Rename files to be PSR-4 compliant

9 files changed, 960 insertions, 0 deletions

diff --git a/core/Command/Encryption/ChangeKeyStorageRoot.php b/core/Command/Encryption/ChangeKeyStorageRoot.php
new file mode 100644
index 00000000000..801a08b42a8
--- /dev/null
+++ b/core/Command/Encryption/ChangeKeyStorageRoot.php
@@ -0,0 +1,270 @@
+<?php
+/**
+ * @author Björn Schießle <schiessle@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OC\Core\Command\Encryption;
+
+use OC\Encryption\Keys\Storage;
+use OC\Encryption\Util;
+use OC\Files\Filesystem;
+use OC\Files\View;
+use OCP\IConfig;
+use OCP\IUserManager;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Helper\ProgressBar;
+use Symfony\Component\Console\Helper\QuestionHelper;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Question\ConfirmationQuestion;
+
+class ChangeKeyStorageRoot extends Command {
+
+	/** @var View  */
+	protected $rootView;
+
+	/** @var IUserManager */
+	protected $userManager;
+
+	/** @var IConfig  */
+	protected $config;
+
+	/** @var Util  */
+	protected $util;
+
+	/** @var QuestionHelper */
+	protected $questionHelper;
+
+	/**
+	 * @param View $view
+	 * @param IUserManager $userManager
+	 * @param IConfig $config
+	 * @param Util $util
+	 * @param QuestionHelper $questionHelper
+	 */
+	public function __construct(View $view, IUserManager $userManager, IConfig $config, Util $util, QuestionHelper $questionHelper) {
+		parent::__construct();
+		$this->rootView = $view;
+		$this->userManager = $userManager;
+		$this->config = $config;
+		$this->util = $util;
+		$this->questionHelper = $questionHelper;
+	}
+
+	protected function configure() {
+		parent::configure();
+		$this
+			->setName('encryption:change-key-storage-root')
+			->setDescription('Change key storage root')
+			->addArgument(
+				'newRoot',
+				InputArgument::OPTIONAL,
+				'new root of the key storage relative to the data folder'
+			);
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+		$oldRoot = $this->util->getKeyStorageRoot();
+		$newRoot = $input->getArgument('newRoot');
+
+		if ($newRoot === null) {
+			$question = new ConfirmationQuestion('No storage root given, do you want to reset the key storage root to the default location? (y/n) ', false);
+			if (!$this->questionHelper->ask($input, $output, $question)) {
+				return;
+			}
+			$newRoot = '';
+		}
+
+		$oldRootDescription = $oldRoot !== '' ? $oldRoot : 'default storage location';
+		$newRootDescription = $newRoot !== '' ? $newRoot : 'default storage location';
+		$output->writeln("Change key storage root from <info>$oldRootDescription</info> to <info>$newRootDescription</info>");
+		$success = $this->moveAllKeys($oldRoot, $newRoot, $output);
+		if ($success) {
+			$this->util->setKeyStorageRoot($newRoot);
+			$output->writeln('');
+			$output->writeln("Key storage root successfully changed to <info>$newRootDescription</info>");
+		}
+	}
+
+	/**
+	 * move keys to new key storage root
+	 *
+	 * @param string $oldRoot
+	 * @param string $newRoot
+	 * @param OutputInterface $output
+	 * @return bool
+	 * @throws \Exception
+	 */
+	protected function moveAllKeys($oldRoot, $newRoot, OutputInterface $output) {
+
+		$output->writeln("Start to move keys:");
+
+		if ($this->rootView->is_dir(($oldRoot)) === false) {
+			$output->writeln("No old keys found: Nothing needs to be moved");
+			return false;
+		}
+
+		$this->prepareNewRoot($newRoot);
+		$this->moveSystemKeys($oldRoot, $newRoot);
+		$this->moveUserKeys($oldRoot, $newRoot, $output);
+
+		return true;
+	}
+
+	/**
+	 * prepare new key storage
+	 *
+	 * @param string $newRoot
+	 * @throws \Exception
+	 */
+	protected function prepareNewRoot($newRoot) {
+		if ($this->rootView->is_dir($newRoot) === false) {
+			throw new \Exception("New root folder doesn't exist. Please create the folder or check the permissions and try again.");
+		}
+
+		$result = $this->rootView->file_put_contents(
+			$newRoot . '/' . Storage::KEY_STORAGE_MARKER,
+			'ownCloud will detect this folder as key storage root only if this file exists'
+		);
+
+		if ($result === false) {
+			throw new \Exception("Can't write to new root folder. Please check the permissions and try again");
+		}
+
+	}
+
+
+	/**
+	 * move system key folder
+	 *
+	 * @param string $oldRoot
+	 * @param string $newRoot
+	 */
+	protected function moveSystemKeys($oldRoot, $newRoot) {
+		if (
+			$this->rootView->is_dir($oldRoot . '/files_encryption') &&
+			$this->targetExists($newRoot . '/files_encryption') === false
+		) {
+			$this->rootView->rename($oldRoot . '/files_encryption', $newRoot . '/files_encryption');
+		}
+	}
+
+
+	/**
+	 * setup file system for the given user
+	 *
+	 * @param string $uid
+	 */
+	protected function setupUserFS($uid) {
+		\OC_Util::tearDownFS();
+		\OC_Util::setupFS($uid);
+	}
+
+
+	/**
+	 * iterate over each user and move the keys to the new storage
+	 *
+	 * @param string $oldRoot
+	 * @param string $newRoot
+	 * @param OutputInterface $output
+	 */
+	protected function moveUserKeys($oldRoot, $newRoot, OutputInterface $output) {
+
+		$progress = new ProgressBar($output);
+		$progress->start();
+
+
+		foreach($this->userManager->getBackends() as $backend) {
+			$limit = 500;
+			$offset = 0;
+			do {
+				$users = $backend->getUsers('', $limit, $offset);
+				foreach ($users as $user) {
+					$progress->advance();
+					$this->setupUserFS($user);
+					$this->moveUserEncryptionFolder($user, $oldRoot, $newRoot);
+				}
+				$offset += $limit;
+			} while(count($users) >= $limit);
+		}
+		$progress->finish();
+	}
+
+	/**
+	 * move user encryption folder to new root folder
+	 *
+	 * @param string $user
+	 * @param string $oldRoot
+	 * @param string $newRoot
+	 * @throws \Exception
+	 */
+	protected function moveUserEncryptionFolder($user, $oldRoot, $newRoot) {
+
+		if ($this->userManager->userExists($user)) {
+
+			$source = $oldRoot . '/' . $user . '/files_encryption';
+			$target = $newRoot . '/' . $user . '/files_encryption';
+			if (
+				$this->rootView->is_dir($source) &&
+				$this->targetExists($target) === false
+			) {
+				$this->prepareParentFolder($newRoot . '/' . $user);
+				$this->rootView->rename($source, $target);
+			}
+		}
+	}
+
+	/**
+	 * Make preparations to filesystem for saving a key file
+	 *
+	 * @param string $path relative to data/
+	 */
+	protected function prepareParentFolder($path) {
+		$path = Filesystem::normalizePath($path);
+		// If the file resides within a subdirectory, create it
+		if ($this->rootView->file_exists($path) === false) {
+			$sub_dirs = explode('/', ltrim($path, '/'));
+			$dir = '';
+			foreach ($sub_dirs as $sub_dir) {
+				$dir .= '/' . $sub_dir;
+				if ($this->rootView->file_exists($dir) === false) {
+					$this->rootView->mkdir($dir);
+				}
+			}
+		}
+	}
+
+	/**
+	 * check if target already exists
+	 *
+	 * @param $path
+	 * @return bool
+	 * @throws \Exception
+	 */
+	protected function targetExists($path) {
+		if ($this->rootView->file_exists($path)) {
+			throw new \Exception("new folder '$path' already exists");
+		}
+
+		return false;
+	}
+
+}
diff --git a/core/Command/Encryption/DecryptAll.php b/core/Command/Encryption/DecryptAll.php
new file mode 100644
index 00000000000..0a126db5b17
--- /dev/null
+++ b/core/Command/Encryption/DecryptAll.php
@@ -0,0 +1,160 @@
+<?php
+/**
+ * @author Björn Schießle <schiessle@owncloud.com>
+ * @author Joas Schilling <nickvergessen@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OC\Core\Command\Encryption;
+
+use OCP\App\IAppManager;
+use OCP\Encryption\IManager;
+use OCP\IConfig;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Helper\QuestionHelper;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Question\ConfirmationQuestion;
+
+class DecryptAll extends Command {
+
+	/** @var IManager */
+	protected $encryptionManager;
+
+	/** @var  IAppManager */
+	protected $appManager;
+
+	/** @var IConfig */
+	protected $config;
+
+	/** @var  QuestionHelper */
+	protected $questionHelper;
+
+	/** @var bool */
+	protected $wasTrashbinEnabled;
+
+	/** @var  bool */
+	protected $wasSingleUserModeEnabled;
+
+	/** @var \OC\Encryption\DecryptAll */
+	protected $decryptAll;
+
+	/**
+	 * @param IManager $encryptionManager
+	 * @param IAppManager $appManager
+	 * @param IConfig $config
+	 * @param \OC\Encryption\DecryptAll $decryptAll
+	 * @param QuestionHelper $questionHelper
+	 */
+	public function __construct(
+		IManager $encryptionManager,
+		IAppManager $appManager,
+		IConfig $config,
+		\OC\Encryption\DecryptAll $decryptAll,
+		QuestionHelper $questionHelper
+	) {
+		parent::__construct();
+
+		$this->appManager = $appManager;
+		$this->encryptionManager = $encryptionManager;
+		$this->config = $config;
+		$this->decryptAll = $decryptAll;
+		$this->questionHelper = $questionHelper;
+	}
+
+	/**
+	 * Set single user mode and disable the trashbin app
+	 */
+	protected function forceSingleUserAndTrashbin() {
+		$this->wasTrashbinEnabled = $this->appManager->isEnabledForUser('files_trashbin');
+		$this->wasSingleUserModeEnabled = $this->config->getSystemValue('singleuser', false);
+		$this->config->setSystemValue('singleuser', true);
+		$this->appManager->disableApp('files_trashbin');
+	}
+
+	/**
+	 * Reset the single user mode and re-enable the trashbin app
+	 */
+	protected function resetSingleUserAndTrashbin() {
+		$this->config->setSystemValue('singleuser', $this->wasSingleUserModeEnabled);
+		if ($this->wasTrashbinEnabled) {
+			$this->appManager->enableApp('files_trashbin');
+		}
+	}
+
+	protected function configure() {
+		parent::configure();
+
+		$this->setName('encryption:decrypt-all');
+		$this->setDescription('Disable server-side encryption and decrypt all files');
+		$this->setHelp(
+			'This will disable server-side encryption and decrypt all files for '
+			. 'all users if it is supported by your encryption module. '
+			. 'Please make sure that no user access his files during this process!'
+		);
+		$this->addArgument(
+			'user',
+			InputArgument::OPTIONAL,
+			'user for which you want to decrypt all files (optional)'
+		);
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+
+		try {
+			if ($this->encryptionManager->isEnabled() === true) {
+				$output->write('Disable server side encryption... ');
+				$this->config->setAppValue('core', 'encryption_enabled', 'no');
+				$output->writeln('done.');
+			} else {
+				$output->writeln('Server side encryption not enabled. Nothing to do.');
+				return;
+			}
+
+			$output->writeln("\n");
+			$output->writeln('You are about to start to decrypt all files stored in your ownCloud.');
+			$output->writeln('It will depend on the encryption module and your setup if this is possible.');
+			$output->writeln('Depending on the number and size of your files this can take some time');
+			$output->writeln('Please make sure that no user access his files during this process!');
+			$output->writeln('');
+			$question = new ConfirmationQuestion('Do you really want to continue? (y/n) ', false);
+			if ($this->questionHelper->ask($input, $output, $question)) {
+				$this->forceSingleUserAndTrashbin();
+				$user = $input->getArgument('user');
+				$result = $this->decryptAll->decryptAll($input, $output, $user);
+				if ($result === false) {
+					$output->writeln(' aborted.');
+					$this->config->setAppValue('core', 'encryption_enabled', 'yes');
+				}
+				$this->resetSingleUserAndTrashbin();
+			} else {
+				$output->write('Enable server side encryption... ');
+				$this->config->setAppValue('core', 'encryption_enabled', 'yes');
+				$output->writeln('done.');
+				$output->writeln('aborted');
+			}
+		} catch (\Exception $e) {
+			// enable server side encryption again if something went wrong
+			$this->config->setAppValue('core', 'encryption_enabled', 'yes');
+			$this->resetSingleUserAndTrashbin();
+			throw $e;
+		}
+
+	}
+}
diff --git a/core/Command/Encryption/Disable.php b/core/Command/Encryption/Disable.php
new file mode 100644
index 00000000000..0e08a314473
--- /dev/null
+++ b/core/Command/Encryption/Disable.php
@@ -0,0 +1,56 @@
+<?php
+/**
+ * @author Joas Schilling <nickvergessen@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OC\Core\Command\Encryption;
+
+use OCP\IConfig;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class Disable extends Command {
+	/** @var IConfig */
+	protected $config;
+
+	/**
+	 * @param IConfig $config
+	 */
+	public function __construct(IConfig $config) {
+		parent::__construct();
+		$this->config = $config;
+	}
+
+	protected function configure() {
+		$this
+			->setName('encryption:disable')
+			->setDescription('Disable encryption')
+		;
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+		if ($this->config->getAppValue('core', 'encryption_enabled', 'no') !== 'yes') {
+			$output->writeln('Encryption is already disabled');
+		} else {
+			$this->config->setAppValue('core', 'encryption_enabled', 'no');
+			$output->writeln('<info>Encryption disabled</info>');
+		}
+	}
+}
diff --git a/core/Command/Encryption/Enable.php b/core/Command/Encryption/Enable.php
new file mode 100644
index 00000000000..273320e6155
--- /dev/null
+++ b/core/Command/Encryption/Enable.php
@@ -0,0 +1,78 @@
+<?php
+/**
+ * @author Joas Schilling <nickvergessen@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OC\Core\Command\Encryption;
+
+use OCP\Encryption\IManager;
+use OCP\IConfig;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class Enable extends Command {
+	/** @var IConfig */
+	protected $config;
+
+	/** @var IManager */
+	protected $encryptionManager;
+
+	/**
+	 * @param IConfig $config
+	 * @param IManager $encryptionManager
+	 */
+	public function __construct(IConfig $config, IManager $encryptionManager) {
+		parent::__construct();
+
+		$this->encryptionManager = $encryptionManager;
+		$this->config = $config;
+	}
+
+	protected function configure() {
+		$this
+			->setName('encryption:enable')
+			->setDescription('Enable encryption')
+		;
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+		if ($this->config->getAppValue('core', 'encryption_enabled', 'no') === 'yes') {
+			$output->writeln('Encryption is already enabled');
+		} else {
+			$this->config->setAppValue('core', 'encryption_enabled', 'yes');
+			$output->writeln('<info>Encryption enabled</info>');
+		}
+		$output->writeln('');
+
+		$modules = $this->encryptionManager->getEncryptionModules();
+		if (empty($modules)) {
+			$output->writeln('<error>No encryption module is loaded</error>');
+		} else {
+			$defaultModule = $this->config->getAppValue('core', 'default_encryption_module', null);
+			if ($defaultModule === null) {
+				$output->writeln('<error>No default module is set</error>');
+			} else if (!isset($modules[$defaultModule])) {
+				$output->writeln('<error>The current default module does not exist: ' . $defaultModule . '</error>');
+			} else {
+				$output->writeln('Default module: ' . $defaultModule);
+			}
+		}
+	}
+}
diff --git a/core/Command/Encryption/EncryptAll.php b/core/Command/Encryption/EncryptAll.php
new file mode 100644
index 00000000000..02f74a9dea4
--- /dev/null
+++ b/core/Command/Encryption/EncryptAll.php
@@ -0,0 +1,134 @@
+<?php
+/**
+ * @author Björn Schießle <schiessle@owncloud.com>
+ * @author Joas Schilling <nickvergessen@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OC\Core\Command\Encryption;
+
+use OCP\App\IAppManager;
+use OCP\Encryption\IManager;
+use OCP\IConfig;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Helper\QuestionHelper;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Question\ConfirmationQuestion;
+
+class EncryptAll extends Command {
+
+	/** @var IManager */
+	protected $encryptionManager;
+
+	/** @var  IAppManager */
+	protected $appManager;
+
+	/** @var IConfig */
+	protected $config;
+
+	/** @var  QuestionHelper */
+	protected $questionHelper;
+
+	/** @var bool */
+	protected $wasTrashbinEnabled;
+
+	/** @var  bool */
+	protected $wasSingleUserModeEnabled;
+
+	/**
+	 * @param IManager $encryptionManager
+	 * @param IAppManager $appManager
+	 * @param IConfig $config
+	 * @param QuestionHelper $questionHelper
+	 */
+	public function __construct(
+		IManager $encryptionManager,
+		IAppManager $appManager,
+		IConfig $config,
+		QuestionHelper $questionHelper
+	) {
+		parent::__construct();
+		$this->appManager = $appManager;
+		$this->encryptionManager = $encryptionManager;
+		$this->config = $config;
+		$this->questionHelper = $questionHelper;
+	}
+
+	/**
+	 * Set single user mode and disable the trashbin app
+	 */
+	protected function forceSingleUserAndTrashbin() {
+		$this->wasTrashbinEnabled = $this->appManager->isEnabledForUser('files_trashbin');
+		$this->wasSingleUserModeEnabled = $this->config->getSystemValue('singleuser', false);
+		$this->config->setSystemValue('singleuser', true);
+		$this->appManager->disableApp('files_trashbin');
+	}
+
+	/**
+	 * Reset the single user mode and re-enable the trashbin app
+	 */
+	protected function resetSingleUserAndTrashbin() {
+		$this->config->setSystemValue('singleuser', $this->wasSingleUserModeEnabled);
+		if ($this->wasTrashbinEnabled) {
+			$this->appManager->enableApp('files_trashbin');
+		}
+	}
+
+	protected function configure() {
+		parent::configure();
+
+		$this->setName('encryption:encrypt-all');
+		$this->setDescription('Encrypt all files for all users');
+		$this->setHelp(
+			'This will encrypt all files for all users. '
+			. 'Please make sure that no user access his files during this process!'
+		);
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+
+		if ($this->encryptionManager->isEnabled() === false) {
+			throw new \Exception('Server side encryption is not enabled');
+		}
+
+		$output->writeln("\n");
+		$output->writeln('You are about to start to encrypt all files stored in your ownCloud.');
+		$output->writeln('It will depend on the encryption module you use which files get encrypted.');
+		$output->writeln('Depending on the number and size of your files this can take some time');
+		$output->writeln('Please make sure that no user access his files during this process!');
+		$output->writeln('');
+		$question = new ConfirmationQuestion('Do you really want to continue? (y/n) ', false);
+		if ($this->questionHelper->ask($input, $output, $question)) {
+			$this->forceSingleUserAndTrashbin();
+
+			try {
+				$defaultModule = $this->encryptionManager->getEncryptionModule();
+				$defaultModule->encryptAll($input, $output);
+			} catch (\Exception $ex) {
+				$this->resetSingleUserAndTrashbin();
+				throw $ex;
+			}
+
+			$this->resetSingleUserAndTrashbin();
+		} else {
+			$output->writeln('aborted');
+		}
+	}
+
+}
diff --git a/core/Command/Encryption/ListModules.php b/core/Command/Encryption/ListModules.php
new file mode 100644
index 00000000000..9c061b6e764
--- /dev/null
+++ b/core/Command/Encryption/ListModules.php
@@ -0,0 +1,80 @@
+<?php
+/**
+ * @author Joas Schilling <nickvergessen@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OC\Core\Command\Encryption;
+
+use OC\Core\Command\Base;
+use OCP\Encryption\IManager;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class ListModules extends Base {
+	/** @var IManager */
+	protected $encryptionManager;
+
+	/**
+	 * @param IManager $encryptionManager
+	 */
+	public function __construct(IManager $encryptionManager) {
+		parent::__construct();
+		$this->encryptionManager = $encryptionManager;
+	}
+
+	protected function configure() {
+		parent::configure();
+
+		$this
+			->setName('encryption:list-modules')
+			->setDescription('List all available encryption modules')
+		;
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+		$encryptionModules = $this->encryptionManager->getEncryptionModules();
+		$defaultEncryptionModuleId = $this->encryptionManager->getDefaultEncryptionModuleId();
+
+		$encModules = array();
+		foreach ($encryptionModules as $module) {
+			$encModules[$module['id']]['displayName'] = $module['displayName'];
+			$encModules[$module['id']]['default'] = $module['id'] === $defaultEncryptionModuleId;
+		}
+		$this->writeModuleList($input, $output, $encModules);
+	}
+
+	/**
+	 * @param InputInterface $input
+	 * @param OutputInterface $output
+	 * @param array $items
+	 */
+	protected function writeModuleList(InputInterface $input, OutputInterface $output, $items) {
+		if ($input->getOption('output') === self::OUTPUT_FORMAT_PLAIN) {
+			array_walk($items, function(&$item) {
+				if (!$item['default']) {
+					$item = $item['displayName'];
+				} else {
+					$item = $item['displayName'] . ' [default*]';
+				}
+			});
+		}
+
+		$this->writeArrayInOutputFormat($input, $output, $items);
+	}
+}
diff --git a/core/Command/Encryption/SetDefaultModule.php b/core/Command/Encryption/SetDefaultModule.php
new file mode 100644
index 00000000000..e9978536201
--- /dev/null
+++ b/core/Command/Encryption/SetDefaultModule.php
@@ -0,0 +1,68 @@
+<?php
+/**
+ * @author Joas Schilling <nickvergessen@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OC\Core\Command\Encryption;
+
+
+use OCP\Encryption\IManager;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class SetDefaultModule extends Command {
+	/** @var IManager */
+	protected $encryptionManager;
+
+	/**
+	 * @param IManager $encryptionManager
+	 */
+	public function __construct(IManager $encryptionManager) {
+		parent::__construct();
+		$this->encryptionManager = $encryptionManager;
+	}
+
+	protected function configure() {
+		parent::configure();
+
+		$this
+			->setName('encryption:set-default-module')
+			->setDescription('Set the encryption default module')
+			->addArgument(
+				'module',
+				InputArgument::REQUIRED,
+				'ID of the encryption module that should be used'
+			)
+		;
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+		$moduleId = $input->getArgument('module');
+
+		if ($moduleId === $this->encryptionManager->getDefaultEncryptionModuleId()) {
+			$output->writeln('"' . $moduleId . '"" is already the default module');
+		} else if ($this->encryptionManager->setDefaultEncryptionModule($moduleId)) {
+			$output->writeln('<info>Set default module to "' . $moduleId . '"</info>');
+		} else {
+			$output->writeln('<error>The specified module "' . $moduleId . '" does not exist</error>');
+		}
+	}
+}
diff --git a/core/Command/Encryption/ShowKeyStorageRoot.php b/core/Command/Encryption/ShowKeyStorageRoot.php
new file mode 100644
index 00000000000..402352c4bcf
--- /dev/null
+++ b/core/Command/Encryption/ShowKeyStorageRoot.php
@@ -0,0 +1,58 @@
+<?php
+/**
+ * @author Björn Schießle <schiessle@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OC\Core\Command\Encryption;
+
+use OC\Encryption\Util;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class ShowKeyStorageRoot extends Command{
+
+	/** @var Util  */
+	protected $util;
+
+	/**
+	 * @param Util $util
+	 */
+	public function __construct(Util $util) {
+		parent::__construct();
+		$this->util = $util;
+	}
+
+	protected function configure() {
+		parent::configure();
+		$this
+			->setName('encryption:show-key-storage-root')
+			->setDescription('Show current key storage root');
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+		$currentRoot = $this->util->getKeyStorageRoot();
+
+		$rootDescription = $currentRoot !== '' ? $currentRoot : 'default storage location (data/)';
+
+		$output->writeln("Current key storage root:  <info>$rootDescription</info>");
+	}
+
+}
diff --git a/core/Command/Encryption/Status.php b/core/Command/Encryption/Status.php
new file mode 100644
index 00000000000..b97ea8833fa
--- /dev/null
+++ b/core/Command/Encryption/Status.php
@@ -0,0 +1,56 @@
+<?php
+/**
+ * @author Joas Schilling <nickvergessen@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OC\Core\Command\Encryption;
+
+use OC\Core\Command\Base;
+use OCP\Encryption\IManager;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class Status extends Base {
+	/** @var IManager */
+	protected $encryptionManager;
+
+	/**
+	 * @param IManager $encryptionManager
+	 */
+	public function __construct(IManager $encryptionManager) {
+		parent::__construct();
+		$this->encryptionManager = $encryptionManager;
+	}
+
+	protected function configure() {
+		parent::configure();
+
+		$this
+			->setName('encryption:status')
+			->setDescription('Lists the current status of encryption')
+		;
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+		$this->writeArrayInOutputFormat($input, $output, [
+			'enabled' => $this->encryptionManager->isEnabled(),
+			'defaultModule' => $this->encryptionManager->getDefaultEncryptionModuleId(),
+		]);
+	}
+}