Encapsulate encrypt/decrypt buffer capacity calculation.
Additionally, make sessionId non-optional in control packets. They must have it, therefore treat a missing sessionId as a programming error instead. Reuse routines for acks to make PacketMacros the only point of packets serialization.