Merge pull request #14472 from owncloud/feature/wipencryptionapp

encryption 2.0 app

13 files changed, 404 insertions, 142 deletions

diff --git a/lib/private/encryption/exceptions/decryptionfailedexception.php b/lib/private/encryption/exceptions/decryptionfailedexception.php
new file mode 100644
index 00000000000..f8b4fdf07fa
--- /dev/null
+++ b/lib/private/encryption/exceptions/decryptionfailedexception.php
@@ -0,0 +1,29 @@
+<?php
+  /**
+ * @author Clark Tomlinson  <clark@owncloud.com>
+ * @since 2/25/15, 9:38 AM
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OC\Encryption\Exceptions;
+
+use OCP\Encryption\Exceptions\GenericEncryptionException;
+
+class DecryptionFailedException extends GenericEncryptionException {
+
+}
diff --git a/lib/private/encryption/exceptions/emptyencryptiondataexception.php b/lib/private/encryption/exceptions/emptyencryptiondataexception.php
new file mode 100644
index 00000000000..d3dc9230047
--- /dev/null
+++ b/lib/private/encryption/exceptions/emptyencryptiondataexception.php
@@ -0,0 +1,29 @@
+<?php
+  /**
+ * @author Clark Tomlinson  <clark@owncloud.com>
+ * @since 2/25/15, 9:38 AM
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OC\Encryption\Exceptions;
+
+use OCP\Encryption\Exceptions\GenericEncryptionException;
+
+class EmptyEncryptionDataException extends GenericEncryptionException{
+
+}
diff --git a/lib/private/encryption/exceptions/encryptionfailedexception.php b/lib/private/encryption/exceptions/encryptionfailedexception.php
new file mode 100644
index 00000000000..ac489c73254
--- /dev/null
+++ b/lib/private/encryption/exceptions/encryptionfailedexception.php
@@ -0,0 +1,29 @@
+<?php
+  /**
+ * @author Clark Tomlinson  <clark@owncloud.com>
+ * @since 2/25/15, 9:37 AM
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OC\Encryption\Exceptions;
+
+use OCP\Encryption\Exceptions\GenericEncryptionException;
+
+class EncryptionFailedException extends GenericEncryptionException{
+
+}
diff --git a/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php b/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php
index d401f0323ba..5e8e48efd78 100644
--- a/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php
+++ b/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php
@@ -23,7 +23,14 @@
 
 namespace OC\Encryption\Exceptions;
 
+use OCP\Encryption\Exceptions\GenericEncryptionException;
 
-class EncryptionHeaderKeyExistsException extends \Exception {
+class EncryptionHeaderKeyExistsException extends GenericEncryptionException {
 
-}
\ No newline at end of file
+	/**
+	 * @param string $key
+	 */
+	public function __construct($key) {
+		parent::__construct('header key "'. $key . '" already reserved by ownCloud');
+	}
+}
diff --git a/lib/private/encryption/exceptions/encryptionheadertolargeexception.php b/lib/private/encryption/exceptions/encryptionheadertolargeexception.php
new file mode 100644
index 00000000000..cdb5f940800
--- /dev/null
+++ b/lib/private/encryption/exceptions/encryptionheadertolargeexception.php
@@ -0,0 +1,33 @@
+<?php
+  /**
+ * @author Clark Tomlinson  <clark@owncloud.com>
+ * @since 2/25/15, 9:35 AM
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OC\Encryption\Exceptions;
+
+use OCP\Encryption\Exceptions\GenericEncryptionException;
+
+class EncryptionHeaderToLargeException extends GenericEncryptionException {
+
+	public function __construct() {
+		parent::__construct('max header size exceeded');
+	}
+
+}
diff --git a/lib/private/encryption/exceptions/modulealreadyexistsexception.php b/lib/private/encryption/exceptions/modulealreadyexistsexception.php
index 41fc0188e24..fa1e70a5c36 100644
--- a/lib/private/encryption/exceptions/modulealreadyexistsexception.php
+++ b/lib/private/encryption/exceptions/modulealreadyexistsexception.php
@@ -23,6 +23,16 @@
 
 namespace OC\Encryption\Exceptions;
 
-class ModuleAlreadyExistsException extends \Exception {
+use OCP\Encryption\Exceptions\GenericEncryptionException;
+
+class ModuleAlreadyExistsException extends GenericEncryptionException {
+
+	/**
+	 * @param string $id
+	 * @param string $name
+	 */
+	public function __construct($id, $name) {
+		parent::__construct('Id "' . $id . '" already used by encryption module "' . $name . '"');
+	}
 
 }
diff --git a/lib/private/encryption/exceptions/moduledoesnotexistsexception.php b/lib/private/encryption/exceptions/moduledoesnotexistsexception.php
index 5507bd03dab..2c699e8dc2d 100644
--- a/lib/private/encryption/exceptions/moduledoesnotexistsexception.php
+++ b/lib/private/encryption/exceptions/moduledoesnotexistsexception.php
@@ -23,6 +23,8 @@
 
 namespace OC\Encryption\Exceptions;
 
-class ModuleDoesNotExistsException extends \Exception {
+use OCP\Encryption\Exceptions\GenericEncryptionException;
+
+class ModuleDoesNotExistsException extends GenericEncryptionException {
 
 }
diff --git a/lib/private/encryption/exceptions/unknowncipherexception.php b/lib/private/encryption/exceptions/unknowncipherexception.php
new file mode 100644
index 00000000000..188f7403848
--- /dev/null
+++ b/lib/private/encryption/exceptions/unknowncipherexception.php
@@ -0,0 +1,29 @@
+<?php
+  /**
+ * @author Clark Tomlinson  <clark@owncloud.com>
+ * @since 2/25/15, 9:36 AM
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+
+namespace OC\Encryption\Exceptions;
+
+use OCP\Encryption\Exceptions\GenericEncryptionException;
+
+class UnknownCipherException extends GenericEncryptionException {
+
+}
diff --git a/lib/private/encryption/file.php b/lib/private/encryption/file.php
new file mode 100644
index 00000000000..3600936ed0e
--- /dev/null
+++ b/lib/private/encryption/file.php
@@ -0,0 +1,79 @@
+<?php
+
+/**
+ * ownCloud
+ *
+ * @copyright (C) 2015 ownCloud, Inc.
+ *
+ * @author Bjoern Schiessle <schiessle@owncloud.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OC\Encryption;
+
+class File implements \OCP\Encryption\IFile {
+
+	/** @var Util */
+	protected $util;
+
+	public function __construct(Util $util) {
+		$this->util = $util;
+	}
+
+
+	/**
+	 * get list of users with access to the file
+	 *
+	 * @param string $path to the file
+	 * @return array
+	 */
+	public function getAccessList($path) {
+
+		// Make sure that a share key is generated for the owner too
+		list($owner, $ownerPath) = $this->util->getUidAndFilename($path);
+
+		// always add owner to the list of users with access to the file
+		$userIds = array($owner);
+
+		if (!$this->util->isFile($ownerPath)) {
+			return array('users' => $userIds, 'public' => false);
+		}
+
+		$ownerPath = substr($ownerPath, strlen('/files'));
+		$ownerPath = $this->util->stripPartialFileExtension($ownerPath);
+
+		// Find out who, if anyone, is sharing the file
+		$result = \OCP\Share::getUsersSharingFile($ownerPath, $owner);
+		$userIds = \array_merge($userIds, $result['users']);
+		$public = $result['public'] || $result['remote'];
+
+		// check if it is a group mount
+		if (\OCP\App::isEnabled("files_external")) {
+			$mounts = \OC_Mount_Config::getSystemMountPoints();
+			foreach ($mounts as $mount) {
+				if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) {
+					$mountedFor = $this->util->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']);
+					$userIds = array_merge($userIds, $mountedFor);
+				}
+			}
+		}
+
+		// Remove duplicate UIDs
+		$uniqueUserIds = array_unique($userIds);
+
+		return array('users' => $uniqueUserIds, 'public' => $public);
+	}
+
+}
diff --git a/lib/private/encryption/keys/storage.php b/lib/private/encryption/keys/storage.php
index 041db2a2cb8..42610bd0b41 100644
--- a/lib/private/encryption/keys/storage.php
+++ b/lib/private/encryption/keys/storage.php
@@ -25,7 +25,7 @@ namespace OC\Encryption\Keys;
 
 use OC\Encryption\Util;
 use OC\Files\View;
-use OCA\Files_Encryption\Exception\EncryptionException;
+use OCP\Encryption\Exceptions\GenericEncryptionException;
 
 class Storage implements \OCP\Encryption\Keys\IStorage {
 
@@ -253,13 +253,13 @@ class Storage implements \OCP\Encryption\Keys\IStorage {
 	 *
 	 * @param string $path path to the file, relative to data/
 	 * @return string
-	 * @throws EncryptionException
+	 * @throws GenericEncryptionException
 	 * @internal param string $keyId
 	 */
 	private function getFileKeyDir($path) {
 
 		if ($this->view->is_dir($path)) {
-			throw new EncryptionException('file was expected but directory was given', EncryptionException::GENERIC);
+			throw new GenericEncryptionException("file was expected but directory was given: $path");
 		}
 
 		list($owner, $filename) = $this->util->getUidAndFilename($path);
@@ -283,7 +283,12 @@ class Storage implements \OCP\Encryption\Keys\IStorage {
 	 * @param string $owner
 	 * @param bool $systemWide
 	 */
-	public function renameKeys($source, $target, $owner, $systemWide) {
+	public function renameKeys($source, $target) {
+
+		list($owner, $source) = $this->util->getUidAndFilename($source);
+		list(, $target) = $this->util->getUidAndFilename($target);
+		$systemWide = $this->util->isSystemWideMountPoint($target);
+
 		if ($systemWide) {
 			$sourcePath = $this->keys_base_dir . $source . '/';
 			$targetPath = $this->keys_base_dir . $target . '/';
@@ -299,6 +304,34 @@ class Storage implements \OCP\Encryption\Keys\IStorage {
 	}
 
 	/**
+	 * copy keys if a file was renamed
+	 *
+	 * @param string $source
+	 * @param string $target
+	 * @param string $owner
+	 * @param bool $systemWide
+	 */
+	public function copyKeys($source, $target) {
+
+		list($owner, $source) = $this->util->getUidAndFilename($source);
+		list(, $target) = $this->util->getUidAndFilename($target);
+		$systemWide = $this->util->isSystemWideMountPoint($target);
+
+		if ($systemWide) {
+			$sourcePath = $this->keys_base_dir . $source . '/';
+			$targetPath = $this->keys_base_dir . $target . '/';
+		} else {
+			$sourcePath = '/' . $owner . $this->keys_base_dir . $source . '/';
+			$targetPath = '/' . $owner . $this->keys_base_dir . $target . '/';
+		}
+
+		if ($this->view->file_exists($sourcePath)) {
+			$this->keySetPreparation(dirname($targetPath));
+			$this->view->copy($sourcePath, $targetPath);
+		}
+	}
+
+	/**
 	 * Make preparations to filesystem for saving a keyfile
 	 *
 	 * @param string $path relative to the views root
@@ -306,7 +339,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage {
 	protected function keySetPreparation($path) {
 		// If the file resides within a subdirectory, create it
 		if (!$this->view->file_exists($path)) {
-			$sub_dirs = explode('/', $path);
+			$sub_dirs = explode('/', ltrim($path, '/'));
 			$dir = '';
 			foreach ($sub_dirs as $sub_dir) {
 				$dir .= '/' . $sub_dir;
diff --git a/lib/private/encryption/manager.php b/lib/private/encryption/manager.php
index 5164025239c..484e0f540b2 100644
--- a/lib/private/encryption/manager.php
+++ b/lib/private/encryption/manager.php
@@ -23,7 +23,9 @@
 
 namespace OC\Encryption;
 
+use OC\Files\Storage\Wrapper\Encryption;
 use OCP\Encryption\IEncryptionModule;
+use OCP\Files\Mount\IMountPoint;
 
 class Manager implements \OCP\Encryption\IManager {
 
@@ -66,10 +68,9 @@ class Manager implements \OCP\Encryption\IManager {
 	public function registerEncryptionModule(IEncryptionModule $module) {
 		$id = $module->getId();
 		$name = $module->getDisplayName();
-		if (isset($this->encryptionModules[$id])) {
-			$message = 'Id "' . $id . '" already used by encryption module "' . $name . '"';
-			throw new Exceptions\ModuleAlreadyExistsException($message);
 
+		if (isset($this->encryptionModules[$id])) {
+			throw new Exceptions\ModuleAlreadyExistsException($id, $name);
 		}
 
 		$defaultEncryptionModuleId = $this->getDefaultEncryptionModuleId();
@@ -106,12 +107,24 @@ class Manager implements \OCP\Encryption\IManager {
 	 * @return IEncryptionModule
 	 * @throws Exceptions\ModuleDoesNotExistsException
 	 */
-	public function getEncryptionModule($moduleId) {
-		if (isset($this->encryptionModules[$moduleId])) {
-			return $this->encryptionModules[$moduleId];
-		} else {
-			$message = "Module with id: $moduleId does not exists.";
-			throw new Exceptions\ModuleDoesNotExistsException($message);
+	public function getEncryptionModule($moduleId = '') {
+		if (!empty($moduleId)) {
+			if (isset($this->encryptionModules[$moduleId])) {
+				return $this->encryptionModules[$moduleId];
+			} else {
+				$message = "Module with id: $moduleId does not exists.";
+				throw new Exceptions\ModuleDoesNotExistsException($message);
+			}
+		} else { // get default module and return this
+				 // For now we simply return the first module until we have a way
+	             // to enable multiple modules and define a default module
+			$module = reset($this->encryptionModules);
+			if ($module) {
+				return $module;
+			} else {
+				$message = 'No encryption module registered';
+				throw new Exceptions\ModuleDoesNotExistsException($message);
+			}
 		}
 	}
 
@@ -166,5 +179,25 @@ class Manager implements \OCP\Encryption\IManager {
 		}
 	}
 
-
+	public static function setupStorage() {
+		\OC\Files\Filesystem::addStorageWrapper('oc_encryption', function ($mountPoint, $storage, IMountPoint $mount) {
+			$parameters = [
+				'storage' => $storage,
+				'mountPoint' => $mountPoint,
+				'mount' => $mount];
+
+			if (!($storage instanceof \OC\Files\Storage\Shared)) {
+				$manager = \OC::$server->getEncryptionManager();
+				$util = new \OC\Encryption\Util(
+					new \OC\Files\View(), \OC::$server->getUserManager(), \OC::$server->getConfig());
+				$user = \OC::$server->getUserSession()->getUser();
+				$logger = \OC::$server->getLogger();
+				$uid = $user ? $user->getUID() : null;
+				$fileHelper = \OC::$server->getEncryptionFilesHelper();
+				return new Encryption($parameters, $manager, $util, $logger, $fileHelper, $uid);
+			} else {
+				return $storage;
+			}
+		}, 2);
+	}
 }
diff --git a/lib/private/encryption/update.php b/lib/private/encryption/update.php
index 06dc330151e..1cfe935e584 100644
--- a/lib/private/encryption/update.php
+++ b/lib/private/encryption/update.php
@@ -46,12 +46,16 @@ class Update {
 	/** @var string */
 	protected $uid;
 
+	/** @var \OC\Encryption\File */
+	protected $file;
+
 	/**
 	 *
 	 * @param \OC\Files\View $view
 	 * @param \OC\Encryption\Util $util
 	 * @param \OC\Files\Mount\Manager $mountManager
 	 * @param \OC\Encryption\Manager $encryptionManager
+	 * @param \OC\Encryption\File $file
 	 * @param string $uid
 	 */
 	public function __construct(
@@ -59,6 +63,7 @@ class Update {
 			Util $util,
 			Mount\Manager $mountManager,
 			Manager $encryptionManager,
+			File $file,
 			$uid
 		) {
 
@@ -66,6 +71,7 @@ class Update {
 		$this->util = $util;
 		$this->mountManager = $mountManager;
 		$this->encryptionManager = $encryptionManager;
+		$this->file = $file;
 		$this->uid = $uid;
 	}
 
@@ -87,25 +93,29 @@ class Update {
 	 * @param int $fileSource file source id
 	 */
 	private function update($fileSource) {
-			$path = \OC\Files\Filesystem::getPath($fileSource);
-			$absPath = '/' . $this->uid . '/files' . $path;
-
-			$mount = $this->mountManager->find($path);
-			$mountPoint = $mount->getMountPoint();
-
-			// if a folder was shared, get a list of all (sub-)folders
-			if ($this->view->is_dir($absPath)) {
-				$allFiles = $this->util->getAllFiles($absPath, $mountPoint);
-			} else {
-				$allFiles = array($absPath);
-			}
+		$path = \OC\Files\Filesystem::getPath($fileSource);
+		$info = \OC\Files\Filesystem::getFileInfo($path);
+		$owner = \OC\Files\Filesystem::getOwner($path);
+		$view = new \OC\Files\View('/' . $owner . '/files');
+		$ownerPath = $view->getPath($info->getId());
+		$absPath = '/' . $owner . '/files' . $ownerPath;
+
+		$mount = $this->mountManager->find($path);
+		$mountPoint = $mount->getMountPoint();
+
+		// if a folder was shared, get a list of all (sub-)folders
+		if ($this->view->is_dir($absPath)) {
+			$allFiles = $this->util->getAllFiles($absPath, $mountPoint);
+		} else {
+			$allFiles = array($absPath);
+		}
 
-			$encryptionModule = $this->encryptionManager->getDefaultEncryptionModule();
+		$encryptionModule = $this->encryptionManager->getDefaultEncryptionModule();
 
-			foreach ($allFiles as $path) {
-				$usersSharing = $this->util->getSharingUsersArray($path);
-				$encryptionModule->update($absPath, $this->uid, $usersSharing);
-			}
+		foreach ($allFiles as $path) {
+			$usersSharing = $this->file->getAccessList($path);
+			$encryptionModule->update($path, $this->uid, $usersSharing);
+		}
 	}
 
-}
\ No newline at end of file
+}
diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php
index 85e852ec2c9..6312d8813e3 100644
--- a/lib/private/encryption/util.php
+++ b/lib/private/encryption/util.php
@@ -23,9 +23,11 @@
 
 namespace OC\Encryption;
 
-use OC\Encryption\Exceptions\EncryptionHeaderToLargeException;
 use OC\Encryption\Exceptions\EncryptionHeaderKeyExistsException;
+use OC\Encryption\Exceptions\EncryptionHeaderToLargeException;
+use OC\Files\View;
 use OCP\Encryption\IEncryptionModule;
+use OCP\IConfig;
 
 class Util {
 
@@ -49,7 +51,7 @@ class Util {
 	 */
 	protected $blockSize = 8192;
 
-	/** @var \OC\Files\View */
+	/** @var View */
 	protected $view;
 
 	/** @var array */
@@ -58,19 +60,30 @@ class Util {
 	/** @var \OC\User\Manager */
 	protected $userManager;
 
+	/** @var IConfig */
+	protected $config;
+
 	/** @var array paths excluded from encryption */
 	protected $excludedPaths;
 
 	/**
-	 * @param \OC\Files\View $view root view
+	 *
+	 * @param \OC\Files\View $view
+	 * @param \OC\User\Manager $userManager
+	 * @param IConfig $config
 	 */
-	public function __construct(\OC\Files\View $view, \OC\User\Manager $userManager) {
+	public function __construct(
+		\OC\Files\View $view,
+		\OC\User\Manager $userManager,
+		IConfig $config) {
+
 		$this->ocHeaderKeys = [
 			self::HEADER_ENCRYPTION_MODULE_KEY
 		];
 
 		$this->view = $view;
 		$this->userManager = $userManager;
+		$this->config = $config;
 
 		$this->excludedPaths[] = 'files_encryption';
 	}
@@ -81,7 +94,7 @@ class Util {
 	 * @param array $header
 	 * @return string
 	 */
-	public function getEncryptionModuleId(array $header) {
+	public function getEncryptionModuleId(array $header = null) {
 		$id = '';
 		$encryptionModuleKey = self::HEADER_ENCRYPTION_MODULE_KEY;
 
@@ -134,14 +147,14 @@ class Util {
 		$header = self::HEADER_START . ':' . self::HEADER_ENCRYPTION_MODULE_KEY . ':' . $encryptionModule->getId() . ':';
 		foreach ($headerData as $key => $value) {
 			if (in_array($key, $this->ocHeaderKeys)) {
-				throw new EncryptionHeaderKeyExistsException('header key "'. $key . '" already reserved by ownCloud');
+				throw new EncryptionHeaderKeyExistsException($key);
 			}
 			$header .= $key . ':' . $value . ':';
 		}
 		$header .= self::HEADER_END;
 
 		if (strlen($header) > $this->getHeaderSize()) {
-			throw new EncryptionHeaderToLargeException('max header size exceeded', EncryptionException::ENCRYPTION_HEADER_TO_LARGE);
+			throw new EncryptionHeaderToLargeException();
 		}
 
 		$paddedHeader = str_pad($header, $this->headerSize, self::HEADER_PADDING_CHAR, STR_PAD_RIGHT);
@@ -150,53 +163,10 @@ class Util {
 	}
 
 	/**
-	 * Find, sanitise and format users sharing a file
-	 * @note This wraps other methods into a portable bundle
-	 * @param string $path path relative to current users files folder
-	 * @return array
-	 */
-	public function getSharingUsersArray($path) {
-
-		// Make sure that a share key is generated for the owner too
-		list($owner, $ownerPath) = $this->getUidAndFilename($path);
-
-		// always add owner to the list of users with access to the file
-		$userIds = array($owner);
-
-		if (!$this->isFile($ownerPath)) {
-			return array('users' => $userIds, 'public' => false);
-		}
-
-		$ownerPath = substr($ownerPath, strlen('/files'));
-		$ownerPath = $this->stripPartialFileExtension($ownerPath);
-
-		// Find out who, if anyone, is sharing the file
-		$result = \OCP\Share::getUsersSharingFile($ownerPath, $owner);
-		$userIds = \array_merge($userIds, $result['users']);
-		$public = $result['public'] || $result['remote'];
-
-		// check if it is a group mount
-		if (\OCP\App::isEnabled("files_external")) {
-			$mounts = \OC_Mount_Config::getSystemMountPoints();
-			foreach ($mounts as $mount) {
-				if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) {
-					$mountedFor = $this->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']);
-					$userIds = array_merge($userIds, $mountedFor);
-				}
-			}
-		}
-
-		// Remove duplicate UIDs
-		$uniqueUserIds = array_unique($userIds);
-
-		return array('users' => $uniqueUserIds, 'public' => $public);
-	}
-
-	/**
 	 * go recursively through a dir and collect all files and sub files.
 	 *
 	 * @param string $dir relative to the users files folder
-	 * @param strinf $mountPoint
+	 * @param string $mountPoint
 	 * @return array with list of files relative to the users files folder
 	 */
 	public function getAllFiles($dir, $mountPoint = '') {
@@ -210,11 +180,11 @@ class Util {
 			foreach ($content as $c) {
 				// getDirectoryContent() returns the paths relative to the mount points, so we need
 				// to re-construct the complete path
-				$path = ($mountPoint !== '') ? $mountPoint . '/' .  $c['path'] : $c['path'];
+				$path = ($mountPoint !== '') ? $mountPoint . '/' .  $c->getPath() : $c->getPath();
 				if ($c['type'] === 'dir') {
-					$dirList[] = $path;
+					$dirList[] = \OC\Files\Filesystem::normalizePath($path);
 				} else {
-					$result[] = $path;
+					$result[] =  \OC\Files\Filesystem::normalizePath($path);
 				}
 			}
 
@@ -230,7 +200,7 @@ class Util {
 	 * @param string $path
 	 * @return boolean
 	 */
-	protected function isFile($path) {
+	public function isFile($path) {
 		if (substr($path, 0, strlen('/files/')) === '/files/') {
 			return true;
 		}
@@ -256,7 +226,7 @@ class Util {
 	}
 
 	/**
-	 * get the owner and the path for the owner
+	 * get the owner and the path for the file relative to the owners files folder
 	 *
 	 * @param string $path
 	 * @return array
@@ -270,55 +240,15 @@ class Util {
 			$uid = $parts[1];
 		}
 		if (!$this->userManager->userExists($uid)) {
-			throw new \BadMethodCallException('path needs to be relative to the system wide data folder and point to a user specific file');
-		}
-
-		$pathinfo = pathinfo($path);
-		$partfile = false;
-		$parentFolder = false;
-		if (array_key_exists('extension', $pathinfo) && $pathinfo['extension'] === 'part') {
-			// if the real file exists we check this file
-			$filePath = $pathinfo['dirname'] . '/' . $pathinfo['filename'];
-			if ($this->view->file_exists($filePath)) {
-				$pathToCheck = $pathinfo['dirname'] . '/' . $pathinfo['filename'];
-			} else { // otherwise we look for the parent
-				$pathToCheck = $pathinfo['dirname'];
-				$parentFolder = true;
-			}
-			$partfile = true;
-		} else {
-			$pathToCheck = $path;
+			throw new \BadMethodCallException(
+				'path needs to be relative to the system wide data folder and point to a user specific file'
+			);
 		}
 
-		$pathToCheck = substr($pathToCheck, strlen('/' . $uid));
-
-		$this->view->chroot('/' . $uid);
-		$owner = $this->view->getOwner($pathToCheck);
-
-		// Check that UID is valid
-		if (!$this->userManager->userExists($owner)) {
-				throw new \BadMethodCallException('path needs to be relative to the system wide data folder and point to a user specific file');
-		}
-
-		\OC\Files\Filesystem::initMountPoints($owner);
-
-		$info = $this->view->getFileInfo($pathToCheck);
-		$this->view->chroot('/' . $owner);
-		$ownerPath = $this->view->getPath($info->getId());
-		$this->view->chroot('/');
+		$ownerPath = implode('/', array_slice($parts, 2));
 
-		if ($parentFolder) {
-			$ownerPath = $ownerPath . '/'. $pathinfo['filename'];
-		}
-
-		if ($partfile) {
-			$ownerPath = $ownerPath . '.' . $pathinfo['extension'];
-		}
+		return array($uid, \OC\Files\Filesystem::normalizePath($ownerPath));
 
-		return array(
-			$owner,
-			\OC\Files\Filesystem::normalizePath($ownerPath)
-		);
 	}
 
 	/**
@@ -348,7 +278,7 @@ class Util {
 		}
 	}
 
-	protected function getUserWithAccessToMountPoint($users, $groups) {
+	public function getUserWithAccessToMountPoint($users, $groups) {
 		$result = array();
 		if (in_array('all', $users)) {
 			$result = \OCP\User::getUsers();
@@ -398,9 +328,6 @@ class Util {
 				return true;
 			}
 
-			$v1 = $this->userManager->userExists($root[1]);
-			$v2 = in_array($root[2], $this->excludedPaths);
-
 			// detect user specific folders
 			if ($this->userManager->userExists($root[1])
 				&& in_array($root[2], $this->excludedPaths)) {
@@ -411,4 +338,16 @@ class Util {
 		return false;
 	}
 
+	/**
+	 * check if recovery key is enabled for user
+	 *
+	 * @param string $uid
+	 * @return boolean
+	 */
+	public function recoveryEnabled($uid) {
+		$enabled = $this->config->getUserValue($uid, 'encryption', 'recovery_enabled', '0');
+
+		return ($enabled === '1') ? true : false;
+	}
+
 }