4 files changed, 45 insertions, 33 deletions
diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php
index 3c93f759407..aa620785824 100644
--- a/apps/encryption/lib/crypto/encryption.php
+++ b/apps/encryption/lib/crypto/encryption.php
@@ -131,6 +131,8 @@ class Encryption implements IEncryptionModule {
 				$publicKeys[$uid] = $this->keymanager->getPublicKey($uid);
 			}
 
+			$publicKeys = $this->keymanager->addSystemKeys($this->accessList, $publicKeys);
+
 			$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys);
 			$this->keymanager->setAllFileKeys($path, $encryptedKeyfiles);
 		}
@@ -235,7 +237,7 @@ class Encryption implements IEncryptionModule {
 			$publicKeys[$user] = $this->keymanager->getPublicKey($user);
 		}
 
-		$publicKeys = $this->addSystemKeys($accessList, $publicKeys);
+		$publicKeys = $this->keymanager->addSystemKeys($accessList, $publicKeys);
 
 		$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
 
diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php
index 67a32d75908..9aae6fb2d9d 100644
--- a/apps/encryption/lib/keymanager.php
+++ b/apps/encryption/lib/keymanager.php
@@ -27,6 +27,7 @@ use OCA\Encryption\Exceptions\PrivateKeyMissingException;
 use OC\Encryption\Exceptions\PublicKeyMissingException;
 use OCA\Encryption\Crypto\Crypt;
 use OCP\Encryption\Keys\IStorage;
+use OCA\Encryption\Util;
 use OCP\IConfig;
 use OCP\ILogger;
 use OCP\IUserSession;
@@ -84,6 +85,10 @@ class KeyManager {
 	 * @var ILogger
 	 */
 	private $log;
+	/**
+	 * @var Util
+	 */
+	private $util;
 
 	/**
 	 * @param IStorage $keyStorage
@@ -92,6 +97,7 @@ class KeyManager {
 	 * @param IUserSession $userSession
 	 * @param Session $session
 	 * @param ILogger $log
+	 * @param Util $util
 	 */
 	public function __construct(
 		IStorage $keyStorage,
@@ -99,9 +105,11 @@ class KeyManager {
 		IConfig $config,
 		IUserSession $userSession,
 		Session $session,
-		ILogger $log
+		ILogger $log,
+		Util $util
 	) {
 
+		$this->util = $util;
 		$this->session = $session;
 		$this->keyStorage = $keyStorage;
 		$this->crypt = $crypt;
@@ -153,7 +161,7 @@ class KeyManager {
 	 * @return bool
 	 */
 	public function recoveryKeyExists() {
-		return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId)));
+		return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey')));
 	}
 
 	/**
@@ -471,4 +479,25 @@ class KeyManager {
 	public function setSystemPrivateKey($keyId, $key) {
 		return $this->keyStorage->setSystemUserKey($keyId . '.' . $this->privateKeyId, $key);
 	}
+
+	/**
+	 * add system keys such as the public share key and the recovery key
+	 *
+	 * @param array $accessList
+	 * @param array $publicKeys
+	 * @return array
+	 */
+	public function addSystemKeys(array $accessList, array $publicKeys) {
+		if (!empty($accessList['public'])) {
+			$publicKeys[$this->getPublicShareKeyId()] = $this->getPublicShareKey();
+		}
+
+		if ($this->recoveryKeyExists() &&
+			$this->util->isRecoveryEnabledForUser()) {
+
+			$publicKeys[$this->getRecoveryKeyId()] = $this->getRecoveryKey();
+		}
+
+		return $publicKeys;
+	}
 }
diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php
index 701c0934c95..b3da82a3cc5 100644
--- a/apps/encryption/lib/recovery.php
+++ b/apps/encryption/lib/recovery.php
@@ -90,7 +90,7 @@ class Recovery {
 								IStorage $keyStorage,
 								IFile $file,
 								View $view) {
-		$this->user = $user && $user->isLoggedIn() ? $user->getUser() : false;
+		$this->user = ($user && $user->isLoggedIn()) ? $user->getUser() : false;
 		$this->crypt = $crypt;
 		$this->random = $random;
 		$this->keyManager = $keyManager;
@@ -180,7 +180,7 @@ class Recovery {
 				$value);
 
 			if ($value === '1') {
-				$this->addRecoveryKeys('/' . $this->user . '/files/');
+				$this->addRecoveryKeys('/' . $this->user->getUID() . '/files/');
 			} else {
 				$this->removeRecoveryKeys();
 			}
@@ -198,20 +198,22 @@ class Recovery {
 		$dirContent = $this->view->getDirectoryContent($path);
 		foreach ($dirContent as $item) {
 			// get relative path from files_encryption/keyfiles/
-			$filePath = $item['path'];
+			$filePath = $item->getPath();
 			if ($item['type'] === 'dir') {
 				$this->addRecoveryKeys($filePath . '/');
 			} else {
-				$fileKey = $this->keyManager->getFileKey($filePath, $this->user);
+				$fileKey = $this->keyManager->getFileKey($filePath, $this->user->getUID());
 				if (!empty($fileKey)) {
-					$accessList = $this->file->getAccessList($path);
+					$accessList = $this->file->getAccessList($filePath);
 					$publicKeys = array();
 					foreach ($accessList['users'] as $uid) {
-						$publicKeys[$uid] = $this->keymanager->getPublicKey($uid);
+						$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
 					}
 
+					$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys);
+
 					$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
-					$this->keymanager->setAllFileKeys($path, $encryptedKeyfiles);
+					$this->keyManager->setAllFileKeys($filePath, $encryptedKeyfiles);
 				}
 			}
 		}
@@ -221,6 +223,7 @@ class Recovery {
 	 * remove recovery key to all encrypted files
 	 */
 	private function removeRecoveryKeys($path = '/') {
+		return true;
 		$dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path);
 		foreach ($dirContent as $item) {
 			// get relative path from files_encryption/keyfiles
diff --git a/apps/encryption/lib/util.php b/apps/encryption/lib/util.php
index 45891be5dad..6b6b8b6b38c 100644
--- a/apps/encryption/lib/util.php
+++ b/apps/encryption/lib/util.php
@@ -23,16 +23,13 @@
 namespace OCA\Encryption;
 
 
-use OC\Files\Filesystem;
 use OC\Files\View;
 use OCA\Encryption\Crypto\Crypt;
-use OCP\App;
 use OCP\IConfig;
 use OCP\ILogger;
 use OCP\IUser;
 use OCP\IUserSession;
 use OCP\PreConditionNotMetException;
-use OCP\Share;
 
 class Util {
 	/**
@@ -44,10 +41,6 @@ class Util {
 	 */
 	private $crypt;
 	/**
-	 * @var KeyManager
-	 */
-	private $keyManager;
-	/**
 	 * @var ILogger
 	 */
 	private $logger;
@@ -65,21 +58,18 @@ class Util {
 	 *
 	 * @param View $files
 	 * @param Crypt $crypt
-	 * @param KeyManager $keyManager
 	 * @param ILogger $logger
 	 * @param IUserSession $userSession
 	 * @param IConfig $config
 	 */
 	public function __construct(View $files,
 								Crypt $crypt,
-								KeyManager $keyManager,
 								ILogger $logger,
 								IUserSession $userSession,
 								IConfig $config
 	) {
 		$this->files = $files;
 		$this->crypt = $crypt;
-		$this->keyManager = $keyManager;
 		$this->logger = $logger;
 		$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false;
 		$this->config = $config;
@@ -88,7 +78,7 @@ class Util {
 	/**
 	 * @return bool
 	 */
-	public function recoveryEnabledForUser() {
+	public function isRecoveryEnabledForUser() {
 		$recoveryMode = $this->config->getUserValue($this->user->getUID(),
 			'encryption',
 			'recoveryEnabled',
@@ -116,18 +106,6 @@ class Util {
 	}
 
 	/**
-	 * @param $recoveryPassword
-	 */
-	public function recoverUsersFiles($recoveryPassword) {
-		$encryptedKey = $this->keyManager->getSystemPrivateKey();
-
-		$privateKey = $this->crypt->decryptPrivateKey($encryptedKey,
-			$recoveryPassword);
-
-		$this->recoverAllFiles('/', $privateKey);
-	}
-
-	/**
 	 * @param string $uid
 	 * @return bool
 	 */