZE];
-    System.arraycopy(bytes, PublicKey.KEY_SIZE, privateKeyBytes, 0, privateKeyBytes.length);
-    this.privateKey        = masterCipher.decryptKey(this.publicKey.getType(), privateKeyBytes);
-  }
-	
-  public byte[] serialize() {
-    byte[] publicKeyBytes  = publicKey.serialize();
-    Log.w("KeyPair", "Serialized public key bytes: " + Hex.toString(publicKeyBytes));
-    byte[] privateKeyBytes = masterCipher.encryptKey(privateKey);
-    return Util.combine(publicKeyBytes, privateKeyBytes);
-  }
-	
-}

library/src/org/whispersystems/textsecure/crypto/LegacyMessageException.java

@@ -0,0 +1,7 @@
+package org.whispersystems.textsecure.crypto;
+
+public class LegacyMessageException extends Exception {
+  public LegacyMessageException(String s) {
+    super(s);
+  }
+}

library/src/org/whispersystems/textsecure/crypto/MasterCipher.java

@@ -83,11 +83,11 @@ public class MasterCipher {
     return new String(decodeAndDecryptBytes(body));
   }
 	
-  public ECPrivateKey decryptKey(int type, byte[] key)
+  public ECPrivateKey decryptKey(byte[] key)
       throws org.whispersystems.textsecure.crypto.InvalidKeyException
   {
     try {
-      return Curve.decodePrivatePoint(type, decryptBytes(key));
+      return Curve.decodePrivatePoint(decryptBytes(key));
     } catch (InvalidMessageException ime) {
       throw new org.whispersystems.textsecure.crypto.InvalidKeyException(ime);
     }

library/src/org/whispersystems/textsecure/crypto/PreKeyUtil.java

@@ -34,7 +34,6 @@ import java.io.FileInputStream;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStreamReader;
-import java.util.Arrays;
 import java.util.Comparator;
 import java.util.LinkedList;
 import java.util.List;
@@ -49,7 +48,7 @@ public class PreKeyUtil {
 
     for (int i=0;i<BATCH_SIZE;i++) {
       int          preKeyId = (preKeyIdOffset + i) % Medium.MAX_VALUE;
-      ECKeyPair    keyPair  = Curve25519.generateKeyPair();
+      ECKeyPair    keyPair  = Curve25519.generateKeyPair(true);
       PreKeyRecord record   = new PreKeyRecord(context, masterSecret, preKeyId, keyPair);
 
       record.save();
@@ -70,7 +69,7 @@ public class PreKeyUtil {
       }
     }
 
-    ECKeyPair    keyPair = Curve25519.generateKeyPair();
+    ECKeyPair    keyPair = Curve25519.generateKeyPair(true);
     PreKeyRecord record  = new PreKeyRecord(context, masterSecret, Medium.MAX_VALUE, keyPair);
 
     record.save();
@@ -78,38 +77,38 @@ public class PreKeyUtil {
     return record;
   }
 
-  public static List<PreKeyRecord> getPreKeys(Context context, MasterSecret masterSecret) {
-    List<PreKeyRecord> records      = new LinkedList<PreKeyRecord>();
-    File               directory    = getPreKeysDirectory(context);
-    String[]           keyRecordIds = directory.list();
-
-    Arrays.sort(keyRecordIds, new PreKeyRecordIdComparator());
-
-    for (String keyRecordId : keyRecordIds) {
-      try {
-        if (!keyRecordId.equals(PreKeyIndex.FILE_NAME) && Integer.parseInt(keyRecordId) != Medium.MAX_VALUE) {
-          records.add(new PreKeyRecord(context, masterSecret, Integer.parseInt(keyRecordId)));
-        }
-      } catch (InvalidKeyIdException e) {
-        Log.w("PreKeyUtil", e);
-        new File(getPreKeysDirectory(context), keyRecordId).delete();
-      } catch (NumberFormatException nfe) {
-        Log.w("PreKeyUtil", nfe);
-        new File(getPreKeysDirectory(context), keyRecordId).delete();
-      }
-    }
-
-    return records;
-  }
-
-  public static void clearPreKeys(Context context) {
-    File     directory  = getPreKeysDirectory(context);
-    String[] keyRecords = directory.list();
-
-    for (String keyRecord : keyRecords) {
-      new File(directory, keyRecord).delete();
-    }
-  }
+//  public static List<PreKeyRecord> getPreKeys(Context context, MasterSecret masterSecret) {
+//    List<PreKeyRecord> records      = new LinkedList<PreKeyRecord>();
+//    File               directory    = getPreKeysDirectory(context);
+//    String[]           keyRecordIds = directory.list();
+//
+//    Arrays.sort(keyRecordIds, new PreKeyRecordIdComparator());
+//
+//    for (String keyRecordId : keyRecordIds) {
+//      try {
+//        if (!keyRecordId.equals(PreKeyIndex.FILE_NAME) && Integer.parseInt(keyRecordId) != Medium.MAX_VALUE) {
+//          records.add(new PreKeyRecord(context, masterSecret, Integer.parseInt(keyRecordId)));
+//        }
+//      } catch (InvalidKeyIdException e) {
+//        Log.w("PreKeyUtil", e);
+//        new File(getPreKeysDirectory(context), keyRecordId).delete();
+//      } catch (NumberFormatException nfe) {
+//        Log.w("PreKeyUtil", nfe);
+//        new File(getPreKeysDirectory(context), keyRecordId).delete();
+//      }
+//    }
+//
+//    return records;
+//  }
+//
+//  public static void clearPreKeys(Context context) {
+//    File     directory  = getPreKeysDirectory(context);
+//    String[] keyRecords = directory.list();
+//
+//    for (String keyRecord : keyRecords) {
+//      new File(directory, keyRecord).delete();
+//    }
+//  }
 
   private static void setNextPreKeyId(Context context, int id) {
     try {
@@ -126,7 +125,7 @@ public class PreKeyUtil {
     try {
       File nextFile = new File(getPreKeysDirectory(context), PreKeyIndex.FILE_NAME);
 
-      if (nextFile.exists()) {
+      if (!nextFile.exists()) {
         return Util.getSecureRandom().nextInt(Medium.MAX_VALUE);
       } else {
         InputStreamReader reader = new InputStreamReader(new FileInputStream(nextFile));

library/src/org/whispersystems/textsecure/crypto/SessionCipher.java

@@ -18,31 +18,258 @@ package org.whispersystems.textsecure.crypto;
 
 
 import android.content.Context;
+import android.util.Log;
+import android.util.Pair;
 
+import org.whispersystems.textsecure.crypto.ecc.Curve;
+import org.whispersystems.textsecure.crypto.ecc.ECKeyPair;
+import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
 import org.whispersystems.textsecure.crypto.protocol.CiphertextMessage;
+import org.whispersystems.textsecure.crypto.protocol.PreKeyWhisperMessage;
+import org.whispersystems.textsecure.crypto.protocol.WhisperMessage;
+import org.whispersystems.textsecure.crypto.ratchet.ChainKey;
+import org.whispersystems.textsecure.crypto.ratchet.MessageKeys;
+import org.whispersystems.textsecure.crypto.ratchet.RootKey;
 import org.whispersystems.textsecure.storage.RecipientDevice;
-import org.whispersystems.textsecure.storage.SessionRecordV1;
 import org.whispersystems.textsecure.storage.SessionRecordV2;
+import org.whispersystems.textsecure.storage.SessionState;
+import org.whispersystems.textsecure.util.Conversions;
 
-public abstract class SessionCipher {
+import java.security.InvalidAlgorithmParameterException;
+import java.security.NoSuchAlgorithmException;
+import java.util.List;
 
-  protected static final Object SESSION_LOCK = new Object();
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
 
-  public abstract CiphertextMessage encrypt(byte[] paddedMessage);
-  public abstract byte[] decrypt(byte[] decodedMessage) throws InvalidMessageException;
-  public abstract int getRemoteRegistrationId();
+public class SessionCipher {
+
+  private static final Object SESSION_LOCK = new Object();
+
+  private final Context         context;
+  private final MasterSecret    masterSecret;
+  private final RecipientDevice recipient;
 
   public static SessionCipher createFor(Context context,
                                         MasterSecret masterSecret,
                                         RecipientDevice recipient)
   {
     if (SessionRecordV2.hasSession(context, masterSecret, recipient)) {
-      return new SessionCipherV2(context, masterSecret, recipient);
-    } else if (SessionRecordV1.hasSession(context, recipient.getRecipientId())) {
-      return new SessionCipherV1(context, masterSecret, recipient.getRecipient());
+      return new SessionCipher(context, masterSecret, recipient);
     } else {
       throw new AssertionError("Attempt to initialize cipher for non-existing session.");
     }
   }
 
+
+  private SessionCipher(Context context, MasterSecret masterSecret, RecipientDevice recipient) {
+    this.recipient    = recipient;
+    this.masterSecret = masterSecret;
+    this.context      = context;
+  }
+
+  public CiphertextMessage encrypt(byte[] paddedMessage) {
+    synchronized (SESSION_LOCK) {
+      SessionRecordV2 sessionRecord   = getSessionRecord();
+      SessionState    sessionState    = sessionRecord.getSessionState();
+      ChainKey        chainKey        = sessionState.getSenderChainKey();
+      MessageKeys     messageKeys     = chainKey.getMessageKeys();
+      ECPublicKey     senderEphemeral = sessionState.getSenderEphemeral();
+      int             previousCounter = sessionState.getPreviousCounter();
+
+      byte[]            ciphertextBody    = getCiphertext(messageKeys, paddedMessage);
+      CiphertextMessage ciphertextMessage = new WhisperMessage(messageKeys.getMacKey(),
+                                                               senderEphemeral, chainKey.getIndex(),
+                                                               previousCounter, ciphertextBody);
+
+      if (sessionState.hasPendingPreKey()) {
+        Pair<Integer, ECPublicKey> pendingPreKey       = sessionState.getPendingPreKey();
+        int                        localRegistrationId = sessionState.getLocalRegistrationId();
+
+        ciphertextMessage = new PreKeyWhisperMessage(localRegistrationId, pendingPreKey.first,
+                                                     pendingPreKey.second,
+                                                     sessionState.getLocalIdentityKey(),
+                                                     (WhisperMessage) ciphertextMessage);
+      }
+
+      sessionState.setSenderChainKey(chainKey.getNextChainKey());
+      sessionRecord.save();
+
+      return ciphertextMessage;
+    }
+  }
+
+  public byte[] decrypt(byte[] decodedMessage)
+      throws InvalidMessageException, DuplicateMessageException, LegacyMessageException
+  {
+    synchronized (SESSION_LOCK) {
+      SessionRecordV2    sessionRecord  = getSessionRecord();
+      SessionState       sessionState   = sessionRecord.getSessionState();
+      List<SessionState> previousStates = sessionRecord.getPreviousSessions();
+
+      try {
+        byte[] plaintext = decrypt(sessionState, decodedMessage);
+        sessionRecord.save();
+
+        return plaintext;
+      } catch (InvalidMessageException e) {
+        Log.w("SessionCipherV2", e);
+      }
+
+      for (SessionState previousState : previousStates) {
+        try {
+          Log.w("SessionCipherV2", "Attempting decrypt on previous state...");
+          byte[] plaintext = decrypt(previousState, decodedMessage);
+          sessionRecord.save();
+
+          return plaintext;
+        } catch (InvalidMessageException e) {
+          Log.w("SessionCipherV2", e);
+        }
+      }
+
+      throw new InvalidMessageException("No valid sessions.");
+    }
+  }
+
+  public byte[] decrypt(SessionState sessionState, byte[] decodedMessage)
+      throws InvalidMessageException, DuplicateMessageException, LegacyMessageException
+  {
+    if (!sessionState.hasSenderChain()) {
+      throw new InvalidMessageException("Uninitialized session!");
+    }
+
+    WhisperMessage ciphertextMessage = new WhisperMessage(decodedMessage);
+    ECPublicKey    theirEphemeral    = ciphertextMessage.getSenderEphemeral();
+    int            counter           = ciphertextMessage.getCounter();
+    ChainKey       chainKey          = getOrCreateChainKey(sessionState, theirEphemeral);
+    MessageKeys    messageKeys       = getOrCreateMessageKeys(sessionState, theirEphemeral,
+                                                              chainKey, counter);
+
+    ciphertextMessage.verifyMac(messageKeys.getMacKey());
+
+    byte[] plaintext = getPlaintext(messageKeys, ciphertextMessage.getBody());
+
+    sessionState.clearPendingPreKey();
+
+    return plaintext;
+
+  }
+
+  public int getRemoteRegistrationId() {
+    synchronized (SESSION_LOCK) {
+      SessionRecordV2 sessionRecord = getSessionRecord();
+      return sessionRecord.getSessionState().getRemoteRegistrationId();
+    }
+  }
+
+  private ChainKey getOrCreateChainKey(SessionState sessionState, ECPublicKey theirEphemeral)
+      throws InvalidMessageException
+  {
+    try {
+      if (sessionState.hasReceiverChain(theirEphemeral)) {
+        return sessionState.getReceiverChainKey(theirEphemeral);
+      } else {
+        RootKey                 rootKey         = sessionState.getRootKey();
+        ECKeyPair               ourEphemeral    = sessionState.getSenderEphemeralPair();
+        Pair<RootKey, ChainKey> receiverChain   = rootKey.createChain(theirEphemeral, ourEphemeral);
+        ECKeyPair               ourNewEphemeral = Curve.generateKeyPair(true);
+        Pair<RootKey, ChainKey> senderChain     = receiverChain.first.createChain(theirEphemeral, ourNewEphemeral);
+
+        sessionState.setRootKey(senderChain.first);
+        sessionState.addReceiverChain(theirEphemeral, receiverChain.second);
+        sessionState.setPreviousCounter(sessionState.getSenderChainKey().getIndex()-1);
+        sessionState.setSenderChain(ourNewEphemeral, senderChain.second);
+
+        return receiverChain.second;
+      }
+    } catch (InvalidKeyException e) {
+      throw new InvalidMessageException(e);
+    }
+  }
+
+  private MessageKeys getOrCreateMessageKeys(SessionState sessionState,
+                                             ECPublicKey theirEphemeral,
+                                             ChainKey chainKey, int counter)
+      throws InvalidMessageException, DuplicateMessageException
+  {
+    if (chainKey.getIndex() > counter) {
+      if (sessionState.hasMessageKeys(theirEphemeral, counter)) {
+        return sessionState.removeMessageKeys(theirEphemeral, counter);
+      } else {
+        throw new DuplicateMessageException("Received message with old counter: " +
+                                                chainKey.getIndex() + " , " + counter);
+      }
+    }
+
+    if (chainKey.getIndex() - counter > 2000) {
+      throw new InvalidMessageException("Over 2000 messages into the future!");
+    }
+
+    while (chainKey.getIndex() < counter) {
+      MessageKeys messageKeys = chainKey.getMessageKeys();
+      sessionState.setMessageKeys(theirEphemeral, messageKeys);
+      chainKey = chainKey.getNextChainKey();
+    }
+
+    sessionState.setReceiverChainKey(theirEphemeral, chainKey.getNextChainKey());
+    return chainKey.getMessageKeys();
+  }
+
+  private byte[] getCiphertext(MessageKeys messageKeys, byte[] plaintext) {
+    try {
+      Cipher cipher = getCipher(Cipher.ENCRYPT_MODE,
+                                messageKeys.getCipherKey(),
+                                messageKeys.getCounter());
+
+      return cipher.doFinal(plaintext);
+    } catch (IllegalBlockSizeException e) {
+      throw new AssertionError(e);
+    } catch (BadPaddingException e) {
+      throw new AssertionError(e);
+    }
+  }
+
+  private byte[] getPlaintext(MessageKeys messageKeys, byte[] cipherText) {
+    try {
+      Cipher cipher = getCipher(Cipher.DECRYPT_MODE,
+                                messageKeys.getCipherKey(),
+                                messageKeys.getCounter());
+      return cipher.doFinal(cipherText);
+    } catch (IllegalBlockSizeException e) {
+      throw new AssertionError(e);
+    } catch (BadPaddingException e) {
+      throw new AssertionError(e);
+    }
+  }
+
+  private Cipher getCipher(int mode, SecretKeySpec key, int counter)  {
+    try {
+      Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
+
+      byte[] ivBytes = new byte[16];
+      Conversions.intToByteArray(ivBytes, 0, counter);
+
+      IvParameterSpec iv = new IvParameterSpec(ivBytes);
+      cipher.init(mode, key, iv);
+
+      return cipher;
+    } catch (NoSuchAlgorithmException e) {
+      throw new AssertionError(e);
+    } catch (NoSuchPaddingException e) {
+      throw new AssertionError(e);
+    } catch (java.security.InvalidKeyException e) {
+      throw new AssertionError(e);
+    } catch (InvalidAlgorithmParameterException e) {
+      throw new AssertionError(e);
+    }
+  }
+
+  private SessionRecordV2 getSessionRecord() {
+    return new SessionRecordV2(context, masterSecret, recipient);
+  }
 }

library/src/org/whispersystems/textsecure/crypto/SessionCipherV1.java

@@ -1,332 +0,0 @@
-package org.whispersystems.textsecure.crypto;
-
-import android.content.Context;
-import android.util.Log;
-
-import org.whispersystems.textsecure.crypto.ecc.Curve;
-import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
-import org.whispersystems.textsecure.crypto.kdf.DerivedSecrets;
-import org.whispersystems.textsecure.crypto.kdf.NKDF;
-import org.whispersystems.textsecure.crypto.protocol.CiphertextMessage;
-import org.whispersystems.textsecure.crypto.protocol.WhisperMessageV1;
-import org.whispersystems.textsecure.storage.CanonicalRecipient;
-import org.whispersystems.textsecure.storage.RecipientDevice;
-import org.whispersystems.textsecure.storage.InvalidKeyIdException;
-import org.whispersystems.textsecure.storage.LocalKeyRecord;
-import org.whispersystems.textsecure.storage.RemoteKeyRecord;
-import org.whispersystems.textsecure.storage.SessionKey;
-import org.whispersystems.textsecure.storage.SessionRecordV1;
-import org.whispersystems.textsecure.util.Conversions;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.NoSuchAlgorithmException;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-public class SessionCipherV1 extends SessionCipher {
-
-  private final Context            context;
-  private final MasterSecret       masterSecret;
-  private final CanonicalRecipient recipient;
-
-  public SessionCipherV1(Context context,
-                         MasterSecret masterSecret,
-                         CanonicalRecipient recipient)
-  {
-    this.context      = context;
-    this.masterSecret = masterSecret;
-    this.recipient    = recipient;
-  }
-
-  public CiphertextMessage encrypt(byte[] paddedMessageBody) {
-    synchronized (SESSION_LOCK) {
-      SessionCipherContext encryptionContext = getEncryptionContext();
-      byte[]               cipherText        = getCiphertext(paddedMessageBody,
-                                                             encryptionContext.getSessionKey().getCipherKey(),
-                                                             encryptionContext.getSessionRecord().getCounter());
-
-      encryptionContext.getSessionRecord().setSessionKey(encryptionContext.getSessionKey());
-      encryptionContext.getSessionRecord().incrementCounter();
-      encryptionContext.getSessionRecord().save();
-
-      return new WhisperMessageV1(encryptionContext, cipherText);
-    }
-  }
-
-  public byte[] decrypt(byte[] decodedCiphertext) throws InvalidMessageException {
-    synchronized (SESSION_LOCK) {
-      WhisperMessageV1     message           = new WhisperMessageV1(decodedCiphertext);
-      SessionCipherContext decryptionContext = getDecryptionContext(message);
-
-      message.verifyMac(decryptionContext);
-
-      byte[] plaintextWithPadding = getPlaintext(message.getBody(),
-                                                 decryptionContext.getSessionKey().getCipherKey(),
-                                                 decryptionContext.getCounter());
-
-      decryptionContext.getRemoteKeyRecord().updateCurrentRemoteKey(decryptionContext.getNextKey());
-      decryptionContext.getRemoteKeyRecord().save();
-
-      decryptionContext.getLocalKeyRecord().advanceKeyIfNecessary(decryptionContext.getRecipientKeyId());
-      decryptionContext.getLocalKeyRecord().save();
-
-      decryptionContext.getSessionRecord().setSessionKey(decryptionContext.getSessionKey());
-      decryptionContext.getSessionRecord().save();
-
-      return plaintextWithPadding;
-    }
-  }
-
-  @Override
-  public int getRemoteRegistrationId() {
-    return 0;
-  }
-
-  private SessionCipherContext getEncryptionContext() {
-    try {
-      KeyRecords records        = getKeyRecords(context, masterSecret, recipient);
-      int        localKeyId     = records.getLocalKeyRecord().getCurrentKeyPair().getId();
-      int        remoteKeyId    = records.getRemoteKeyRecord().getCurrentRemoteKey().getId();
-      int        sessionVersion = records.getSessionRecord().getSessionVersion();
-      SessionKey sessionKey     = getSessionKey(masterSecret, Cipher.ENCRYPT_MODE,
-                                                records, localKeyId, remoteKeyId);
-      PublicKey  nextKey        = records.getLocalKeyRecord().getNextKeyPair().getPublicKey();
-      int        counter        = records.getSessionRecord().getCounter();
-
-
-      return new SessionCipherContext(records, sessionKey, localKeyId, remoteKeyId,
-                                      nextKey, counter, sessionVersion);
-    } catch (InvalidKeyIdException e) {
-      throw new IllegalArgumentException(e);
-    } catch (InvalidKeyException e) {
-      throw new IllegalArgumentException(e);
-    }
-  }
-
-  public SessionCipherContext getDecryptionContext(WhisperMessageV1 message)
-      throws InvalidMessageException
-  {
-    try {
-      KeyRecords records        = getKeyRecords(context, masterSecret, recipient);
-      int        messageVersion = message.getCurrentVersion();
-      int        recipientKeyId = message.getReceiverKeyId();
-      int        senderKeyId    = message.getSenderKeyId();
-      PublicKey  nextKey        = new PublicKey(message.getNextKeyBytes());
-      int        counter        = message.getCounter();
-
-      if (messageVersion < records.getSessionRecord().getSessionVersion()) {
-        throw new InvalidMessageException("Message version: " + messageVersion +
-                                          " but negotiated session version: "  +
-                                          records.getSessionRecord().getSessionVersion());
-      }
-
-      SessionKey sessionKey = getSessionKey(masterSecret, Cipher.DECRYPT_MODE,
-                                            records, recipientKeyId, senderKeyId);
-
-      return new SessionCipherContext(records, sessionKey, senderKeyId,
-                                      recipientKeyId, nextKey, counter,
-                                      messageVersion);
-    } catch (InvalidKeyIdException e) {
-      throw new InvalidMessageException(e);
-    } catch (InvalidKeyException e) {
-      throw new InvalidMessageException(e);
-    }
-  }
-
-  private byte[] getCiphertext(byte[] message, SecretKeySpec key, int counter)  {
-    try {
-      Cipher cipher = getCipher(Cipher.ENCRYPT_MODE, key, counter);
-      return cipher.doFinal(message);
-    } catch (IllegalBlockSizeException e) {
-      throw new AssertionError(e);
-    } catch (BadPaddingException e) {
-      throw new AssertionError(e);
-    }
-  }
-
-  private byte[] getPlaintext(byte[] cipherText, SecretKeySpec key, int counter) {
-    try {
-      Cipher cipher = getCipher(Cipher.DECRYPT_MODE, key, counter);
-      return cipher.doFinal(cipherText);
-    } catch (IllegalBlockSizeException e) {
-      throw new AssertionError(e);
-    } catch (BadPaddingException e) {
-      throw new AssertionError(e);
-    }
-  }
-
-  private Cipher getCipher(int mode, SecretKeySpec key, int counter)  {
-    try {
-      Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
-
-      byte[] ivBytes = new byte[16];
-      Conversions.mediumToByteArray(ivBytes, 0, counter);
-
-      IvParameterSpec iv = new IvParameterSpec(ivBytes);
-      cipher.init(mode, key, iv);
-
-      return cipher;
-    } catch (NoSuchAlgorithmException e) {
-      throw new IllegalArgumentException("AES Not Supported!");
-    } catch (NoSuchPaddingException e) {
-      throw new IllegalArgumentException("NoPadding Not Supported!");
-    } catch (java.security.InvalidKeyException e) {
-      Log.w("SessionCipher", e);
-      throw new IllegalArgumentException("Invaid Key?");
-    } catch (InvalidAlgorithmParameterException e) {
-      Log.w("SessionCipher", e);
-      throw new IllegalArgumentException("Bad IV?");
-    }
-  }
-
-  private SessionKey getSessionKey(MasterSecret masterSecret, int mode,
-                                   KeyRecords records,
-                                   int localKeyId, int remoteKeyId)
-      throws InvalidKeyIdException, InvalidKeyException
-  {
-    Log.w("SessionCipher", "Getting session key for local: " + localKeyId + " remote: " + remoteKeyId);
-    SessionKey sessionKey = records.getSessionRecord().getSessionKey(mode, localKeyId, remoteKeyId);
-
-    if (sessionKey != null)
-      return sessionKey;
-
-    DerivedSecrets derivedSecrets = calculateSharedSecret(mode, records, localKeyId, remoteKeyId);
-
-    return new SessionKey(mode, localKeyId, remoteKeyId, derivedSecrets.getCipherKey(),
-                          derivedSecrets.getMacKey(), masterSecret);
-  }
-
-  private DerivedSecrets calculateSharedSecret(int mode, KeyRecords records,
-                                               int localKeyId, int remoteKeyId)
-      throws InvalidKeyIdException, InvalidKeyException
-  {
-    NKDF        kdf          = new NKDF();
-    KeyPair     localKeyPair = records.getLocalKeyRecord().getKeyPairForId(localKeyId);
-    ECPublicKey remoteKey    = records.getRemoteKeyRecord().getKeyForId(remoteKeyId).getKey();
-    byte[]      sharedSecret = Curve.calculateAgreement(remoteKey, localKeyPair.getPrivateKey());
-    boolean     isLowEnd     = isLowEnd(records, localKeyId, remoteKeyId);
-
-    isLowEnd = (mode == Cipher.ENCRYPT_MODE ? isLowEnd : !isLowEnd);
-
-    return kdf.deriveSecrets(sharedSecret, isLowEnd);
-  }
-
-  private boolean isLowEnd(KeyRecords records, int localKeyId, int remoteKeyId)
-      throws InvalidKeyIdException
-  {
-    ECPublicKey localPublic  = records.getLocalKeyRecord().getKeyPairForId(localKeyId).getPublicKey().getKey();
-    ECPublicKey remotePublic = records.getRemoteKeyRecord().getKeyForId(remoteKeyId).getKey();
-
-    return localPublic.compareTo(remotePublic) < 0;
-  }
-
-  private KeyRecords getKeyRecords(Context context, MasterSecret masterSecret,
-                                   CanonicalRecipient recipient)
-  {
-    LocalKeyRecord  localKeyRecord  = new LocalKeyRecord(context, masterSecret, recipient);
-    RemoteKeyRecord remoteKeyRecord = new RemoteKeyRecord(context, recipient);
-    SessionRecordV1 sessionRecord   = new SessionRecordV1(context, masterSecret, recipient);
-    return new KeyRecords(localKeyRecord, remoteKeyRecord, sessionRecord);
-  }
-
-  private static class KeyRecords {
-
-    private final LocalKeyRecord  localKeyRecord;
-    private final RemoteKeyRecord remoteKeyRecord;
-    private final SessionRecordV1 sessionRecord;
-
-    public KeyRecords(LocalKeyRecord localKeyRecord,
-                      RemoteKeyRecord remoteKeyRecord,
-                      SessionRecordV1 sessionRecord)
-    {
-      this.localKeyRecord  = localKeyRecord;
-      this.remoteKeyRecord = remoteKeyRecord;
-      this.sessionRecord   = sessionRecord;
-    }
-
-    private LocalKeyRecord getLocalKeyRecord() {
-      return localKeyRecord;
-    }
-
-    private RemoteKeyRecord getRemoteKeyRecord() {
-      return remoteKeyRecord;
-    }
-
-    private SessionRecordV1 getSessionRecord() {
-      return sessionRecord;
-    }
-  }
-
-  public static class SessionCipherContext {
-
-    private final LocalKeyRecord  localKeyRecord;
-    private final RemoteKeyRecord remoteKeyRecord;
-    private final SessionRecordV1 sessionRecord;
-    private final SessionKey      sessionKey;
-    private final int             senderKeyId;
-    private final int             recipientKeyId;
-    private final PublicKey       nextKey;
-    private final int             counter;
-    private final int             messageVersion;
-
-    public SessionCipherContext(KeyRecords records,
-                                SessionKey sessionKey,
-                                int senderKeyId,
-                                int receiverKeyId,
-                                PublicKey nextKey,
-                                int counter,
-                                int messageVersion)
-    {
-      this.localKeyRecord    = records.getLocalKeyRecord();
-      this.remoteKeyRecord   = records.getRemoteKeyRecord();
-      this.sessionRecord     = records.getSessionRecord();
-      this.sessionKey        = sessionKey;
-      this.senderKeyId       = senderKeyId;
-      this.recipientKeyId    = receiverKeyId;
-      this.nextKey           = nextKey;
-      this.counter           = counter;
-      this.messageVersion    = messageVersion;
-    }
-
-    public LocalKeyRecord getLocalKeyRecord() {
-      return localKeyRecord;
-    }
-
-    public RemoteKeyRecord getRemoteKeyRecord() {
-      return remoteKeyRecord;
-    }
-
-    public SessionRecordV1 getSessionRecord() {
-      return sessionRecord;
-    }
-
-    public SessionKey getSessionKey() {
-      return sessionKey;
-    }
-
-    public PublicKey getNextKey() {
-      return nextKey;
-    }
-
-    public int getCounter() {
-      return counter;
-    }
-
-    public int getSenderKeyId() {
-      return senderKeyId;
-    }
-
-    public int getRecipientKeyId() {
-      return recipientKeyId;
-    }
-
-    public int getMessageVersion() {
-      return messageVersion;
-    }
-  }
-}

library/src/org/whispersystems/textsecure/crypto/SessionCipherV2.java

@@ -1,211 +0,0 @@
-package org.whispersystems.textsecure.crypto;
-
-import android.content.Context;
-import android.util.Pair;
-
-import org.whispersystems.textsecure.crypto.ecc.Curve;
-import org.whispersystems.textsecure.crypto.ecc.ECKeyPair;
-import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
-import org.whispersystems.textsecure.crypto.protocol.CiphertextMessage;
-import org.whispersystems.textsecure.crypto.protocol.PreKeyWhisperMessage;
-import org.whispersystems.textsecure.crypto.protocol.WhisperMessageV2;
-import org.whispersystems.textsecure.crypto.ratchet.ChainKey;
-import org.whispersystems.textsecure.crypto.ratchet.MessageKeys;
-import org.whispersystems.textsecure.crypto.ratchet.RootKey;
-import org.whispersystems.textsecure.storage.RecipientDevice;
-import org.whispersystems.textsecure.storage.SessionRecordV2;
-import org.whispersystems.textsecure.util.Conversions;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.NoSuchAlgorithmException;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-public class SessionCipherV2 extends SessionCipher {
-
-  private final Context         context;
-  private final MasterSecret    masterSecret;
-  private final RecipientDevice recipient;
-
-  public SessionCipherV2(Context context,
-                         MasterSecret masterSecret,
-                         RecipientDevice recipient)
-  {
-    this.context      = context;
-    this.masterSecret = masterSecret;
-    this.recipient    = recipient;
-  }
-
-  @Override
-  public CiphertextMessage encrypt(byte[] paddedMessage) {
-    synchronized (SESSION_LOCK) {
-      SessionRecordV2 sessionRecord   = getSessionRecord();
-      ChainKey        chainKey        = sessionRecord.getSenderChainKey();
-      MessageKeys     messageKeys     = chainKey.getMessageKeys();
-      ECPublicKey     senderEphemeral = sessionRecord.getSenderEphemeral();
-      int             previousCounter = sessionRecord.getPreviousCounter();
-
-      byte[]            ciphertextBody    = getCiphertext(messageKeys, paddedMessage);
-      CiphertextMessage ciphertextMessage = new WhisperMessageV2(messageKeys.getMacKey(),
-                                                                 senderEphemeral, chainKey.getIndex(),
-                                                                 previousCounter, ciphertextBody);
-
-      if (sessionRecord.hasPendingPreKey()) {
-        Pair<Integer, ECPublicKey> pendingPreKey       = sessionRecord.getPendingPreKey();
-        int                        localRegistrationId = sessionRecord.getLocalRegistrationId();
-
-        ciphertextMessage = new PreKeyWhisperMessage(localRegistrationId, pendingPreKey.first,
-                                                     pendingPreKey.second,
-                                                     sessionRecord.getLocalIdentityKey(),
-                                                     (WhisperMessageV2) ciphertextMessage);
-      }
-
-      sessionRecord.setSenderChainKey(chainKey.getNextChainKey());
-      sessionRecord.save();
-
-      return ciphertextMessage;
-    }
-  }
-
-  @Override
-  public byte[] decrypt(byte[] decodedMessage) throws InvalidMessageException {
-    synchronized (SESSION_LOCK) {
-      SessionRecordV2  sessionRecord     = getSessionRecord();
-      WhisperMessageV2 ciphertextMessage = new WhisperMessageV2(decodedMessage);
-      ECPublicKey      theirEphemeral    = ciphertextMessage.getSenderEphemeral();
-      int              counter           = ciphertextMessage.getCounter();
-      ChainKey         chainKey          = getOrCreateChainKey(sessionRecord, theirEphemeral);
-      MessageKeys      messageKeys       = getOrCreateMessageKeys(sessionRecord, theirEphemeral,
-                                                                  chainKey, counter);
-
-      ciphertextMessage.verifyMac(messageKeys.getMacKey());
-
-      byte[] plaintext = getPlaintext(messageKeys, ciphertextMessage.getBody());
-
-      sessionRecord.clearPendingPreKey();
-      sessionRecord.save();
-
-      return plaintext;
-    }
-  }
-
-  @Override
-  public int getRemoteRegistrationId() {
-    synchronized (SESSION_LOCK) {
-      SessionRecordV2 sessionRecord = getSessionRecord();
-      return sessionRecord.getRemoteRegistrationId();
-    }
-  }
-
-  private ChainKey getOrCreateChainKey(SessionRecordV2 sessionRecord, ECPublicKey theirEphemeral)
-      throws InvalidMessageException
-  {
-    try {
-      if (sessionRecord.hasReceiverChain(theirEphemeral)) {
-        return sessionRecord.getReceiverChainKey(theirEphemeral);
-      } else {
-        RootKey                 rootKey         = sessionRecord.getRootKey();
-        ECKeyPair               ourEphemeral    = sessionRecord.getSenderEphemeralPair();
-        Pair<RootKey, ChainKey> receiverChain   = rootKey.createChain(theirEphemeral, ourEphemeral);
-        ECKeyPair               ourNewEphemeral = Curve.generateKeyPairForType(Curve.DJB_TYPE);
-        Pair<RootKey, ChainKey> senderChain     = receiverChain.first.createChain(theirEphemeral, ourNewEphemeral);
-
-        sessionRecord.setRootKey(senderChain.first);
-        sessionRecord.addReceiverChain(theirEphemeral, receiverChain.second);
-        sessionRecord.setPreviousCounter(sessionRecord.getSenderChainKey().getIndex()-1);
-        sessionRecord.setSenderChain(ourNewEphemeral, senderChain.second);
-
-        return receiverChain.second;
-      }
-    } catch (InvalidKeyException e) {
-      throw new InvalidMessageException(e);
-    }
-  }
-
-  private MessageKeys getOrCreateMessageKeys(SessionRecordV2 sessionRecord,
-                                             ECPublicKey theirEphemeral,
-                                             ChainKey chainKey, int counter)
-      throws InvalidMessageException
-  {
-    if (chainKey.getIndex() > counter) {
-      if (sessionRecord.hasMessageKeys(theirEphemeral, counter)) {
-        return sessionRecord.removeMessageKeys(theirEphemeral, counter);
-      } else {
-        throw new InvalidMessageException("Received message with old counter!");
-      }
-    }
-
-    if (chainKey.getIndex() - counter > 500) {
-      throw new InvalidMessageException("Over 500 messages into the future!");
-    }
-
-    while (chainKey.getIndex() < counter) {
-      MessageKeys messageKeys = chainKey.getMessageKeys();
-      sessionRecord.setMessageKeys(theirEphemeral, messageKeys);
-      chainKey = chainKey.getNextChainKey();
-    }
-
-    sessionRecord.setReceiverChainKey(theirEphemeral, chainKey.getNextChainKey());
-    return chainKey.getMessageKeys();
-  }
-
-  private byte[] getCiphertext(MessageKeys messageKeys, byte[] plaintext) {
-    try {
-      Cipher cipher = getCipher(Cipher.ENCRYPT_MODE,
-                                messageKeys.getCipherKey(),
-                                messageKeys.getCounter());
-
-      return cipher.doFinal(plaintext);
-    } catch (IllegalBlockSizeException e) {
-      throw new AssertionError(e);
-    } catch (BadPaddingException e) {
-      throw new AssertionError(e);
-    }
-  }
-
-  private byte[] getPlaintext(MessageKeys messageKeys, byte[] cipherText) {
-    try {
-      Cipher cipher = getCipher(Cipher.DECRYPT_MODE,
-                                messageKeys.getCipherKey(),
-                                messageKeys.getCounter());
-      return cipher.doFinal(cipherText);
-    } catch (IllegalBlockSizeException e) {
-      throw new AssertionError(e);
-    } catch (BadPaddingException e) {
-      throw new AssertionError(e);
-    }
-  }
-
-  private Cipher getCipher(int mode, SecretKeySpec key, int counter)  {
-    try {
-      Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
-
-      byte[] ivBytes = new byte[16];
-      Conversions.intToByteArray(ivBytes, 0, counter);
-
-      IvParameterSpec iv = new IvParameterSpec(ivBytes);
-      cipher.init(mode, key, iv);
-
-      return cipher;
-    } catch (NoSuchAlgorithmException e) {
-      throw new AssertionError(e);
-    } catch (NoSuchPaddingException e) {
-      throw new AssertionError(e);
-    } catch (java.security.InvalidKeyException e) {
-      throw new AssertionError(e);
-    } catch (InvalidAlgorithmParameterException e) {
-      throw new AssertionError(e);
-    }
-  }
-
-
-  private SessionRecordV2 getSessionRecord() {
-    return new SessionRecordV2(context, masterSecret, recipient);
-  }
-
-}

library/src/org/whispersystems/textsecure/crypto/ecc/Curve.java

@@ -21,26 +21,10 @@ import org.whispersystems.textsecure.crypto.protocol.CiphertextMessage;
 
 public class Curve {
 
-  public  static final int NIST_TYPE  = 0x02;
-  private static final int NIST_TYPE2 = 0x03;
   public  static final int DJB_TYPE   = 0x05;
 
-  public static ECKeyPair generateKeyPairForType(int keyType) {
-    if (keyType == DJB_TYPE) {
-      return Curve25519.generateKeyPair();
-    } else if (keyType == NIST_TYPE || keyType == NIST_TYPE2) {
-      return CurveP256.generateKeyPair();
-    } else {
-      throw new AssertionError("Bad key type: " + keyType);
-    }
-  }
-
-  public static ECKeyPair generateKeyPairForSession(int messageVersion) {
-    if (messageVersion <= CiphertextMessage.LEGACY_VERSION) {
-      return generateKeyPairForType(NIST_TYPE);
-    } else {
-      return generateKeyPairForType(DJB_TYPE);
-    }
+  public static ECKeyPair generateKeyPair(boolean ephemeral) {
+    return Curve25519.generateKeyPair(ephemeral);
   }
 
   public static ECPublicKey decodePoint(byte[] bytes, int offset)
@@ -50,21 +34,13 @@ public class Curve {
 
     if (type == DJB_TYPE) {
       return Curve25519.decodePoint(bytes, offset);
-    } else if (type == NIST_TYPE || type == NIST_TYPE2) {
-      return CurveP256.decodePoint(bytes, offset);
     } else {
       throw new InvalidKeyException("Unknown key type: " + type);
     }
   }
 
-  public static ECPrivateKey decodePrivatePoint(int type, byte[] bytes) {
-    if (type == DJB_TYPE) {
-      return new DjbECPrivateKey(bytes);
-    } else if (type == NIST_TYPE || type == NIST_TYPE2) {
-      return CurveP256.decodePrivatePoint(bytes);
-    } else {
-      throw new AssertionError("Bad key type: " + type);
-    }
+  public static ECPrivateKey decodePrivatePoint(byte[] bytes) {
+    return new DjbECPrivateKey(bytes);
   }
 
   public static byte[] calculateAgreement(ECPublicKey publicKey, ECPrivateKey privateKey)
@@ -76,8 +52,6 @@ public class Curve {
 
     if (publicKey.getType() == DJB_TYPE) {
       return Curve25519.calculateAgreement(publicKey, privateKey);
-    } else if (publicKey.getType() == NIST_TYPE || publicKey.getType() == NIST_TYPE2) {
-      return CurveP256.calculateAgreement(publicKey, privateKey);
     } else {
       throw new InvalidKeyException("Unknown type: " + publicKey.getType());
     }

library/src/org/whispersystems/textsecure/crypto/ecc/Curve25519.java

@@ -37,10 +37,10 @@ public class Curve25519 {
 
   private static native byte[] calculateAgreement(byte[] ourPrivate, byte[] theirPublic);
   private static native byte[] generatePublicKey(byte[] privateKey);
-  private static native byte[] generatePrivateKey(byte[] random);
+  private static native byte[] generatePrivateKey(byte[] random, boolean ephemeral);
 
-  public static ECKeyPair generateKeyPair() {
-    byte[] privateKey = generatePrivateKey();
+  public static ECKeyPair generateKeyPair(boolean ephemeral) {
+    byte[] privateKey = generatePrivateKey(ephemeral);
     byte[] publicKey  = generatePublicKey(privateKey);
 
     return new ECKeyPair(new DjbECPublicKey(publicKey), new DjbECPrivateKey(privateKey));
@@ -65,11 +65,11 @@ public class Curve25519 {
     return new DjbECPublicKey(keyBytes);
   }
 
-  private static byte[] generatePrivateKey() {
+  private static byte[] generatePrivateKey(boolean ephemeral) {
     byte[] privateKey = new byte[32];
     random.nextBytes(privateKey);
 
-    return generatePrivateKey(privateKey);
+    return generatePrivateKey(privateKey, ephemeral);
   }
 
 }

library/src/org/whispersystems/textsecure/crypto/ecc/CurveP256.java

@@ -1,122 +0,0 @@
-/**
- * Copyright (C) 2013 Open Whisper Systems
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-package org.whispersystems.textsecure.crypto.ecc;
-
-import android.util.Log;
-
-import org.spongycastle.crypto.AsymmetricCipherKeyPair;
-import org.spongycastle.crypto.agreement.ECDHBasicAgreement;
-import org.spongycastle.crypto.generators.ECKeyPairGenerator;
-import org.spongycastle.crypto.params.ECDomainParameters;
-import org.spongycastle.crypto.params.ECKeyGenerationParameters;
-import org.spongycastle.crypto.params.ECPrivateKeyParameters;
-import org.spongycastle.crypto.params.ECPublicKeyParameters;
-import org.spongycastle.math.ec.ECCurve;
-import org.spongycastle.math.ec.ECFieldElement;
-import org.spongycastle.math.ec.ECPoint;
-import org.whispersystems.textsecure.crypto.InvalidKeyException;
-
-import java.math.BigInteger;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-
-public class CurveP256 {
-
-  private static final BigInteger q  = new BigInteger("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", 16);
-  private static final BigInteger a  = new BigInteger("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", 16);
-  private static final BigInteger b  = new BigInteger("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", 16);
-  private static final BigInteger n  = new BigInteger("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", 16);
-
-  private static final ECFieldElement x  = new ECFieldElement.Fp(q, new BigInteger("6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", 16));
-  private static final ECFieldElement y  = new ECFieldElement.Fp(q, new BigInteger("4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", 16));
-
-  private static final ECCurve curve = new ECCurve.Fp(q, a, b);
-  private static final ECPoint g     = new ECPoint.Fp(curve, x, y, true);
-
-  private static final ECDomainParameters domainParameters = new ECDomainParameters(curve, g, n);
-
-  public static final int P256_POINT_SIZE = 33;
-
-  static byte[] encodePoint(ECPoint point) {
-    synchronized (curve) {
-      return point.getEncoded();
-    }
-  }
-
-  static ECPublicKey decodePoint(byte[] encoded, int offset)
-      throws InvalidKeyException
-  {
-    byte[] pointBytes = new byte[P256_POINT_SIZE];
-    System.arraycopy(encoded, offset, pointBytes, 0, pointBytes.length);
-
-    synchronized (curve) {
-      ECPoint Q;
-
-      try {
-        Q = curve.decodePoint(pointBytes);
-      } catch (RuntimeException re) {
-        throw new InvalidKeyException(re);
-      }
-
-      return new NistECPublicKey(new ECPublicKeyParameters(Q, domainParameters));
-    }
-  }
-
-  static ECPrivateKey decodePrivatePoint(byte[] encoded) {
-    BigInteger d = new BigInteger(encoded);
-    return new NistECPrivateKey(new ECPrivateKeyParameters(d, domainParameters));
-  }
-
-  static byte[] calculateAgreement(ECPublicKey publicKey, ECPrivateKey privateKey) {
-    ECDHBasicAgreement agreement = new ECDHBasicAgreement();
-    agreement.init(((NistECPrivateKey)privateKey).getParameters());
-
-    synchronized (curve) {
-      return agreement.calculateAgreement(((NistECPublicKey)publicKey).getParameters()).toByteArray();
-    }
-  }
-
-  public static ECKeyPair generateKeyPair() {
-    try {
-      synchronized (curve) {
-        ECKeyGenerationParameters keyParamters = new ECKeyGenerationParameters(domainParameters, SecureRandom.getInstance("SHA1PRNG"));
-        ECKeyPairGenerator generator           = new ECKeyPairGenerator();
-        generator.init(keyParamters);
-
-        AsymmetricCipherKeyPair keyPair = generator.generateKeyPair();
-        keyPair = cloneKeyPairWithPointCompression(keyPair);
-
-        return new ECKeyPair(new NistECPublicKey((ECPublicKeyParameters)keyPair.getPublic()),
-                             new NistECPrivateKey((ECPrivateKeyParameters)keyPair.getPrivate()));
-      }
-    } catch (NoSuchAlgorithmException nsae) {
-      Log.w("CurveP256", nsae);
-      throw new AssertionError(nsae);
-    }
-  }
-
-  // This is dumb, but the ECPublicKeys that the generator makes by default don't have point compression
-  // turned on, and there's no setter.  Great.
-  private static AsymmetricCipherKeyPair cloneKeyPairWithPointCompression(AsymmetricCipherKeyPair keyPair) {
-    ECPublicKeyParameters publicKey = (ECPublicKeyParameters)keyPair.getPublic();
-    ECPoint q                       = publicKey.getQ();
-
-    return new AsymmetricCipherKeyPair(new ECPublicKeyParameters(new ECPoint.Fp(q.getCurve(), q.getX(), q.getY(), true),
-                                                                 publicKey.getParameters()), keyPair.getPrivate());
-  }
-}

library/src/org/whispersystems/textsecure/crypto/ecc/NistECPublicKey.java

@@ -1,63 +0,0 @@
-/**
- * Copyright (C) 2013 Open Whisper Systems
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-package org.whispersystems.textsecure.crypto.ecc;
-
-import org.spongycastle.crypto.params.ECPublicKeyParameters;
-
-public class NistECPublicKey implements ECPublicKey {
-
-  private final ECPublicKeyParameters publicKey;
-
-  NistECPublicKey(ECPublicKeyParameters publicKey) {
-    this.publicKey = publicKey;
-  }
-
-  @Override
-  public byte[] serialize() {
-    return CurveP256.encodePoint(publicKey.getQ());
-  }
-
-  @Override
-  public int getType() {
-    return Curve.NIST_TYPE;
-  }
-
-  @Override
-  public boolean equals(Object other) {
-    if (other == null)                       return false;
-    if (!(other instanceof NistECPublicKey)) return false;
-
-    NistECPublicKey that = (NistECPublicKey)other;
-    return publicKey.getQ().equals(that.publicKey.getQ());
-  }
-
-  @Override
-  public int hashCode() {
-    return publicKey.getQ().hashCode();
-  }
-
-  @Override
-  public int compareTo(ECPublicKey another) {
-    return publicKey.getQ().getX().toBigInteger()
-                    .compareTo(((NistECPublicKey) another).publicKey.getQ().getX().toBigInteger());
-  }
-
-  public ECPublicKeyParameters getParameters() {
-    return publicKey;
-  }
-}

library/src/org/whispersystems/textsecure/crypto/protocol/CiphertextMessage.java

@@ -2,15 +2,14 @@ package org.whispersystems.textsecure.crypto.protocol;
 
 public interface CiphertextMessage {
 
-  public static final int LEGACY_VERSION     = 1;
-  public static final int CURRENT_VERSION    = 2;
+  public static final int UNSUPPORTED_VERSION = 1;
+  public static final int CURRENT_VERSION     = 2;
 
-  public static final int LEGACY_WHISPER_TYPE  = 1;
-  public static final int CURRENT_WHISPER_TYPE = 2;
-  public static final int PREKEY_WHISPER_TYPE  = 3;
+  public static final int WHISPER_TYPE = 2;
+  public static final int PREKEY_TYPE  = 3;
 
   // This should be the worst case (worse than V2).  So not always accurate, but good enough for padding.
-  public static final int ENCRYPTED_MESSAGE_OVERHEAD = WhisperMessageV1.ENCRYPTED_MESSAGE_OVERHEAD;
+  public static final int ENCRYPTED_MESSAGE_OVERHEAD = 53;
 
   public byte[] serialize();
   public int getType();

library/src/org/whispersystems/textsecure/crypto/protocol/PreKeyWhisperMessage.java

@@ -7,6 +7,7 @@ import org.whispersystems.textsecure.crypto.IdentityKey;
 import org.whispersystems.textsecure.crypto.InvalidKeyException;
 import org.whispersystems.textsecure.crypto.InvalidMessageException;
 import org.whispersystems.textsecure.crypto.InvalidVersionException;
+import org.whispersystems.textsecure.crypto.LegacyMessageException;
 import org.whispersystems.textsecure.crypto.ecc.Curve;
 import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
 import org.whispersystems.textsecure.util.Conversions;
@@ -14,19 +15,19 @@ import org.whispersystems.textsecure.util.Util;
 
 public class PreKeyWhisperMessage implements CiphertextMessage {
 
-  private final int              version;
-  private final int              registrationId;
-  private final int              preKeyId;
-  private final ECPublicKey      baseKey;
-  private final IdentityKey      identityKey;
-  private final WhisperMessageV2 message;
-  private final byte[]           serialized;
+  private final int            version;
+  private final int            registrationId;
+  private final int            preKeyId;
+  private final ECPublicKey    baseKey;
+  private final IdentityKey    identityKey;
+  private final WhisperMessage message;
+  private final byte[]         serialized;
 
   public PreKeyWhisperMessage(byte[] serialized)
       throws InvalidMessageException, InvalidVersionException
   {
     try {
-      this.version = Conversions.lowBitsToInt(serialized[0]);
+      this.version = Conversions.highBitsToInt(serialized[0]);
 
       if (this.version > CiphertextMessage.CURRENT_VERSION) {
         throw new InvalidVersionException("Unknown version: " + this.version);
@@ -49,16 +50,18 @@ public class PreKeyWhisperMessage implements CiphertextMessage {
       this.preKeyId       = preKeyWhisperMessage.getPreKeyId();
       this.baseKey        = Curve.decodePoint(preKeyWhisperMessage.getBaseKey().toByteArray(), 0);
       this.identityKey    = new IdentityKey(Curve.decodePoint(preKeyWhisperMessage.getIdentityKey().toByteArray(), 0));
-      this.message        = new WhisperMessageV2(preKeyWhisperMessage.getMessage().toByteArray());
+      this.message        = new WhisperMessage(preKeyWhisperMessage.getMessage().toByteArray());
     } catch (InvalidProtocolBufferException e) {
       throw new InvalidMessageException(e);
     } catch (InvalidKeyException e) {
       throw new InvalidMessageException(e);
+    } catch (LegacyMessageException e) {
+      throw new InvalidMessageException(e);
     }
   }
 
   public PreKeyWhisperMessage(int registrationId, int preKeyId, ECPublicKey baseKey,
-                              IdentityKey identityKey, WhisperMessageV2 message)
+                              IdentityKey identityKey, WhisperMessage message)
   {
     this.version        = CiphertextMessage.CURRENT_VERSION;
     this.registrationId = registrationId;
@@ -95,7 +98,7 @@ public class PreKeyWhisperMessage implements CiphertextMessage {
     return baseKey;
   }
 
-  public WhisperMessageV2 getWhisperMessage() {
+  public WhisperMessage getWhisperMessage() {
     return message;
   }
 
@@ -106,7 +109,7 @@ public class PreKeyWhisperMessage implements CiphertextMessage {
 
   @Override
   public int getType() {
-    return CiphertextMessage.PREKEY_WHISPER_TYPE;
+    return CiphertextMessage.PREKEY_TYPE;
   }
 
 }

library/src/org/whispersystems/textsecure/crypto/protocol/WhisperMessage.java

@@ -1,27 +1,24 @@
 package org.whispersystems.textsecure.crypto.protocol;
 
-import android.util.Log;
-
 import com.google.protobuf.ByteString;
 import com.google.protobuf.InvalidProtocolBufferException;
 
 import org.whispersystems.textsecure.crypto.InvalidKeyException;
 import org.whispersystems.textsecure.crypto.InvalidMessageException;
+import org.whispersystems.textsecure.crypto.LegacyMessageException;
 import org.whispersystems.textsecure.crypto.ecc.Curve;
 import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
-import org.whispersystems.textsecure.crypto.protocol.WhisperProtos.WhisperMessage;
 import org.whispersystems.textsecure.util.Conversions;
-import org.whispersystems.textsecure.util.Hex;
 import org.whispersystems.textsecure.util.Util;
 
+import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.text.ParseException;
-import java.util.Arrays;
 
 import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
 
-public class WhisperMessageV2 implements CiphertextMessage {
+public class WhisperMessage implements CiphertextMessage {
 
   private static final int MAC_LENGTH = 8;
 
@@ -31,18 +28,22 @@ public class WhisperMessageV2 implements CiphertextMessage {
   private final byte[]      ciphertext;
   private final byte[]      serialized;
 
-  public WhisperMessageV2(byte[] serialized) throws InvalidMessageException {
+  public WhisperMessage(byte[] serialized) throws InvalidMessageException, LegacyMessageException {
     try {
       byte[][] messageParts = Util.split(serialized, 1, serialized.length - 1 - MAC_LENGTH, MAC_LENGTH);
       byte     version      = messageParts[0][0];
       byte[]   message      = messageParts[1];
       byte[]   mac          = messageParts[2];
 
+      if (Conversions.highBitsToInt(version) <= CiphertextMessage.UNSUPPORTED_VERSION) {
+        throw new LegacyMessageException("Legacy message: " + Conversions.highBitsToInt(version));
+      }
+
       if (Conversions.highBitsToInt(version) != CURRENT_VERSION) {
         throw new InvalidMessageException("Unknown version: " + Conversions.highBitsToInt(version));
       }
 
-      WhisperMessage whisperMessage = WhisperMessage.parseFrom(message);
+      WhisperProtos.WhisperMessage whisperMessage = WhisperProtos.WhisperMessage.parseFrom(message);
 
       if (!whisperMessage.hasCiphertext() ||
           !whisperMessage.hasCounter() ||
@@ -65,11 +66,11 @@ public class WhisperMessageV2 implements CiphertextMessage {
     }
   }
 
-  public WhisperMessageV2(SecretKeySpec macKey, ECPublicKey senderEphemeral,
-                          int counter, int previousCounter, byte[] ciphertext)
+  public WhisperMessage(SecretKeySpec macKey, ECPublicKey senderEphemeral,
+                        int counter, int previousCounter, byte[] ciphertext)
   {
     byte[] version = {Conversions.intsToByteHighAndLow(CURRENT_VERSION, CURRENT_VERSION)};
-    byte[] message = WhisperMessage.newBuilder()
+    byte[] message = WhisperProtos.WhisperMessage.newBuilder()
                                    .setEphemeralKey(ByteString.copyFrom(senderEphemeral.serialize()))
                                    .setCounter(counter)
                                    .setPreviousCounter(previousCounter)
@@ -103,7 +104,7 @@ public class WhisperMessageV2 implements CiphertextMessage {
     byte[]   ourMac   = getMac(macKey, parts[0]);
     byte[]   theirMac = parts[1];
 
-    if (!Arrays.equals(ourMac, theirMac)) {
+    if (!MessageDigest.isEqual(ourMac, theirMac)) {
       throw new InvalidMessageException("Bad Mac!");
     }
   }
@@ -129,7 +130,12 @@ public class WhisperMessageV2 implements CiphertextMessage {
 
   @Override
   public int getType() {
-    return CiphertextMessage.CURRENT_WHISPER_TYPE;
+    return CiphertextMessage.WHISPER_TYPE;
+  }
+
+  public static boolean isLegacy(byte[] message) {
+    return message != null && message.length >= 1 &&
+        Conversions.highBitsToInt(message[0]) <= CiphertextMessage.UNSUPPORTED_VERSION;
   }
 
 }

library/src/org/whispersystems/textsecure/crypto/protocol/WhisperMessageV1.java

@@ -1,187 +0,0 @@
-package org.whispersystems.textsecure.crypto.protocol;
-
-import android.util.Log;
-
-import org.whispersystems.textsecure.crypto.InvalidMessageException;
-import org.whispersystems.textsecure.crypto.PublicKey;
-import org.whispersystems.textsecure.crypto.SessionCipherV1;
-import org.whispersystems.textsecure.util.Conversions;
-import org.whispersystems.textsecure.util.Hex;
-import org.whispersystems.textsecure.util.Util;
-
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.util.Arrays;
-
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
-
-
-public class WhisperMessageV1 implements CiphertextMessage{
-
-  private static final int VERSION_LENGTH         = 1;
-  private static final int SENDER_KEY_ID_LENGTH   = 3;
-  private static final int RECEIVER_KEY_ID_LENGTH = 3;
-  private static final int NEXT_KEY_LENGTH        = PublicKey.KEY_SIZE;
-  private static final int COUNTER_LENGTH         = 3;
-  private static final int HEADER_LENGTH          =  VERSION_LENGTH + SENDER_KEY_ID_LENGTH   +
-                                                     RECEIVER_KEY_ID_LENGTH + COUNTER_LENGTH +
-                                                     NEXT_KEY_LENGTH;
-  private static final int MAC_LENGTH             = 10;
-
-
-  private static final int VERSION_OFFSET         = 0;
-  private static final int SENDER_KEY_ID_OFFSET   = VERSION_OFFSET + VERSION_LENGTH;
-  private static final int RECEIVER_KEY_ID_OFFSET = SENDER_KEY_ID_OFFSET + SENDER_KEY_ID_LENGTH;
-  private static final int NEXT_KEY_OFFSET        = RECEIVER_KEY_ID_OFFSET + RECEIVER_KEY_ID_LENGTH;
-  private static final int COUNTER_OFFSET         = NEXT_KEY_OFFSET + NEXT_KEY_LENGTH;
-  private static final int BODY_OFFSET            = COUNTER_OFFSET + COUNTER_LENGTH;
-
-          static final int ENCRYPTED_MESSAGE_OVERHEAD = HEADER_LENGTH + MAC_LENGTH;
-
-  private final byte[] ciphertext;
-
-  public WhisperMessageV1(SessionCipherV1.SessionCipherContext sessionContext,
-                          byte[] ciphertextBody)
-  {
-    this.ciphertext = new byte[HEADER_LENGTH + ciphertextBody.length + MAC_LENGTH];
-    setVersion(sessionContext.getMessageVersion(), CURRENT_VERSION);
-    setSenderKeyId(sessionContext.getSenderKeyId());
-    setReceiverKeyId(sessionContext.getRecipientKeyId());
-    setNextKeyBytes(sessionContext.getNextKey().serialize());
-    setCounter(sessionContext.getCounter());
-    setBody(ciphertextBody);
-    setMac(calculateMac(sessionContext.getSessionKey().getMacKey(),
-                        ciphertext, 0, ciphertext.length - MAC_LENGTH));
-  }
-
-  public WhisperMessageV1(byte[] ciphertext) throws InvalidMessageException {
-    this.ciphertext = ciphertext;
-
-    if (ciphertext.length < HEADER_LENGTH) {
-      throw new InvalidMessageException("Not long enough for ciphertext header!");
-    }
-
-    if (getCurrentVersion() > LEGACY_VERSION) {
-      throw new InvalidMessageException("Received non-legacy version: " + getCurrentVersion());
-    }
-  }
-
-  public void setVersion(int current, int supported) {
-    ciphertext[VERSION_OFFSET] = Conversions.intsToByteHighAndLow(current, supported);
-  }
-
-  public int getCurrentVersion() {
-    return Conversions.highBitsToInt(ciphertext[VERSION_OFFSET]);
-  }
-
-  public int getSupportedVersion() {
-    return Conversions.lowBitsToInt(ciphertext[VERSION_OFFSET]);
-  }
-
-  public void setSenderKeyId(int senderKeyId) {
-    Conversions.mediumToByteArray(ciphertext, SENDER_KEY_ID_OFFSET, senderKeyId);
-  }
-
-  public int getSenderKeyId() {
-    return Conversions.byteArrayToMedium(ciphertext, SENDER_KEY_ID_OFFSET);
-  }
-
-  public void setReceiverKeyId(int receiverKeyId) {
-    Conversions.mediumToByteArray(ciphertext, RECEIVER_KEY_ID_OFFSET, receiverKeyId);
-  }
-
-  public int getReceiverKeyId() {
-    return Conversions.byteArrayToMedium(ciphertext, RECEIVER_KEY_ID_OFFSET);
-  }
-
-  public void setNextKeyBytes(byte[] nextKey) {
-    assert(nextKey.length == NEXT_KEY_LENGTH);
-    System.arraycopy(nextKey, 0, ciphertext, NEXT_KEY_OFFSET, nextKey.length);
-  }
-
-  public byte[] getNextKeyBytes() {
-    byte[] nextKeyBytes = new byte[NEXT_KEY_LENGTH];
-    System.arraycopy(ciphertext, NEXT_KEY_OFFSET, nextKeyBytes, 0, nextKeyBytes.length);
-
-    return nextKeyBytes;
-  }
-
-  public void setCounter(int counter) {
-    Conversions.mediumToByteArray(ciphertext, COUNTER_OFFSET, counter);
-  }
-
-  public int getCounter() {
-    return Conversions.byteArrayToMedium(ciphertext, COUNTER_OFFSET);
-  }
-
-  public void setBody(byte[] body) {
-    System.arraycopy(body, 0, ciphertext, BODY_OFFSET, body.length);
-  }
-
-  public byte[] getBody() {
-    byte[] body = new byte[ciphertext.length - HEADER_LENGTH - MAC_LENGTH];
-    System.arraycopy(ciphertext, BODY_OFFSET, body, 0, body.length);
-
-    return body;
-  }
-
-  public void setMac(byte[] mac) {
-    System.arraycopy(mac, 0, ciphertext, ciphertext.length-mac.length, mac.length);
-  }
-
-  public byte[] getMac() {
-    byte[] mac = new byte[MAC_LENGTH];
-    System.arraycopy(ciphertext, ciphertext.length-mac.length, mac, 0, mac.length);
-
-    return mac;
-  }
-
-  @Override
-  public byte[] serialize() {
-    return ciphertext;
-  }
-
-  @Override
-  public int getType() {
-    return CiphertextMessage.LEGACY_WHISPER_TYPE;
-  }
-
-  public void verifyMac(SessionCipherV1.SessionCipherContext sessionContext)
-      throws InvalidMessageException
-  {
-    verifyMac(sessionContext.getSessionKey().getMacKey(),
-              this.ciphertext, 0, this.ciphertext.length - MAC_LENGTH, getMac());
-  }
-
-  private byte[] calculateMac(SecretKeySpec macKey, byte[] message, int offset, int length) {
-    try {
-      Mac mac = Mac.getInstance("HmacSHA1");
-      mac.init(macKey);
-
-      mac.update(message, offset, length);
-      byte[] macBytes = mac.doFinal();
-
-      return Util.trim(macBytes, MAC_LENGTH);
-    } catch (NoSuchAlgorithmException e) {
-      throw new IllegalArgumentException(e);
-    } catch (InvalidKeyException e) {
-      throw new IllegalArgumentException(e);
-    }
-  }
-
-  private void verifyMac(SecretKeySpec macKey, byte[] message, int offset, int length,
-                         byte[] receivedMac)
-      throws InvalidMessageException
-  {
-    byte[] localMac = calculateMac(macKey, message, offset, length);
-
-    Log.w("WhisperMessageV1", "Local Mac: " + Hex.toString(localMac));
-    Log.w("WhisperMessageV1", "Remot Mac: " + Hex.toString(receivedMac));
-
-    if (!Arrays.equals(localMac, receivedMac)) {
-      throw new InvalidMessageException("MAC on message does not match calculated MAC.");
-    }
-  }
-
-}

library/src/org/whispersystems/textsecure/crypto/ratchet/RatchetingSession.java

@@ -10,14 +10,14 @@ import org.whispersystems.textsecure.crypto.ecc.ECKeyPair;
 import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
 import org.whispersystems.textsecure.crypto.kdf.DerivedSecrets;
 import org.whispersystems.textsecure.crypto.kdf.HKDF;
-import org.whispersystems.textsecure.storage.SessionRecordV2;
+import org.whispersystems.textsecure.storage.SessionState;
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 
 public class RatchetingSession {
 
-  public static void initializeSession(SessionRecordV2 sessionRecord,
+  public static void initializeSession(SessionState sessionState,
                                        ECKeyPair ourBaseKey,
                                        ECPublicKey theirBaseKey,
                                        ECKeyPair ourEphemeralKey,
@@ -27,48 +27,48 @@ public class RatchetingSession {
       throws InvalidKeyException
   {
     if (isAlice(ourBaseKey.getPublicKey(), theirBaseKey, ourEphemeralKey.getPublicKey(), theirEphemeralKey)) {
-      initializeSessionAsAlice(sessionRecord, ourBaseKey, theirBaseKey, theirEphemeralKey,
+      initializeSessionAsAlice(sessionState, ourBaseKey, theirBaseKey, theirEphemeralKey,
                                ourIdentityKey, theirIdentityKey);
     } else {
-      initializeSessionAsBob(sessionRecord, ourBaseKey, theirBaseKey,
+      initializeSessionAsBob(sessionState, ourBaseKey, theirBaseKey,
                              ourEphemeralKey, ourIdentityKey, theirIdentityKey);
     }
   }
 
-  private static void initializeSessionAsAlice(SessionRecordV2 sessionRecord,
+  private static void initializeSessionAsAlice(SessionState sessionState,
                                                ECKeyPair ourBaseKey, ECPublicKey theirBaseKey,
                                                ECPublicKey theirEphemeralKey,
                                                IdentityKeyPair ourIdentityKey,
                                                IdentityKey theirIdentityKey)
       throws InvalidKeyException
   {
-    sessionRecord.setRemoteIdentityKey(theirIdentityKey);
-    sessionRecord.setLocalIdentityKey(ourIdentityKey.getPublicKey());
+    sessionState.setRemoteIdentityKey(theirIdentityKey);
+    sessionState.setLocalIdentityKey(ourIdentityKey.getPublicKey());
 
-    ECKeyPair               sendingKey     = Curve.generateKeyPairForType(ourIdentityKey.getPublicKey().getPublicKey().getType());
+    ECKeyPair               sendingKey     = Curve.generateKeyPair(true);
     Pair<RootKey, ChainKey> receivingChain = calculate3DHE(true, ourBaseKey, theirBaseKey, ourIdentityKey, theirIdentityKey);
     Pair<RootKey, ChainKey> sendingChain   = receivingChain.first.createChain(theirEphemeralKey, sendingKey);
 
-    sessionRecord.addReceiverChain(theirEphemeralKey, receivingChain.second);
-    sessionRecord.setSenderChain(sendingKey, sendingChain.second);
-    sessionRecord.setRootKey(sendingChain.first);
+    sessionState.addReceiverChain(theirEphemeralKey, receivingChain.second);
+    sessionState.setSenderChain(sendingKey, sendingChain.second);
+    sessionState.setRootKey(sendingChain.first);
   }
 
-  private static void initializeSessionAsBob(SessionRecordV2 sessionRecord,
+  private static void initializeSessionAsBob(SessionState sessionState,
                                              ECKeyPair ourBaseKey, ECPublicKey theirBaseKey,
                                              ECKeyPair ourEphemeralKey,
                                              IdentityKeyPair ourIdentityKey,
                                              IdentityKey theirIdentityKey)
       throws InvalidKeyException
   {
-    sessionRecord.setRemoteIdentityKey(theirIdentityKey);
-    sessionRecord.setLocalIdentityKey(ourIdentityKey.getPublicKey());
+    sessionState.setRemoteIdentityKey(theirIdentityKey);
+    sessionState.setLocalIdentityKey(ourIdentityKey.getPublicKey());
 
     Pair<RootKey, ChainKey> sendingChain = calculate3DHE(false, ourBaseKey, theirBaseKey,
                                                          ourIdentityKey, theirIdentityKey);
 
-    sessionRecord.setSenderChain(ourEphemeralKey, sendingChain.second);
-    sessionRecord.setRootKey(sendingChain.first);
+    sessionState.setSenderChain(ourEphemeralKey, sendingChain.second);
+    sessionState.setRootKey(sendingChain.first);
   }
 
   private static Pair<RootKey, ChainKey> calculate3DHE(boolean isAlice,

library/src/org/whispersystems/textsecure/push/PreKeyStatus.java

@@ -0,0 +1,12 @@
+package org.whispersystems.textsecure.push;
+
+public class PreKeyStatus {
+
+  private int count;
+
+  public PreKeyStatus() {}
+
+  public int getCount() {
+    return count;
+  }
+}

library/src/org/whispersystems/textsecure/push/PushServiceSocket.java

@@ -1,3 +1,19 @@
+/**
+ * Copyright (C) 2014 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
 package org.whispersystems.textsecure.push;
 
 import android.content.Context;
@@ -10,6 +26,7 @@ import org.apache.http.conn.ssl.StrictHostnameVerifier;
 import org.whispersystems.textsecure.crypto.IdentityKey;
 import org.whispersystems.textsecure.storage.PreKeyRecord;
 import org.whispersystems.textsecure.util.Base64;
+import org.whispersystems.textsecure.util.BlacklistingTrustManager;
 import org.whispersystems.textsecure.util.Util;
 
 import java.io.File;
@@ -32,14 +49,22 @@ import java.util.Set;
 
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 
+/**
+ *
+ * Network interface to the TextSecure server API.
+ *
+ * @author Moxie Marlinspike
+ */
 public class PushServiceSocket {
 
   private static final String CREATE_ACCOUNT_SMS_PATH   = "/v1/accounts/sms/code/%s";
   private static final String CREATE_ACCOUNT_VOICE_PATH = "/v1/accounts/voice/code/%s";
   private static final String VERIFY_ACCOUNT_PATH       = "/v1/accounts/code/%s";
   private static final String REGISTER_GCM_PATH         = "/v1/accounts/gcm/";
+  private static final String PREKEY_METADATA_PATH      = "/v1/keys/";
   private static final String PREKEY_PATH               = "/v1/keys/%s";
   private static final String PREKEY_DEVICE_PATH        = "/v1/keys/%s/%s";
 
@@ -50,20 +75,20 @@ public class PushServiceSocket {
 
   private static final boolean ENFORCE_SSL = true;
 
-  private final Context context;
-  private final String serviceUrl;
-  private final String localNumber;
-  private final String password;
-  private final TrustManagerFactory trustManagerFactory;
+  private final Context        context;
+  private final String         serviceUrl;
+  private final String         localNumber;
+  private final String         password;
+  private final TrustManager[] trustManagers;
 
   public PushServiceSocket(Context context, String serviceUrl, TrustStore trustStore,
                            String localNumber, String password)
   {
-    this.context             = context.getApplicationContext();
-    this.serviceUrl          = serviceUrl;
-    this.localNumber         = localNumber;
-    this.password            = password;
-    this.trustManagerFactory = initializeTrustManagerFactory(trustStore);
+    this.context       = context.getApplicationContext();
+    this.serviceUrl    = serviceUrl;
+    this.localNumber   = localNumber;
+    this.password      = password;
+    this.trustManagers = initializeTrustManager(trustStore);
   }
 
   public void createAccount(boolean voice) throws IOException {
@@ -123,6 +148,13 @@ public class PushServiceSocket {
                 PreKeyList.toJson(new PreKeyList(lastResortEntity, entities)));
   }
 
+  public int getAvailablePreKeys() throws IOException {
+    String       responseText = makeRequest(PREKEY_METADATA_PATH, "GET", null);
+    PreKeyStatus preKeyStatus = new Gson().fromJson(responseText, PreKeyStatus.class);
+
+    return preKeyStatus.getCount();
+  }
+
   public List<PreKeyEntity> getPreKeys(PushAddress destination) throws IOException {
     try {
       String deviceId = String.valueOf(destination.getDeviceId());
@@ -348,7 +380,7 @@ public class PushServiceSocket {
   private HttpURLConnection getConnection(String urlFragment, String method) throws IOException {
     try {
       SSLContext context = SSLContext.getInstance("TLS");
-      context.init(null, trustManagerFactory.getTrustManagers(), null);
+      context.init(null, trustManagers, null);
 
       URL url = new URL(String.format("%s%s", serviceUrl, urlFragment));
       Log.w("PushServiceSocket", "Push service URL: " + serviceUrl);
@@ -386,7 +418,7 @@ public class PushServiceSocket {
     }
   }
 
-  private TrustManagerFactory initializeTrustManagerFactory(TrustStore trustStore) {
+  private TrustManager[] initializeTrustManager(TrustStore trustStore) {
     try {
       InputStream keyStoreInputStream = trustStore.getKeyStoreInputStream();
       KeyStore    keyStore            = KeyStore.getInstance("BKS");
@@ -396,7 +428,7 @@ public class PushServiceSocket {
       TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
       trustManagerFactory.init(keyStore);
 
-      return trustManagerFactory;
+      return BlacklistingTrustManager.createFor(trustManagerFactory.getTrustManagers());
     } catch (KeyStoreException kse) {
       throw new AssertionError(kse);
     } catch (CertificateException e) {

library/src/org/whispersystems/textsecure/storage/LocalKeyRecord.java

@@ -18,135 +18,14 @@
 package org.whispersystems.textsecure.storage;
 
 import android.content.Context;
-import android.util.Log;
 
-import org.whispersystems.textsecure.crypto.InvalidKeyException;
-import org.whispersystems.textsecure.crypto.KeyPair;
-import org.whispersystems.textsecure.crypto.MasterCipher;
-import org.whispersystems.textsecure.crypto.MasterSecret;
-import org.whispersystems.textsecure.crypto.ecc.Curve;
-import org.whispersystems.textsecure.util.Medium;
-
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.io.RandomAccessFile;
-import java.nio.channels.FileChannel;
-
-public class LocalKeyRecord extends Record {
-
-  private static final Object FILE_LOCK = new Object();
-
-  private KeyPair localCurrentKeyPair;
-  private KeyPair localNextKeyPair;
-
-  private final MasterCipher masterCipher;
-  private final MasterSecret masterSecret;
-
-  public LocalKeyRecord(Context context, MasterSecret masterSecret, CanonicalRecipient recipient) {
-    super(context, SESSIONS_DIRECTORY, getFileNameForRecipient(recipient));
-    this.masterSecret = masterSecret;
-    this.masterCipher = new MasterCipher(masterSecret);
-    loadData();
-  }
-
-  public static boolean hasRecord(Context context, CanonicalRecipient recipient) {
-    Log.w("LocalKeyRecord", "Checking: " + getFileNameForRecipient(recipient));
-    return Record.hasRecord(context, SESSIONS_DIRECTORY, getFileNameForRecipient(recipient));
-  }
+public class LocalKeyRecord {
 
   public static void delete(Context context, CanonicalRecipient recipient) {
-    Record.delete(context, SESSIONS_DIRECTORY, getFileNameForRecipient(recipient));
+    Record.delete(context, Record.SESSIONS_DIRECTORY, getFileNameForRecipient(recipient));
   }
 
   private static String getFileNameForRecipient(CanonicalRecipient recipient) {
     return recipient.getRecipientId() + "-local";
   }
-
-  public void advanceKeyIfNecessary(int keyId) {
-    Log.w("LocalKeyRecord", "Remote client acknowledges receiving key id: " + keyId);
-    if (keyId == localNextKeyPair.getId()) {
-      int keyType = this.localNextKeyPair.getPublicKey().getType();
-
-      this.localCurrentKeyPair = this.localNextKeyPair;
-      this.localNextKeyPair    = new KeyPair((this.localNextKeyPair.getId()+1) % Medium.MAX_VALUE,
-                                             Curve.generateKeyPairForType(keyType),
-                                             masterSecret);
-    }
-  }
-
-  public void setCurrentKeyPair(KeyPair localCurrentKeyPair) {
-    this.localCurrentKeyPair = localCurrentKeyPair;
-  }
-
-  public void setNextKeyPair(KeyPair localNextKeyPair) {
-    this.localNextKeyPair = localNextKeyPair;
-  }
-
-  public KeyPair getCurrentKeyPair() {
-    return this.localCurrentKeyPair;
-  }
-
-  public KeyPair getNextKeyPair() {
-    return this.localNextKeyPair;
-  }
-
-  public KeyPair getKeyPairForId(int id) throws InvalidKeyIdException {
-    if      (this.localCurrentKeyPair.getId() == id) return this.localCurrentKeyPair;
-    else if (this.localNextKeyPair.getId() == id) return this.localNextKeyPair;
-    else throw new InvalidKeyIdException("No local key for ID: " + id);
-  }
-
-  public void save() {
-    synchronized (FILE_LOCK) {
-      try {
-        RandomAccessFile file = openRandomAccessFile();
-        FileChannel out       = file.getChannel();
-        out.position(0);
-
-        writeKeyPair(localCurrentKeyPair, out);
-        writeKeyPair(localNextKeyPair, out);
-
-        out.force(true);
-        out.truncate(out.position());
-        out.close();
-        file.close();
-      } catch (IOException ioe) {
-        Log.w("keyrecord", ioe);
-        // XXX
-      }
-    }
-  }
-
-  private void loadData() {
-    Log.w("LocalKeyRecord", "Loading local key record...");
-    synchronized (FILE_LOCK) {
-      try {
-        FileInputStream in  = this.openInputStream();
-        localCurrentKeyPair = readKeyPair(in, masterCipher);
-        localNextKeyPair    = readKeyPair(in, masterCipher);
-        in.close();
-      } catch (FileNotFoundException e) {
-        Log.w("LocalKeyRecord", "No local keypair set found.");
-      } catch (IOException ioe) {
-        Log.w("keyrecord", ioe);
-        // XXX
-      } catch (InvalidKeyException ike) {
-        Log.w("LocalKeyRecord", ike);
-      }
-    }
-  }
-
-  private void writeKeyPair(KeyPair keyPair, FileChannel out) throws IOException {
-    byte[] keyPairBytes = keyPair.toBytes();
-    writeBlob(keyPairBytes, out);
-  }
-
-  private KeyPair readKeyPair(FileInputStream in, MasterCipher masterCipher)
-      throws IOException, InvalidKeyException
-  {
-    byte[] keyPairBytes = readBlob(in);
-    return new KeyPair(keyPairBytes, masterCipher);
-  }
-
 }

library/src/org/whispersystems/textsecure/storage/PreKeyRecord.java

@@ -60,7 +60,7 @@ public class PreKeyRecord extends Record {
   public ECKeyPair getKeyPair() {
     try {
       ECPublicKey  publicKey  = Curve.decodePoint(this.structure.getPublicKey().toByteArray(), 0);
-      ECPrivateKey privateKey = Curve.decodePrivatePoint(publicKey.getType(), this.structure.getPrivateKey().toByteArray());
+      ECPrivateKey privateKey = Curve.decodePrivatePoint(this.structure.getPrivateKey().toByteArray());
 
       return new ECKeyPair(publicKey, privateKey);
     } catch (InvalidKeyException e) {

library/src/org/whispersystems/textsecure/storage/RemoteKeyRecord.java

@@ -37,126 +37,13 @@ import java.nio.channels.FileChannel;
  * @author Moxie Marlinspike
  */
 
-public class RemoteKeyRecord extends Record {
-  private static final Object FILE_LOCK = new Object();
-
-  private PublicKey remoteKeyCurrent;
-  private PublicKey remoteKeyLast;
-
-  public RemoteKeyRecord(Context context, CanonicalRecipient recipient) {
-    super(context, SESSIONS_DIRECTORY, getFileNameForRecipient(recipient));
-    loadData();
-  }
+public class RemoteKeyRecord {
 
   public static void delete(Context context, CanonicalRecipient recipient) {
-    delete(context, SESSIONS_DIRECTORY, getFileNameForRecipient(recipient));
-  }
-
-  public static boolean hasRecord(Context context, CanonicalRecipient recipient) {
-    Log.w("LocalKeyRecord", "Checking: " + getFileNameForRecipient(recipient));
-    return hasRecord(context, SESSIONS_DIRECTORY, getFileNameForRecipient(recipient));
+    Record.delete(context, Record.SESSIONS_DIRECTORY, getFileNameForRecipient(recipient));
   }
 
   private static String getFileNameForRecipient(CanonicalRecipient recipient) {
     return recipient.getRecipientId() + "-remote";
   }
-
-  public void updateCurrentRemoteKey(PublicKey remoteKey) {
-    Log.w("RemoteKeyRecord", "Updating current remote key: " + remoteKey.getId());
-    if (isWrappingGreaterThan(remoteKey.getId(), remoteKeyCurrent.getId())) {
-      this.remoteKeyLast    = this.remoteKeyCurrent;
-      this.remoteKeyCurrent = remoteKey;
-    }
-  }
-
-  public void setCurrentRemoteKey(PublicKey remoteKeyCurrent) {
-    this.remoteKeyCurrent = remoteKeyCurrent;
-  }
-
-  public void setLastRemoteKey(PublicKey remoteKeyLast) {
-    this.remoteKeyLast = remoteKeyLast;
-  }
-
-  public PublicKey getCurrentRemoteKey() {
-    return this.remoteKeyCurrent;
-  }
-
-  public PublicKey getLastRemoteKey() {
-    return this.remoteKeyLast;
-  }
-
-  public PublicKey getKeyForId(int id) throws InvalidKeyIdException {
-    if (this.remoteKeyCurrent.getId() == id) return this.remoteKeyCurrent;
-    else if (this.remoteKeyLast.getId() == id) return this.remoteKeyLast;
-    else throw new InvalidKeyIdException("No remote key for ID: " + id);
-  }
-
-  public void save() {
-    Log.w("RemoteKeyRecord", "Saving remote key record for recipient: " + this.address);
-    synchronized (FILE_LOCK) {
-      try {
-        RandomAccessFile file = openRandomAccessFile();
-        FileChannel out       = file.getChannel();
-        Log.w("RemoteKeyRecord", "Opened file of size: " + out.size());
-        out.position(0);
-
-        writeKey(remoteKeyCurrent, out);
-        writeKey(remoteKeyLast, out);
-
-        out.truncate(out.position());
-        out.close();
-        file.close();
-      } catch (IOException ioe) {
-        Log.w("keyrecord", ioe);
-        // XXX
-      }
-    }
-  }
-
-  private boolean isWrappingGreaterThan(int receivedValue, int currentValue) {
-    if (receivedValue > currentValue) {
-      return true;
-    }
-
-    if (receivedValue == currentValue) {
-      return false;
-    }
-
-    int gap = (receivedValue - currentValue) + Medium.MAX_VALUE;
-
-    return (gap >= 0) && (gap < 5);
-  }
-
-  private void loadData() {
-    Log.w("RemoteKeyRecord", "Loading remote key record for recipient: " + this.address);
-    synchronized (FILE_LOCK) {
-      try {
-        FileInputStream in  = this.openInputStream();
-        remoteKeyCurrent    = readKey(in);
-        remoteKeyLast       = readKey(in);
-        in.close();
-      } catch (FileNotFoundException e) {
-        Log.w("RemoteKeyRecord", "No remote keys found.");
-      } catch (IOException ioe) {
-        Log.w("keyrecord", ioe);
-        // XXX
-      }
-    }
-  }
-
-  private void writeKey(PublicKey key, FileChannel out) throws IOException {
-    byte[] keyBytes = key.serialize();
-    Log.w("RemoteKeyRecord", "Serializing remote key bytes: " + Hex.toString(keyBytes));
-    writeBlob(keyBytes, out);
-  }
-
-  private PublicKey readKey(FileInputStream in) throws IOException {
-    try {
-      byte[] keyBytes = readBlob(in);
-      return new PublicKey(keyBytes);
-    } catch (InvalidKeyException ike) {
-      throw new AssertionError(ike);
-    }
-  }
-
 }

library/src/org/whispersystems/textsecure/storage/Session.java

@@ -5,7 +5,6 @@ import android.util.Log;
 
 import org.whispersystems.textsecure.crypto.IdentityKey;
 import org.whispersystems.textsecure.crypto.MasterSecret;
-import org.whispersystems.textsecure.crypto.protocol.CiphertextMessage;
 
 /**
  * Helper class for generating key pairs and calculating ECDH agreements.
@@ -32,28 +31,27 @@ public class Session {
                                    CanonicalRecipient recipient)
   {
     Log.w("Session", "Checking session...");
-    return hasV1Session(context, recipient) || hasV2Session(context, masterSecret, recipient);
-  }
-
-  public static boolean hasRemoteIdentityKey(Context context,
-                                             MasterSecret masterSecret,
-                                             CanonicalRecipient recipient)
-  {
-    return (hasV2Session(context, masterSecret, recipient) || (hasV1Session(context, recipient) &&
-        new SessionRecordV1(context, masterSecret, recipient).getIdentityKey() != null));
-  }
-
-  private static boolean hasV2Session(Context context, MasterSecret masterSecret,
-                                      CanonicalRecipient recipient)
-  {
     return SessionRecordV2.hasSession(context, masterSecret, recipient.getRecipientId(),
                                       RecipientDevice.DEFAULT_DEVICE_ID);
   }
 
-  private static boolean hasV1Session(Context context, CanonicalRecipient recipient) {
-    return SessionRecordV1.hasSession(context, recipient)   &&
-           RemoteKeyRecord.hasRecord(context, recipient)    &&
-           LocalKeyRecord.hasRecord(context, recipient);
+  public static boolean hasEncryptCapableSession(Context context,
+                                                 MasterSecret masterSecret,
+                                                 CanonicalRecipient recipient)
+  {
+    RecipientDevice device = new RecipientDevice(recipient.getRecipientId(),
+                                                 RecipientDevice.DEFAULT_DEVICE_ID);
+
+    return hasEncryptCapableSession(context, masterSecret, recipient, device);
+  }
+
+  public static boolean hasEncryptCapableSession(Context context,
+                                                 MasterSecret masterSecret,
+                                                 CanonicalRecipient recipient,
+                                                 RecipientDevice device)
+  {
+    return hasSession(context, masterSecret, recipient) &&
+        !SessionRecordV2.needsRefresh(context, masterSecret, device);
   }
 
   public static IdentityKey getRemoteIdentityKey(Context context, MasterSecret masterSecret,
@@ -70,26 +68,10 @@ public class Session {
                                    RecipientDevice.DEFAULT_DEVICE_ID))
     {
       return new SessionRecordV2(context, masterSecret, recipientId,
-                                 RecipientDevice.DEFAULT_DEVICE_ID).getRemoteIdentityKey();
-    } else if (SessionRecordV1.hasSession(context, recipientId)) {
-      return new SessionRecordV1(context, masterSecret, recipientId).getIdentityKey();
+                                 RecipientDevice.DEFAULT_DEVICE_ID).getSessionState()
+                                                                   .getRemoteIdentityKey();
     } else {
       return null;
     }
   }
-
-  public static int getSessionVersion(Context context, MasterSecret masterSecret,
-                                      CanonicalRecipient recipient)
-  {
-    if (SessionRecordV2.hasSession(context, masterSecret,
-                                   recipient.getRecipientId(),
-                                   RecipientDevice.DEFAULT_DEVICE_ID))
-    {
-      return CiphertextMessage.CURRENT_VERSION;
-    } else if (SessionRecordV1.hasSession(context, recipient)) {
-      return new SessionRecordV1(context, masterSecret, recipient).getSessionVersion();
-    }
-
-    return 0;
-  }
 }

library/src/org/whispersystems/textsecure/storage/SessionRecordV1.java

@@ -1,18 +1,6 @@
 package org.whispersystems.textsecure.storage;
 
 import android.content.Context;
-import android.util.Log;
-
-import org.whispersystems.textsecure.crypto.IdentityKey;
-import org.whispersystems.textsecure.crypto.InvalidKeyException;
-import org.whispersystems.textsecure.crypto.InvalidMessageException;
-import org.whispersystems.textsecure.crypto.MasterSecret;
-
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.io.RandomAccessFile;
-import java.nio.channels.FileChannel;
 
 /**
  * A disk record representing a current session.
@@ -20,208 +8,8 @@ import java.nio.channels.FileChannel;
  * @author Moxie Marlinspike
  */
 
-public class SessionRecordV1 extends Record {
-
-  private static final int CURRENT_VERSION_MARKER  = 0X55555556;
-  private static final int[] VALID_VERSION_MARKERS = {CURRENT_VERSION_MARKER, 0X55555555};
-  private static final Object FILE_LOCK            = new Object();
-
-  private int    counter;
-  private byte[] localFingerprint;
-  private byte[] remoteFingerprint;
-  private int    currentSessionVersion;
-
-  private IdentityKey identityKey;
-  private SessionKey  sessionKeyRecord;
-  private boolean     verifiedSessionKey;
-
-  private final MasterSecret masterSecret;
-
-  public SessionRecordV1(Context context, MasterSecret masterSecret, CanonicalRecipient recipient) {
-    this(context, masterSecret, recipient.getRecipientId());
-  }
-
-  public SessionRecordV1(Context context, MasterSecret masterSecret, long recipientId) {
-    super(context, SESSIONS_DIRECTORY, recipientId+"");
-    this.masterSecret          = masterSecret;
-    this.currentSessionVersion = 31337;
-    loadData();
-  }
-
+public class SessionRecordV1 {
   public static void delete(Context context, CanonicalRecipient recipient) {
-    delete(context, SESSIONS_DIRECTORY, recipient.getRecipientId() + "");
+    Record.delete(context, Record.SESSIONS_DIRECTORY, recipient.getRecipientId() + "");
   }
-
-  public static boolean hasSession(Context context, CanonicalRecipient recipient) {
-    return hasSession(context, recipient.getRecipientId());
-  }
-
-  public static boolean hasSession(Context context, long recipientId) {
-    Log.w("SessionRecordV1", "Checking: " + recipientId);
-    return hasRecord(context, SESSIONS_DIRECTORY, recipientId+"");
-  }
-
-  public void setSessionKey(SessionKey sessionKeyRecord) {
-    this.sessionKeyRecord = sessionKeyRecord;
-  }
-
-  public void setSessionId(byte[] localFingerprint, byte[] remoteFingerprint) {
-    this.localFingerprint  = localFingerprint;
-    this.remoteFingerprint = remoteFingerprint;
-  }
-
-  public void setIdentityKey(IdentityKey identityKey) {
-    this.identityKey = identityKey;
-  }
-
-  public int getSessionVersion() {
-    return (currentSessionVersion == 31337 ? 0 : currentSessionVersion);
-  }
-
-  public void setSessionVersion(int sessionVersion) {
-    this.currentSessionVersion = sessionVersion;
-  }
-
-  public int getCounter() {
-    return this.counter;
-  }
-
-  public void incrementCounter() {
-    this.counter++;
-  }
-
-  public byte[] getLocalFingerprint() {
-    return this.localFingerprint;
-  }
-
-  public byte[] getRemoteFingerprint() {
-    return this.remoteFingerprint;
-  }
-
-  public IdentityKey getIdentityKey() {
-    return this.identityKey;
-  }
-
-  public boolean isVerifiedSession() {
-    return this.verifiedSessionKey;
-  }
-
-  private void writeIdentityKey(FileChannel out) throws IOException {
-    if (identityKey == null) writeBlob(new byte[0], out);
-    else                     writeBlob(identityKey.serialize(), out);
-  }
-
-  private boolean isValidVersionMarker(int versionMarker) {
-    for (int VALID_VERSION_MARKER : VALID_VERSION_MARKERS)
-      if (versionMarker == VALID_VERSION_MARKER)
-        return true;
-
-    return false;
-  }
-
-  private void readIdentityKey(FileInputStream in) throws IOException {
-    try {
-      byte[] blob = readBlob(in);
-
-      if (blob.length == 0) this.identityKey = null;
-      else                  this.identityKey = new IdentityKey(blob, 0);
-    } catch (InvalidKeyException ike) {
-      throw new AssertionError(ike);
-    }
-  }
-
-  public void save() {
-    synchronized (FILE_LOCK) {
-      try {
-        RandomAccessFile file = openRandomAccessFile();
-        FileChannel out       = file.getChannel();
-        out.position(0);
-
-        writeInteger(CURRENT_VERSION_MARKER, out);
-        writeInteger(counter, out);
-        writeBlob(localFingerprint, out);
-        writeBlob(remoteFingerprint, out);
-        writeInteger(currentSessionVersion, out);
-        writeIdentityKey(out);
-        writeInteger(verifiedSessionKey ? 1 : 0, out);
-
-        if (sessionKeyRecord != null)
-          writeBlob(sessionKeyRecord.serialize(), out);
-
-        out.truncate(out.position());
-        file.close();
-      } catch (IOException ioe) {
-        throw new IllegalArgumentException(ioe);
-      }
-    }
-  }
-
-  private void loadData() {
-    synchronized (FILE_LOCK) {
-      try {
-        FileInputStream in = this.openInputStream();
-        int versionMarker  = readInteger(in);
-
-        // Sigh, always put a version number on everything.
-        if (!isValidVersionMarker(versionMarker)) {
-          this.counter               = versionMarker;
-          this.localFingerprint      = readBlob(in);
-          this.remoteFingerprint     = readBlob(in);
-          this.currentSessionVersion = 31337;
-
-          if (in.available() != 0) {
-            try {
-              this.sessionKeyRecord = new SessionKey(readBlob(in), masterSecret);
-            } catch (InvalidMessageException e) {
-              Log.w("SessionRecord", e);
-              this.sessionKeyRecord = null;
-            }
-          }
-
-          in.close();
-        } else {
-          this.counter               = readInteger(in);
-          this.localFingerprint      = readBlob   (in);
-          this.remoteFingerprint     = readBlob   (in);
-          this.currentSessionVersion = readInteger(in);
-
-          if (versionMarker >=  0X55555556) {
-            readIdentityKey(in);
-            this.verifiedSessionKey = (readInteger(in) == 1);
-          }
-
-          if (in.available() != 0) {
-            try {
-              this.sessionKeyRecord = new SessionKey(readBlob(in), masterSecret);
-            } catch (InvalidMessageException e) {
-              Log.w("SessionRecord", e);
-              this.sessionKeyRecord = null;
-            }
-          }
-
-          in.close();
-        }
-      } catch (FileNotFoundException e) {
-        Log.w("SessionRecord", "No session information found.");
-        // XXX
-      } catch (IOException ioe) {
-        Log.w("keyrecord", ioe);
-        // XXX
-      }
-    }
-  }
-
-  public SessionKey getSessionKey(int mode, int localKeyId, int remoteKeyId) {
-    if (this.sessionKeyRecord == null) return null;
-
-    if ((this.sessionKeyRecord.getLocalKeyId() == localKeyId)   &&
-        (this.sessionKeyRecord.getRemoteKeyId() == remoteKeyId) &&
-        (this.sessionKeyRecord.getMode() == mode))
-    {
-      return this.sessionKeyRecord;
-    }
-
-    return null;
-  }
-
 }

library/src/org/whispersystems/textsecure/storage/SessionRecordV2.java

@@ -18,26 +18,10 @@ package org.whispersystems.textsecure.storage;
 
 import android.content.Context;
 import android.util.Log;
-import android.util.Pair;
 
-import com.google.protobuf.ByteString;
-
-import org.whispersystems.textsecure.crypto.IdentityKey;
-import org.whispersystems.textsecure.crypto.IdentityKeyPair;
-import org.whispersystems.textsecure.crypto.InvalidKeyException;
 import org.whispersystems.textsecure.crypto.InvalidMessageException;
 import org.whispersystems.textsecure.crypto.MasterCipher;
 import org.whispersystems.textsecure.crypto.MasterSecret;
-import org.whispersystems.textsecure.crypto.ecc.Curve;
-import org.whispersystems.textsecure.crypto.ecc.ECKeyPair;
-import org.whispersystems.textsecure.crypto.ecc.ECPrivateKey;
-import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
-import org.whispersystems.textsecure.crypto.ratchet.ChainKey;
-import org.whispersystems.textsecure.crypto.ratchet.MessageKeys;
-import org.whispersystems.textsecure.crypto.ratchet.RootKey;
-import org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Chain;
-import org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.PendingKeyExchange;
-import org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.PendingPreKey;
 
 import java.io.File;
 import java.io.FileInputStream;
@@ -45,11 +29,11 @@ import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.RandomAccessFile;
 import java.nio.channels.FileChannel;
-import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 
-import javax.crypto.spec.SecretKeySpec;
+import static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure;
+import static org.whispersystems.textsecure.storage.StorageProtos.SessionStructure;
 
 /**
  * A disk record representing a current session.
@@ -60,11 +44,15 @@ import javax.crypto.spec.SecretKeySpec;
 public class SessionRecordV2 extends Record {
 
   private static final Object FILE_LOCK = new Object();
-  private static final int CURRENT_VERSION = 1;
+
+  private static final int SINGLE_STATE_VERSION   = 1;
+  private static final int ARCHIVE_STATES_VERSION = 2;
+  private static final int CURRENT_VERSION        = 2;
 
   private final MasterSecret masterSecret;
-  private StorageProtos.SessionStructure sessionStructure =
-      StorageProtos.SessionStructure.newBuilder().build();
+
+  private SessionState       sessionState   = new SessionState(SessionStructure.newBuilder().build());
+  private List<SessionState> previousStates = new LinkedList<SessionState>();
 
   public SessionRecordV2(Context context, MasterSecret masterSecret, RecipientDevice peer) {
     this(context, masterSecret, peer.getRecipientId(), peer.getDeviceId());
@@ -80,6 +68,15 @@ public class SessionRecordV2 extends Record {
     return recipientId + (deviceId == RecipientDevice.DEFAULT_DEVICE_ID ? "" : "." + deviceId);
   }
 
+  public SessionState getSessionState() {
+    return sessionState;
+  }
+
+
+  public List<SessionState> getPreviousSessions() {
+    return previousStates;
+  }
+
   public static List<Integer> getSessionSubDevices(Context context, CanonicalRecipient recipient) {
     List<Integer> results  = new LinkedList<Integer>();
     File          parent   = getParentDirectory(context, SESSIONS_DIRECTORY_V2);
@@ -129,404 +126,49 @@ public class SessionRecordV2 extends Record {
                                    long recipientId, int deviceId)
   {
     return hasRecord(context, SESSIONS_DIRECTORY_V2, getRecordName(recipientId, deviceId)) &&
-        new SessionRecordV2(context, masterSecret, recipientId, deviceId).hasSenderChain();
+        new SessionRecordV2(context, masterSecret, recipientId, deviceId).sessionState.hasSenderChain();
+  }
+
+  public static boolean needsRefresh(Context context, MasterSecret masterSecret,
+                                     RecipientDevice recipient)
+  {
+    return new SessionRecordV2(context, masterSecret,
+                               recipient.getRecipientId(),
+                               recipient.getDeviceId()).getSessionState()
+                                                       .getNeedsRefresh();
   }
 
   public void clear() {
-    this.sessionStructure = StorageProtos.SessionStructure.newBuilder().build();
+    this.sessionState = new SessionState(SessionStructure.newBuilder().build());
+    this.previousStates = new LinkedList<SessionState>();
   }
 
-  public void setSessionVersion(int version) {
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setSessionVersion(version)
-                                                 .build();
-  }
-
-  public int getSessionVersion() {
-    return this.sessionStructure.getSessionVersion();
-  }
-
-  public void setRemoteIdentityKey(IdentityKey identityKey) {
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setRemoteIdentityPublic(ByteString.copyFrom(identityKey.serialize()))
-                                                 .build();
-  }
-
-  public void setLocalIdentityKey(IdentityKey identityKey) {
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setLocalIdentityPublic(ByteString.copyFrom(identityKey.serialize()))
-                                                 .build();
-  }
-
-  public IdentityKey getRemoteIdentityKey() {
-    try {
-      if (!this.sessionStructure.hasRemoteIdentityPublic()) {
-        return null;
-      }
-
-      return new IdentityKey(this.sessionStructure.getRemoteIdentityPublic().toByteArray(), 0);
-    } catch (InvalidKeyException e) {
-      Log.w("SessionRecordV2", e);
-      return null;
-    }
-  }
-
-  public IdentityKey getLocalIdentityKey() {
-    try {
-      return new IdentityKey(this.sessionStructure.getLocalIdentityPublic().toByteArray(), 0);
-    } catch (InvalidKeyException e) {
-      throw new AssertionError(e);
-    }
-  }
-
-  public int getPreviousCounter() {
-    return sessionStructure.getPreviousCounter();
-  }
-
-  public void setPreviousCounter(int previousCounter) {
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setPreviousCounter(previousCounter)
-                                                 .build();
-  }
-
-  public RootKey getRootKey() {
-    return new RootKey(this.sessionStructure.getRootKey().toByteArray());
-  }
-
-  public void setRootKey(RootKey rootKey) {
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setRootKey(ByteString.copyFrom(rootKey.getKeyBytes()))
-                                                 .build();
-  }
-
-  public ECPublicKey getSenderEphemeral() {
-    try {
-      return Curve.decodePoint(sessionStructure.getSenderChain().getSenderEphemeral().toByteArray(), 0);
-    } catch (InvalidKeyException e) {
-      throw new AssertionError(e);
-    }
-  }
-
-  public ECKeyPair getSenderEphemeralPair() {
-    ECPublicKey publicKey = getSenderEphemeral();
-    ECPrivateKey privateKey = Curve.decodePrivatePoint(publicKey.getType(),
-                                                       sessionStructure.getSenderChain()
-                                                                       .getSenderEphemeralPrivate()
-                                                                       .toByteArray());
-
-    return new ECKeyPair(publicKey, privateKey);
-  }
-
-  public boolean hasReceiverChain(ECPublicKey senderEphemeral) {
-    return getReceiverChain(senderEphemeral) != null;
-  }
-
-  public boolean hasSenderChain() {
-    return sessionStructure.hasSenderChain();
-  }
-
-  private Pair<Chain,Integer> getReceiverChain(ECPublicKey senderEphemeral) {
-    List<Chain> receiverChains = sessionStructure.getReceiverChainsList();
-    int         index          = 0;
-
-    for (Chain receiverChain : receiverChains) {
-      try {
-        ECPublicKey chainSenderEphemeral = Curve.decodePoint(receiverChain.getSenderEphemeral().toByteArray(), 0);
-
-        if (chainSenderEphemeral.equals(senderEphemeral)) {
-          return new Pair<Chain,Integer>(receiverChain,index);
-        }
-      } catch (InvalidKeyException e) {
-        Log.w("SessionRecordV2", e);
-      }
-
-      index++;
-    }
-
-    return null;
-  }
-
-  public ChainKey getReceiverChainKey(ECPublicKey senderEphemeral) {
-    Pair<Chain,Integer> receiverChainAndIndex = getReceiverChain(senderEphemeral);
-    Chain               receiverChain         = receiverChainAndIndex.first;
-
-    if (receiverChain == null) {
-      return null;
-    } else {
-      return new ChainKey(receiverChain.getChainKey().getKey().toByteArray(),
-                          receiverChain.getChainKey().getIndex());
-    }
-  }
-
-  public void addReceiverChain(ECPublicKey senderEphemeral, ChainKey chainKey) {
-    Chain.ChainKey chainKeyStructure = Chain.ChainKey.newBuilder()
-                                            .setKey(ByteString.copyFrom(chainKey.getKey()))
-                                            .setIndex(chainKey.getIndex())
-                                            .build();
-
-    Chain chain = Chain.newBuilder()
-                       .setChainKey(chainKeyStructure)
-                       .setSenderEphemeral(ByteString.copyFrom(senderEphemeral.serialize()))
-                       .build();
-
-    this.sessionStructure = this.sessionStructure.toBuilder().addReceiverChains(chain).build();
-
-    if (this.sessionStructure.getReceiverChainsList().size() > 5) {
-      this.sessionStructure = this.sessionStructure.toBuilder()
-                                                   .removeReceiverChains(0)
-                                                   .build();
-    }
-  }
-
-  public void setSenderChain(ECKeyPair senderEphemeralPair, ChainKey chainKey) {
-    Chain.ChainKey chainKeyStructure = Chain.ChainKey.newBuilder()
-                                            .setKey(ByteString.copyFrom(chainKey.getKey()))
-                                            .setIndex(chainKey.getIndex())
-                                            .build();
-
-    Chain senderChain = Chain.newBuilder()
-                             .setSenderEphemeral(ByteString.copyFrom(senderEphemeralPair.getPublicKey().serialize()))
-                             .setSenderEphemeralPrivate(ByteString.copyFrom(senderEphemeralPair.getPrivateKey().serialize()))
-                             .setChainKey(chainKeyStructure)
-                             .build();
-
-    this.sessionStructure = this.sessionStructure.toBuilder().setSenderChain(senderChain).build();
-  }
-
-  public ChainKey getSenderChainKey() {
-    Chain.ChainKey chainKeyStructure = sessionStructure.getSenderChain().getChainKey();
-    return new ChainKey(chainKeyStructure.getKey().toByteArray(), chainKeyStructure.getIndex());
-  }
-
-
-  public void setSenderChainKey(ChainKey nextChainKey) {
-    Chain.ChainKey chainKey = Chain.ChainKey.newBuilder()
-                                   .setKey(ByteString.copyFrom(nextChainKey.getKey()))
-                                   .setIndex(nextChainKey.getIndex())
-                                   .build();
-
-    Chain chain = sessionStructure.getSenderChain().toBuilder()
-                                  .setChainKey(chainKey).build();
-
-    this.sessionStructure = this.sessionStructure.toBuilder().setSenderChain(chain).build();
-  }
-
-  public boolean hasMessageKeys(ECPublicKey senderEphemeral, int counter) {
-    Pair<Chain,Integer> chainAndIndex = getReceiverChain(senderEphemeral);
-    Chain               chain         = chainAndIndex.first;
-
-    if (chain == null) {
-      return false;
-    }
-
-    List<Chain.MessageKey> messageKeyList = chain.getMessageKeysList();
-
-    for (Chain.MessageKey messageKey : messageKeyList) {
-      if (messageKey.getIndex() == counter) {
-        return true;
-      }
-    }
-
-    return false;
-  }
-
-  public MessageKeys removeMessageKeys(ECPublicKey senderEphemeral, int counter) {
-    Pair<Chain,Integer> chainAndIndex = getReceiverChain(senderEphemeral);
-    Chain               chain         = chainAndIndex.first;
-
-    if (chain == null) {
-      return null;
-    }
-
-    List<Chain.MessageKey>     messageKeyList     = new LinkedList<Chain.MessageKey>(chain.getMessageKeysList());
-    Iterator<Chain.MessageKey> messageKeyIterator = messageKeyList.iterator();
-    MessageKeys                result             = null;
-
-    while (messageKeyIterator.hasNext()) {
-      Chain.MessageKey messageKey = messageKeyIterator.next();
-
-      if (messageKey.getIndex() == counter) {
-        result = new MessageKeys(new SecretKeySpec(messageKey.getCipherKey().toByteArray(), "AES"),
-                                 new SecretKeySpec(messageKey.getMacKey().toByteArray(), "HmacSHA256"),
-                                 messageKey.getIndex());
-
-        messageKeyIterator.remove();
-        break;
-      }
-    }
-
-    Chain updatedChain = chain.toBuilder().clearMessageKeys()
-                              .addAllMessageKeys(messageKeyList)
-                              .build();
-
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setReceiverChains(chainAndIndex.second, updatedChain)
-                                                 .build();
-
-    return result;
-  }
-
-  public void setMessageKeys(ECPublicKey senderEphemeral, MessageKeys messageKeys) {
-    Pair<Chain,Integer> chainAndIndex       = getReceiverChain(senderEphemeral);
-    Chain               chain               = chainAndIndex.first;
-    Chain.MessageKey    messageKeyStructure = Chain.MessageKey.newBuilder()
-                                                   .setCipherKey(ByteString.copyFrom(messageKeys.getCipherKey().getEncoded()))
-                                                   .setMacKey(ByteString.copyFrom(messageKeys.getMacKey().getEncoded()))
-                                                   .setIndex(messageKeys.getCounter())
-                                                   .build();
-
-    Chain updatedChain = chain.toBuilder()
-                              .addMessageKeys(messageKeyStructure)
-                              .build();
-
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setReceiverChains(chainAndIndex.second, updatedChain)
-                                                 .build();
-  }
-
-  public void setReceiverChainKey(ECPublicKey senderEphemeral, ChainKey chainKey) {
-    Pair<Chain,Integer> chainAndIndex = getReceiverChain(senderEphemeral);
-    Chain               chain         = chainAndIndex.first;
-
-    Chain.ChainKey chainKeyStructure = Chain.ChainKey.newBuilder()
-                                            .setKey(ByteString.copyFrom(chainKey.getKey()))
-                                            .setIndex(chainKey.getIndex())
-                                            .build();
-
-    Chain updatedChain = chain.toBuilder().setChainKey(chainKeyStructure).build();
-
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setReceiverChains(chainAndIndex.second, updatedChain)
-                                                 .build();
-  }
-
-  public void setPendingKeyExchange(int sequence,
-                                    ECKeyPair ourBaseKey,
-                                    ECKeyPair ourEphemeralKey,
-                                    IdentityKeyPair ourIdentityKey)
-  {
-    PendingKeyExchange structure =
-        PendingKeyExchange.newBuilder()
-            .setSequence(sequence)
-            .setLocalBaseKey(ByteString.copyFrom(ourBaseKey.getPublicKey().serialize()))
-            .setLocalBaseKeyPrivate(ByteString.copyFrom(ourBaseKey.getPrivateKey().serialize()))
-            .setLocalEphemeralKey(ByteString.copyFrom(ourEphemeralKey.getPublicKey().serialize()))
-            .setLocalEphemeralKeyPrivate(ByteString.copyFrom(ourEphemeralKey.getPrivateKey().serialize()))
-            .setLocalIdentityKey(ByteString.copyFrom(ourIdentityKey.getPublicKey().serialize()))
-            .setLocalIdentityKeyPrivate(ByteString.copyFrom(ourIdentityKey.getPrivateKey().serialize()))
-            .build();
-
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setPendingKeyExchange(structure)
-                                                 .build();
-  }
-
-  public int getPendingKeyExchangeSequence() {
-    return sessionStructure.getPendingKeyExchange().getSequence();
-  }
-
-  public ECKeyPair getPendingKeyExchangeBaseKey() throws InvalidKeyException {
-    ECPublicKey publicKey   = Curve.decodePoint(sessionStructure.getPendingKeyExchange()
-                                                                .getLocalBaseKey().toByteArray(), 0);
-
-    ECPrivateKey privateKey = Curve.decodePrivatePoint(publicKey.getType(),
-                                                       sessionStructure.getPendingKeyExchange()
-                                                                       .getLocalBaseKeyPrivate()
-                                                                       .toByteArray());
-
-    return new ECKeyPair(publicKey, privateKey);
-  }
-
-  public ECKeyPair getPendingKeyExchangeEphemeralKey() throws InvalidKeyException {
-    ECPublicKey publicKey   = Curve.decodePoint(sessionStructure.getPendingKeyExchange()
-                                                                .getLocalEphemeralKey().toByteArray(), 0);
-
-    ECPrivateKey privateKey = Curve.decodePrivatePoint(publicKey.getType(),
-                                                       sessionStructure.getPendingKeyExchange()
-                                                                       .getLocalEphemeralKeyPrivate()
-                                                                       .toByteArray());
-
-    return new ECKeyPair(publicKey, privateKey);
-  }
-
-  public IdentityKeyPair getPendingKeyExchangeIdentityKey() throws InvalidKeyException {
-    IdentityKey publicKey = new IdentityKey(sessionStructure.getPendingKeyExchange()
-                                                            .getLocalIdentityKey().toByteArray(), 0);
-
-    ECPrivateKey privateKey = Curve.decodePrivatePoint(publicKey.getPublicKey().getType(),
-                                                       sessionStructure.getPendingKeyExchange()
-                                                                       .getLocalIdentityKeyPrivate()
-                                                                       .toByteArray());
-
-    return new IdentityKeyPair(publicKey, privateKey);
-  }
-
-  public boolean hasPendingKeyExchange() {
-    return sessionStructure.hasPendingKeyExchange();
-  }
-
-  public void setPendingPreKey(int preKeyId, ECPublicKey baseKey) {
-    PendingPreKey pending = PendingPreKey.newBuilder()
-                                         .setPreKeyId(preKeyId)
-                                         .setBaseKey(ByteString.copyFrom(baseKey.serialize()))
-                                         .build();
-
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setPendingPreKey(pending)
-                                                 .build();
-  }
-
-  public boolean hasPendingPreKey() {
-    return this.sessionStructure.hasPendingPreKey();
-  }
-
-  public Pair<Integer, ECPublicKey> getPendingPreKey() {
-    try {
-      return new Pair<Integer, ECPublicKey>(sessionStructure.getPendingPreKey().getPreKeyId(),
-                                            Curve.decodePoint(sessionStructure.getPendingPreKey()
-                                                                              .getBaseKey()
-                                                                              .toByteArray(), 0));
-    } catch (InvalidKeyException e) {
-      throw new AssertionError(e);
-    }
-  }
-
-  public void clearPendingPreKey() {
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .clearPendingPreKey()
-                                                 .build();
-  }
-
-  public void setRemoteRegistrationId(int registrationId) {
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setRemoteRegistrationId(registrationId)
-                                                 .build();
-  }
-
-  public int getRemoteRegistrationId() {
-    return this.sessionStructure.getRemoteRegistrationId();
-  }
-
-  public void setLocalRegistrationId(int registrationId) {
-    this.sessionStructure = this.sessionStructure.toBuilder()
-                                                 .setLocalRegistrationId(registrationId)
-                                                 .build();
-  }
-
-  public int getLocalRegistrationId() {
-    return this.sessionStructure.getLocalRegistrationId();
+  public void archiveCurrentState() {
+    this.previousStates.add(sessionState);
+    this.sessionState = new SessionState(SessionStructure.newBuilder().build());
   }
 
   public void save() {
     synchronized (FILE_LOCK) {
       try {
+        List<SessionStructure> previousStructures = new LinkedList<SessionStructure>();
+
+        for (SessionState previousState : previousStates) {
+          previousStructures.add(previousState.getStructure());
+        }
+
+        RecordStructure record = RecordStructure.newBuilder()
+                                                .setCurrentSession(sessionState.getStructure())
+                                                .addAllPreviousSessions(previousStructures)
+                                                .build();
+
         RandomAccessFile file = openRandomAccessFile();
         FileChannel out       = file.getChannel();
         out.position(0);
 
         MasterCipher cipher = new MasterCipher(masterSecret);
         writeInteger(CURRENT_VERSION, out);
-        writeBlob(cipher.encryptBytes(sessionStructure.toByteArray()), out);
+        writeBlob(cipher.encryptBytes(record.toByteArray()), out);
 
         out.truncate(out.position());
         file.close();
@@ -549,11 +191,26 @@ public class SessionRecordV2 extends Record {
         MasterCipher cipher = new MasterCipher(masterSecret);
         byte[] encryptedBlob = readBlob(in);
 
+        if (versionMarker == SINGLE_STATE_VERSION) {
+          byte[]           plaintextBytes   = cipher.decryptBytes(encryptedBlob);
+          SessionStructure sessionStructure = SessionStructure.parseFrom(plaintextBytes);
+          this.sessionState = new SessionState(sessionStructure);
+        } else if (versionMarker == ARCHIVE_STATES_VERSION) {
+          byte[]          plaintextBytes  = cipher.decryptBytes(encryptedBlob);
+          RecordStructure recordStructure = RecordStructure.parseFrom(plaintextBytes);
 
-        this.sessionStructure = StorageProtos.SessionStructure
-                                             .parseFrom(cipher.decryptBytes(encryptedBlob));
+          this.sessionState   = new SessionState(recordStructure.getCurrentSession());
+          this.previousStates = new LinkedList<SessionState>();
+
+          for (SessionStructure sessionStructure : recordStructure.getPreviousSessionsList()) {
+            this.previousStates.add(new SessionState(sessionStructure));
+          }
+        } else {
+          throw new AssertionError("Unknown version: " + versionMarker);
+        }
 
         in.close();
+
       } catch (FileNotFoundException e) {
         Log.w("SessionRecordV2", "No session information found.");
         // XXX

library/src/org/whispersystems/textsecure/storage/SessionState.java

@@ -0,0 +1,432 @@
+package org.whispersystems.textsecure.storage;
+
+import android.util.Log;
+import android.util.Pair;
+
+import com.google.protobuf.ByteString;
+
+import org.whispersystems.textsecure.crypto.IdentityKey;
+import org.whispersystems.textsecure.crypto.IdentityKeyPair;
+import org.whispersystems.textsecure.crypto.InvalidKeyException;
+import org.whispersystems.textsecure.crypto.ecc.Curve;
+import org.whispersystems.textsecure.crypto.ecc.ECKeyPair;
+import org.whispersystems.textsecure.crypto.ecc.ECPrivateKey;
+import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
+import org.whispersystems.textsecure.crypto.ratchet.ChainKey;
+import org.whispersystems.textsecure.crypto.ratchet.MessageKeys;
+import org.whispersystems.textsecure.crypto.ratchet.RootKey;
+import org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Chain;
+import org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.PendingKeyExchange;
+import org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.PendingPreKey;
+
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+
+import javax.crypto.spec.SecretKeySpec;
+
+import static org.whispersystems.textsecure.storage.StorageProtos.SessionStructure;
+
+public class SessionState {
+
+  private SessionStructure sessionStructure;
+
+  public SessionState(SessionStructure sessionStructure) {
+    this.sessionStructure = sessionStructure;
+  }
+
+  public SessionStructure getStructure() {
+    return sessionStructure;
+  }
+
+  public void setNeedsRefresh(boolean needsRefresh) {
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setNeedsRefresh(needsRefresh)
+                                                 .build();
+  }
+
+  public boolean getNeedsRefresh() {
+    return this.sessionStructure.getNeedsRefresh();
+  }
+
+  public void setSessionVersion(int version) {
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setSessionVersion(version)
+                                                 .build();
+  }
+
+  public int getSessionVersion() {
+    return this.sessionStructure.getSessionVersion();
+  }
+
+  public void setRemoteIdentityKey(IdentityKey identityKey) {
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setRemoteIdentityPublic(ByteString.copyFrom(identityKey.serialize()))
+                                                 .build();
+  }
+
+  public void setLocalIdentityKey(IdentityKey identityKey) {
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setLocalIdentityPublic(ByteString.copyFrom(identityKey.serialize()))
+                                                 .build();
+  }
+
+  public IdentityKey getRemoteIdentityKey() {
+    try {
+      if (!this.sessionStructure.hasRemoteIdentityPublic()) {
+        return null;
+      }
+
+      return new IdentityKey(this.sessionStructure.getRemoteIdentityPublic().toByteArray(), 0);
+    } catch (InvalidKeyException e) {
+      Log.w("SessionRecordV2", e);
+      return null;
+    }
+  }
+
+  public IdentityKey getLocalIdentityKey() {
+    try {
+      return new IdentityKey(this.sessionStructure.getLocalIdentityPublic().toByteArray(), 0);
+    } catch (InvalidKeyException e) {
+      throw new AssertionError(e);
+    }
+  }
+
+  public int getPreviousCounter() {
+    return sessionStructure.getPreviousCounter();
+  }
+
+  public void setPreviousCounter(int previousCounter) {
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setPreviousCounter(previousCounter)
+                                                 .build();
+  }
+
+  public RootKey getRootKey() {
+    return new RootKey(this.sessionStructure.getRootKey().toByteArray());
+  }
+
+  public void setRootKey(RootKey rootKey) {
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setRootKey(ByteString.copyFrom(rootKey.getKeyBytes()))
+                                                 .build();
+  }
+
+  public ECPublicKey getSenderEphemeral() {
+    try {
+      return Curve.decodePoint(sessionStructure.getSenderChain().getSenderEphemeral().toByteArray(), 0);
+    } catch (InvalidKeyException e) {
+      throw new AssertionError(e);
+    }
+  }
+
+  public ECKeyPair getSenderEphemeralPair() {
+    ECPublicKey  publicKey  = getSenderEphemeral();
+    ECPrivateKey privateKey = Curve.decodePrivatePoint(sessionStructure.getSenderChain()
+                                                                       .getSenderEphemeralPrivate()
+                                                                       .toByteArray());
+
+    return new ECKeyPair(publicKey, privateKey);
+  }
+
+  public boolean hasReceiverChain(ECPublicKey senderEphemeral) {
+    return getReceiverChain(senderEphemeral) != null;
+  }
+
+  public boolean hasSenderChain() {
+    return sessionStructure.hasSenderChain();
+  }
+
+  private Pair<Chain,Integer> getReceiverChain(ECPublicKey senderEphemeral) {
+    List<Chain> receiverChains = sessionStructure.getReceiverChainsList();
+    int         index          = 0;
+
+    for (Chain receiverChain : receiverChains) {
+      try {
+        ECPublicKey chainSenderEphemeral = Curve.decodePoint(receiverChain.getSenderEphemeral().toByteArray(), 0);
+
+        if (chainSenderEphemeral.equals(senderEphemeral)) {
+          return new Pair<Chain,Integer>(receiverChain,index);
+        }
+      } catch (InvalidKeyException e) {
+        Log.w("SessionRecordV2", e);
+      }
+
+      index++;
+    }
+
+    return null;
+  }
+
+  public ChainKey getReceiverChainKey(ECPublicKey senderEphemeral) {
+    Pair<Chain,Integer> receiverChainAndIndex = getReceiverChain(senderEphemeral);
+    Chain               receiverChain         = receiverChainAndIndex.first;
+
+    if (receiverChain == null) {
+      return null;
+    } else {
+      return new ChainKey(receiverChain.getChainKey().getKey().toByteArray(),
+                          receiverChain.getChainKey().getIndex());
+    }
+  }
+
+  public void addReceiverChain(ECPublicKey senderEphemeral, ChainKey chainKey) {
+    Chain.ChainKey chainKeyStructure = Chain.ChainKey.newBuilder()
+                                                     .setKey(ByteString.copyFrom(chainKey.getKey()))
+                                                     .setIndex(chainKey.getIndex())
+                                                     .build();
+
+    Chain chain = Chain.newBuilder()
+                       .setChainKey(chainKeyStructure)
+                       .setSenderEphemeral(ByteString.copyFrom(senderEphemeral.serialize()))
+                       .build();
+
+    this.sessionStructure = this.sessionStructure.toBuilder().addReceiverChains(chain).build();
+
+    if (this.sessionStructure.getReceiverChainsList().size() > 5) {
+      this.sessionStructure = this.sessionStructure.toBuilder()
+                                                   .removeReceiverChains(0)
+                                                   .build();
+    }
+  }
+
+  public void setSenderChain(ECKeyPair senderEphemeralPair, ChainKey chainKey) {
+    Chain.ChainKey chainKeyStructure = Chain.ChainKey.newBuilder()
+                                                     .setKey(ByteString.copyFrom(chainKey.getKey()))
+                                                     .setIndex(chainKey.getIndex())
+                                                     .build();
+
+    Chain senderChain = Chain.newBuilder()
+                             .setSenderEphemeral(ByteString.copyFrom(senderEphemeralPair.getPublicKey().serialize()))
+                             .setSenderEphemeralPrivate(ByteString.copyFrom(senderEphemeralPair.getPrivateKey().serialize()))
+                             .setChainKey(chainKeyStructure)
+                             .build();
+
+    this.sessionStructure = this.sessionStructure.toBuilder().setSenderChain(senderChain).build();
+  }
+
+  public ChainKey getSenderChainKey() {
+    Chain.ChainKey chainKeyStructure = sessionStructure.getSenderChain().getChainKey();
+    return new ChainKey(chainKeyStructure.getKey().toByteArray(), chainKeyStructure.getIndex());
+  }
+
+
+  public void setSenderChainKey(ChainKey nextChainKey) {
+    Chain.ChainKey chainKey = Chain.ChainKey.newBuilder()
+                                            .setKey(ByteString.copyFrom(nextChainKey.getKey()))
+                                            .setIndex(nextChainKey.getIndex())
+                                            .build();
+
+    Chain chain = sessionStructure.getSenderChain().toBuilder()
+                                  .setChainKey(chainKey).build();
+
+    this.sessionStructure = this.sessionStructure.toBuilder().setSenderChain(chain).build();
+  }
+
+  public boolean hasMessageKeys(ECPublicKey senderEphemeral, int counter) {
+    Pair<Chain,Integer> chainAndIndex = getReceiverChain(senderEphemeral);
+    Chain               chain         = chainAndIndex.first;
+
+    if (chain == null) {
+      return false;
+    }
+
+    List<Chain.MessageKey> messageKeyList = chain.getMessageKeysList();
+
+    for (Chain.MessageKey messageKey : messageKeyList) {
+      if (messageKey.getIndex() == counter) {
+        return true;
+      }
+    }
+
+    return false;
+  }
+
+  public MessageKeys removeMessageKeys(ECPublicKey senderEphemeral, int counter) {
+    Pair<Chain,Integer> chainAndIndex = getReceiverChain(senderEphemeral);
+    Chain               chain         = chainAndIndex.first;
+
+    if (chain == null) {
+      return null;
+    }
+
+    List<Chain.MessageKey>     messageKeyList     = new LinkedList<Chain.MessageKey>(chain.getMessageKeysList());
+    Iterator<Chain.MessageKey> messageKeyIterator = messageKeyList.iterator();
+    MessageKeys                result             = null;
+
+    while (messageKeyIterator.hasNext()) {
+      Chain.MessageKey messageKey = messageKeyIterator.next();
+
+      if (messageKey.getIndex() == counter) {
+        result = new MessageKeys(new SecretKeySpec(messageKey.getCipherKey().toByteArray(), "AES"),
+                                 new SecretKeySpec(messageKey.getMacKey().toByteArray(), "HmacSHA256"),
+                                 messageKey.getIndex());
+
+        messageKeyIterator.remove();
+        break;
+      }
+    }
+
+    Chain updatedChain = chain.toBuilder().clearMessageKeys()
+                              .addAllMessageKeys(messageKeyList)
+                              .build();
+
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setReceiverChains(chainAndIndex.second, updatedChain)
+                                                 .build();
+
+    return result;
+  }
+
+  public void setMessageKeys(ECPublicKey senderEphemeral, MessageKeys messageKeys) {
+    Pair<Chain,Integer> chainAndIndex       = getReceiverChain(senderEphemeral);
+    Chain               chain               = chainAndIndex.first;
+    Chain.MessageKey    messageKeyStructure = Chain.MessageKey.newBuilder()
+                                                              .setCipherKey(ByteString.copyFrom(messageKeys.getCipherKey().getEncoded()))
+                                                              .setMacKey(ByteString.copyFrom(messageKeys.getMacKey().getEncoded()))
+                                                              .setIndex(messageKeys.getCounter())
+                                                              .build();
+
+    Chain updatedChain = chain.toBuilder()
+                              .addMessageKeys(messageKeyStructure)
+                              .build();
+
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setReceiverChains(chainAndIndex.second, updatedChain)
+                                                 .build();
+  }
+
+  public void setReceiverChainKey(ECPublicKey senderEphemeral, ChainKey chainKey) {
+    Pair<Chain,Integer> chainAndIndex = getReceiverChain(senderEphemeral);
+    Chain               chain         = chainAndIndex.first;
+
+    Chain.ChainKey chainKeyStructure = Chain.ChainKey.newBuilder()
+                                                     .setKey(ByteString.copyFrom(chainKey.getKey()))
+                                                     .setIndex(chainKey.getIndex())
+                                                     .build();
+
+    Chain updatedChain = chain.toBuilder().setChainKey(chainKeyStructure).build();
+
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setReceiverChains(chainAndIndex.second, updatedChain)
+                                                 .build();
+  }
+
+  public void setPendingKeyExchange(int sequence,
+                                    ECKeyPair ourBaseKey,
+                                    ECKeyPair ourEphemeralKey,
+                                    IdentityKeyPair ourIdentityKey)
+  {
+    PendingKeyExchange structure =
+        PendingKeyExchange.newBuilder()
+                          .setSequence(sequence)
+                          .setLocalBaseKey(ByteString.copyFrom(ourBaseKey.getPublicKey().serialize()))
+                          .setLocalBaseKeyPrivate(ByteString.copyFrom(ourBaseKey.getPrivateKey().serialize()))
+                          .setLocalEphemeralKey(ByteString.copyFrom(ourEphemeralKey.getPublicKey().serialize()))
+                          .setLocalEphemeralKeyPrivate(ByteString.copyFrom(ourEphemeralKey.getPrivateKey().serialize()))
+                          .setLocalIdentityKey(ByteString.copyFrom(ourIdentityKey.getPublicKey().serialize()))
+                          .setLocalIdentityKeyPrivate(ByteString.copyFrom(ourIdentityKey.getPrivateKey().serialize()))
+                          .build();
+
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setPendingKeyExchange(structure)
+                                                 .build();
+  }
+
+  public int getPendingKeyExchangeSequence() {
+    return sessionStructure.getPendingKeyExchange().getSequence();
+  }
+
+  public ECKeyPair getPendingKeyExchangeBaseKey() throws InvalidKeyException {
+    ECPublicKey publicKey   = Curve.decodePoint(sessionStructure.getPendingKeyExchange()
+                                                                .getLocalBaseKey().toByteArray(), 0);
+
+    ECPrivateKey privateKey = Curve.decodePrivatePoint(sessionStructure.getPendingKeyExchange()
+                                                                       .getLocalBaseKeyPrivate()
+                                                                       .toByteArray());
+
+    return new ECKeyPair(publicKey, privateKey);
+  }
+
+  public ECKeyPair getPendingKeyExchangeEphemeralKey() throws InvalidKeyException {
+    ECPublicKey publicKey   = Curve.decodePoint(sessionStructure.getPendingKeyExchange()
+                                                                .getLocalEphemeralKey().toByteArray(), 0);
+
+    ECPrivateKey privateKey = Curve.decodePrivatePoint(sessionStructure.getPendingKeyExchange()
+                                                                       .getLocalEphemeralKeyPrivate()
+                                                                       .toByteArray());
+
+    return new ECKeyPair(publicKey, privateKey);
+  }
+
+  public IdentityKeyPair getPendingKeyExchangeIdentityKey() throws InvalidKeyException {
+    IdentityKey publicKey = new IdentityKey(sessionStructure.getPendingKeyExchange()
+                                                            .getLocalIdentityKey().toByteArray(), 0);
+
+    ECPrivateKey privateKey = Curve.decodePrivatePoint(sessionStructure.getPendingKeyExchange()
+                                                                       .getLocalIdentityKeyPrivate()
+                                                                       .toByteArray());
+
+    return new IdentityKeyPair(publicKey, privateKey);
+  }
+
+  public boolean hasPendingKeyExchange() {
+    return sessionStructure.hasPendingKeyExchange();
+  }
+
+  public void setPendingPreKey(int preKeyId, ECPublicKey baseKey) {
+    PendingPreKey pending = PendingPreKey.newBuilder()
+                                         .setPreKeyId(preKeyId)
+                                         .setBaseKey(ByteString.copyFrom(baseKey.serialize()))
+                                         .build();
+
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setPendingPreKey(pending)
+                                                 .build();
+  }
+
+  public boolean hasPendingPreKey() {
+    return this.sessionStructure.hasPendingPreKey();
+  }
+
+  public Pair<Integer, ECPublicKey> getPendingPreKey() {
+    try {
+      return new Pair<Integer, ECPublicKey>(sessionStructure.getPendingPreKey().getPreKeyId(),
+                                            Curve.decodePoint(sessionStructure.getPendingPreKey()
+                                                                              .getBaseKey()
+                                                                              .toByteArray(), 0));
+    } catch (InvalidKeyException e) {
+      throw new AssertionError(e);
+    }
+  }
+
+  public void clearPendingPreKey() {
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .clearPendingPreKey()
+                                                 .build();
+  }
+
+  public void setRemoteRegistrationId(int registrationId) {
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setRemoteRegistrationId(registrationId)
+                                                 .build();
+  }
+
+  public int getRemoteRegistrationId() {
+    return this.sessionStructure.getRemoteRegistrationId();
+  }
+
+  public void setLocalRegistrationId(int registrationId) {
+    this.sessionStructure = this.sessionStructure.toBuilder()
+                                                 .setLocalRegistrationId(registrationId)
+                                                 .build();
+  }
+
+  public int getLocalRegistrationId() {
+    return this.sessionStructure.getLocalRegistrationId();
+  }
+
+  public byte[] serialize() {
+    return sessionStructure.toByteArray();
+  }
+}

library/src/org/whispersystems/textsecure/storage/StorageProtos.java

@@ -63,6 +63,10 @@ public final class StorageProtos {
     // optional uint32 localRegistrationId = 11;
     boolean hasLocalRegistrationId();
     int getLocalRegistrationId();
+    
+    // optional bool needsRefresh = 12;
+    boolean hasNeedsRefresh();
+    boolean getNeedsRefresh();
   }
   public static final class SessionStructure extends
       com.google.protobuf.GeneratedMessage
@@ -2992,6 +2996,16 @@ public final class StorageProtos {
       return localRegistrationId_;
     }
     
+    // optional bool needsRefresh = 12;
+    public static final int NEEDSREFRESH_FIELD_NUMBER = 12;
+    private boolean needsRefresh_;
+    public boolean hasNeedsRefresh() {
+      return ((bitField0_ & 0x00000400) == 0x00000400);
+    }
+    public boolean getNeedsRefresh() {
+      return needsRefresh_;
+    }
+    
     private void initFields() {
       sessionVersion_ = 0;
       localIdentityPublic_ = com.google.protobuf.ByteString.EMPTY;
@@ -3004,6 +3018,7 @@ public final class StorageProtos {
       pendingPreKey_ = org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.PendingPreKey.getDefaultInstance();
       remoteRegistrationId_ = 0;
       localRegistrationId_ = 0;
+      needsRefresh_ = false;
     }
     private byte memoizedIsInitialized = -1;
     public final boolean isInitialized() {
@@ -3050,6 +3065,9 @@ public final class StorageProtos {
       if (((bitField0_ & 0x00000200) == 0x00000200)) {
         output.writeUInt32(11, localRegistrationId_);
       }
+      if (((bitField0_ & 0x00000400) == 0x00000400)) {
+        output.writeBool(12, needsRefresh_);
+      }
       getUnknownFields().writeTo(output);
     }
     
@@ -3103,6 +3121,10 @@ public final class StorageProtos {
         size += com.google.protobuf.CodedOutputStream
           .computeUInt32Size(11, localRegistrationId_);
       }
+      if (((bitField0_ & 0x00000400) == 0x00000400)) {
+        size += com.google.protobuf.CodedOutputStream
+          .computeBoolSize(12, needsRefresh_);
+      }
       size += getUnknownFields().getSerializedSize();
       memoizedSerializedSize = size;
       return size;
@@ -3269,6 +3291,8 @@ public final class StorageProtos {
         bitField0_ = (bitField0_ & ~0x00000200);
         localRegistrationId_ = 0;
         bitField0_ = (bitField0_ & ~0x00000400);
+        needsRefresh_ = false;
+        bitField0_ = (bitField0_ & ~0x00000800);
         return this;
       }
       
@@ -3368,6 +3392,10 @@ public final class StorageProtos {
           to_bitField0_ |= 0x00000200;
         }
         result.localRegistrationId_ = localRegistrationId_;
+        if (((from_bitField0_ & 0x00000800) == 0x00000800)) {
+          to_bitField0_ |= 0x00000400;
+        }
+        result.needsRefresh_ = needsRefresh_;
         result.bitField0_ = to_bitField0_;
         onBuilt();
         return result;
@@ -3440,6 +3468,9 @@ public final class StorageProtos {
         if (other.hasLocalRegistrationId()) {
           setLocalRegistrationId(other.getLocalRegistrationId());
         }
+        if (other.hasNeedsRefresh()) {
+          setNeedsRefresh(other.getNeedsRefresh());
+        }
         this.mergeUnknownFields(other.getUnknownFields());
         return this;
       }
@@ -3539,6 +3570,11 @@ public final class StorageProtos {
               localRegistrationId_ = input.readUInt32();
               break;
             }
+            case 96: {
+              bitField0_ |= 0x00000800;
+              needsRefresh_ = input.readBool();
+              break;
+            }
           }
         }
       }
@@ -4157,6 +4193,27 @@ public final class StorageProtos {
         return this;
       }
       
+      // optional bool needsRefresh = 12;
+      private boolean needsRefresh_ ;
+      public boolean hasNeedsRefresh() {
+        return ((bitField0_ & 0x00000800) == 0x00000800);
+      }
+      public boolean getNeedsRefresh() {
+        return needsRefresh_;
+      }
+      public Builder setNeedsRefresh(boolean value) {
+        bitField0_ |= 0x00000800;
+        needsRefresh_ = value;
+        onChanged();
+        return this;
+      }
+      public Builder clearNeedsRefresh() {
+        bitField0_ = (bitField0_ & ~0x00000800);
+        needsRefresh_ = false;
+        onChanged();
+        return this;
+      }
+      
       // @@protoc_insertion_point(builder_scope:textsecure.SessionStructure)
     }
     
@@ -4168,6 +4225,703 @@ public final class StorageProtos {
     // @@protoc_insertion_point(class_scope:textsecure.SessionStructure)
   }
   
+  public interface RecordStructureOrBuilder
+      extends com.google.protobuf.MessageOrBuilder {
+    
+    // optional .textsecure.SessionStructure currentSession = 1;
+    boolean hasCurrentSession();
+    org.whispersystems.textsecure.storage.StorageProtos.SessionStructure getCurrentSession();
+    org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder getCurrentSessionOrBuilder();
+    
+    // repeated .textsecure.SessionStructure previousSessions = 2;
+    java.util.List<org.whispersystems.textsecure.storage.StorageProtos.SessionStructure> 
+        getPreviousSessionsList();
+    org.whispersystems.textsecure.storage.StorageProtos.SessionStructure getPreviousSessions(int index);
+    int getPreviousSessionsCount();
+    java.util.List<? extends org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder> 
+        getPreviousSessionsOrBuilderList();
+    org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder getPreviousSessionsOrBuilder(
+        int index);
+  }
+  public static final class RecordStructure extends
+      com.google.protobuf.GeneratedMessage
+      implements RecordStructureOrBuilder {
+    // Use RecordStructure.newBuilder() to construct.
+    private RecordStructure(Builder builder) {
+      super(builder);
+    }
+    private RecordStructure(boolean noInit) {}
+    
+    private static final RecordStructure defaultInstance;
+    public static RecordStructure getDefaultInstance() {
+      return defaultInstance;
+    }
+    
+    public RecordStructure getDefaultInstanceForType() {
+      return defaultInstance;
+    }
+    
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return org.whispersystems.textsecure.storage.StorageProtos.internal_static_textsecure_RecordStructure_descriptor;
+    }
+    
+    protected com.google.protobuf.GeneratedMessage.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return org.whispersystems.textsecure.storage.StorageProtos.internal_static_textsecure_RecordStructure_fieldAccessorTable;
+    }
+    
+    private int bitField0_;
+    // optional .textsecure.SessionStructure currentSession = 1;
+    public static final int CURRENTSESSION_FIELD_NUMBER = 1;
+    private org.whispersystems.textsecure.storage.StorageProtos.SessionStructure currentSession_;
+    public boolean hasCurrentSession() {
+      return ((bitField0_ & 0x00000001) == 0x00000001);
+    }
+    public org.whispersystems.textsecure.storage.StorageProtos.SessionStructure getCurrentSession() {
+      return currentSession_;
+    }
+    public org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder getCurrentSessionOrBuilder() {
+      return currentSession_;
+    }
+    
+    // repeated .textsecure.SessionStructure previousSessions = 2;
+    public static final int PREVIOUSSESSIONS_FIELD_NUMBER = 2;
+    private java.util.List<org.whispersystems.textsecure.storage.StorageProtos.SessionStructure> previousSessions_;
+    public java.util.List<org.whispersystems.textsecure.storage.StorageProtos.SessionStructure> getPreviousSessionsList() {
+      return previousSessions_;
+    }
+    public java.util.List<? extends org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder> 
+        getPreviousSessionsOrBuilderList() {
+      return previousSessions_;
+    }
+    public int getPreviousSessionsCount() {
+      return previousSessions_.size();
+    }
+    public org.whispersystems.textsecure.storage.StorageProtos.SessionStructure getPreviousSessions(int index) {
+      return previousSessions_.get(index);
+    }
+    public org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder getPreviousSessionsOrBuilder(
+        int index) {
+      return previousSessions_.get(index);
+    }
+    
+    private void initFields() {
+      currentSession_ = org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.getDefaultInstance();
+      previousSessions_ = java.util.Collections.emptyList();
+    }
+    private byte memoizedIsInitialized = -1;
+    public final boolean isInitialized() {
+      byte isInitialized = memoizedIsInitialized;
+      if (isInitialized != -1) return isInitialized == 1;
+      
+      memoizedIsInitialized = 1;
+      return true;
+    }
+    
+    public void writeTo(com.google.protobuf.CodedOutputStream output)
+                        throws java.io.IOException {
+      getSerializedSize();
+      if (((bitField0_ & 0x00000001) == 0x00000001)) {
+        output.writeMessage(1, currentSession_);
+      }
+      for (int i = 0; i < previousSessions_.size(); i++) {
+        output.writeMessage(2, previousSessions_.get(i));
+      }
+      getUnknownFields().writeTo(output);
+    }
+    
+    private int memoizedSerializedSize = -1;
+    public int getSerializedSize() {
+      int size = memoizedSerializedSize;
+      if (size != -1) return size;
+    
+      size = 0;
+      if (((bitField0_ & 0x00000001) == 0x00000001)) {
+        size += com.google.protobuf.CodedOutputStream
+          .computeMessageSize(1, currentSession_);
+      }
+      for (int i = 0; i < previousSessions_.size(); i++) {
+        size += com.google.protobuf.CodedOutputStream
+          .computeMessageSize(2, previousSessions_.get(i));
+      }
+      size += getUnknownFields().getSerializedSize();
+      memoizedSerializedSize = size;
+      return size;
+    }
+    
+    private static final long serialVersionUID = 0L;
+    @java.lang.Override
+    protected java.lang.Object writeReplace()
+        throws java.io.ObjectStreamException {
+      return super.writeReplace();
+    }
+    
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseFrom(
+        com.google.protobuf.ByteString data)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return newBuilder().mergeFrom(data).buildParsed();
+    }
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseFrom(
+        com.google.protobuf.ByteString data,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return newBuilder().mergeFrom(data, extensionRegistry)
+               .buildParsed();
+    }
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseFrom(byte[] data)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return newBuilder().mergeFrom(data).buildParsed();
+    }
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseFrom(
+        byte[] data,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return newBuilder().mergeFrom(data, extensionRegistry)
+               .buildParsed();
+    }
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseFrom(java.io.InputStream input)
+        throws java.io.IOException {
+      return newBuilder().mergeFrom(input).buildParsed();
+    }
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseFrom(
+        java.io.InputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return newBuilder().mergeFrom(input, extensionRegistry)
+               .buildParsed();
+    }
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseDelimitedFrom(java.io.InputStream input)
+        throws java.io.IOException {
+      Builder builder = newBuilder();
+      if (builder.mergeDelimitedFrom(input)) {
+        return builder.buildParsed();
+      } else {
+        return null;
+      }
+    }
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseDelimitedFrom(
+        java.io.InputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      Builder builder = newBuilder();
+      if (builder.mergeDelimitedFrom(input, extensionRegistry)) {
+        return builder.buildParsed();
+      } else {
+        return null;
+      }
+    }
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseFrom(
+        com.google.protobuf.CodedInputStream input)
+        throws java.io.IOException {
+      return newBuilder().mergeFrom(input).buildParsed();
+    }
+    public static org.whispersystems.textsecure.storage.StorageProtos.RecordStructure parseFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return newBuilder().mergeFrom(input, extensionRegistry)
+               .buildParsed();
+    }
+    
+    public static Builder newBuilder() { return Builder.create(); }
+    public Builder newBuilderForType() { return newBuilder(); }
+    public static Builder newBuilder(org.whispersystems.textsecure.storage.StorageProtos.RecordStructure prototype) {
+      return newBuilder().mergeFrom(prototype);
+    }
+    public Builder toBuilder() { return newBuilder(this); }
+    
+    @java.lang.Override
+    protected Builder newBuilderForType(
+        com.google.protobuf.GeneratedMessage.BuilderParent parent) {
+      Builder builder = new Builder(parent);
+      return builder;
+    }
+    public static final class Builder extends
+        com.google.protobuf.GeneratedMessage.Builder<Builder>
+       implements org.whispersystems.textsecure.storage.StorageProtos.RecordStructureOrBuilder {
+      public static final com.google.protobuf.Descriptors.Descriptor
+          getDescriptor() {
+        return org.whispersystems.textsecure.storage.StorageProtos.internal_static_textsecure_RecordStructure_descriptor;
+      }
+      
+      protected com.google.protobuf.GeneratedMessage.FieldAccessorTable
+          internalGetFieldAccessorTable() {
+        return org.whispersystems.textsecure.storage.StorageProtos.internal_static_textsecure_RecordStructure_fieldAccessorTable;
+      }
+      
+      // Construct using org.whispersystems.textsecure.storage.StorageProtos.RecordStructure.newBuilder()
+      private Builder() {
+        maybeForceBuilderInitialization();
+      }
+      
+      private Builder(BuilderParent parent) {
+        super(parent);
+        maybeForceBuilderInitialization();
+      }
+      private void maybeForceBuilderInitialization() {
+        if (com.google.protobuf.GeneratedMessage.alwaysUseFieldBuilders) {
+          getCurrentSessionFieldBuilder();
+          getPreviousSessionsFieldBuilder();
+        }
+      }
+      private static Builder create() {
+        return new Builder();
+      }
+      
+      public Builder clear() {
+        super.clear();
+        if (currentSessionBuilder_ == null) {
+          currentSession_ = org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.getDefaultInstance();
+        } else {
+          currentSessionBuilder_.clear();
+        }
+        bitField0_ = (bitField0_ & ~0x00000001);
+        if (previousSessionsBuilder_ == null) {
+          previousSessions_ = java.util.Collections.emptyList();
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          previousSessionsBuilder_.clear();
+        }
+        return this;
+      }
+      
+      public Builder clone() {
+        return create().mergeFrom(buildPartial());
+      }
+      
+      public com.google.protobuf.Descriptors.Descriptor
+          getDescriptorForType() {
+        return org.whispersystems.textsecure.storage.StorageProtos.RecordStructure.getDescriptor();
+      }
+      
+      public org.whispersystems.textsecure.storage.StorageProtos.RecordStructure getDefaultInstanceForType() {
+        return org.whispersystems.textsecure.storage.StorageProtos.RecordStructure.getDefaultInstance();
+      }
+      
+      public org.whispersystems.textsecure.storage.StorageProtos.RecordStructure build() {
+        org.whispersystems.textsecure.storage.StorageProtos.RecordStructure result = buildPartial();
+        if (!result.isInitialized()) {
+          throw newUninitializedMessageException(result);
+        }
+        return result;
+      }
+      
+      private org.whispersystems.textsecure.storage.StorageProtos.RecordStructure buildParsed()
+          throws com.google.protobuf.InvalidProtocolBufferException {
+        org.whispersystems.textsecure.storage.StorageProtos.RecordStructure result = buildPartial();
+        if (!result.isInitialized()) {
+          throw newUninitializedMessageException(
+            result).asInvalidProtocolBufferException();
+        }
+        return result;
+      }
+      
+      public org.whispersystems.textsecure.storage.StorageProtos.RecordStructure buildPartial() {
+        org.whispersystems.textsecure.storage.StorageProtos.RecordStructure result = new org.whispersystems.textsecure.storage.StorageProtos.RecordStructure(this);
+        int from_bitField0_ = bitField0_;
+        int to_bitField0_ = 0;
+        if (((from_bitField0_ & 0x00000001) == 0x00000001)) {
+          to_bitField0_ |= 0x00000001;
+        }
+        if (currentSessionBuilder_ == null) {
+          result.currentSession_ = currentSession_;
+        } else {
+          result.currentSession_ = currentSessionBuilder_.build();
+        }
+        if (previousSessionsBuilder_ == null) {
+          if (((bitField0_ & 0x00000002) == 0x00000002)) {
+            previousSessions_ = java.util.Collections.unmodifiableList(previousSessions_);
+            bitField0_ = (bitField0_ & ~0x00000002);
+          }
+          result.previousSessions_ = previousSessions_;
+        } else {
+          result.previousSessions_ = previousSessionsBuilder_.build();
+        }
+        result.bitField0_ = to_bitField0_;
+        onBuilt();
+        return result;
+      }
+      
+      public Builder mergeFrom(com.google.protobuf.Message other) {
+        if (other instanceof org.whispersystems.textsecure.storage.StorageProtos.RecordStructure) {
+          return mergeFrom((org.whispersystems.textsecure.storage.StorageProtos.RecordStructure)other);
+        } else {
+          super.mergeFrom(other);
+          return this;
+        }
+      }
+      
+      public Builder mergeFrom(org.whispersystems.textsecure.storage.StorageProtos.RecordStructure other) {
+        if (other == org.whispersystems.textsecure.storage.StorageProtos.RecordStructure.getDefaultInstance()) return this;
+        if (other.hasCurrentSession()) {
+          mergeCurrentSession(other.getCurrentSession());
+        }
+        if (previousSessionsBuilder_ == null) {
+          if (!other.previousSessions_.isEmpty()) {
+            if (previousSessions_.isEmpty()) {
+              previousSessions_ = other.previousSessions_;
+              bitField0_ = (bitField0_ & ~0x00000002);
+            } else {
+              ensurePreviousSessionsIsMutable();
+              previousSessions_.addAll(other.previousSessions_);
+            }
+            onChanged();
+          }
+        } else {
+          if (!other.previousSessions_.isEmpty()) {
+            if (previousSessionsBuilder_.isEmpty()) {
+              previousSessionsBuilder_.dispose();
+              previousSessionsBuilder_ = null;
+              previousSessions_ = other.previousSessions_;
+              bitField0_ = (bitField0_ & ~0x00000002);
+              previousSessionsBuilder_ = 
+                com.google.protobuf.GeneratedMessage.alwaysUseFieldBuilders ?
+                   getPreviousSessionsFieldBuilder() : null;
+            } else {
+              previousSessionsBuilder_.addAllMessages(other.previousSessions_);
+            }
+          }
+        }
+        this.mergeUnknownFields(other.getUnknownFields());
+        return this;
+      }
+      
+      public final boolean isInitialized() {
+        return true;
+      }
+      
+      public Builder mergeFrom(
+          com.google.protobuf.CodedInputStream input,
+          com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+        com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+          com.google.protobuf.UnknownFieldSet.newBuilder(
+            this.getUnknownFields());
+        while (true) {
+          int tag = input.readTag();
+          switch (tag) {
+            case 0:
+              this.setUnknownFields(unknownFields.build());
+              onChanged();
+              return this;
+            default: {
+              if (!parseUnknownField(input, unknownFields,
+                                     extensionRegistry, tag)) {
+                this.setUnknownFields(unknownFields.build());
+                onChanged();
+                return this;
+              }
+              break;
+            }
+            case 10: {
+              org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder subBuilder = org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.newBuilder();
+              if (hasCurrentSession()) {
+                subBuilder.mergeFrom(getCurrentSession());
+              }
+              input.readMessage(subBuilder, extensionRegistry);
+              setCurrentSession(subBuilder.buildPartial());
+              break;
+            }
+            case 18: {
+              org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder subBuilder = org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.newBuilder();
+              input.readMessage(subBuilder, extensionRegistry);
+              addPreviousSessions(subBuilder.buildPartial());
+              break;
+            }
+          }
+        }
+      }
+      
+      private int bitField0_;
+      
+      // optional .textsecure.SessionStructure currentSession = 1;
+      private org.whispersystems.textsecure.storage.StorageProtos.SessionStructure currentSession_ = org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.getDefaultInstance();
+      private com.google.protobuf.SingleFieldBuilder<
+          org.whispersystems.textsecure.storage.StorageProtos.SessionStructure, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder, org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder> currentSessionBuilder_;
+      public boolean hasCurrentSession() {
+        return ((bitField0_ & 0x00000001) == 0x00000001);
+      }
+      public org.whispersystems.textsecure.storage.StorageProtos.SessionStructure getCurrentSession() {
+        if (currentSessionBuilder_ == null) {
+          return currentSession_;
+        } else {
+          return currentSessionBuilder_.getMessage();
+        }
+      }
+      public Builder setCurrentSession(org.whispersystems.textsecure.storage.StorageProtos.SessionStructure value) {
+        if (currentSessionBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          currentSession_ = value;
+          onChanged();
+        } else {
+          currentSessionBuilder_.setMessage(value);
+        }
+        bitField0_ |= 0x00000001;
+        return this;
+      }
+      public Builder setCurrentSession(
+          org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder builderForValue) {
+        if (currentSessionBuilder_ == null) {
+          currentSession_ = builderForValue.build();
+          onChanged();
+        } else {
+          currentSessionBuilder_.setMessage(builderForValue.build());
+        }
+        bitField0_ |= 0x00000001;
+        return this;
+      }
+      public Builder mergeCurrentSession(org.whispersystems.textsecure.storage.StorageProtos.SessionStructure value) {
+        if (currentSessionBuilder_ == null) {
+          if (((bitField0_ & 0x00000001) == 0x00000001) &&
+              currentSession_ != org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.getDefaultInstance()) {
+            currentSession_ =
+              org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.newBuilder(currentSession_).mergeFrom(value).buildPartial();
+          } else {
+            currentSession_ = value;
+          }
+          onChanged();
+        } else {
+          currentSessionBuilder_.mergeFrom(value);
+        }
+        bitField0_ |= 0x00000001;
+        return this;
+      }
+      public Builder clearCurrentSession() {
+        if (currentSessionBuilder_ == null) {
+          currentSession_ = org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.getDefaultInstance();
+          onChanged();
+        } else {
+          currentSessionBuilder_.clear();
+        }
+        bitField0_ = (bitField0_ & ~0x00000001);
+        return this;
+      }
+      public org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder getCurrentSessionBuilder() {
+        bitField0_ |= 0x00000001;
+        onChanged();
+        return getCurrentSessionFieldBuilder().getBuilder();
+      }
+      public org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder getCurrentSessionOrBuilder() {
+        if (currentSessionBuilder_ != null) {
+          return currentSessionBuilder_.getMessageOrBuilder();
+        } else {
+          return currentSession_;
+        }
+      }
+      private com.google.protobuf.SingleFieldBuilder<
+          org.whispersystems.textsecure.storage.StorageProtos.SessionStructure, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder, org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder> 
+          getCurrentSessionFieldBuilder() {
+        if (currentSessionBuilder_ == null) {
+          currentSessionBuilder_ = new com.google.protobuf.SingleFieldBuilder<
+              org.whispersystems.textsecure.storage.StorageProtos.SessionStructure, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder, org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder>(
+                  currentSession_,
+                  getParentForChildren(),
+                  isClean());
+          currentSession_ = null;
+        }
+        return currentSessionBuilder_;
+      }
+      
+      // repeated .textsecure.SessionStructure previousSessions = 2;
+      private java.util.List<org.whispersystems.textsecure.storage.StorageProtos.SessionStructure> previousSessions_ =
+        java.util.Collections.emptyList();
+      private void ensurePreviousSessionsIsMutable() {
+        if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+          previousSessions_ = new java.util.ArrayList<org.whispersystems.textsecure.storage.StorageProtos.SessionStructure>(previousSessions_);
+          bitField0_ |= 0x00000002;
+         }
+      }
+      
+      private com.google.protobuf.RepeatedFieldBuilder<
+          org.whispersystems.textsecure.storage.StorageProtos.SessionStructure, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder, org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder> previousSessionsBuilder_;
+      
+      public java.util.List<org.whispersystems.textsecure.storage.StorageProtos.SessionStructure> getPreviousSessionsList() {
+        if (previousSessionsBuilder_ == null) {
+          return java.util.Collections.unmodifiableList(previousSessions_);
+        } else {
+          return previousSessionsBuilder_.getMessageList();
+        }
+      }
+      public int getPreviousSessionsCount() {
+        if (previousSessionsBuilder_ == null) {
+          return previousSessions_.size();
+        } else {
+          return previousSessionsBuilder_.getCount();
+        }
+      }
+      public org.whispersystems.textsecure.storage.StorageProtos.SessionStructure getPreviousSessions(int index) {
+        if (previousSessionsBuilder_ == null) {
+          return previousSessions_.get(index);
+        } else {
+          return previousSessionsBuilder_.getMessage(index);
+        }
+      }
+      public Builder setPreviousSessions(
+          int index, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure value) {
+        if (previousSessionsBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensurePreviousSessionsIsMutable();
+          previousSessions_.set(index, value);
+          onChanged();
+        } else {
+          previousSessionsBuilder_.setMessage(index, value);
+        }
+        return this;
+      }
+      public Builder setPreviousSessions(
+          int index, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder builderForValue) {
+        if (previousSessionsBuilder_ == null) {
+          ensurePreviousSessionsIsMutable();
+          previousSessions_.set(index, builderForValue.build());
+          onChanged();
+        } else {
+          previousSessionsBuilder_.setMessage(index, builderForValue.build());
+        }
+        return this;
+      }
+      public Builder addPreviousSessions(org.whispersystems.textsecure.storage.StorageProtos.SessionStructure value) {
+        if (previousSessionsBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensurePreviousSessionsIsMutable();
+          previousSessions_.add(value);
+          onChanged();
+        } else {
+          previousSessionsBuilder_.addMessage(value);
+        }
+        return this;
+      }
+      public Builder addPreviousSessions(
+          int index, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure value) {
+        if (previousSessionsBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensurePreviousSessionsIsMutable();
+          previousSessions_.add(index, value);
+          onChanged();
+        } else {
+          previousSessionsBuilder_.addMessage(index, value);
+        }
+        return this;
+      }
+      public Builder addPreviousSessions(
+          org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder builderForValue) {
+        if (previousSessionsBuilder_ == null) {
+          ensurePreviousSessionsIsMutable();
+          previousSessions_.add(builderForValue.build());
+          onChanged();
+        } else {
+          previousSessionsBuilder_.addMessage(builderForValue.build());
+        }
+        return this;
+      }
+      public Builder addPreviousSessions(
+          int index, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder builderForValue) {
+        if (previousSessionsBuilder_ == null) {
+          ensurePreviousSessionsIsMutable();
+          previousSessions_.add(index, builderForValue.build());
+          onChanged();
+        } else {
+          previousSessionsBuilder_.addMessage(index, builderForValue.build());
+        }
+        return this;
+      }
+      public Builder addAllPreviousSessions(
+          java.lang.Iterable<? extends org.whispersystems.textsecure.storage.StorageProtos.SessionStructure> values) {
+        if (previousSessionsBuilder_ == null) {
+          ensurePreviousSessionsIsMutable();
+          super.addAll(values, previousSessions_);
+          onChanged();
+        } else {
+          previousSessionsBuilder_.addAllMessages(values);
+        }
+        return this;
+      }
+      public Builder clearPreviousSessions() {
+        if (previousSessionsBuilder_ == null) {
+          previousSessions_ = java.util.Collections.emptyList();
+          bitField0_ = (bitField0_ & ~0x00000002);
+          onChanged();
+        } else {
+          previousSessionsBuilder_.clear();
+        }
+        return this;
+      }
+      public Builder removePreviousSessions(int index) {
+        if (previousSessionsBuilder_ == null) {
+          ensurePreviousSessionsIsMutable();
+          previousSessions_.remove(index);
+          onChanged();
+        } else {
+          previousSessionsBuilder_.remove(index);
+        }
+        return this;
+      }
+      public org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder getPreviousSessionsBuilder(
+          int index) {
+        return getPreviousSessionsFieldBuilder().getBuilder(index);
+      }
+      public org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder getPreviousSessionsOrBuilder(
+          int index) {
+        if (previousSessionsBuilder_ == null) {
+          return previousSessions_.get(index);  } else {
+          return previousSessionsBuilder_.getMessageOrBuilder(index);
+        }
+      }
+      public java.util.List<? extends org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder> 
+           getPreviousSessionsOrBuilderList() {
+        if (previousSessionsBuilder_ != null) {
+          return previousSessionsBuilder_.getMessageOrBuilderList();
+        } else {
+          return java.util.Collections.unmodifiableList(previousSessions_);
+        }
+      }
+      public org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder addPreviousSessionsBuilder() {
+        return getPreviousSessionsFieldBuilder().addBuilder(
+            org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.getDefaultInstance());
+      }
+      public org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder addPreviousSessionsBuilder(
+          int index) {
+        return getPreviousSessionsFieldBuilder().addBuilder(
+            index, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.getDefaultInstance());
+      }
+      public java.util.List<org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder> 
+           getPreviousSessionsBuilderList() {
+        return getPreviousSessionsFieldBuilder().getBuilderList();
+      }
+      private com.google.protobuf.RepeatedFieldBuilder<
+          org.whispersystems.textsecure.storage.StorageProtos.SessionStructure, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder, org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder> 
+          getPreviousSessionsFieldBuilder() {
+        if (previousSessionsBuilder_ == null) {
+          previousSessionsBuilder_ = new com.google.protobuf.RepeatedFieldBuilder<
+              org.whispersystems.textsecure.storage.StorageProtos.SessionStructure, org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder, org.whispersystems.textsecure.storage.StorageProtos.SessionStructureOrBuilder>(
+                  previousSessions_,
+                  ((bitField0_ & 0x00000002) == 0x00000002),
+                  getParentForChildren(),
+                  isClean());
+          previousSessions_ = null;
+        }
+        return previousSessionsBuilder_;
+      }
+      
+      // @@protoc_insertion_point(builder_scope:textsecure.RecordStructure)
+    }
+    
+    static {
+      defaultInstance = new RecordStructure(true);
+      defaultInstance.initFields();
+    }
+    
+    // @@protoc_insertion_point(class_scope:textsecure.RecordStructure)
+  }
+  
   public interface PreKeyRecordStructureOrBuilder
       extends com.google.protobuf.MessageOrBuilder {
     
@@ -4656,6 +5410,11 @@ public final class StorageProtos {
   private static
     com.google.protobuf.GeneratedMessage.FieldAccessorTable
       internal_static_textsecure_SessionStructure_PendingPreKey_fieldAccessorTable;
+  private static com.google.protobuf.Descriptors.Descriptor
+    internal_static_textsecure_RecordStructure_descriptor;
+  private static
+    com.google.protobuf.GeneratedMessage.FieldAccessorTable
+      internal_static_textsecure_RecordStructure_fieldAccessorTable;
   private static com.google.protobuf.Descriptors.Descriptor
     internal_static_textsecure_PreKeyRecordStructure_descriptor;
   private static
@@ -4671,7 +5430,7 @@ public final class StorageProtos {
   static {
     java.lang.String[] descriptorData = {
       "\n\032LocalStorageProtocol.proto\022\ntextsecure" +
-      "\"\205\010\n\020SessionStructure\022\026\n\016sessionVersion\030" +
+      "\"\233\010\n\020SessionStructure\022\026\n\016sessionVersion\030" +
       "\001 \001(\r\022\033\n\023localIdentityPublic\030\002 \001(\014\022\034\n\024re" +
       "moteIdentityPublic\030\003 \001(\014\022\017\n\007rootKey\030\004 \001(" +
       "\014\022\027\n\017previousCounter\030\005 \001(\r\0227\n\013senderChai" +
@@ -4682,25 +5441,28 @@ public final class StorageProtos {
       "e.PendingKeyExchange\022A\n\rpendingPreKey\030\t ",
       "\001(\0132*.textsecure.SessionStructure.Pendin" +
       "gPreKey\022\034\n\024remoteRegistrationId\030\n \001(\r\022\033\n" +
-      "\023localRegistrationId\030\013 \001(\r\032\253\002\n\005Chain\022\027\n\017" +
-      "senderEphemeral\030\001 \001(\014\022\036\n\026senderEphemeral" +
-      "Private\030\002 \001(\014\022=\n\010chainKey\030\003 \001(\0132+.textse" +
-      "cure.SessionStructure.Chain.ChainKey\022B\n\013" +
-      "messageKeys\030\004 \003(\0132-.textsecure.SessionSt" +
-      "ructure.Chain.MessageKey\032&\n\010ChainKey\022\r\n\005" +
-      "index\030\001 \001(\r\022\013\n\003key\030\002 \001(\014\032>\n\nMessageKey\022\r" +
-      "\n\005index\030\001 \001(\r\022\021\n\tcipherKey\030\002 \001(\014\022\016\n\006macK",
-      "ey\030\003 \001(\014\032\321\001\n\022PendingKeyExchange\022\020\n\010seque" +
-      "nce\030\001 \001(\r\022\024\n\014localBaseKey\030\002 \001(\014\022\033\n\023local" +
-      "BaseKeyPrivate\030\003 \001(\014\022\031\n\021localEphemeralKe" +
-      "y\030\004 \001(\014\022 \n\030localEphemeralKeyPrivate\030\005 \001(" +
-      "\014\022\030\n\020localIdentityKey\030\007 \001(\014\022\037\n\027localIden" +
-      "tityKeyPrivate\030\010 \001(\014\0322\n\rPendingPreKey\022\020\n" +
-      "\010preKeyId\030\001 \001(\r\022\017\n\007baseKey\030\002 \001(\014\"J\n\025PreK" +
-      "eyRecordStructure\022\n\n\002id\030\001 \001(\r\022\021\n\tpublicK" +
-      "ey\030\002 \001(\014\022\022\n\nprivateKey\030\003 \001(\014B6\n%org.whis" +
-      "persystems.textsecure.storageB\rStoragePr",
-      "otos"
+      "\023localRegistrationId\030\013 \001(\r\022\024\n\014needsRefre" +
+      "sh\030\014 \001(\010\032\253\002\n\005Chain\022\027\n\017senderEphemeral\030\001 " +
+      "\001(\014\022\036\n\026senderEphemeralPrivate\030\002 \001(\014\022=\n\010c" +
+      "hainKey\030\003 \001(\0132+.textsecure.SessionStruct" +
+      "ure.Chain.ChainKey\022B\n\013messageKeys\030\004 \003(\0132" +
+      "-.textsecure.SessionStructure.Chain.Mess" +
+      "ageKey\032&\n\010ChainKey\022\r\n\005index\030\001 \001(\r\022\013\n\003key" +
+      "\030\002 \001(\014\032>\n\nMessageKey\022\r\n\005index\030\001 \001(\r\022\021\n\tc",
+      "ipherKey\030\002 \001(\014\022\016\n\006macKey\030\003 \001(\014\032\321\001\n\022Pendi" +
+      "ngKeyExchange\022\020\n\010sequence\030\001 \001(\r\022\024\n\014local" +
+      "BaseKey\030\002 \001(\014\022\033\n\023localBaseKeyPrivate\030\003 \001" +
+      "(\014\022\031\n\021localEphemeralKey\030\004 \001(\014\022 \n\030localEp" +
+      "hemeralKeyPrivate\030\005 \001(\014\022\030\n\020localIdentity" +
+      "Key\030\007 \001(\014\022\037\n\027localIdentityKeyPrivate\030\010 \001" +
+      "(\014\0322\n\rPendingPreKey\022\020\n\010preKeyId\030\001 \001(\r\022\017\n" +
+      "\007baseKey\030\002 \001(\014\"\177\n\017RecordStructure\0224\n\016cur" +
+      "rentSession\030\001 \001(\0132\034.textsecure.SessionSt" +
+      "ructure\0226\n\020previousSessions\030\002 \003(\0132\034.text",
+      "secure.SessionStructure\"J\n\025PreKeyRecordS" +
+      "tructure\022\n\n\002id\030\001 \001(\r\022\021\n\tpublicKey\030\002 \001(\014\022" +
+      "\022\n\nprivateKey\030\003 \001(\014B6\n%org.whispersystem" +
+      "s.textsecure.storageB\rStorageProtos"
     };
     com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner =
       new com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner() {
@@ -4712,7 +5474,7 @@ public final class StorageProtos {
           internal_static_textsecure_SessionStructure_fieldAccessorTable = new
             com.google.protobuf.GeneratedMessage.FieldAccessorTable(
               internal_static_textsecure_SessionStructure_descriptor,
-              new java.lang.String[] { "SessionVersion", "LocalIdentityPublic", "RemoteIdentityPublic", "RootKey", "PreviousCounter", "SenderChain", "ReceiverChains", "PendingKeyExchange", "PendingPreKey", "RemoteRegistrationId", "LocalRegistrationId", },
+              new java.lang.String[] { "SessionVersion", "LocalIdentityPublic", "RemoteIdentityPublic", "RootKey", "PreviousCounter", "SenderChain", "ReceiverChains", "PendingKeyExchange", "PendingPreKey", "RemoteRegistrationId", "LocalRegistrationId", "NeedsRefresh", },
               org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.class,
               org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.Builder.class);
           internal_static_textsecure_SessionStructure_Chain_descriptor =
@@ -4755,8 +5517,16 @@ public final class StorageProtos {
               new java.lang.String[] { "PreKeyId", "BaseKey", },
               org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.PendingPreKey.class,
               org.whispersystems.textsecure.storage.StorageProtos.SessionStructure.PendingPreKey.Builder.class);
-          internal_static_textsecure_PreKeyRecordStructure_descriptor =
+          internal_static_textsecure_RecordStructure_descriptor =
             getDescriptor().getMessageTypes().get(1);
+          internal_static_textsecure_RecordStructure_fieldAccessorTable = new
+            com.google.protobuf.GeneratedMessage.FieldAccessorTable(
+              internal_static_textsecure_RecordStructure_descriptor,
+              new java.lang.String[] { "CurrentSession", "PreviousSessions", },
+              org.whispersystems.textsecure.storage.StorageProtos.RecordStructure.class,
+              org.whispersystems.textsecure.storage.StorageProtos.RecordStructure.Builder.class);
+          internal_static_textsecure_PreKeyRecordStructure_descriptor =
+            getDescriptor().getMessageTypes().get(2);
           internal_static_textsecure_PreKeyRecordStructure_fieldAccessorTable = new
             com.google.protobuf.GeneratedMessage.FieldAccessorTable(
               internal_static_textsecure_PreKeyRecordStructure_descriptor,

library/src/org/whispersystems/textsecure/util/BlacklistingTrustManager.java

@@ -0,0 +1,87 @@
+/**
+ * Copyright (C) 2014 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecure.util;
+
+import java.math.BigInteger;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.LinkedList;
+import java.util.List;
+
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * Trust manager that defers to a system X509 trust manager, and
+ * additionally rejects certificates if they have a blacklisted
+ * serial.
+ *
+ * @author Moxie Marlinspike
+ */
+public class BlacklistingTrustManager implements X509TrustManager {
+
+  private static final List<BigInteger> BLACKLIST = new LinkedList<BigInteger>() {{
+    add(new BigInteger("4098"));
+  }};
+
+  public static TrustManager[] createFor(TrustManager[] trustManagers) {
+    for (TrustManager trustManager : trustManagers) {
+      if (trustManager instanceof X509TrustManager) {
+        TrustManager[] results = new BlacklistingTrustManager[1];
+        results[0] = new BlacklistingTrustManager((X509TrustManager)trustManager);
+
+        return results;
+      }
+    }
+
+    throw new AssertionError("No X509 Trust Managers!");
+  }
+
+  private final X509TrustManager trustManager;
+
+  public BlacklistingTrustManager(X509TrustManager trustManager) {
+    this.trustManager = trustManager;
+  }
+
+  @Override
+  public void checkClientTrusted(X509Certificate[] chain, String authType)
+      throws CertificateException
+  {
+    trustManager.checkClientTrusted(chain, authType);
+  }
+
+  @Override
+  public void checkServerTrusted(X509Certificate[] chain, String authType)
+      throws CertificateException
+  {
+    trustManager.checkServerTrusted(chain, authType);
+
+    for (X509Certificate certificate : chain) {
+      for (BigInteger blacklistedSerial : BLACKLIST) {
+        if (certificate.getSerialNumber().equals(blacklistedSerial)) {
+          throw new CertificateException("Blacklisted Serial: " + certificate.getSerialNumber());
+        }
+      }
+    }
+
+  }
+
+  @Override
+  public X509Certificate[] getAcceptedIssuers() {
+    return trustManager.getAcceptedIssuers();
+  }
+}

library/src/org/whispersystems/textsecure/util/Util.java

@@ -1,7 +1,13 @@
 package org.whispersystems.textsecure.util;
 
 import android.content.Context;
+import android.graphics.Shader;
+import android.graphics.drawable.BitmapDrawable;
+import android.graphics.drawable.Drawable;
+import android.graphics.drawable.DrawableContainer;
+import android.graphics.drawable.StateListDrawable;
 import android.telephony.TelephonyManager;
+import android.view.View;
 import android.widget.EditText;
 
 import java.io.ByteArrayOutputStream;
@@ -201,4 +207,17 @@ public class Util {
       throw new AssertionError(e);
     }
   }
+
+  /*
+   * source: http://stackoverflow.com/a/9500334
+   */
+  public static void fixBackgroundRepeat(Drawable bg) {
+    if (bg != null) {
+      if (bg instanceof BitmapDrawable) {
+        BitmapDrawable bmp = (BitmapDrawable) bg;
+        bmp.mutate();
+        bmp.setTileModeXY(Shader.TileMode.REPEAT, Shader.TileMode.REPEAT);
+      }
+    }
+  }
 }

res/anim/fade_scale_in.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<set xmlns:android="http://schemas.android.com/apk/res/android"
+    android:interpolator="@android:anim/decelerate_interpolator">
+    <scale
+        android:duration="150"
+        android:fromXScale="0.85"
+        android:fromYScale="0.85"
+        android:toXScale="1.0"
+        android:toYScale="1.0"
+        android:pivotX="50%"
+        android:pivotY="50%" />
+    <alpha
+        android:duration="150"
+        android:fromAlpha="0.6"
+        android:toAlpha="1.0" />
+</set>

res/anim/fade_scale_out.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<set xmlns:android="http://schemas.android.com/apk/res/android"
+    android:interpolator="@android:anim/decelerate_interpolator">
+    <scale
+        android:duration="150"
+        android:fromXScale="1.0"
+        android:fromYScale="1.0"
+        android:toXScale="0.85"
+        android:toYScale="0.85"
+        android:pivotX="50%"
+        android:pivotY="50%" />
+    <alpha
+        android:duration="150"
+        android:fromAlpha="1.0"
+        android:toAlpha="0.6" />
+</set>

res/anim/slide_from_right.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<set xmlns:android="http://schemas.android.com/apk/res/android"
+     android:interpolator="@android:anim/decelerate_interpolator">
+    <translate
+        android:duration="150"
+        android:fromXDelta="100%"
+        android:toXDelta="0%" />
+</set>

res/anim/slide_to_right.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<set xmlns:android="http://schemas.android.com/apk/res/android"
+     android:interpolator="@android:anim/decelerate_interpolator">
+    <translate
+        android:duration="150"
+        android:fromXDelta="0%"
+        android:toXDelta="100%" />
+</set>