- Make connectionQueue(), latestTransmissionOutcomes() and latestTransmissionSuccessful() methods static in order to match the underlying data storage.

- Make it possible to transfer elements directly between connectionQueues.

- Add defaultBSSID value.

- Fix bug where encrypted Espnow-connections expired 1 ms too late.

- Add MutexTracker::captureBan() functionality and use it in the espnowReceiveCallbackWrapper method to ensure a consistent mutex environment there.

- Rename acceptRequest to acceptRequests since several requests can be accepted, not just one.

- Reorganize EspnowMeshBackend.cpp.

- Split sendEspnowResponses() method into sendEspnowResponses() and sendPeerRequestConfirmations().

- Add sendStoredEspnowMessages() method to provide the same functionality as the previous version of sendEspnowResponses().

- Add logic for handling peerRequestConfirmations received at the same time as a peer request is being made, to avoid lockups when there are simultaneous cyclic peer requests.

- Add logic for handling simultaneous reciprocal peer requests.

- Include MAC addresses in HMAC calculations for peer requests and use HMAC for all unencrypted peer request messages, to make sure we receive valid MAC combinations.

- Add asserts to ensure ESP-NOW encryption integrity during code changes.

- Add estimatedMaxDuration argument to performEspnowMaintainance and related methods.

- Add methods to EncryptedConnectionData for setting peer MAC.

- Remove createEncryptionRequestMessage function from JsonTranslator since it is not used, to increase clarity.

- Add encryptedConnectionsSoftLimit() and related functionality.

- Add mutex to protect connectionQueue usage during attemptTransmission.

- Add _ongoingPeerRequestMac variable.

- Add reservedEncryptedConnections() method.

- Add TransmissionOutcomesUpdateHook() callback.

- Add constConnectionQueue() method to allow connectionQueue usage while connectionQueue mutex is active.

- Rearrange attemptAutoEncryptingTransmission argument order to increase efficiency.

- Add functionality for serializing the unencrypted ESP-NOW connection.

- Add some constness.

- Improve comments.

- Improve documentation.

- Update keywords.txt.

libraries/ESP8266WiFiMesh/src/JsonTranslator.cpp

@@ -73,7 +73,8 @@ namespace JsonTranslator
       return false;
   }
 
-  bool verifyHmac(const String &encryptionRequestHmacMessage, const uint8_t *hashKey, uint8_t hashKeyLength)
+  bool verifyEncryptionRequestHmac(const String &encryptionRequestHmacMessage, const uint8_t *requesterStaMac, const uint8_t *requesterApMac, 
+                                   const uint8_t *hashKey, uint8_t hashKeyLength)
   {
     String hmac = "";
     if(getHmac(encryptionRequestHmacMessage, hmac))
@@ -82,7 +83,7 @@ namespace JsonTranslator
       if(hmacStartIndex < 0)
         return false;
      
-      if(verifyHmac(encryptionRequestHmacMessage.substring(0, hmacStartIndex), hmac, hashKey, hashKeyLength))
+      if(verifyHmac(macToString(requesterStaMac) + macToString(requesterApMac) + encryptionRequestHmacMessage.substring(0, hmacStartIndex), hmac, hashKey, hashKeyLength))
       {
         return true;
       }
@@ -91,13 +92,12 @@ namespace JsonTranslator
     return false;
   }
   
-  String createEncryptedConnectionInfo(const String &requestNonce, const String &authenticationPassword, uint64_t ownSessionKey, uint64_t peerSessionKey)
+  String createEncryptedConnectionInfo(const String &infoHeader, const String &requestNonce, const String &authenticationPassword, uint64_t ownSessionKey, uint64_t peerSessionKey)
   {
-    // Returns: Encrypted connection info:{"arguments":{"nonce":"1F2","password":"abc","ownSessionKey":"3B4","peerSessionKey":"1A2"}}
-
+    // Returns: Encrypted connection info:{"arguments":{"nonce":"1F2","password":"abc","ownSK":"3B4","peerSK":"1A2"}}
 
     return
-    EspnowProtocolInterpreter::encryptedConnectionInfoHeader + "{\"arguments\":{" 
+    infoHeader + "{\"arguments\":{" 
     + createJsonPair(jsonNonce, requestNonce)
     + createJsonPair(jsonPassword, authenticationPassword)
     + createJsonPair(jsonOwnSessionKey, uint64ToString(peerSessionKey))   // Exchanges session keys since it should be valid for the receiver.
@@ -116,15 +116,13 @@ namespace JsonTranslator
     return createJsonEndPair(jsonNonce, requestNonce);
   }
   
-  String createEncryptionRequestMessage(const String &requestHeader, const String &requestNonce, uint32_t duration)
-  {
-    return createEncryptionRequestIntro(requestHeader, duration) + createEncryptionRequestEnding(requestNonce);
-  }
-
   String createEncryptionRequestHmacMessage(const String &requestHeader, const String &requestNonce, const uint8_t *hashKey, uint8_t hashKeyLength, uint32_t duration)
   {
     String mainMessage = createEncryptionRequestIntro(requestHeader, duration) + createJsonPair(jsonNonce, requestNonce);
-    String hmac = createHmac(mainMessage, hashKey, hashKeyLength);
+    uint8_t staMac[6] {0};
+    uint8_t apMac[6] {0};
+    String requesterStaApMac = macToString(WiFi.macAddress(staMac)) + macToString(WiFi.softAPmacAddress(apMac));
+    String hmac = createHmac(requesterStaApMac + mainMessage, hashKey, hashKeyLength);
     return mainMessage + createJsonEndPair(jsonHmac, hmac);
   }
   
@@ -148,6 +146,20 @@ namespace JsonTranslator
   
     return endIndex;
   }
+
+  bool getConnectionState(const String &jsonString, String &result)
+  {
+    int32_t startIndex = jsonString.indexOf(jsonConnectionState);
+    if(startIndex < 0)
+      return false;
+    
+    int32_t endIndex = jsonString.indexOf("}");
+    if(endIndex < 0)
+      return false;
+      
+    result = jsonString.substring(startIndex, endIndex + 1);
+    return true;
+  }
   
   bool getPassword(const String &jsonString, String &result)
   {
@@ -266,4 +278,27 @@ namespace JsonTranslator
     result = bool(strtoul(jsonString.substring(startIndex).c_str(), nullptr, 0)); // strtoul stops reading input when an invalid character is discovered.
     return true;
   }
+
+  bool getUnencryptedMessageID(const String &jsonString, uint32_t &result)
+  {
+    int32_t startIndex = getStartIndex(jsonString, jsonUnencryptedMessageID);
+    if(startIndex < 0)
+      return false;
+    
+    result = strtoul(jsonString.substring(startIndex).c_str(), nullptr, 0); // strtoul stops reading input when an invalid character is discovered.
+    return true;
+  }
+
+  bool getMeshMessageCount(const String &jsonString, uint16_t &result)
+  {  
+    int32_t startIndex = getStartIndex(jsonString, jsonMeshMessageCount);
+    if(startIndex < 0)
+      return false;
+
+    uint32_t longResult = strtoul(jsonString.substring(startIndex).c_str(), nullptr, 0); // strtoul stops reading input when an invalid character is discovered.
+    assert(longResult <= 65535); // Must fit within uint16_t
+    
+    result = longResult;
+    return true;
+  }
 }