make sure, .tar.gz is built on travis

# Conflicts:
#	main/commons-test/pom.xml
#	main/commons/pom.xml
#	main/filesystem-api/pom.xml
#	main/filesystem-crypto-integration-tests/pom.xml
#	main/filesystem-crypto/pom.xml
#	main/filesystem-inmemory/pom.xml
#	main/filesystem-invariants-tests/pom.xml
#	main/filesystem-nameshortening/pom.xml
#	main/filesystem-nio/pom.xml
#	main/filesystem-stats/pom.xml
#	main/frontend-api/pom.xml
#	main/frontend-webdav/pom.xml
#	main/pom.xml
#	main/uber-jar/pom.xml
#	main/ui/pom.xml

.travis.yml

@@ -1,4 +1,55 @@
+sudo: required
+
+dist: trusty
+
 language: java
+
 jdk:
-  - oraclejdk8
-script: mvn -fmain/pom.xml clean package
+- oraclejdk8
+
+env:
+  global:
+    - secure: "Lgj042RD0X3rB8VZVZLWP1GetLhjd3PqI5JbJMlzgHJpDI6RkFIBLN9SWAGmkLPCehIp2zA5tu9+UVy0NNMxm9xz6SyjMCaxS28/fnYEXaNmwwDSF6O6gLUbdxyzoYIFPYOPmFxpzhebqnNIsxaM29oZpgRgUGqosCczQxiB+Ng=" #coveralls
+    - secure: "IfYURwZaDWuBDvyn47n0k1Zod/IQw1FF+CS5nnV08Q+NfC3vGGJMwV8m59XnbfwnWGxwvCaAbk4qP6s6+ijgZNKkvgfFMo3rfTok5zt43bIqgaFOANYV+OC/1c59gYD6ZUxhW5iNgMgU3qdsRtJuwSmfkVv/jKyLGfAbS4kN8BA=" #coverity
+
+before_install: "curl -L --cookie 'oraclelicense=accept-securebackup-cookie;' http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip -o /tmp/policy.zip && sudo unzip -j -o /tmp/policy.zip *.jar -d `jdk_switcher home oraclejdk8`/jre/lib/security && rm /tmp/policy.zip"
+
+script: mvn -fmain/pom.xml clean test
+
+after_success: mvn -fmain/pom.xml clean test jacoco:report coveralls:report
+
+notifications:
+  webhooks:
+    urls:
+    - https://webhooks.gitter.im/e/7d429ab35361726e26f2
+    on_success: change
+    on_failure: always
+    on_start: false
+  slack:
+    rooms:
+      secure: "lngJ/HEAFBbD5AdiO9avMqptKpZHdmEwOzS9FabZjkdFh7yAYueTk5RniPUvShjsKtThYm7cJ8AtDMDwc07NvPrzbMBRtUJGwuDT+7c7YFALGFJ1NYi+emkC9x1oafvmPgEYSE+tMKzNcwrHi3ytGgKdIotsKwaF35QNXYA9aMs="
+    on_success: change
+    on_failure: always
+
+before_deploy: mvn -fmain/pom.xml -Prelease clean package -DskipTests
+
+addons:
+  coverity_scan:
+    project:
+      name: "cryptomator/cryptomator"
+    notification_email: sebastian.stenzel@cryptomator.org
+    build_command: "mvn -fmain/pom.xml clean test -DskipTests"
+    branch_pattern: coverity_scan
+
+deploy:
+  provider: releases
+  prerelease: false
+  api_key:
+    secure: "ZjE1j93v3qbPIe2YbmhS319aCbMdLQw0HuymmluTurxXsZtn9D4t2+eTr99vBVxGRuB5lzzGezPR5zjk5W7iHF7xhwrawXrFzr2rPJWzWFt0aM+Ry2njU1ROTGGXGTbv4anWeBlgMxLEInTAy/9ytOGNJlec83yc0THpOY2wxnk="
+  file:
+    - "main/uber-jar/target/Cryptomator-$TRAVIS_TAG.jar"
+    - "main/ant-kit/target/cryptomator_$TRAVIS_TAG.tar.gz"
+  skip_cleanup: true
+  on:
+    repo: cryptomator/cryptomator
+    tags: true

CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at support@cryptomator.org. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

CONTRIBUTING.md

@@ -0,0 +1,33 @@
+# Contributing to Cryptomator
+
+## Did you find a bug?
+
+- Ensure you're running the latest version of Cryptomator.
+- Ensure the bug is related to the desktop version of Cryptomator. Bugs concerning the Cryptomator iOS app can be reported on the [Cryptomator for iOS issues list](https://github.com/cryptomator/cryptomator-ios/issues).
+- Ensure the bug was not [already reported](https://github.com/cryptomator/cryptomator/issues). You can also check out our [FAQ](https://cryptomator.org/faq/) and our [Wiki](https://github.com/cryptomator/cryptomator/wiki).
+- If you're unable to find an open issue addressing the problem, [submit a new one](https://github.com/cryptomator/cryptomator/issues/new).
+
+## Do you have questions?
+
+- Ask questions by [submitting a new issue](https://github.com/cryptomator/cryptomator/issues/new).
+- [Contact us](https://cryptomator.org/contact/) directly by writing an email. Wir sprechen auch Deutsch!
+- Have a chat with us on [Gitter](https://gitter.im/cryptomator/cryptomator).
+
+## Did you write a patch that fixes a bug?
+
+- Open a new pull request with the patch.
+- Ensure the PR description clearly describes the problem and solution. Include the relevant issue number if applicable.
+
+## Do you intend to add a new feature or change an existing one?
+
+- Suggest your change by [submitting a new issue](https://github.com/cryptomator/cryptomator/issues/new) and start writing code.
+
+## Code of Conduct
+
+Help us keep Cryptomator open and inclusive. Please read and follow our [Code of Conduct](https://github.com/cryptomator/cryptomator/blob/master/CODE_OF_CONDUCT.md).
+
+## Above all, thank you for your contributions
+
+Thank you for taking the time to contribute to the project! :+1:
+
+Cryptomator Team

ISSUE_TEMPLATE.md

@@ -0,0 +1,19 @@
+### Basic Info
+
+- I'm running Cryptomator on: [Windows, OS X, and/or Debian (or other Linux Distribution), don't forget the version]
+- I'm using Cryptomator in version: [you can check the version in the settings of Cryptomator]
+
+### Description
+
+[description of the bug, question or feature - what did you do? what problem occurred? etc.]
+
+### Log File (optional)
+
+```
+[insert relevant parts of the log file here if applicable,
+don't forget to redact sensitive information
+
+on Windows: %appdata%/Cryptomator/cryptomator.log
+on OS X: ~/Library/Logs/Cryptomator/cryptomator.log
+on Debian: ~/.Cryptomator/cryptomator.log]
+```

LICENSE

@@ -1,20 +0,0 @@
-The MIT License (MIT)
-
-Copyright (c) 2014 Sebastian Stenzel
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of
-this software and associated documentation files (the "Software"), to deal in
-the Software without restriction, including without limitation the rights to
-use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
-the Software, and to permit persons to whom the Software is furnished to do so,
-subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
-FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
-COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

LICENSES/Apache-2.0-License.txt

@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

LICENSES/BSD-License.txt

@@ -0,0 +1,27 @@
+Copyright (c) [year], [fullname]
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+* Neither the name of [project] nor the names of its
+  contributors may be used to endorse or promote products derived from
+  this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

LICENSES/BSD-Simplified-License.txt

@@ -0,0 +1,23 @@
+Copyright (c) [year], [fullname]
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

LICENSES/MIT-X-Consortium-License.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) <year> <copyright holders>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

NOTICE.md

@@ -0,0 +1,115 @@
+# CRYPTOMATOR
+Copyright (c) 2014, Sebastian Stenzel
+
+Cryptomator is licensed under the MIT license. The details can be found in the accompanying license file.
+
+## Third party softwares
+Cryptomator uses third party libraries and fonts that may be licensed under different licenses.
+
+### AquaFX
+The ProgressIndicator in ui/src/main/resource/css/mac_theme.css contains code from the AquaFX project.
+
+Copyright 2013 Claudine Zillmann (http://aquafx-project.com/)
+
+Licensed under the accompanying BSD license file.
+
+### Apache Commons Collections
+Copyright 2001-2013 The Apache Software Foundation
+
+This product includes software developed at The Apache Software Foundation (http://www.apache.org/).
+
+### Apache Commons Codec
+Copyright 2002-2013 The Apache Software Foundation
+
+This product includes software developed at The Apache Software Foundation (http://www.apache.org/).
+
+src/test/org/apache/commons/codec/language/DoubleMetaphoneTest.java contains test data
+from http://aspell.net/test/orig/batch0.tab. Copyright (C) 2002 Kevin Atkinson (kevina@gnu.org)
+
+### Apache Commons IO
+Copyright 2002-2012 The Apache Software Foundation
+
+This product includes software developed by The Apache Software Foundation (http://www.apache.org/).
+
+### Apache Commons Lang
+Copyright 2001-2011 The Apache Software Foundation
+
+This product includes software developed by The Apache Software Foundation (http://www.apache.org/).
+
+This product includes software from the Spring Framework,
+under the Apache License 2.0 (see: StringUtils.containsWhitespace())
+
+### ControlsFX
+Copyright (c) 2013, ControlsFX
+
+Licensed under the accompanying BSD license file.
+
+### Dagger 2
+Copyright 2014 Google, Inc.
+Copyright 2012 Square, Inc.
+
+Licensed under the Apache License, Version 2.0
+
+### EasyBind
+Copyright (c) 2014, TomasMikula
+
+Licensed under the accompanying BSD simplified license.
+
+### Apache Jakarta HttpClient
+Copyright 1999-2007 The Apache Software Foundation
+
+This product includes software developed by The Apache Software Foundation (http://www.apache.org/).
+
+### Apache Log4j
+Copyright 1999-2012 Apache Software Foundation
+
+This product includes software developed at The Apache Software Foundation (http://www.apache.org/).
+
+ResolverUtil.java Copyright 2005-2006 Tim Fennell
+
+### Ionicons
+Copyright (c) 2016 Drifty (http://drifty.com/)
+
+ionicons.ttf Licensed under the accompanying MIT license
+
+### Jackrabbit WebDAV Library
+Copyright 2004-2014 The Apache Software Foundation
+
+This product includes software developed at The Apache Software Foundation (http://www.apache.org/).
+
+Based on source code originally developed by Day Software (http://www.day.com/).
+
+### Jackson
+Jackson is a high-performance, Free/Open Source JSON processing library.
+It was originally written by Tatu Saloranta (tatu.saloranta@iki.fi), and has
+been in development since 2007.
+It is currently developed by a community of developers, as well as supported
+commercially by FasterXML.com.
+
+**Licensing:** Jackson core and extension components may licensed under different licenses.
+To find the details that apply to this artifact see the accompanying Apache 2.0 license file.
+For more information, including possible other licensing options, contact
+FasterXML.com (http://fasterxml.com).
+
+**Credits:** A list of contributors may be found from CREDITS file, which is included
+in some artifacts (usually source distributions); but is always available
+from the source code management (SCM) system project uses.
+
+### Jetty
+Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
+
+All rights reserved. This program and the accompanying materials
+are made available under the terms of the Eclipse Public License v1.0
+and Apache License v2.0 which accompanies this distribution.
+
+The UnixCrypt.java code implements the one way cryptography used by
+Unix systems for simple password protection.  Copyright 1996 Aki Yoshida,
+modified April 2001  by Iris Van den Broeke, Daniel Deville.
+Permission to use, copy, modify and distribute UnixCrypt
+for non-commercial or commercial purposes and without fee is
+granted provided that the copyright notice appears in all copies.
+
+### JUnit
+Copyright (c) 2000-2006, www.hamcrest.org
+
+Licensed under the accompanying BSD license file.

README.md

@@ -1,52 +1,66 @@
-Cryptomator
-====================
+![cryptomator](cryptomator.png)
 
-Multiplatform transparent client-side encryption of your files in the cloud. You need Java 8 in order to run the application. Get the runtime environment here: http://www.oracle.com/technetwork/java/javase/downloads/index.html
+[![Build Status](https://travis-ci.org/cryptomator/cryptomator.svg?branch=master)](https://travis-ci.org/cryptomator/cryptomator)
+[![Coverity Scan Build Status](https://scan.coverity.com/projects/cryptomator-cryptomator/badge.svg?flat=1)](https://scan.coverity.com/projects/cryptomator-cryptomator)
+[![Coverage Status](https://coveralls.io/repos/github/cryptomator/cryptomator/badge.svg?branch=master)](https://coveralls.io/github/cryptomator/cryptomator?branch=master)
+[![Join the chat at https://gitter.im/cryptomator/cryptomator](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/cryptomator/cryptomator?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+[![Twitter](https://img.shields.io/badge/twitter-@Cryptomator-blue.svg?style=flat)](http://twitter.com/Cryptomator)
 
-If you run OS X and want to take a look at the current alpha version, go ahead and [download Cryptomator.dmg](https://github.com/totalvoidness/cryptomator/releases/download/v0.1.0/Cryptomator.dmg).
+Multi-platform transparent client-side encryption of your files in the cloud.
+
+Download native binaries of Cryptomator on [cryptomator.org](https://cryptomator.org/) or clone and build Cryptomator using Maven (instructions below).
 
 ## Features
-- Totally transparent: Just work on the encrypted volume, as if it was an USB drive
-- Works with Dropbox, OneDrive (Skydrive), Google Drive and any other cloud storage, that syncs with a local directory
-- In fact it works with any directory. You can use it to encrypt as many folders as you like
-- AES encryption with up to 256 bit key length
-- Client-side. No accounts, no data shared with any online service
-- Filenames get encrypted too
-- No need to provide credentials for any 3rd party service
-- Open Source means: No backdoors. Control is better than trust
-- Use as many encrypted folders in your dropbox as you want. Each having individual passwords
 
-## Security
-- Default key length is 256 bit (falls back to 128 bit, if JCE isn't installed)
-- PBKDF2 key generation
-- 4096 bit internal masterkey
+- Works with Dropbox, Google Drive, OneDrive, and any other cloud storage service that synchronizes with a local directory
+- Open Source means: No backdoors, control is better than trust
+- Client-side: No accounts, no data shared with any online service
+- Totally transparent: Just work on the virtual drive as if it were a USB flash drive
+- AES encryption with 256-bit key length
+- Filenames get encrypted, too
+- Use as many vaults in your Dropbox as you want, each having individual passwords
+
+### Privacy
+
+- 256-bit keys (unlimited strength policy bundled with native binaries)
+- Scrypt key derivation
 - Cryptographically secure random numbers for salts, IVs and the masterkey of course
-- Sensitive data is swiped from the heap asap
-- Lightweight: Complexity kills security
+- Sensitive data is wiped from the heap asap
+- Lightweight: [Complexity kills security](https://www.schneier.com/essays/archives/1999/11/a_plea_for_simplicit.html)
 
-## Consistency
-- I/O operations are transactional and atomic, if the file systems supports it
-- ~~Metadata is stored per-folder, so it's not a SPOF~~
-- *NEW:* No Metadata at all. Encrypted files can be decrypted even on completely shuffled file systems (if their contents are undamaged).
+### Consistency
 
-## Dependencies
-- Java 8 (for UI only - runs headless on Java 7)
-- Maven
-- Awesome 3rd party open source libraries (Apache Commons, Apache Jackrabbit, Jetty, Jackson, ...)
+- HMAC over file contents to recognize changed ciphertext before decryption
+- I/O operations are transactional and atomic, if the filesystems support it
+- Each file contains all information needed for decryption (except for the key of course), no common metadata means no [SPOF](http://en.wikipedia.org/wiki/Single_point_of_failure)
 
-## TODO
+### Security Architecture
 
-### Core
-- Support for HTTP range requests
+For more information on the security details visit [cryptomator.org](https://cryptomator.org/architecture/).
 
-### UI
-- Automount of WebDAV volumes for Win/Tux
-- Drive icons in WebDAV volumes
-- Change password functionality
-- Better explanations on UI
+## Building
+
+### Dependencies
+
+* Java 8 + JCE unlimited strength policy files (needed for 256-bit keys)
+* Maven 3
+* Optional: OS-dependent build tools for native packaging (see [Windows](https://github.com/cryptomator/cryptomator-win), [OS X](https://github.com/cryptomator/cryptomator-osx), [Debian](https://github.com/cryptomator/cryptomator-deb))
+
+### Run Maven
+
+```
+cd main
+mvn clean install
+```
+
+## Contributing to Cryptomator
+
+Please read our [contribution guide](https://github.com/cryptomator/cryptomator/blob/master/CONTRIBUTING.md), if you would like to report a bug, ask a question or help us with coding.
+
+## Code of Conduct
+
+Help us keep Cryptomator open and inclusive. Please read and follow our [Code of Conduct](https://github.com/cryptomator/cryptomator/blob/master/CODE_OF_CONDUCT.md).
 
 ## License
 
-Distributed under the MIT license. See the LICENSE file for more info.
-
-[![Build Status](https://travis-ci.org/totalvoidness/cryptomator.svg?branch=master)](https://travis-ci.org/totalvoidness/cryptomator)
+Distributed under the MIT X Consortium license. See the `LICENSES/MIT-X-Consortium-License.txt` file for more info.

main/ant-kit/assembly.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.3 http://maven.apache.org/xsd/assembly-1.1.3.xsd">
+	<formats>
+		<format>tar.gz</format>
+	</formats>
+	<includeBaseDirectory>true</includeBaseDirectory>
+	<baseDirectory>cryptomator_${project.version}</baseDirectory>
+	<fileSets>
+		<fileSet>
+			<directory>target/libs</directory>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/bundlefiles</directory>
+			<outputDirectory>bundlefiles</outputDirectory>
+		</fileSet>
+	</fileSets>
+	<files>
+		<file>
+			<source>target/build.xml</source>
+			<filtered>false</filtered>
+		</file>
+	</files>
+</assembly>

main/ant-kit/pom.xml

@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Copyright (c) 2016 Sebastian Stenzel
+  This file is licensed under the terms of the MIT license.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.cryptomator</groupId>
+		<artifactId>main</artifactId>
+		<version>1.0.3b</version>
+	</parent>
+	<artifactId>ant-kit</artifactId>
+	<packaging>pom</packaging>
+	<name>Cryptomator Ant Build Kit</name>
+	<description>Builds a package that can be built with Ant locally</description>
+
+	<dependencies>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>ui</artifactId>
+		</dependency>
+	</dependencies>
+
+	<build>
+		<defaultGoal>clean assembly:assembly</defaultGoal>
+		
+		<plugins>
+			<!-- copy libraries to target/libs/: -->
+			<plugin>
+				<artifactId>maven-dependency-plugin</artifactId>
+				<executions>
+					<execution>
+						<id>copy-libs</id>
+						<phase>prepare-package</phase>
+						<goals>
+							<goal>copy-dependencies</goal>
+						</goals>
+						<configuration>
+							<outputDirectory>${project.build.directory}/libs</outputDirectory>
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
+
+			<!-- copy resources to target/: -->
+			<plugin>
+				<artifactId>maven-resources-plugin</artifactId>
+				<version>2.7</version>
+				<executions>
+					<execution>
+						<id>copy-resources</id>
+						<phase>prepare-package</phase>
+						<goals>
+							<goal>copy-resources</goal>
+						</goals>
+						<configuration>
+							<outputDirectory>${project.build.directory}</outputDirectory>
+							<escapeString>\</escapeString>
+							<encoding>UTF-8</encoding>
+							<resources>
+								<resource>
+									<directory>src/main/resources</directory>
+									<filtering>true</filtering>
+								</resource>
+							</resources>
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
+
+			<!-- create cryptomator_1.2.3-4.tar.gz: -->
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-assembly-plugin</artifactId>
+				<executions>
+					<execution>
+						<id>make-assembly</id>
+						<phase>package</phase>
+						<goals>
+							<goal>single</goal>
+						</goals>
+					</execution>
+				</executions>
+				<configuration>
+					<descriptor>assembly.xml</descriptor>
+					<finalName>cryptomator_${project.version}</finalName>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+</project>

main/ant-kit/src/main/resources/build.xml

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project name="Cryptomator" default="create-jar" basedir="." xmlns:fx="javafx:com.sun.javafx.tools.ant">
+	<taskdef uri="javafx:com.sun.javafx.tools.ant" resource="com/sun/javafx/tools/ant/antlib.xml" classpath="\${java.class.path}:\${java.home}/../lib/ant-javafx.jar" />
+	
+	<!-- Define application to build -->
+	<fx:application id="Cryptomator" name="Cryptomator" version="${project.version}" mainClass="org.cryptomator.ui.Cryptomator" />
+	
+	<!-- Create main application jar -->
+	<target name="create-jar">
+		<fx:jar destfile="antbuild/Cryptomator-${project.version}.jar">
+			<fx:application refid="Cryptomator" />
+			<fx:fileset dir="libs" includes="ui-${project.version}.jar" />
+			<fx:resources>
+				<fx:fileset dir="libs" type="jar" includes="*.jar" excludes="ui-${project.version}.jar" />
+			</fx:resources>
+			<fx:manifest>
+				<fx:attribute name="Implementation-Vendor" value="cryptomator.org" />
+				<fx:attribute name="Implementation-Title" value="Cryptomator"/>
+				<fx:attribute name="Implementation-Version" value="${project.version}" />
+			</fx:manifest>
+		</fx:jar>
+	</target>
+	
+	<!-- Create native package -->
+	<target name="create-linux-image-with-jvm" depends="create-jar">
+		<fx:deploy nativeBundles="image" outdir="antbuild" outfile="Cryptomator-${project.version}" verbose="true">
+			<fx:application refid="Cryptomator" />
+			<fx:platform j2se="8.0">
+				<fx:property name="cryptomator.logPath" value="~/.Cryptomator/cryptomator.log" />
+				<fx:jvmarg value="-Xmx512m"/>
+			</fx:platform>
+			<fx:resources>
+				<fx:fileset dir="antbuild" type="jar" includes="Cryptomator-${project.version}.jar" />
+				<fx:fileset dir="libs" type="jar" includes="*.jar" excludes="ui-${project.version}.jar"/>
+			</fx:resources>
+		</fx:deploy>
+	</target>
+	
+</project>

main/commons-test/pom.xml

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Copyright (c) 2015 Markus Kreusch
+  This file is licensed under the terms of the MIT license.
+  See the LICENSE.txt file for more info.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.cryptomator</groupId>
+		<artifactId>main</artifactId>
+		<version>1.0.3b</version>
+	</parent>
+	<artifactId>commons-test</artifactId>
+	<name>Cryptomator common test dependencies</name>
+	<description>Shared utilities for tests</description>
+
+	<dependencies>
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>de.bechte.junit</groupId>
+			<artifactId>junit-hierarchicalcontextrunner</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.hamcrest</groupId>
+			<artifactId>hamcrest-all</artifactId>
+		</dependency>
+		
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>commons</artifactId>
+		</dependency>
+	</dependencies>
+
+</project>

main/commons-test/src/main/java/org/cryptomator/common/test/TempFilesRemovedOnShutdown.java

@@ -0,0 +1,73 @@
+package org.cryptomator.common.test;
+
+import static java.nio.file.Files.walkFileTree;
+import static java.util.Collections.synchronizedSet;
+
+import java.io.IOException;
+import java.nio.file.FileVisitResult;
+import java.nio.file.FileVisitor;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.attribute.BasicFileAttributes;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TempFilesRemovedOnShutdown {
+
+	private static final Logger LOG = LoggerFactory.getLogger(TempFilesRemovedOnShutdown.class);
+
+	private static final Set<Path> PATHS_TO_REMOVE_ON_SHUTDOWN = synchronizedSet(new HashSet<>());
+	private static final Thread ON_SHUTDOWN_DELETER = new Thread(TempFilesRemovedOnShutdown::removeAll);
+
+	static {
+		Runtime.getRuntime().addShutdownHook(ON_SHUTDOWN_DELETER);
+	}
+
+	public static Path createTempDirectory(String prefix) throws IOException {
+		Path path = Files.createTempDirectory(prefix);
+		PATHS_TO_REMOVE_ON_SHUTDOWN.add(path);
+		return path;
+	}
+
+	private static void removeAll() {
+		PATHS_TO_REMOVE_ON_SHUTDOWN.forEach(TempFilesRemovedOnShutdown::remove);
+	}
+
+	private static void remove(Path path) {
+		try {
+			tryRemove(path);
+		} catch (Throwable e) {
+			LOG.debug("Failed to remove " + path, e);
+		}
+	}
+
+	private static void tryRemove(Path path) throws IOException {
+		walkFileTree(path, new FileVisitor<Path>() {
+			@Override
+			public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException {
+				return FileVisitResult.CONTINUE;
+			}
+
+			@Override
+			public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
+				Files.delete(file);
+				return FileVisitResult.CONTINUE;
+			}
+
+			@Override
+			public FileVisitResult visitFileFailed(Path file, IOException exc) throws IOException {
+				return FileVisitResult.CONTINUE;
+			}
+
+			@Override
+			public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException {
+				Files.delete(dir);
+				return FileVisitResult.CONTINUE;
+			}
+		});
+	}
+
+}

main/commons-test/src/main/java/org/cryptomator/common/test/matcher/ContainsMatcher.java

@@ -0,0 +1,27 @@
+package org.cryptomator.common.test.matcher;
+
+import org.hamcrest.Matcher;
+import org.hamcrest.Matchers;
+
+/**
+ * Wraps hamcrest contains and containsInAnyOrder matcher factory methods to
+ * avoid problems due to incorrect / inconsistent handling of generics by
+ * several java compilers.
+ * 
+ * @author Markus Kreusch
+ */
+public class ContainsMatcher {
+
+	@SuppressWarnings({ "unchecked" })
+	@SafeVarargs
+	public static <T> Matcher<Iterable<? super T>> containsInAnyOrder(Matcher<? extends T>... matchers) {
+		return Matchers.containsInAnyOrder((Matcher[]) matchers);
+	}
+
+	@SuppressWarnings({ "unchecked" })
+	@SafeVarargs
+	public static <T> Matcher<Iterable<? super T>> contains(Matcher<? extends T>... matchers) {
+		return Matchers.contains((Matcher[]) matchers);
+	}
+
+}

main/commons-test/src/main/java/org/cryptomator/common/test/matcher/ExceptionMatcher.java

@@ -0,0 +1,48 @@
+package org.cryptomator.common.test.matcher;
+
+import java.util.Optional;
+
+import org.hamcrest.Description;
+import org.hamcrest.Matcher;
+import org.hamcrest.TypeSafeDiagnosingMatcher;
+
+public class ExceptionMatcher<T extends Throwable> extends TypeSafeDiagnosingMatcher<T> {
+
+	public static <T extends Throwable> ExceptionMatcher<T> ofType(Class<T> exceptionType) {
+		return new ExceptionMatcher<>(exceptionType);
+	}
+
+	private final Class<T> exceptionType;
+	private final Optional<Matcher<T>> subMatcher;
+
+	private ExceptionMatcher(Class<T> exceptionType) {
+		super(exceptionType);
+		this.exceptionType = exceptionType;
+		this.subMatcher = Optional.empty();
+	}
+
+	private ExceptionMatcher(Class<T> exceptionType, Matcher<T> subMatcher) {
+		super(exceptionType);
+		this.exceptionType = exceptionType;
+		this.subMatcher = Optional.of(subMatcher);
+	}
+
+	@Override
+	public void describeTo(Description description) {
+		subMatcher.ifPresent(description::appendDescriptionOf);
+	}
+
+	@Override
+	protected boolean matchesSafely(T item, Description mismatchDescription) {
+		if (subMatcher.map(matcher -> !matcher.matches(item)).orElse(false)) {
+			subMatcher.get().describeMismatch(item, mismatchDescription);
+			return false;
+		}
+		return true;
+	}
+
+	public Matcher<T> withCauseThat(Matcher<? super Throwable> matcher) {
+		return new ExceptionMatcher<T>(exceptionType, new PropertyMatcher<>(exceptionType, Throwable::getCause, "cause", matcher));
+	}
+
+}

main/commons-test/src/main/java/org/cryptomator/common/test/matcher/OptionalMatcher.java

@@ -0,0 +1,61 @@
+package org.cryptomator.common.test.matcher;
+
+import java.util.Optional;
+
+import org.hamcrest.Description;
+import org.hamcrest.Matcher;
+import org.hamcrest.TypeSafeDiagnosingMatcher;
+
+public class OptionalMatcher {
+
+	public static <T> Matcher<Optional<T>> presentOptionalWithValueThat(Matcher<? super T> valueMatcher) {
+		return new TypeSafeDiagnosingMatcher<Optional<T>>(Optional.class) {
+			@Override
+			public void describeTo(Description description) {
+				description //
+						.appendText("a present Optional with a value that ") //
+						.appendDescriptionOf(valueMatcher);
+			}
+
+			@Override
+			protected boolean matchesSafely(Optional<T> item, Description mismatchDescription) {
+				if (item.isPresent()) {
+					if (valueMatcher.matches(item.get())) {
+						return true;
+					} else {
+						mismatchDescription.appendText("a present Optional with value that ");
+						valueMatcher.describeMismatch(item, mismatchDescription);
+						return false;
+					}
+				} else {
+					mismatchDescription.appendText("an empty Optional");
+					return false;
+				}
+
+			}
+
+		};
+	}
+
+	public static <T> Matcher<Optional<T>> emptyOptional() {
+		return new TypeSafeDiagnosingMatcher<Optional<T>>(Optional.class) {
+			@Override
+			public void describeTo(Description description) {
+				description.appendText("an empty Optional");
+			}
+
+			@Override
+			protected boolean matchesSafely(Optional<T> item, Description mismatchDescription) {
+				if (item.isPresent()) {
+					mismatchDescription.appendText("a present Optional of ").appendValue(item.get());
+					return false;
+				} else {
+					return true;
+				}
+
+			}
+
+		};
+	}
+
+}

main/commons-test/src/main/java/org/cryptomator/common/test/matcher/PropertyMatcher.java

@@ -0,0 +1,55 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Markus Kreusch
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ ******************************************************************************/
+package org.cryptomator.common.test.matcher;
+
+import java.util.function.Function;
+
+import org.hamcrest.Description;
+import org.hamcrest.Matcher;
+import org.hamcrest.TypeSafeDiagnosingMatcher;
+
+public class PropertyMatcher<T, P> extends TypeSafeDiagnosingMatcher<T> {
+
+	private final Class<T> expectedType;
+	private final Function<? super T, P> getter;
+	private final String name;
+	private final Matcher<? super P> subMatcher;
+
+	public PropertyMatcher(Class<T> type, Function<? super T, P> getter, String name, Matcher<? super P> subMatcher) {
+		super(type);
+		this.expectedType = type;
+		this.getter = getter;
+		this.name = name;
+		this.subMatcher = subMatcher;
+	}
+
+	@Override
+	public void describeTo(Description description) {
+		description.appendText("a ") //
+				.appendText(expectedType.getSimpleName()) //
+				.appendText(" with a ") //
+				.appendText(name) //
+				.appendText(" that ") //
+				.appendDescriptionOf(subMatcher);
+	}
+
+	@Override
+	protected boolean matchesSafely(T item, Description mismatchDescription) {
+		P propertyValue = getter.apply(item);
+		if (subMatcher.matches(propertyValue)) {
+			return true;
+		} else {
+			mismatchDescription.appendText("a ") //
+					.appendText(expectedType.getSimpleName()) //
+					.appendText(" with a ") //
+					.appendText(name) //
+					.appendText(" that ");
+			subMatcher.describeMismatch(propertyValue, mismatchDescription);
+			return false;
+		}
+	}
+
+}

main/commons-test/src/main/java/org/cryptomator/common/test/mockito/Answers.java

@@ -0,0 +1,61 @@
+package org.cryptomator.common.test.mockito;
+
+import static java.util.Arrays.asList;
+
+import java.util.function.Consumer;
+
+import org.mockito.invocation.InvocationOnMock;
+import org.mockito.stubbing.Answer;
+
+public class Answers {
+
+	public static <T> Answer<T> collectParameters(Answer<T> answer, Consumer<?>... parameterConsumers) {
+		return new Answer<T>() {
+			@SuppressWarnings({"rawtypes", "unchecked"})
+			@Override
+			public T answer(InvocationOnMock invocation) throws Throwable {
+				for (int i = 0; i < invocation.getArguments().length; i++) {
+					if (parameterConsumers.length > i) {
+						((Consumer) parameterConsumers[i]).accept(invocation.getArguments()[i]);
+					}
+				}
+				return answer.answer(invocation);
+			}
+		};
+
+	}
+
+	@SafeVarargs
+	public static <T> Answer<T> consecutiveAnswers(Answer<T>... answers) {
+		if (answers == null || answers.length == 0) {
+			throw new IllegalArgumentException("Required at least one answer");
+		}
+		if (asList(answers).contains(null)) {
+			throw new IllegalArgumentException("No answers must be null");
+		}
+		return new Answer<T>() {
+			private int nextIndex = 0;
+
+			@Override
+			public T answer(InvocationOnMock invocation) throws Throwable {
+				try {
+					return answers[nextIndex].answer(invocation);
+				} finally {
+					nextIndex = (nextIndex + 1) % answers.length;
+				}
+			}
+
+		};
+	}
+
+	public static <T> Answer<T> value(T value) {
+		return new Answer<T>() {
+			@Override
+			public T answer(InvocationOnMock invocation) throws Throwable {
+				return value;
+			}
+
+		};
+	}
+
+}

main/commons/pom.xml

@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Copyright (c) 2015 Markus Kreusch
+  This file is licensed under the terms of the MIT license.
+  See the LICENSE.txt file for more info.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.cryptomator</groupId>
+		<artifactId>main</artifactId>
+		<version>1.0.3b</version>
+	</parent>
+	<artifactId>commons</artifactId>
+	<name>Cryptomator common</name>
+	<description>Shared utilities</description>
+
+	<dependencies>
+		<dependency>
+			<groupId>com.google.guava</groupId>
+			<artifactId>guava</artifactId>
+		</dependency>
+	
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>de.bechte.junit</groupId>
+			<artifactId>junit-hierarchicalcontextrunner</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.hamcrest</groupId>
+			<artifactId>hamcrest-all</artifactId>
+			<scope>test</scope>
+		</dependency>
+	</dependencies>
+</project>

main/commons/src/main/java/org/cryptomator/common/CachingSupplier.java

@@ -0,0 +1,26 @@
+package org.cryptomator.common;
+
+import java.util.function.Supplier;
+
+public class CachingSupplier<T> implements Supplier<T> {
+
+	public static <T> Supplier<T> from(Supplier<T> delegate) {
+		return new CachingSupplier<>(delegate);
+	}
+
+	private Supplier<T> delegate;
+
+	private CachingSupplier(Supplier<T> delegate) {
+		this.delegate = () -> {
+			T result = delegate.get();
+			CachingSupplier.this.delegate = () -> result;
+			return result;
+		};
+	}
+
+	@Override
+	public T get() {
+		return delegate.get();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/ConsumerThrowingException.java

@@ -0,0 +1,8 @@
+package org.cryptomator.common;
+
+@FunctionalInterface
+public interface ConsumerThrowingException<T, E extends Exception> {
+
+	void accept(T t) throws E;
+
+}

main/commons/src/main/java/org/cryptomator/common/Holder.java

@@ -0,0 +1,34 @@
+package org.cryptomator.common;
+
+import java.util.function.Consumer;
+import java.util.function.Supplier;
+
+public class Holder<V> implements Supplier<V>, Consumer<V> {
+
+	private final V initial;
+
+	private V value;
+
+	public <W extends V> Holder(W initial) {
+		this.initial = initial;
+		reset();
+	}
+
+	public V get() {
+		return value;
+	}
+
+	public void set(V value) {
+		this.value = value;
+	}
+
+	public void reset() {
+		set(initial);
+	}
+
+	@Override
+	public void accept(V value) {
+		set(value);
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/LazyInitializer.java

@@ -0,0 +1,33 @@
+package org.cryptomator.common;
+
+import java.util.concurrent.atomic.AtomicReference;
+import java.util.function.Supplier;
+
+public final class LazyInitializer {
+
+	private LazyInitializer() {
+	}
+
+	/**
+	 * Threadsafe lazy initialization pattern as proposed on http://stackoverflow.com/a/30247202/4014509
+	 * 
+	 * @param <T> Type of the value
+	 * @param reference A reference to a maybe not yet initialized value.
+	 * @param factory A factory providing a value for the reference, if it doesn't exist yet. The factory may be invoked multiple times, but only one result will survive.
+	 * @return The initialized value
+	 */
+	public static <T> T initializeLazily(AtomicReference<T> reference, Supplier<T> factory) {
+		final T existingInstance = reference.get();
+		if (existingInstance != null) {
+			return existingInstance;
+		} else {
+			final T newInstance = factory.get();
+			if (reference.compareAndSet(null, newInstance)) {
+				return newInstance;
+			} else {
+				return reference.get();
+			}
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/Optionals.java

@@ -0,0 +1,17 @@
+package org.cryptomator.common;
+
+import java.util.Optional;
+
+public final class Optionals {
+
+	private Optionals() {
+	}
+
+	public static <T, E extends Exception> void ifPresent(Optional<T> optional, ConsumerThrowingException<T, E> consumer) throws E {
+		final T t = optional.orElse(null);
+		if (t != null) {
+			consumer.accept(t);
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/RunnableThrowingException.java

@@ -0,0 +1,8 @@
+package org.cryptomator.common;
+
+@FunctionalInterface
+public interface RunnableThrowingException<T extends Exception> {
+
+	void run() throws T;
+
+}

main/commons/src/main/java/org/cryptomator/common/WeakValuedCache.java

@@ -0,0 +1,48 @@
+package org.cryptomator.common;
+
+import java.util.concurrent.ExecutionException;
+import java.util.function.BiConsumer;
+import java.util.function.Function;
+
+import com.google.common.cache.CacheBuilder;
+import com.google.common.cache.CacheLoader;
+import com.google.common.cache.LoadingCache;
+import com.google.common.util.concurrent.ExecutionError;
+import com.google.common.util.concurrent.UncheckedExecutionException;
+
+public class WeakValuedCache<Key, Value> {
+
+	private final LoadingCache<Key, Value> delegate;
+
+	private WeakValuedCache(Function<Key, Value> loader) {
+		delegate = CacheBuilder.newBuilder() //
+				.weakValues() //
+				.build(new CacheLoader<Key, Value>() {
+					@Override
+					public Value load(Key key) {
+						return loader.apply(key);
+					}
+				});
+	}
+
+	public static <Key, Value> WeakValuedCache<Key, Value> usingLoader(Function<Key, Value> loader) {
+		return new WeakValuedCache<>(loader);
+	}
+
+	public Value get(Key key) {
+		try {
+			return delegate.get(key);
+		} catch (ExecutionException e) {
+			throw new IllegalStateException("No checked exception can be thrown by loader", e);
+		} catch (UncheckedExecutionException e) {
+			throw (RuntimeException) e.getCause();
+		} catch (ExecutionError e) {
+			throw (Error) e.getCause();
+		}
+	}
+
+	public void forEach(BiConsumer<Key, Value> function) {
+		delegate.asMap().forEach(function);
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/AutoClosingDoubleStream.java

@@ -0,0 +1,178 @@
+package org.cryptomator.common.streams;
+
+import static org.cryptomator.common.streams.AutoClosingStreamFactory.AUTO_CLOSING_STREAM_FACTORY;
+
+import java.util.DoubleSummaryStatistics;
+import java.util.OptionalDouble;
+import java.util.function.BiConsumer;
+import java.util.function.DoubleBinaryOperator;
+import java.util.function.DoubleConsumer;
+import java.util.function.DoublePredicate;
+import java.util.function.ObjDoubleConsumer;
+import java.util.function.Supplier;
+import java.util.stream.DoubleStream;
+
+public class AutoClosingDoubleStream extends DelegatingDoubleStream {
+
+	public static DoubleStream from(DoubleStream delegate) {
+		return new AutoClosingDoubleStream(delegate);
+	}
+
+	public AutoClosingDoubleStream(DoubleStream delegate) {
+		super(delegate, AUTO_CLOSING_STREAM_FACTORY);
+	}
+
+	@Override
+	public void forEach(DoubleConsumer action) {
+		try {
+			super.forEach(action);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public void forEachOrdered(DoubleConsumer action) {
+		try {
+			super.forEachOrdered(action);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public double[] toArray() {
+		try {
+			return super.toArray();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public double reduce(double identity, DoubleBinaryOperator op) {
+		try {
+			return super.reduce(identity, op);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalDouble reduce(DoubleBinaryOperator op) {
+		try {
+			return super.reduce(op);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public <R> R collect(Supplier<R> supplier, ObjDoubleConsumer<R> accumulator, BiConsumer<R, R> combiner) {
+		try {
+			return super.collect(supplier, accumulator, combiner);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public double sum() {
+		try {
+			return super.sum();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalDouble min() {
+		try {
+			return super.min();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalDouble max() {
+		try {
+			return super.max();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public long count() {
+		try {
+			return super.count();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalDouble average() {
+		try {
+			return super.average();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public DoubleSummaryStatistics summaryStatistics() {
+		try {
+			return super.summaryStatistics();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public boolean anyMatch(DoublePredicate predicate) {
+		try {
+			return super.anyMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public boolean allMatch(DoublePredicate predicate) {
+		try {
+			return super.allMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public boolean noneMatch(DoublePredicate predicate) {
+		try {
+			return super.noneMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalDouble findFirst() {
+		try {
+			return super.findFirst();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalDouble findAny() {
+		try {
+			return super.findAny();
+		} finally {
+			close();
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/AutoClosingIntStream.java

@@ -0,0 +1,179 @@
+package org.cryptomator.common.streams;
+
+import static org.cryptomator.common.streams.AutoClosingStreamFactory.AUTO_CLOSING_STREAM_FACTORY;
+
+import java.util.IntSummaryStatistics;
+import java.util.OptionalDouble;
+import java.util.OptionalInt;
+import java.util.function.BiConsumer;
+import java.util.function.IntBinaryOperator;
+import java.util.function.IntConsumer;
+import java.util.function.IntPredicate;
+import java.util.function.ObjIntConsumer;
+import java.util.function.Supplier;
+import java.util.stream.IntStream;
+
+public class AutoClosingIntStream extends DelegatingIntStream {
+
+	public static IntStream from(IntStream delegate) {
+		return new AutoClosingIntStream(delegate);
+	}
+
+	public AutoClosingIntStream(IntStream delegate) {
+		super(delegate, AUTO_CLOSING_STREAM_FACTORY);
+	}
+
+	@Override
+	public void forEach(IntConsumer action) {
+		try {
+			super.forEach(action);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public void forEachOrdered(IntConsumer action) {
+		try {
+			super.forEachOrdered(action);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public int[] toArray() {
+		try {
+			return super.toArray();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public int reduce(int identity, IntBinaryOperator op) {
+		try {
+			return super.reduce(identity, op);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalInt reduce(IntBinaryOperator op) {
+		try {
+			return super.reduce(op);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public <R> R collect(Supplier<R> supplier, ObjIntConsumer<R> accumulator, BiConsumer<R, R> combiner) {
+		try {
+			return super.collect(supplier, accumulator, combiner);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public int sum() {
+		try {
+			return super.sum();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalInt min() {
+		try {
+			return super.min();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalInt max() {
+		try {
+			return super.max();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public long count() {
+		try {
+			return super.count();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalDouble average() {
+		try {
+			return super.average();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public IntSummaryStatistics summaryStatistics() {
+		try {
+			return super.summaryStatistics();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public boolean anyMatch(IntPredicate predicate) {
+		try {
+			return super.anyMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public boolean allMatch(IntPredicate predicate) {
+		try {
+			return super.allMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public boolean noneMatch(IntPredicate predicate) {
+		try {
+			return super.noneMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalInt findFirst() {
+		try {
+			return super.findFirst();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalInt findAny() {
+		try {
+			return super.findAny();
+		} finally {
+			close();
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/AutoClosingLongStream.java

@@ -0,0 +1,179 @@
+package org.cryptomator.common.streams;
+
+import static org.cryptomator.common.streams.AutoClosingStreamFactory.AUTO_CLOSING_STREAM_FACTORY;
+
+import java.util.LongSummaryStatistics;
+import java.util.OptionalDouble;
+import java.util.OptionalLong;
+import java.util.function.BiConsumer;
+import java.util.function.LongBinaryOperator;
+import java.util.function.LongConsumer;
+import java.util.function.LongPredicate;
+import java.util.function.ObjLongConsumer;
+import java.util.function.Supplier;
+import java.util.stream.LongStream;
+
+public class AutoClosingLongStream extends DelegatingLongStream {
+
+	public static LongStream from(LongStream delegate) {
+		return new AutoClosingLongStream(delegate);
+	}
+
+	public AutoClosingLongStream(LongStream delegate) {
+		super(delegate, AUTO_CLOSING_STREAM_FACTORY);
+	}
+
+	@Override
+	public void forEach(LongConsumer action) {
+		try {
+			super.forEach(action);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public void forEachOrdered(LongConsumer action) {
+		try {
+			super.forEachOrdered(action);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public long[] toArray() {
+		try {
+			return super.toArray();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public long reduce(long identity, LongBinaryOperator op) {
+		try {
+			return super.reduce(identity, op);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalLong reduce(LongBinaryOperator op) {
+		try {
+			return super.reduce(op);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public <R> R collect(Supplier<R> supplier, ObjLongConsumer<R> accumulator, BiConsumer<R, R> combiner) {
+		try {
+			return super.collect(supplier, accumulator, combiner);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public long sum() {
+		try {
+			return super.sum();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalLong min() {
+		try {
+			return super.min();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalLong max() {
+		try {
+			return super.max();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public long count() {
+		try {
+			return super.count();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalDouble average() {
+		try {
+			return super.average();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public LongSummaryStatistics summaryStatistics() {
+		try {
+			return super.summaryStatistics();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public boolean anyMatch(LongPredicate predicate) {
+		try {
+			return super.anyMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public boolean allMatch(LongPredicate predicate) {
+		try {
+			return super.allMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public boolean noneMatch(LongPredicate predicate) {
+		try {
+			return super.noneMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalLong findFirst() {
+		try {
+			return super.findFirst();
+		} finally {
+			close();
+		}
+	}
+
+	@Override
+	public OptionalLong findAny() {
+		try {
+			return super.findAny();
+		} finally {
+			close();
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/AutoClosingStream.java

@@ -0,0 +1,173 @@
+package org.cryptomator.common.streams;
+
+import static org.cryptomator.common.streams.AutoClosingStreamFactory.AUTO_CLOSING_STREAM_FACTORY;
+
+import java.util.Comparator;
+import java.util.Optional;
+import java.util.function.BiConsumer;
+import java.util.function.BiFunction;
+import java.util.function.BinaryOperator;
+import java.util.function.Consumer;
+import java.util.function.IntFunction;
+import java.util.function.Predicate;
+import java.util.function.Supplier;
+import java.util.stream.Collector;
+import java.util.stream.Stream;
+
+/**
+ * <p>
+ * A Stream which is automatically closed after execution of a terminal operation.
+ * <p>
+ * Streams returned by intermediate operations are also auto closing.
+ * <p>
+ * <b>Note:</b> When using {@link #iterator()} or {@link #spliterator()} auto closing does not occur.
+ * 
+ * @author Markus Kreusch
+ */
+public class AutoClosingStream<T> extends DelegatingStream<T> {
+
+	public static <T> Stream<T> from(Stream<T> delegate) {
+		return new AutoClosingStream<>(delegate);
+	}
+
+	private AutoClosingStream(Stream<T> delegate) {
+		super(delegate, AUTO_CLOSING_STREAM_FACTORY);
+	}
+
+	public void forEach(Consumer<? super T> action) {
+		try {
+			super.forEach(action);
+		} finally {
+			close();
+		}
+	}
+
+	public void forEachOrdered(Consumer<? super T> action) {
+		try {
+			super.forEachOrdered(action);
+		} finally {
+			close();
+		}
+	}
+
+	public Object[] toArray() {
+		try {
+			return super.toArray();
+		} finally {
+			close();
+		}
+	}
+
+	public <A> A[] toArray(IntFunction<A[]> generator) {
+		try {
+			return super.toArray(generator);
+		} finally {
+			close();
+		}
+	}
+
+	public T reduce(T identity, BinaryOperator<T> accumulator) {
+		try {
+			return super.reduce(identity, accumulator);
+		} finally {
+			close();
+		}
+	}
+
+	public Optional<T> reduce(BinaryOperator<T> accumulator) {
+		try {
+			return super.reduce(accumulator);
+		} finally {
+			close();
+		}
+	}
+
+	public <U> U reduce(U identity, BiFunction<U, ? super T, U> accumulator, BinaryOperator<U> combiner) {
+		try {
+			return super.reduce(identity, accumulator, combiner);
+		} finally {
+			close();
+		}
+	}
+
+	public <R> R collect(Supplier<R> supplier, BiConsumer<R, ? super T> accumulator, BiConsumer<R, R> combiner) {
+		try {
+			return super.collect(supplier, accumulator, combiner);
+		} finally {
+			close();
+		}
+	}
+
+	public <R, A> R collect(Collector<? super T, A, R> collector) {
+		try {
+			return super.collect(collector);
+		} finally {
+			close();
+		}
+	}
+
+	public Optional<T> min(Comparator<? super T> comparator) {
+		try {
+			return super.min(comparator);
+		} finally {
+			close();
+		}
+	}
+
+	public Optional<T> max(Comparator<? super T> comparator) {
+		try {
+			return super.max(comparator);
+		} finally {
+			close();
+		}
+	}
+
+	public long count() {
+		try {
+			return super.count();
+		} finally {
+			close();
+		}
+	}
+
+	public boolean anyMatch(Predicate<? super T> predicate) {
+		try {
+			return super.anyMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	public boolean allMatch(Predicate<? super T> predicate) {
+		try {
+			return super.allMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	public boolean noneMatch(Predicate<? super T> predicate) {
+		try {
+			return super.noneMatch(predicate);
+		} finally {
+			close();
+		}
+	}
+
+	public Optional<T> findFirst() {
+		try {
+			return super.findFirst();
+		} finally {
+			close();
+		}
+	}
+
+	public Optional<T> findAny() {
+		try {
+			return super.findAny();
+		} finally {
+			close();
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/AutoClosingStreamFactory.java

@@ -0,0 +1,51 @@
+package org.cryptomator.common.streams;
+
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+class AutoClosingStreamFactory implements DelegatingStreamFactory {
+
+	public static final DelegatingStreamFactory AUTO_CLOSING_STREAM_FACTORY = new AutoClosingStreamFactory();
+
+	private AutoClosingStreamFactory() {
+	}
+
+	@Override
+	public <S> Stream<S> from(Stream<S> other) {
+		if (AutoClosingStream.class.isInstance(other)) {
+			return other;
+		} else {
+			return AutoClosingStream.from(other);
+		}
+	}
+
+	@Override
+	public IntStream from(IntStream other) {
+		if (AutoClosingIntStream.class.isInstance(other)) {
+			return other;
+		} else {
+			return AutoClosingIntStream.from(other);
+		}
+	}
+
+	@Override
+	public LongStream from(LongStream other) {
+		if (AutoClosingLongStream.class.isInstance(other)) {
+			return other;
+		} else {
+			return AutoClosingLongStream.from(other);
+		}
+	}
+
+	@Override
+	public DoubleStream from(DoubleStream other) {
+		if (AutoClosingDoubleStream.class.isInstance(other)) {
+			return other;
+		} else {
+			return AutoClosingDoubleStream.from(other);
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/DelegatingDoubleStream.java

@@ -0,0 +1,179 @@
+package org.cryptomator.common.streams;
+
+import java.util.DoubleSummaryStatistics;
+import java.util.OptionalDouble;
+import java.util.PrimitiveIterator.OfDouble;
+import java.util.function.BiConsumer;
+import java.util.function.DoubleBinaryOperator;
+import java.util.function.DoubleConsumer;
+import java.util.function.DoubleFunction;
+import java.util.function.DoublePredicate;
+import java.util.function.DoubleToIntFunction;
+import java.util.function.DoubleToLongFunction;
+import java.util.function.DoubleUnaryOperator;
+import java.util.function.ObjDoubleConsumer;
+import java.util.function.Supplier;
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+abstract class DelegatingDoubleStream implements DoubleStream {
+
+	private final DoubleStream delegate;
+	private final DelegatingStreamFactory wrapper;
+
+	public DelegatingDoubleStream(DoubleStream delegate, DelegatingStreamFactory wrapper) {
+		this.delegate = delegate;
+		this.wrapper = wrapper;
+	}
+
+	public DoubleStream filter(DoublePredicate predicate) {
+		return wrapper.from(delegate.filter(predicate));
+	}
+
+	public boolean isParallel() {
+		return delegate.isParallel();
+	}
+
+	public DoubleStream map(DoubleUnaryOperator mapper) {
+		return wrapper.from(delegate.map(mapper));
+	}
+
+	public <U> Stream<U> mapToObj(DoubleFunction<? extends U> mapper) {
+		return wrapper.from(delegate.mapToObj(mapper));
+	}
+
+	public DoubleStream unordered() {
+		return wrapper.from(delegate.unordered());
+	}
+
+	public DoubleStream onClose(Runnable closeHandler) {
+		return wrapper.from(delegate.onClose(closeHandler));
+	}
+
+	public IntStream mapToInt(DoubleToIntFunction mapper) {
+		return wrapper.from(delegate.mapToInt(mapper));
+	}
+
+	public LongStream mapToLong(DoubleToLongFunction mapper) {
+		return wrapper.from(delegate.mapToLong(mapper));
+	}
+
+	public void close() {
+		delegate.close();
+	}
+
+	public DoubleStream flatMap(DoubleFunction<? extends DoubleStream> mapper) {
+		return wrapper.from(delegate.flatMap(mapper));
+	}
+
+	public DoubleStream distinct() {
+		return wrapper.from(delegate.distinct());
+	}
+
+	public DoubleStream sorted() {
+		return wrapper.from(delegate.sorted());
+	}
+
+	public DoubleStream peek(DoubleConsumer action) {
+		return wrapper.from(delegate.peek(action));
+	}
+
+	public DoubleStream limit(long maxSize) {
+		return wrapper.from(delegate.limit(maxSize));
+	}
+
+	public DoubleStream skip(long n) {
+		return wrapper.from(delegate.skip(n));
+	}
+
+	public void forEach(DoubleConsumer action) {
+		delegate.forEach(action);
+	}
+
+	public void forEachOrdered(DoubleConsumer action) {
+		delegate.forEachOrdered(action);
+	}
+
+	public double[] toArray() {
+		return delegate.toArray();
+	}
+
+	public double reduce(double identity, DoubleBinaryOperator op) {
+		return delegate.reduce(identity, op);
+	}
+
+	public OptionalDouble reduce(DoubleBinaryOperator op) {
+		return delegate.reduce(op);
+	}
+
+	public <R> R collect(Supplier<R> supplier, ObjDoubleConsumer<R> accumulator, BiConsumer<R, R> combiner) {
+		return delegate.collect(supplier, accumulator, combiner);
+	}
+
+	public double sum() {
+		return delegate.sum();
+	}
+
+	public OptionalDouble min() {
+		return delegate.min();
+	}
+
+	public OptionalDouble max() {
+		return delegate.max();
+	}
+
+	public long count() {
+		return delegate.count();
+	}
+
+	public OptionalDouble average() {
+		return delegate.average();
+	}
+
+	public DoubleSummaryStatistics summaryStatistics() {
+		return delegate.summaryStatistics();
+	}
+
+	public boolean anyMatch(DoublePredicate predicate) {
+		return delegate.anyMatch(predicate);
+	}
+
+	public boolean allMatch(DoublePredicate predicate) {
+		return delegate.allMatch(predicate);
+	}
+
+	public boolean noneMatch(DoublePredicate predicate) {
+		return delegate.noneMatch(predicate);
+	}
+
+	public OptionalDouble findFirst() {
+		return delegate.findFirst();
+	}
+
+	public OptionalDouble findAny() {
+		return delegate.findAny();
+	}
+
+	public Stream<Double> boxed() {
+		return wrapper.from(delegate.boxed());
+	}
+
+	public DoubleStream sequential() {
+		return wrapper.from(delegate.sequential());
+	}
+
+	public DoubleStream parallel() {
+		return wrapper.from(delegate.parallel());
+	}
+
+	public OfDouble iterator() {
+		return delegate.iterator();
+	}
+
+	public java.util.Spliterator.OfDouble spliterator() {
+		return delegate.spliterator();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/DelegatingIntStream.java

@@ -0,0 +1,188 @@
+package org.cryptomator.common.streams;
+
+import java.util.IntSummaryStatistics;
+import java.util.OptionalDouble;
+import java.util.OptionalInt;
+import java.util.PrimitiveIterator.OfInt;
+import java.util.function.BiConsumer;
+import java.util.function.IntBinaryOperator;
+import java.util.function.IntConsumer;
+import java.util.function.IntFunction;
+import java.util.function.IntPredicate;
+import java.util.function.IntToDoubleFunction;
+import java.util.function.IntToLongFunction;
+import java.util.function.IntUnaryOperator;
+import java.util.function.ObjIntConsumer;
+import java.util.function.Supplier;
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+abstract class DelegatingIntStream implements IntStream {
+
+	private final IntStream delegate;
+	private final DelegatingStreamFactory wrapper;
+
+	public DelegatingIntStream(IntStream delegate, DelegatingStreamFactory wrapper) {
+		this.delegate = delegate;
+		this.wrapper = wrapper;
+	}
+
+	public IntStream filter(IntPredicate predicate) {
+		return wrapper.from(delegate.filter(predicate));
+	}
+
+	public boolean isParallel() {
+		return delegate.isParallel();
+	}
+
+	public IntStream map(IntUnaryOperator mapper) {
+		return wrapper.from(delegate.map(mapper));
+	}
+
+	public <U> Stream<U> mapToObj(IntFunction<? extends U> mapper) {
+		return wrapper.from(delegate.mapToObj(mapper));
+	}
+
+	public IntStream unordered() {
+		return wrapper.from(delegate.unordered());
+	}
+
+	public LongStream mapToLong(IntToLongFunction mapper) {
+		return wrapper.from(delegate.mapToLong(mapper));
+	}
+
+	public IntStream onClose(Runnable closeHandler) {
+		return wrapper.from(delegate.onClose(closeHandler));
+	}
+
+	public DoubleStream mapToDouble(IntToDoubleFunction mapper) {
+		return wrapper.from(delegate.mapToDouble(mapper));
+	}
+
+	public void close() {
+		delegate.close();
+	}
+
+	public IntStream flatMap(IntFunction<? extends IntStream> mapper) {
+		return wrapper.from(delegate.flatMap(mapper));
+	}
+
+	public IntStream distinct() {
+		return wrapper.from(delegate.distinct());
+	}
+
+	public IntStream sorted() {
+		return wrapper.from(delegate.sorted());
+	}
+
+	public IntStream peek(IntConsumer action) {
+		return wrapper.from(delegate.peek(action));
+	}
+
+	public IntStream limit(long maxSize) {
+		return wrapper.from(delegate.limit(maxSize));
+	}
+
+	public IntStream skip(long n) {
+		return wrapper.from(delegate.skip(n));
+	}
+
+	public void forEach(IntConsumer action) {
+		delegate.forEach(action);
+	}
+
+	public void forEachOrdered(IntConsumer action) {
+		delegate.forEachOrdered(action);
+	}
+
+	public int[] toArray() {
+		return delegate.toArray();
+	}
+
+	public int reduce(int identity, IntBinaryOperator op) {
+		return delegate.reduce(identity, op);
+	}
+
+	public OptionalInt reduce(IntBinaryOperator op) {
+		return delegate.reduce(op);
+	}
+
+	public <R> R collect(Supplier<R> supplier, ObjIntConsumer<R> accumulator, BiConsumer<R, R> combiner) {
+		return delegate.collect(supplier, accumulator, combiner);
+	}
+
+	public int sum() {
+		return delegate.sum();
+	}
+
+	public OptionalInt min() {
+		return delegate.min();
+	}
+
+	public OptionalInt max() {
+		return delegate.max();
+	}
+
+	public long count() {
+		return delegate.count();
+	}
+
+	public OptionalDouble average() {
+		return delegate.average();
+	}
+
+	public IntSummaryStatistics summaryStatistics() {
+		return delegate.summaryStatistics();
+	}
+
+	public boolean anyMatch(IntPredicate predicate) {
+		return delegate.anyMatch(predicate);
+	}
+
+	public boolean allMatch(IntPredicate predicate) {
+		return delegate.allMatch(predicate);
+	}
+
+	public boolean noneMatch(IntPredicate predicate) {
+		return delegate.noneMatch(predicate);
+	}
+
+	public OptionalInt findFirst() {
+		return delegate.findFirst();
+	}
+
+	public OptionalInt findAny() {
+		return delegate.findAny();
+	}
+
+	public LongStream asLongStream() {
+		return wrapper.from(delegate.asLongStream());
+	}
+
+	public DoubleStream asDoubleStream() {
+		return wrapper.from(delegate.asDoubleStream());
+	}
+
+	public Stream<Integer> boxed() {
+		return wrapper.from(delegate.boxed());
+	}
+
+	public IntStream sequential() {
+		return wrapper.from(delegate.sequential());
+	}
+
+	public IntStream parallel() {
+		return wrapper.from(delegate.parallel());
+	}
+
+	public OfInt iterator() {
+		return delegate.iterator();
+	}
+
+	public java.util.Spliterator.OfInt spliterator() {
+		return delegate.spliterator();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/DelegatingLongStream.java

@@ -0,0 +1,184 @@
+package org.cryptomator.common.streams;
+
+import java.util.LongSummaryStatistics;
+import java.util.OptionalDouble;
+import java.util.OptionalLong;
+import java.util.PrimitiveIterator.OfLong;
+import java.util.function.BiConsumer;
+import java.util.function.LongBinaryOperator;
+import java.util.function.LongConsumer;
+import java.util.function.LongFunction;
+import java.util.function.LongPredicate;
+import java.util.function.LongToDoubleFunction;
+import java.util.function.LongToIntFunction;
+import java.util.function.LongUnaryOperator;
+import java.util.function.ObjLongConsumer;
+import java.util.function.Supplier;
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+abstract class DelegatingLongStream implements LongStream {
+
+	private final LongStream delegate;
+	private final DelegatingStreamFactory wrapper;
+
+	public DelegatingLongStream(LongStream delegate, DelegatingStreamFactory wrapper) {
+		this.delegate = delegate;
+		this.wrapper = wrapper;
+	}
+
+	public LongStream filter(LongPredicate predicate) {
+		return wrapper.from(delegate.filter(predicate));
+	}
+
+	public boolean isParallel() {
+		return delegate.isParallel();
+	}
+
+	public LongStream map(LongUnaryOperator mapper) {
+		return wrapper.from(delegate.map(mapper));
+	}
+
+	public <U> Stream<U> mapToObj(LongFunction<? extends U> mapper) {
+		return wrapper.from(delegate.mapToObj(mapper));
+	}
+
+	public LongStream unordered() {
+		return wrapper.from(delegate.unordered());
+	}
+
+	public LongStream onClose(Runnable closeHandler) {
+		return wrapper.from(delegate.onClose(closeHandler));
+	}
+
+	public IntStream mapToInt(LongToIntFunction mapper) {
+		return wrapper.from(delegate.mapToInt(mapper));
+	}
+
+	public DoubleStream mapToDouble(LongToDoubleFunction mapper) {
+		return wrapper.from(delegate.mapToDouble(mapper));
+	}
+
+	public void close() {
+		delegate.close();
+	}
+
+	public LongStream flatMap(LongFunction<? extends LongStream> mapper) {
+		return wrapper.from(delegate.flatMap(mapper));
+	}
+
+	public LongStream distinct() {
+		return wrapper.from(delegate.distinct());
+	}
+
+	public LongStream sorted() {
+		return wrapper.from(delegate.sorted());
+	}
+
+	public LongStream peek(LongConsumer action) {
+		return wrapper.from(delegate.peek(action));
+	}
+
+	public LongStream limit(long maxSize) {
+		return wrapper.from(delegate.limit(maxSize));
+	}
+
+	public LongStream skip(long n) {
+		return wrapper.from(delegate.skip(n));
+	}
+
+	public void forEach(LongConsumer action) {
+		delegate.forEach(action);
+	}
+
+	public void forEachOrdered(LongConsumer action) {
+		delegate.forEachOrdered(action);
+	}
+
+	public long[] toArray() {
+		return delegate.toArray();
+	}
+
+	public long reduce(long identity, LongBinaryOperator op) {
+		return delegate.reduce(identity, op);
+	}
+
+	public OptionalLong reduce(LongBinaryOperator op) {
+		return delegate.reduce(op);
+	}
+
+	public <R> R collect(Supplier<R> supplier, ObjLongConsumer<R> accumulator, BiConsumer<R, R> combiner) {
+		return delegate.collect(supplier, accumulator, combiner);
+	}
+
+	public long sum() {
+		return delegate.sum();
+	}
+
+	public OptionalLong min() {
+		return delegate.min();
+	}
+
+	public OptionalLong max() {
+		return delegate.max();
+	}
+
+	public long count() {
+		return delegate.count();
+	}
+
+	public OptionalDouble average() {
+		return delegate.average();
+	}
+
+	public LongSummaryStatistics summaryStatistics() {
+		return delegate.summaryStatistics();
+	}
+
+	public boolean anyMatch(LongPredicate predicate) {
+		return delegate.anyMatch(predicate);
+	}
+
+	public boolean allMatch(LongPredicate predicate) {
+		return delegate.allMatch(predicate);
+	}
+
+	public boolean noneMatch(LongPredicate predicate) {
+		return delegate.noneMatch(predicate);
+	}
+
+	public OptionalLong findFirst() {
+		return delegate.findFirst();
+	}
+
+	public OptionalLong findAny() {
+		return delegate.findAny();
+	}
+
+	public DoubleStream asDoubleStream() {
+		return wrapper.from(delegate.asDoubleStream());
+	}
+
+	public Stream<Long> boxed() {
+		return wrapper.from(delegate.boxed());
+	}
+
+	public LongStream sequential() {
+		return wrapper.from(delegate.sequential());
+	}
+
+	public LongStream parallel() {
+		return wrapper.from(delegate.parallel());
+	}
+
+	public OfLong iterator() {
+		return delegate.iterator();
+	}
+
+	public java.util.Spliterator.OfLong spliterator() {
+		return delegate.spliterator();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/DelegatingStream.java

@@ -0,0 +1,194 @@
+package org.cryptomator.common.streams;
+
+import java.util.Comparator;
+import java.util.Iterator;
+import java.util.Optional;
+import java.util.Spliterator;
+import java.util.function.BiConsumer;
+import java.util.function.BiFunction;
+import java.util.function.BinaryOperator;
+import java.util.function.Consumer;
+import java.util.function.Function;
+import java.util.function.IntFunction;
+import java.util.function.Predicate;
+import java.util.function.Supplier;
+import java.util.function.ToDoubleFunction;
+import java.util.function.ToIntFunction;
+import java.util.function.ToLongFunction;
+import java.util.stream.Collector;
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+abstract class DelegatingStream<T> implements Stream<T> {
+
+	private final Stream<T> delegate;
+	private final DelegatingStreamFactory wrapper;
+
+	protected DelegatingStream(Stream<T> delegate, DelegatingStreamFactory wrapper) {
+		this.delegate = delegate;
+		this.wrapper = wrapper;
+	}
+
+	public Iterator<T> iterator() {
+		return delegate.iterator();
+	}
+
+	public Spliterator<T> spliterator() {
+		return delegate.spliterator();
+	}
+
+	public boolean isParallel() {
+		return delegate.isParallel();
+	}
+
+	public Stream<T> sequential() {
+		return wrapper.from(delegate.sequential());
+	}
+
+	public Stream<T> parallel() {
+		return wrapper.from(delegate.parallel());
+	}
+
+	public Stream<T> unordered() {
+		return wrapper.from(delegate.unordered());
+	}
+
+	public Stream<T> onClose(Runnable closeHandler) {
+		return wrapper.from(delegate.onClose(closeHandler));
+	}
+
+	public void close() {
+		delegate.close();
+	}
+
+	public Stream<T> filter(Predicate<? super T> predicate) {
+		return wrapper.from(delegate.filter(predicate));
+	}
+
+	public <R> Stream<R> map(Function<? super T, ? extends R> mapper) {
+		return wrapper.from(delegate.map(mapper));
+	}
+
+	public IntStream mapToInt(ToIntFunction<? super T> mapper) {
+		return wrapper.from(delegate.mapToInt(mapper));
+	}
+
+	public LongStream mapToLong(ToLongFunction<? super T> mapper) {
+		return wrapper.from(delegate.mapToLong(mapper));
+	}
+
+	public DoubleStream mapToDouble(ToDoubleFunction<? super T> mapper) {
+		return wrapper.from(delegate.mapToDouble(mapper));
+	}
+
+	public <R> Stream<R> flatMap(Function<? super T, ? extends Stream<? extends R>> mapper) {
+		return wrapper.from(delegate.flatMap(mapper));
+	}
+
+	public IntStream flatMapToInt(Function<? super T, ? extends IntStream> mapper) {
+		return wrapper.from(delegate.flatMapToInt(mapper));
+	}
+
+	public LongStream flatMapToLong(Function<? super T, ? extends LongStream> mapper) {
+		return wrapper.from(delegate.flatMapToLong(mapper));
+	}
+
+	public DoubleStream flatMapToDouble(Function<? super T, ? extends DoubleStream> mapper) {
+		return wrapper.from(delegate.flatMapToDouble(mapper));
+	}
+
+	public Stream<T> distinct() {
+		return wrapper.from(delegate.distinct());
+	}
+
+	public Stream<T> sorted() {
+		return wrapper.from(delegate.sorted());
+	}
+
+	public Stream<T> sorted(Comparator<? super T> comparator) {
+		return wrapper.from(delegate.sorted(comparator));
+	}
+
+	public Stream<T> peek(Consumer<? super T> action) {
+		return wrapper.from(delegate.peek(action));
+	}
+
+	public Stream<T> limit(long maxSize) {
+		return wrapper.from(delegate.limit(maxSize));
+	}
+
+	public Stream<T> skip(long n) {
+		return wrapper.from(delegate.skip(n));
+	}
+
+	public void forEach(Consumer<? super T> action) {
+		delegate.forEach(action);
+	}
+
+	public void forEachOrdered(Consumer<? super T> action) {
+		delegate.forEachOrdered(action);
+	}
+
+	public Object[] toArray() {
+		return delegate.toArray();
+	}
+
+	public <A> A[] toArray(IntFunction<A[]> generator) {
+		return delegate.toArray(generator);
+	}
+
+	public T reduce(T identity, BinaryOperator<T> accumulator) {
+		return delegate.reduce(identity, accumulator);
+	}
+
+	public Optional<T> reduce(BinaryOperator<T> accumulator) {
+		return delegate.reduce(accumulator);
+	}
+
+	public <U> U reduce(U identity, BiFunction<U, ? super T, U> accumulator, BinaryOperator<U> combiner) {
+		return delegate.reduce(identity, accumulator, combiner);
+	}
+
+	public <R> R collect(Supplier<R> supplier, BiConsumer<R, ? super T> accumulator, BiConsumer<R, R> combiner) {
+		return delegate.collect(supplier, accumulator, combiner);
+	}
+
+	public <R, A> R collect(Collector<? super T, A, R> collector) {
+		return delegate.collect(collector);
+	}
+
+	public Optional<T> min(Comparator<? super T> comparator) {
+		return delegate.min(comparator);
+	}
+
+	public Optional<T> max(Comparator<? super T> comparator) {
+		return delegate.max(comparator);
+	}
+
+	public long count() {
+		return delegate.count();
+	}
+
+	public boolean anyMatch(Predicate<? super T> predicate) {
+		return delegate.anyMatch(predicate);
+	}
+
+	public boolean allMatch(Predicate<? super T> predicate) {
+		return delegate.allMatch(predicate);
+	}
+
+	public boolean noneMatch(Predicate<? super T> predicate) {
+		return delegate.noneMatch(predicate);
+	}
+
+	public Optional<T> findFirst() {
+		return delegate.findFirst();
+	}
+
+	public Optional<T> findAny() {
+		return delegate.findAny();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/streams/DelegatingStreamFactory.java

@@ -0,0 +1,22 @@
+package org.cryptomator.common.streams;
+
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+public interface DelegatingStreamFactory {
+
+	<S> Stream<S> from(Stream<S> other);
+
+	IntStream from(IntStream other);
+
+	LongStream from(LongStream other);
+
+	DoubleStream from(DoubleStream other);
+
+	public interface ObjectStreamWrapper {
+		<S> Stream<S> from(Stream<S> other);
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/CachingSupplierTest.java

@@ -0,0 +1,43 @@
+package org.cryptomator.common;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.util.function.Supplier;
+
+import org.junit.Test;
+
+public class CachingSupplierTest {
+
+	@Test
+	public void testInvokingGetInvokesDelegate() {
+		@SuppressWarnings("unchecked")
+		Supplier<Object> delegate = mock(Supplier.class);
+		Object expectedResult = new Object();
+		when(delegate.get()).thenReturn(expectedResult);
+		Supplier<Object> inTest = CachingSupplier.from(delegate);
+
+		Object result = inTest.get();
+
+		assertThat(result, is(expectedResult));
+	}
+
+	@Test
+	public void testInvokingGetTwiceDoesNotInvokeDelegateTwice() {
+		@SuppressWarnings("unchecked")
+		Supplier<Object> delegate = mock(Supplier.class);
+		Object expectedResult = new Object();
+		when(delegate.get()).thenReturn(expectedResult);
+		Supplier<Object> inTest = CachingSupplier.from(delegate);
+
+		inTest.get();
+		Object result = inTest.get();
+
+		assertThat(result, is(expectedResult));
+		verify(delegate).get();
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/HolderTest.java

@@ -0,0 +1,42 @@
+package org.cryptomator.common;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+
+import org.junit.Test;
+
+public class HolderTest {
+
+	private static final Object INITIAL = new Object();
+	private static final Object VALUE = new Object();
+
+	private Holder<Object> inTest = new Holder<>(INITIAL);
+
+	@Test
+	public void testInitialValueIsInitial() {
+		assertThat(inTest.get(), is(INITIAL));
+	}
+
+	@Test
+	public void testSetChangesValue() {
+		inTest.set(VALUE);
+
+		assertThat(inTest.get(), is(VALUE));
+	}
+
+	@Test
+	public void testAcceptChangesValue() {
+		inTest.accept(VALUE);
+
+		assertThat(inTest.get(), is(VALUE));
+	}
+
+	@Test
+	public void testResetChangesValueToInitial() {
+		inTest.set(VALUE);
+		inTest.reset();
+
+		assertThat(inTest.get(), is(INITIAL));
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/WeakValuedCacheTest.java

@@ -0,0 +1,155 @@
+package org.cryptomator.common;
+
+import static java.lang.String.format;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.sameInstance;
+import static org.junit.Assert.assertThat;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.util.function.Function;
+
+import org.cryptomator.common.WeakValuedCache;
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mockito;
+import org.mockito.invocation.InvocationOnMock;
+
+public class WeakValuedCacheTest {
+
+	private final String A_KEY = "aKey";
+	private final String ANOTHER_KEY = "anotherKey";
+
+	private WeakValuedCache<String, Value> inTest;
+
+	private Function<String, Value> loader;
+
+	@SuppressWarnings("unchecked")
+	@Before
+	public void setup() {
+		loader = Mockito.mock(Function.class);
+		inTest = WeakValuedCache.usingLoader(loader);
+	}
+
+	@Test
+	public void testResultOfGetIsResultOfLoaderForTheSameKey() {
+		Value theValue = new Value();
+		Value theOtherValue = new Value();
+		when(loader.apply(A_KEY)).thenReturn(theValue);
+		when(loader.apply(ANOTHER_KEY)).thenReturn(theOtherValue);
+
+		Value result = inTest.get(A_KEY);
+		Value anotherResult = inTest.get(ANOTHER_KEY);
+
+		assertThat(result, is(sameInstance(theValue)));
+		assertThat(anotherResult, is(sameInstance(theOtherValue)));
+	}
+
+	@Test
+	public void testCachedResultIsResultOfLoaderForTheSameKey() {
+		Value theValue = new Value();
+		Value theOtherValue = new Value();
+		when(loader.apply(A_KEY)).thenReturn(theValue);
+		when(loader.apply(ANOTHER_KEY)).thenReturn(theOtherValue);
+
+		inTest.get(A_KEY);
+		inTest.get(ANOTHER_KEY);
+		Value result = inTest.get(A_KEY);
+		Value anotherResult = inTest.get(ANOTHER_KEY);
+
+		assertThat(result, is(sameInstance(theValue)));
+		assertThat(anotherResult, is(sameInstance(theOtherValue)));
+	}
+
+	@Test
+	public void testTwiceInvocationOfGetDoesNotInvokeLoaderTwice() {
+		Value theValue = new Value();
+		when(loader.apply(A_KEY)).thenReturn(theValue);
+
+		inTest.get(A_KEY);
+		inTest.get(A_KEY);
+
+		verify(loader).apply(A_KEY);
+	}
+
+	@Test
+	public void testSecondInvocationOfGetReturnsTheSameResult() {
+		Value theValue = new Value();
+		when(loader.apply(A_KEY)).thenReturn(theValue);
+
+		inTest.get(A_KEY);
+		Value result = inTest.get(A_KEY);
+
+		assertThat(result, is(sameInstance(theValue)));
+	}
+
+	@Test
+	public void testCacheDoesNotPreventGarbageCollectionOfValues() {
+		when(loader.apply(A_KEY)).thenAnswer(this::createValueUsingMoreThanHalfTheJvmMemory);
+
+		inTest.get(A_KEY);
+
+		// force garbage collection of previously created value by creating an
+		// object so large it can not coexist with the value
+		createObjectUsingMoreThanHalfTheJvmMemory();
+	}
+
+	@Test(expected = RuntimeExceptionThrownInLoader.class)
+	public void testCacheRethrowsRuntimeExceptionsFromLoader() {
+		when(loader.apply(A_KEY)).thenThrow(new RuntimeExceptionThrownInLoader());
+
+		inTest.get(A_KEY);
+	}
+
+	@Test(expected = ErrorThrownInLoader.class)
+	public void testCacheRethrowsErrorsFromLoader() {
+		when(loader.apply(A_KEY)).thenThrow(new ErrorThrownInLoader());
+
+		inTest.get(A_KEY);
+	}
+
+	private Value createValueUsingMoreThanHalfTheJvmMemory(InvocationOnMock invocation) {
+		Object data = createObjectUsingMoreThanHalfTheJvmMemory();
+		Value value = new Value();
+		value.setPayload(data);
+		return value;
+	}
+
+	private Object createObjectUsingMoreThanHalfTheJvmMemory() {
+		long maxMemory = Runtime.getRuntime().maxMemory();
+		long moreThanHalfTheJvmMemory = maxMemory / 2 + 1;
+		return createObjectUsingAtLeast(moreThanHalfTheJvmMemory);
+	}
+
+	private Object createObjectUsingAtLeast(long minMemory) {
+		if (minMemory <= Integer.MAX_VALUE) {
+			return new byte[(int) minMemory];
+		} else if ((minMemory / Integer.MAX_VALUE) <= Integer.MAX_VALUE) {
+			int numberOfArraysWithMaxIntSize = (int) (minMemory / Integer.MAX_VALUE);
+			int numberOfRemainingBytes = (int) (minMemory - Integer.MAX_VALUE * numberOfArraysWithMaxIntSize);
+			return new byte[][][] { //
+					new byte[numberOfArraysWithMaxIntSize][Integer.MAX_VALUE], //
+					new byte[1][numberOfRemainingBytes] //
+			};
+		} else {
+			throw new IllegalArgumentException(format("Can not create object with more than 3.999999996 Exabyte"));
+		}
+	}
+
+	private static class RuntimeExceptionThrownInLoader extends RuntimeException {
+	}
+
+	private static class ErrorThrownInLoader extends Error {
+	}
+
+	private static class Value {
+
+		@SuppressWarnings("unused")
+		private Object payload;
+
+		public void setPayload(Object payload) {
+			this.payload = payload;
+		}
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/streams/AutoClosingDoubleStreamTest.java

@@ -0,0 +1,227 @@
+package org.cryptomator.common.streams;
+
+import static org.hamcrest.CoreMatchers.anyOf;
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.inOrder;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.util.ArrayList;
+import java.util.DoubleSummaryStatistics;
+import java.util.List;
+import java.util.OptionalDouble;
+import java.util.function.BiConsumer;
+import java.util.function.Consumer;
+import java.util.function.DoubleBinaryOperator;
+import java.util.function.DoubleConsumer;
+import java.util.function.DoubleFunction;
+import java.util.function.DoublePredicate;
+import java.util.function.DoubleToIntFunction;
+import java.util.function.DoubleToLongFunction;
+import java.util.function.DoubleUnaryOperator;
+import java.util.function.Function;
+import java.util.function.ObjDoubleConsumer;
+import java.util.function.Supplier;
+import java.util.stream.BaseStream;
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+import org.hamcrest.Matcher;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.experimental.theories.DataPoints;
+import org.junit.experimental.theories.FromDataPoints;
+import org.junit.experimental.theories.Theories;
+import org.junit.experimental.theories.Theory;
+import org.junit.rules.ExpectedException;
+import org.junit.runner.RunWith;
+import org.mockito.InOrder;
+
+@SuppressWarnings({"unchecked", "rawtypes"})
+@RunWith(Theories.class)
+public class AutoClosingDoubleStreamTest {
+
+	private static final DoublePredicate A_DOUBLE_PREDICATE = any -> true;
+	private static final DoubleFunction A_DOUBLE_FUNCTION = i -> null;
+	private static final BiConsumer A_BICONSUMER = (a, b) -> {
+	};
+	private static final Supplier A_SUPPLIER = () -> null;
+
+	@DataPoints("intermediateOperations")
+	public static final List<DoubleermediateOperation<?>> INTERMEDIATE_OPERATIONS = new ArrayList<>();
+
+	@DataPoints("terminalOperations")
+	public static final List<TerminalOperation<?>> TERMINAL_OPERATIONS = new ArrayList<>();
+	private static final DoubleUnaryOperator A_DOUBLE_UNARY_OPERATOR = i -> 3;
+	private static final DoubleToLongFunction A_DOUBLE_TO_LONG_FUNCTION = i -> 3L;
+	private static final DoubleToIntFunction A_DOUBLE_TO_INT_FUNCTION = i -> 5;
+	private static final DoubleConsumer A_DOUBLE_CONSUMER = i -> {
+	};
+	private static final ObjDoubleConsumer AN_OBJ_DOUBLE_CONSUMER = (a, b) -> {
+	};
+	private static final DoubleBinaryOperator A_DOUBLE_BINARY_OPERATOR = (a, b) -> a;
+
+	static {
+		// define intermediate operations
+		test(DoubleStream.class, DoubleStream::distinct);
+		test(DoubleStream.class, stream -> stream.filter(A_DOUBLE_PREDICATE));
+		test(DoubleStream.class, stream -> stream.flatMap(A_DOUBLE_FUNCTION));
+		test(DoubleStream.class, stream -> stream.limit(5));
+		test(DoubleStream.class, stream -> stream.map(A_DOUBLE_UNARY_OPERATOR));
+		test(LongStream.class, stream -> stream.mapToLong(A_DOUBLE_TO_LONG_FUNCTION));
+		test(Stream.class, stream -> stream.mapToObj(A_DOUBLE_FUNCTION));
+		test(IntStream.class, stream -> stream.mapToInt(A_DOUBLE_TO_INT_FUNCTION));
+		test(DoubleStream.class, DoubleStream::parallel);
+		test(DoubleStream.class, stream -> stream.peek(A_DOUBLE_CONSUMER));
+		test(DoubleStream.class, DoubleStream::sequential);
+		test(DoubleStream.class, stream -> stream.skip(5));
+		test(DoubleStream.class, DoubleStream::sorted);
+		test(DoubleStream.class, DoubleStream::unordered);
+		test(Stream.class, DoubleStream::boxed);
+
+		// define terminal operations
+		test(stream -> stream.allMatch(A_DOUBLE_PREDICATE), true);
+		test(stream -> stream.anyMatch(A_DOUBLE_PREDICATE), true);
+		test(stream -> stream.collect(A_SUPPLIER, AN_OBJ_DOUBLE_CONSUMER, A_BICONSUMER), 7d);
+		test(DoubleStream::count, 3L);
+		test(DoubleStream::findAny, OptionalDouble.of(3));
+		test(DoubleStream::findFirst, OptionalDouble.of(3));
+		test(stream -> stream.forEach(A_DOUBLE_CONSUMER));
+		test(stream -> stream.forEachOrdered(A_DOUBLE_CONSUMER));
+		test(stream -> stream.max(), OptionalDouble.of(3));
+		test(stream -> stream.min(), OptionalDouble.of(3));
+		test(stream -> stream.noneMatch(A_DOUBLE_PREDICATE), true);
+		test(stream -> stream.reduce(A_DOUBLE_BINARY_OPERATOR), OptionalDouble.of(3));
+		test(stream -> stream.reduce(1, A_DOUBLE_BINARY_OPERATOR), 3d);
+		test(DoubleStream::toArray, new double[1]);
+		test(DoubleStream::sum, 1d);
+		test(DoubleStream::average, OptionalDouble.of(3d));
+		test(DoubleStream::summaryStatistics, new DoubleSummaryStatistics());
+	}
+
+	private static <T> void test(Consumer<DoubleStream> consumer) {
+		TERMINAL_OPERATIONS.add(new TerminalOperation<T>() {
+			@Override
+			public T result() {
+				return null;
+			}
+
+			@Override
+			public T apply(DoubleStream stream) {
+				consumer.accept(stream);
+				return null;
+			}
+		});
+	}
+
+	private static <T> void test(Function<DoubleStream, T> function, T result) {
+		TERMINAL_OPERATIONS.add(new TerminalOperation<T>() {
+			@Override
+			public T result() {
+				return result;
+			}
+
+			@Override
+			public T apply(DoubleStream stream) {
+				return function.apply(stream);
+			}
+		});
+	}
+
+	private static <T extends BaseStream> void test(Class<? extends T> type, Function<DoubleStream, T> function) {
+		INTERMEDIATE_OPERATIONS.add(new DoubleermediateOperation<T>() {
+			@Override
+			public Class<? extends T> type() {
+				return type;
+			}
+
+			@Override
+			public T apply(DoubleStream stream) {
+				return function.apply(stream);
+			}
+		});
+	}
+
+	@Rule
+	public ExpectedException thrown = ExpectedException.none();
+
+	private DoubleStream delegate;
+	private DoubleStream inTest;
+
+	@Before
+	public void setUp() {
+		delegate = mock(DoubleStream.class);
+		inTest = AutoClosingDoubleStream.from(delegate);
+	}
+
+	@Theory
+	public void testIntermediateOperationReturnsNewAutoClosingStream(@FromDataPoints("intermediateOperations") DoubleermediateOperation intermediateOperation) {
+		BaseStream newDelegate = (BaseStream) mock(intermediateOperation.type());
+		when(intermediateOperation.apply(delegate)).thenReturn(newDelegate);
+
+		BaseStream result = intermediateOperation.apply(inTest);
+
+		assertThat(result, isAutoClosing());
+		verifyDelegate(result, newDelegate);
+	}
+
+	@Theory
+	public void testTerminalOperationDelegatesToAndClosesDelegate(@FromDataPoints("terminalOperations") TerminalOperation terminalOperation) {
+		Object expectedResult = terminalOperation.result();
+		if (expectedResult != null) {
+			when(terminalOperation.apply(delegate)).thenReturn(expectedResult);
+		}
+
+		Object result = terminalOperation.apply(inTest);
+
+		InOrder inOrder = inOrder(delegate);
+		assertThat(result, is(expectedResult));
+		inOrder.verify(delegate).close();
+	}
+
+	@Theory
+	public void testTerminalOperationClosesDelegateEvenOnException(@FromDataPoints("terminalOperations") TerminalOperation terminalOperation) {
+		RuntimeException exception = new RuntimeException();
+		terminalOperation.apply(doThrow(exception).when(delegate));
+
+		thrown.expect(is(exception));
+
+		try {
+			terminalOperation.apply(inTest);
+		} finally {
+			verify(delegate).close();
+		}
+	}
+
+	private Matcher<BaseStream> isAutoClosing() {
+		return is(anyOf(instanceOf(AutoClosingStream.class), instanceOf(AutoClosingDoubleStream.class), instanceOf(AutoClosingIntStream.class), instanceOf(AutoClosingLongStream.class)));
+	}
+
+	private void verifyDelegate(BaseStream result, BaseStream newDelegate) {
+		result.close();
+		verify(newDelegate).close();
+	}
+
+	private interface TerminalOperation<T> {
+
+		T result();
+
+		T apply(DoubleStream stream);
+
+	}
+
+	private interface DoubleermediateOperation<T extends BaseStream> {
+
+		Class<? extends T> type();
+
+		T apply(DoubleStream stream);
+
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/streams/AutoClosingIntStreamTest.java

@@ -0,0 +1,228 @@
+package org.cryptomator.common.streams;
+
+import static org.hamcrest.CoreMatchers.anyOf;
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.inOrder;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.util.ArrayList;
+import java.util.IntSummaryStatistics;
+import java.util.List;
+import java.util.OptionalDouble;
+import java.util.OptionalInt;
+import java.util.function.BiConsumer;
+import java.util.function.Consumer;
+import java.util.function.Function;
+import java.util.function.IntBinaryOperator;
+import java.util.function.IntConsumer;
+import java.util.function.IntFunction;
+import java.util.function.IntPredicate;
+import java.util.function.IntToDoubleFunction;
+import java.util.function.IntToLongFunction;
+import java.util.function.IntUnaryOperator;
+import java.util.function.ObjIntConsumer;
+import java.util.function.Supplier;
+import java.util.stream.BaseStream;
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+import org.hamcrest.Matcher;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.experimental.theories.DataPoints;
+import org.junit.experimental.theories.FromDataPoints;
+import org.junit.experimental.theories.Theories;
+import org.junit.experimental.theories.Theory;
+import org.junit.rules.ExpectedException;
+import org.junit.runner.RunWith;
+import org.mockito.InOrder;
+
+@SuppressWarnings({"unchecked", "rawtypes"})
+@RunWith(Theories.class)
+public class AutoClosingIntStreamTest {
+
+	private static final IntPredicate AN_INT_PREDICATE = any -> true;
+	private static final IntFunction AN_INT_FUNCTION = i -> null;
+	private static final BiConsumer A_BICONSUMER = (a, b) -> {
+	};
+	private static final Supplier A_SUPPLIER = () -> null;
+
+	@DataPoints("intermediateOperations")
+	public static final List<IntermediateOperation<?>> INTERMEDIATE_OPERATIONS = new ArrayList<>();
+
+	@DataPoints("terminalOperations")
+	public static final List<TerminalOperation<?>> TERMINAL_OPERATIONS = new ArrayList<>();
+	private static final IntUnaryOperator AN_INT_UNARY_OPERATOR = i -> 3;
+	private static final IntToDoubleFunction AN_INT_TO_DOUBLE_FUNCTION = i -> 3d;
+	private static final IntToLongFunction AN_INT_TO_LONG_FUNCTION = i -> 5L;
+	private static final IntConsumer AN_INT_CONSUMER = i -> {
+	};
+	private static final ObjIntConsumer AN_OBJ_INT_CONSUMER = (a, b) -> {
+	};
+	private static final IntBinaryOperator AN_INT_BINARY_OPERATOR = (a, b) -> a;
+
+	static {
+		// define intermediate operations
+		test(IntStream.class, IntStream::distinct);
+		test(IntStream.class, stream -> stream.filter(AN_INT_PREDICATE));
+		test(IntStream.class, stream -> stream.flatMap(AN_INT_FUNCTION));
+		test(IntStream.class, stream -> stream.limit(5));
+		test(IntStream.class, stream -> stream.map(AN_INT_UNARY_OPERATOR));
+		test(DoubleStream.class, stream -> stream.mapToDouble(AN_INT_TO_DOUBLE_FUNCTION));
+		test(Stream.class, stream -> stream.mapToObj(AN_INT_FUNCTION));
+		test(LongStream.class, stream -> stream.mapToLong(AN_INT_TO_LONG_FUNCTION));
+		test(IntStream.class, IntStream::parallel);
+		test(IntStream.class, stream -> stream.peek(AN_INT_CONSUMER));
+		test(IntStream.class, IntStream::sequential);
+		test(IntStream.class, stream -> stream.skip(5));
+		test(IntStream.class, IntStream::sorted);
+		test(IntStream.class, IntStream::unordered);
+		test(Stream.class, IntStream::boxed);
+
+		// define terminal operations
+		test(stream -> stream.allMatch(AN_INT_PREDICATE), true);
+		test(stream -> stream.anyMatch(AN_INT_PREDICATE), true);
+		test(stream -> stream.collect(A_SUPPLIER, AN_OBJ_INT_CONSUMER, A_BICONSUMER), 7);
+		test(IntStream::count, 3L);
+		test(IntStream::findAny, OptionalInt.of(3));
+		test(IntStream::findFirst, OptionalInt.of(3));
+		test(stream -> stream.forEach(AN_INT_CONSUMER));
+		test(stream -> stream.forEachOrdered(AN_INT_CONSUMER));
+		test(stream -> stream.max(), OptionalInt.of(3));
+		test(stream -> stream.min(), OptionalInt.of(3));
+		test(stream -> stream.noneMatch(AN_INT_PREDICATE), true);
+		test(stream -> stream.reduce(AN_INT_BINARY_OPERATOR), OptionalInt.of(3));
+		test(stream -> stream.reduce(1, AN_INT_BINARY_OPERATOR), 3);
+		test(IntStream::toArray, new int[1]);
+		test(IntStream::sum, 1);
+		test(IntStream::average, OptionalDouble.of(3d));
+		test(IntStream::summaryStatistics, new IntSummaryStatistics());
+	}
+
+	private static <T> void test(Consumer<IntStream> consumer) {
+		TERMINAL_OPERATIONS.add(new TerminalOperation<T>() {
+			@Override
+			public T result() {
+				return null;
+			}
+
+			@Override
+			public T apply(IntStream stream) {
+				consumer.accept(stream);
+				return null;
+			}
+		});
+	}
+
+	private static <T> void test(Function<IntStream, T> function, T result) {
+		TERMINAL_OPERATIONS.add(new TerminalOperation<T>() {
+			@Override
+			public T result() {
+				return result;
+			}
+
+			@Override
+			public T apply(IntStream stream) {
+				return function.apply(stream);
+			}
+		});
+	}
+
+	private static <T extends BaseStream> void test(Class<? extends T> type, Function<IntStream, T> function) {
+		INTERMEDIATE_OPERATIONS.add(new IntermediateOperation<T>() {
+			@Override
+			public Class<? extends T> type() {
+				return type;
+			}
+
+			@Override
+			public T apply(IntStream stream) {
+				return function.apply(stream);
+			}
+		});
+	}
+
+	@Rule
+	public ExpectedException thrown = ExpectedException.none();
+
+	private IntStream delegate;
+	private IntStream inTest;
+
+	@Before
+	public void setUp() {
+		delegate = mock(IntStream.class);
+		inTest = AutoClosingIntStream.from(delegate);
+	}
+
+	@Theory
+	public void testIntermediateOperationReturnsNewAutoClosingStream(@FromDataPoints("intermediateOperations") IntermediateOperation intermediateOperation) {
+		BaseStream newDelegate = (BaseStream) mock(intermediateOperation.type());
+		when(intermediateOperation.apply(delegate)).thenReturn(newDelegate);
+
+		BaseStream result = intermediateOperation.apply(inTest);
+
+		assertThat(result, isAutoClosing());
+		verifyDelegate(result, newDelegate);
+	}
+
+	@Theory
+	public void testTerminalOperationDelegatesToAndClosesDelegate(@FromDataPoints("terminalOperations") TerminalOperation terminalOperation) {
+		Object expectedResult = terminalOperation.result();
+		if (expectedResult != null) {
+			when(terminalOperation.apply(delegate)).thenReturn(expectedResult);
+		}
+
+		Object result = terminalOperation.apply(inTest);
+
+		InOrder inOrder = inOrder(delegate);
+		assertThat(result, is(expectedResult));
+		inOrder.verify(delegate).close();
+	}
+
+	@Theory
+	public void testTerminalOperationClosesDelegateEvenOnException(@FromDataPoints("terminalOperations") TerminalOperation terminalOperation) {
+		RuntimeException exception = new RuntimeException();
+		terminalOperation.apply(doThrow(exception).when(delegate));
+
+		thrown.expect(is(exception));
+
+		try {
+			terminalOperation.apply(inTest);
+		} finally {
+			verify(delegate).close();
+		}
+	}
+
+	private Matcher<BaseStream> isAutoClosing() {
+		return is(anyOf(instanceOf(AutoClosingStream.class), instanceOf(AutoClosingDoubleStream.class), instanceOf(AutoClosingIntStream.class), instanceOf(AutoClosingLongStream.class)));
+	}
+
+	private void verifyDelegate(BaseStream result, BaseStream newDelegate) {
+		result.close();
+		verify(newDelegate).close();
+	}
+
+	private interface TerminalOperation<T> {
+
+		T result();
+
+		T apply(IntStream stream);
+
+	}
+
+	private interface IntermediateOperation<T extends BaseStream> {
+
+		Class<? extends T> type();
+
+		T apply(IntStream stream);
+
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/streams/AutoClosingLongStreamTest.java

@@ -0,0 +1,228 @@
+package org.cryptomator.common.streams;
+
+import static org.hamcrest.CoreMatchers.anyOf;
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.inOrder;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.LongSummaryStatistics;
+import java.util.OptionalDouble;
+import java.util.OptionalLong;
+import java.util.function.BiConsumer;
+import java.util.function.Consumer;
+import java.util.function.Function;
+import java.util.function.LongBinaryOperator;
+import java.util.function.LongConsumer;
+import java.util.function.LongFunction;
+import java.util.function.LongPredicate;
+import java.util.function.LongToDoubleFunction;
+import java.util.function.LongToIntFunction;
+import java.util.function.LongUnaryOperator;
+import java.util.function.ObjLongConsumer;
+import java.util.function.Supplier;
+import java.util.stream.BaseStream;
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+import org.hamcrest.Matcher;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.experimental.theories.DataPoints;
+import org.junit.experimental.theories.FromDataPoints;
+import org.junit.experimental.theories.Theories;
+import org.junit.experimental.theories.Theory;
+import org.junit.rules.ExpectedException;
+import org.junit.runner.RunWith;
+import org.mockito.InOrder;
+
+@SuppressWarnings({"unchecked", "rawtypes"})
+@RunWith(Theories.class)
+public class AutoClosingLongStreamTest {
+
+	private static final LongPredicate AN_LONG_PREDICATE = any -> true;
+	private static final LongFunction AN_LONG_FUNCTION = i -> null;
+	private static final BiConsumer A_BICONSUMER = (a, b) -> {
+	};
+	private static final Supplier A_SUPPLIER = () -> null;
+
+	@DataPoints("intermediateOperations")
+	public static final List<LongermediateOperation<?>> INTERMEDIATE_OPERATIONS = new ArrayList<>();
+
+	@DataPoints("terminalOperations")
+	public static final List<TerminalOperation<?>> TERMINAL_OPERATIONS = new ArrayList<>();
+	private static final LongUnaryOperator AN_LONG_UNARY_OPERATOR = i -> 3;
+	private static final LongToDoubleFunction AN_LONG_TO_DOUBLE_FUNCTION = i -> 3d;
+	private static final LongToIntFunction AN_LONG_TO_INT_FUNCTION = i -> 5;
+	private static final LongConsumer AN_LONG_CONSUMER = i -> {
+	};
+	private static final ObjLongConsumer AN_OBJ_LONG_CONSUMER = (a, b) -> {
+	};
+	private static final LongBinaryOperator AN_LONG_BINARY_OPERATOR = (a, b) -> a;
+
+	static {
+		// define intermediate operations
+		test(LongStream.class, LongStream::distinct);
+		test(LongStream.class, stream -> stream.filter(AN_LONG_PREDICATE));
+		test(LongStream.class, stream -> stream.flatMap(AN_LONG_FUNCTION));
+		test(LongStream.class, stream -> stream.limit(5));
+		test(LongStream.class, stream -> stream.map(AN_LONG_UNARY_OPERATOR));
+		test(DoubleStream.class, stream -> stream.mapToDouble(AN_LONG_TO_DOUBLE_FUNCTION));
+		test(Stream.class, stream -> stream.mapToObj(AN_LONG_FUNCTION));
+		test(IntStream.class, stream -> stream.mapToInt(AN_LONG_TO_INT_FUNCTION));
+		test(LongStream.class, LongStream::parallel);
+		test(LongStream.class, stream -> stream.peek(AN_LONG_CONSUMER));
+		test(LongStream.class, LongStream::sequential);
+		test(LongStream.class, stream -> stream.skip(5));
+		test(LongStream.class, LongStream::sorted);
+		test(LongStream.class, LongStream::unordered);
+		test(Stream.class, LongStream::boxed);
+
+		// define terminal operations
+		test(stream -> stream.allMatch(AN_LONG_PREDICATE), true);
+		test(stream -> stream.anyMatch(AN_LONG_PREDICATE), true);
+		test(stream -> stream.collect(A_SUPPLIER, AN_OBJ_LONG_CONSUMER, A_BICONSUMER), 7L);
+		test(LongStream::count, 3L);
+		test(LongStream::findAny, OptionalLong.of(3));
+		test(LongStream::findFirst, OptionalLong.of(3));
+		test(stream -> stream.forEach(AN_LONG_CONSUMER));
+		test(stream -> stream.forEachOrdered(AN_LONG_CONSUMER));
+		test(stream -> stream.max(), OptionalLong.of(3));
+		test(stream -> stream.min(), OptionalLong.of(3));
+		test(stream -> stream.noneMatch(AN_LONG_PREDICATE), true);
+		test(stream -> stream.reduce(AN_LONG_BINARY_OPERATOR), OptionalLong.of(3));
+		test(stream -> stream.reduce(1, AN_LONG_BINARY_OPERATOR), 3L);
+		test(LongStream::toArray, new long[1]);
+		test(LongStream::sum, 1L);
+		test(LongStream::average, OptionalDouble.of(3d));
+		test(LongStream::summaryStatistics, new LongSummaryStatistics());
+	}
+
+	private static <T> void test(Consumer<LongStream> consumer) {
+		TERMINAL_OPERATIONS.add(new TerminalOperation<T>() {
+			@Override
+			public T result() {
+				return null;
+			}
+
+			@Override
+			public T apply(LongStream stream) {
+				consumer.accept(stream);
+				return null;
+			}
+		});
+	}
+
+	private static <T> void test(Function<LongStream, T> function, T result) {
+		TERMINAL_OPERATIONS.add(new TerminalOperation<T>() {
+			@Override
+			public T result() {
+				return result;
+			}
+
+			@Override
+			public T apply(LongStream stream) {
+				return function.apply(stream);
+			}
+		});
+	}
+
+	private static <T extends BaseStream> void test(Class<? extends T> type, Function<LongStream, T> function) {
+		INTERMEDIATE_OPERATIONS.add(new LongermediateOperation<T>() {
+			@Override
+			public Class<? extends T> type() {
+				return type;
+			}
+
+			@Override
+			public T apply(LongStream stream) {
+				return function.apply(stream);
+			}
+		});
+	}
+
+	@Rule
+	public ExpectedException thrown = ExpectedException.none();
+
+	private LongStream delegate;
+	private LongStream inTest;
+
+	@Before
+	public void setUp() {
+		delegate = mock(LongStream.class);
+		inTest = AutoClosingLongStream.from(delegate);
+	}
+
+	@Theory
+	public void testIntermediateOperationReturnsNewAutoClosingStream(@FromDataPoints("intermediateOperations") LongermediateOperation intermediateOperation) {
+		BaseStream newDelegate = (BaseStream) mock(intermediateOperation.type());
+		when(intermediateOperation.apply(delegate)).thenReturn(newDelegate);
+
+		BaseStream result = intermediateOperation.apply(inTest);
+
+		assertThat(result, isAutoClosing());
+		verifyDelegate(result, newDelegate);
+	}
+
+	@Theory
+	public void testTerminalOperationDelegatesToAndClosesDelegate(@FromDataPoints("terminalOperations") TerminalOperation terminalOperation) {
+		Object expectedResult = terminalOperation.result();
+		if (expectedResult != null) {
+			when(terminalOperation.apply(delegate)).thenReturn(expectedResult);
+		}
+
+		Object result = terminalOperation.apply(inTest);
+
+		InOrder inOrder = inOrder(delegate);
+		assertThat(result, is(expectedResult));
+		inOrder.verify(delegate).close();
+	}
+
+	@Theory
+	public void testTerminalOperationClosesDelegateEvenOnException(@FromDataPoints("terminalOperations") TerminalOperation terminalOperation) {
+		RuntimeException exception = new RuntimeException();
+		terminalOperation.apply(doThrow(exception).when(delegate));
+
+		thrown.expect(is(exception));
+
+		try {
+			terminalOperation.apply(inTest);
+		} finally {
+			verify(delegate).close();
+		}
+	}
+
+	private Matcher<BaseStream> isAutoClosing() {
+		return is(anyOf(instanceOf(AutoClosingStream.class), instanceOf(AutoClosingDoubleStream.class), instanceOf(AutoClosingIntStream.class), instanceOf(AutoClosingLongStream.class)));
+	}
+
+	private void verifyDelegate(BaseStream result, BaseStream newDelegate) {
+		result.close();
+		verify(newDelegate).close();
+	}
+
+	private interface TerminalOperation<T> {
+
+		T result();
+
+		T apply(LongStream stream);
+
+	}
+
+	private interface LongermediateOperation<T extends BaseStream> {
+
+		Class<? extends T> type();
+
+		T apply(LongStream stream);
+
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/streams/AutoClosingStreamTest.java

@@ -0,0 +1,231 @@
+package org.cryptomator.common.streams;
+
+import static org.hamcrest.CoreMatchers.anyOf;
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.inOrder;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.util.ArrayList;
+import java.util.Comparator;
+import java.util.List;
+import java.util.Optional;
+import java.util.function.BiConsumer;
+import java.util.function.BinaryOperator;
+import java.util.function.Consumer;
+import java.util.function.Function;
+import java.util.function.IntFunction;
+import java.util.function.Predicate;
+import java.util.function.Supplier;
+import java.util.function.ToDoubleFunction;
+import java.util.function.ToIntFunction;
+import java.util.function.ToLongFunction;
+import java.util.stream.BaseStream;
+import java.util.stream.Collector;
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
+import java.util.stream.Stream;
+
+import org.hamcrest.Matcher;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.experimental.theories.DataPoints;
+import org.junit.experimental.theories.FromDataPoints;
+import org.junit.experimental.theories.Theories;
+import org.junit.experimental.theories.Theory;
+import org.junit.rules.ExpectedException;
+import org.junit.runner.RunWith;
+import org.mockito.InOrder;
+
+@SuppressWarnings({"unchecked", "rawtypes"})
+@RunWith(Theories.class)
+public class AutoClosingStreamTest {
+
+	private static final Predicate A_PREDICATE = any -> true;
+	private static final Function A_FUNCTION = any -> null;
+	private static final ToDoubleFunction A_TO_DOUBLE_FUNCTION = any -> 0d;
+	private static final ToIntFunction A_TO_INT_FUNCTION = any -> 1;
+	private static final ToLongFunction A_TO_LONG_FUNCTION = any -> 1L;
+	private static final Consumer A_CONSUMER = any -> {
+	};
+	private static final Comparator A_COMPARATOR = (left, right) -> 0;
+	private static final Collector A_COLLECTOR = mock(Collector.class);
+	private static final BinaryOperator A_BINARY_OPERATOR = (left, right) -> null;
+	private static final Object AN_OBJECT = new Object();
+	private static final IntFunction AN_INT_FUNCTION = i -> null;
+	private static final BiConsumer A_BICONSUMER = (a, b) -> {
+	};
+	private static final Supplier A_SUPPLIER = () -> null;
+
+	@DataPoints("intermediateOperations")
+	public static final List<IntermediateOperation<?>> INTERMEDIATE_OPERATIONS = new ArrayList<>();
+
+	@DataPoints("terminalOperations")
+	public static final List<TerminalOperation<?>> TERMINAL_OPERATIONS = new ArrayList<>();
+
+	static {
+		// define intermediate operations
+		test(Stream.class, Stream::distinct);
+		test(Stream.class, stream -> stream.filter(A_PREDICATE));
+		test(Stream.class, stream -> stream.flatMap(A_FUNCTION));
+		test(DoubleStream.class, stream -> stream.flatMapToDouble(A_FUNCTION));
+		test(IntStream.class, stream -> stream.flatMapToInt(A_FUNCTION));
+		test(LongStream.class, stream -> stream.flatMapToLong(A_FUNCTION));
+		test(Stream.class, stream -> stream.limit(5));
+		test(Stream.class, stream -> stream.map(A_FUNCTION));
+		test(DoubleStream.class, stream -> stream.mapToDouble(A_TO_DOUBLE_FUNCTION));
+		test(IntStream.class, stream -> stream.mapToInt(A_TO_INT_FUNCTION));
+		test(LongStream.class, stream -> stream.mapToLong(A_TO_LONG_FUNCTION));
+		test(Stream.class, Stream::parallel);
+		test(Stream.class, stream -> stream.peek(A_CONSUMER));
+		test(Stream.class, Stream::sequential);
+		test(Stream.class, stream -> stream.skip(5));
+		test(Stream.class, Stream::sorted);
+		test(Stream.class, stream -> stream.sorted(A_COMPARATOR));
+		test(Stream.class, Stream::unordered);
+
+		// define terminal operations
+		test(stream -> stream.allMatch(A_PREDICATE), true);
+		test(stream -> stream.anyMatch(A_PREDICATE), true);
+		test(stream -> stream.collect(A_COLLECTOR), new Object());
+		test(stream -> stream.collect(A_SUPPLIER, A_BICONSUMER, A_BICONSUMER), new Object());
+		test(Stream::count, 3L);
+		test(Stream::findAny, Optional.of(new Object()));
+		test(Stream::findFirst, Optional.of(new Object()));
+		test(stream -> stream.forEach(A_CONSUMER));
+		test(stream -> stream.forEachOrdered(A_CONSUMER));
+		test(stream -> stream.max(A_COMPARATOR), Optional.of(new Object()));
+		test(stream -> stream.min(A_COMPARATOR), Optional.of(new Object()));
+		test(stream -> stream.noneMatch(A_PREDICATE), true);
+		test(stream -> stream.reduce(A_BINARY_OPERATOR), Optional.of(new Object()));
+		test(stream -> stream.reduce(AN_OBJECT, A_BINARY_OPERATOR), Optional.of(new Object()));
+		test(stream -> stream.reduce(AN_OBJECT, A_BINARY_OPERATOR, A_BINARY_OPERATOR), Optional.of(new Object()));
+		test(Stream::toArray, new Object[1]);
+		test(stream -> stream.toArray(AN_INT_FUNCTION), new Object[1]);
+	}
+
+	private static <T> void test(Consumer<Stream> consumer) {
+		TERMINAL_OPERATIONS.add(new TerminalOperation<T>() {
+			@Override
+			public T result() {
+				return null;
+			}
+
+			@Override
+			public T apply(Stream stream) {
+				consumer.accept(stream);
+				return null;
+			}
+		});
+	}
+
+	private static <T> void test(Function<Stream, T> function, T result) {
+		TERMINAL_OPERATIONS.add(new TerminalOperation<T>() {
+			@Override
+			public T result() {
+				return result;
+			}
+
+			@Override
+			public T apply(Stream stream) {
+				return function.apply(stream);
+			}
+		});
+	}
+
+	private static <T extends BaseStream> void test(Class<? extends T> type, Function<Stream, T> function) {
+		INTERMEDIATE_OPERATIONS.add(new IntermediateOperation<T>() {
+			@Override
+			public Class<? extends T> type() {
+				return type;
+			}
+
+			@Override
+			public T apply(Stream stream) {
+				return function.apply(stream);
+			}
+		});
+	}
+
+	@Rule
+	public ExpectedException thrown = ExpectedException.none();
+
+	private Stream<Object> delegate;
+	private Stream<Object> inTest;
+
+	@Before
+	public void setUp() {
+		delegate = mock(Stream.class);
+		inTest = AutoClosingStream.from(delegate);
+	}
+
+	@Theory
+	public void testIntermediateOperationReturnsNewAutoClosingStream(@FromDataPoints("intermediateOperations") IntermediateOperation intermediateOperation) {
+		BaseStream newDelegate = (BaseStream) mock(intermediateOperation.type());
+		when(intermediateOperation.apply(delegate)).thenReturn(newDelegate);
+
+		BaseStream result = intermediateOperation.apply(inTest);
+
+		assertThat(result, isAutoClosing());
+		verifyDelegate(result, newDelegate);
+	}
+
+	@Theory
+	public void testTerminalOperationDelegatesToAndClosesDelegate(@FromDataPoints("terminalOperations") TerminalOperation terminalOperation) {
+		Object expectedResult = terminalOperation.result();
+		if (expectedResult != null) {
+			when(terminalOperation.apply(delegate)).thenReturn(expectedResult);
+		}
+
+		Object result = terminalOperation.apply(inTest);
+
+		InOrder inOrder = inOrder(delegate);
+		assertThat(result, is(expectedResult));
+		inOrder.verify(delegate).close();
+	}
+
+	@Theory
+	public void testTerminalOperationClosesDelegateEvenOnException(@FromDataPoints("terminalOperations") TerminalOperation terminalOperation) {
+		RuntimeException exception = new RuntimeException();
+		terminalOperation.apply(doThrow(exception).when(delegate));
+
+		thrown.expect(is(exception));
+
+		try {
+			terminalOperation.apply(inTest);
+		} finally {
+			verify(delegate).close();
+		}
+	}
+
+	private Matcher<BaseStream> isAutoClosing() {
+		return is(anyOf(instanceOf(AutoClosingStream.class), instanceOf(AutoClosingDoubleStream.class), instanceOf(AutoClosingIntStream.class), instanceOf(AutoClosingLongStream.class)));
+	}
+
+	private void verifyDelegate(BaseStream result, BaseStream newDelegate) {
+		result.close();
+		verify(newDelegate).close();
+	}
+
+	private interface TerminalOperation<T> {
+
+		T result();
+
+		T apply(Stream stream);
+
+	}
+
+	private interface IntermediateOperation<T extends BaseStream> {
+
+		Class<? extends T> type();
+
+		T apply(Stream stream);
+
+	}
+
+}

main/core/pom.xml

@@ -1,80 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Copyright (c) 2014 Sebastian Stenzel
-  This file is licensed under the terms of the MIT license.
-  See the LICENSE.txt file for more info.
-  
-  Contributors:
-      Sebastian Stenzel - initial API and implementation
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-	<parent>
-		<groupId>org.cryptomator</groupId>
-		<artifactId>main</artifactId>
-		<version>0.2.0</version>
-	</parent>
-	<artifactId>core</artifactId>
-	<name>Cryptomator core I/O module</name>
-
-	<properties>
-		<jetty.version>9.2.5.v20141112</jetty.version>
-		<jackrabbit.version>2.9.0</jackrabbit.version>
-		<commons.transaction.version>1.2</commons.transaction.version>
-		<jta.version>1.1</jta.version>
-	</properties>
-
-	<dependencies>
-		<dependency>
-			<groupId>org.cryptomator</groupId>
-			<artifactId>crypto-api</artifactId>
-		</dependency>
-
-		<!-- Jetty (Servlet Container) -->
-		<dependency>
-			<groupId>org.eclipse.jetty</groupId>
-			<artifactId>jetty-server</artifactId>
-			<version>${jetty.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>org.eclipse.jetty</groupId>
-			<artifactId>jetty-webapp</artifactId>
-			<version>${jetty.version}</version>
-		</dependency>
-
-		<!-- Jackrabbit -->
-		<dependency>
-			<groupId>org.apache.jackrabbit</groupId>
-			<artifactId>jackrabbit-webdav</artifactId>
-			<version>${jackrabbit.version}</version>
-		</dependency>
-
-		<!-- I/O -->
-		<dependency>
-			<groupId>commons-io</groupId>
-			<artifactId>commons-io</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.commons</groupId>
-			<artifactId>commons-lang3</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.commons</groupId>
-			<artifactId>commons-collections4</artifactId>
-		</dependency>
-	</dependencies>
-
-	<build>
-		<plugins>
-			<plugin>
-				<groupId>org.apache.maven.plugins</groupId>
-				<artifactId>maven-compiler-plugin</artifactId>
-				<version>3.1</version>
-				<configuration>
-					<source>1.7</source>
-					<target>1.7</target>
-				</configuration>
-			</plugin>
-		</plugins>
-	</build>
-</project>

main/core/src/main/java/org/cryptomator/files/EncryptingFileVisitor.java

@@ -1,78 +0,0 @@
-package org.cryptomator.files;
-
-import java.io.IOException;
-import java.nio.file.FileVisitResult;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.SimpleFileVisitor;
-import java.nio.file.StandardCopyOption;
-import java.nio.file.StandardOpenOption;
-import java.nio.file.attribute.BasicFileAttributes;
-
-import org.cryptomator.crypto.Cryptor;
-import org.cryptomator.crypto.CryptorIOSupport;
-
-public class EncryptingFileVisitor extends SimpleFileVisitor<Path> implements CryptorIOSupport {
-
-	private final Path rootDir;
-	private final Cryptor cryptor;
-	private final EncryptionDecider encryptionDecider;
-	private Path currentDir;
-
-	public EncryptingFileVisitor(Path rootDir, Cryptor cryptor, EncryptionDecider encryptionDecider) {
-		this.rootDir = rootDir;
-		this.cryptor = cryptor;
-		this.encryptionDecider = encryptionDecider;
-	}
-	
-	@Override
-	public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException {
-		if (rootDir.equals(dir) || encryptionDecider.shouldEncrypt(dir)) {
-			this.currentDir = dir;
-			return FileVisitResult.CONTINUE;
-		} else {
-			return FileVisitResult.SKIP_SUBTREE;
-		}
-	}
-
-	@Override
-	public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
-		if (encryptionDecider.shouldEncrypt(file)) {
-			final String plaintext = file.getFileName().toString();
-			final String encrypted = cryptor.encryptPath(plaintext, '/', '/', this);
-			final Path newPath = file.resolveSibling(encrypted);
-			Files.move(file, newPath, StandardCopyOption.ATOMIC_MOVE);
-		}
-		return FileVisitResult.CONTINUE;
-	}
-
-	@Override
-	public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException {
-		if (encryptionDecider.shouldEncrypt(dir)) {
-			final String plaintext = dir.getFileName().toString();
-			final String encrypted = cryptor.encryptPath(plaintext, '/', '/', this);
-			final Path newPath = dir.resolveSibling(encrypted);
-			Files.move(dir, newPath, StandardCopyOption.ATOMIC_MOVE);
-		}
-		return FileVisitResult.CONTINUE;
-	}
-
-	@Override
-	public void writePathSpecificMetadata(String metadataFile, byte[] encryptedMetadata) throws IOException {
-		final Path path = currentDir.resolve(metadataFile);
-		Files.write(path, encryptedMetadata, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING, StandardOpenOption.DSYNC);
-	}
-
-	@Override
-	public byte[] readPathSpecificMetadata(String metadataFile) throws IOException {
-		final Path path = currentDir.resolve(metadataFile);
-		return Files.readAllBytes(path);
-	}
-	
-	/* callback */
-	
-	public interface EncryptionDecider {
-		boolean shouldEncrypt(Path path);
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/WebDAVServer.java

@@ -1,95 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav;
-
-import java.util.concurrent.BlockingQueue;
-import java.util.concurrent.LinkedBlockingQueue;
-
-import org.cryptomator.crypto.Cryptor;
-import org.cryptomator.webdav.jackrabbit.WebDavServlet;
-import org.eclipse.jetty.server.Connector;
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.ServerConnector;
-import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.eclipse.jetty.util.thread.QueuedThreadPool;
-import org.eclipse.jetty.util.thread.ThreadPool;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public final class WebDAVServer {
-
-	private static final Logger LOG = LoggerFactory.getLogger(WebDAVServer.class);
-	private static final String LOCALHOST = "127.0.0.1";
-	private static final int MAX_PENDING_REQUESTS = 200;
-	private static final int MAX_THREADS = 200;
-	private static final int MIN_THREADS = 4;
-	private static final int THREAD_IDLE_SECONDS = 20;
-	private final Server server;
-	private int port;
-
-	public WebDAVServer() {
-		final BlockingQueue<Runnable> queue = new LinkedBlockingQueue<>(MAX_PENDING_REQUESTS);
-		final ThreadPool tp = new QueuedThreadPool(MAX_THREADS, MIN_THREADS, THREAD_IDLE_SECONDS, queue);
-		server = new Server(tp);
-	}
-
-	/**
-	 * @param workDir Path of encrypted folder.
-	 * @param cryptor A fully initialized cryptor instance ready to en- or decrypt streams.
-	 * @return <code>true</code> upon success
-	 */
-	public synchronized boolean start(final String workDir, final Cryptor cryptor) {
-		final ServerConnector connector = new ServerConnector(server);
-		connector.setHost(LOCALHOST);
-
-		final String contextPath = "/";
-
-		final ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
-		context.addServlet(getMiltonServletHolder(workDir, contextPath, cryptor), "/*");
-		context.setContextPath(contextPath);
-		server.setHandler(context);
-
-		try {
-			server.setConnectors(new Connector[] {connector});
-			server.start();
-			port = connector.getLocalPort();
-			return true;
-		} catch (Exception ex) {
-			LOG.error("Server couldn't be started", ex);
-			return false;
-		}
-	}
-
-	public boolean isRunning() {
-		return server.isRunning();
-	}
-
-	public synchronized boolean stop() {
-		try {
-			server.stop();
-			port = 0;
-		} catch (Exception ex) {
-			LOG.error("Server couldn't be stopped", ex);
-		}
-		return server.isStopped();
-	}
-
-	private ServletHolder getMiltonServletHolder(final String workDir, final String contextPath, final Cryptor cryptor) {
-		final ServletHolder result = new ServletHolder("Cryptomator-WebDAV-Servlet", new WebDavServlet(cryptor));
-		result.setInitParameter(WebDavServlet.CFG_FS_ROOT, workDir);
-		result.setInitParameter(WebDavServlet.CFG_HTTP_ROOT, contextPath);
-		return result;
-	}
-
-	public int getPort() {
-		return port;
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/exceptions/DavRuntimeException.java

@@ -1,31 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.exceptions;
-
-import org.apache.jackrabbit.webdav.DavException;
-
-public class DavRuntimeException extends RuntimeException {
-
-	private static final long serialVersionUID = -4713080133052143303L;
-
-	public DavRuntimeException(DavException davException) {
-		super(davException);
-	}
-
-	@Override
-	public String getMessage() {
-		return getCause().getMessage();
-	}
-
-	@Override
-	public String getLocalizedMessage() {
-		return getCause().getLocalizedMessage();
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/exceptions/IORuntimeException.java

@@ -1,31 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.exceptions;
-
-import java.io.IOException;
-
-public class IORuntimeException extends RuntimeException {
-
-	private static final long serialVersionUID = -4713080133052143303L;
-
-	public IORuntimeException(IOException ioException) {
-		super(ioException);
-	}
-
-	@Override
-	public String getMessage() {
-		return getCause().getMessage();
-	}
-
-	@Override
-	public String getLocalizedMessage() {
-		return getCause().getLocalizedMessage();
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/jackrabbit/BidiLRUMap.java

@@ -1,24 +0,0 @@
-package org.cryptomator.webdav.jackrabbit;
-
-import java.util.Map;
-
-import org.apache.commons.collections4.BidiMap;
-import org.apache.commons.collections4.bidimap.AbstractDualBidiMap;
-import org.apache.commons.collections4.map.LRUMap;
-
-final class BidiLRUMap<K, V> extends AbstractDualBidiMap<K, V> {
-
-	public BidiLRUMap(int maxSize) {
-		super(new LRUMap<K, V>(maxSize), new LRUMap<V, K>(maxSize));
-	}
-
-	protected BidiLRUMap(final Map<K, V> normalMap, final Map<V, K> reverseMap, final BidiMap<V, K> inverseBidiMap) {
-		super(normalMap, reverseMap, inverseBidiMap);
-	}
-
-	@Override
-	protected BidiMap<V, K> createBidiMap(Map<V, K> normalMap, Map<K, V> reverseMap, BidiMap<K, V> inverseMap) {
-		return new BidiLRUMap<V, K>(normalMap, reverseMap, inverseMap);
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/jackrabbit/WebDavLocatorFactory.java

@@ -1,118 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.jackrabbit;
-
-import java.io.IOException;
-import java.nio.file.FileSystems;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.StandardOpenOption;
-
-import org.apache.commons.collections4.BidiMap;
-import org.apache.jackrabbit.webdav.AbstractLocatorFactory;
-import org.apache.jackrabbit.webdav.DavResourceLocator;
-import org.cryptomator.crypto.Cryptor;
-import org.cryptomator.crypto.CryptorIOSupport;
-import org.cryptomator.crypto.SensitiveDataSwipeListener;
-
-public class WebDavLocatorFactory extends AbstractLocatorFactory implements SensitiveDataSwipeListener, CryptorIOSupport {
-
-	private static final int MAX_CACHED_PATHS = 10000;
-	private final Path fsRoot;
-	private final Cryptor cryptor;
-	private final BidiMap<String, String> pathCache = new BidiLRUMap<>(MAX_CACHED_PATHS); // <decryptedPath, encryptedPath>
-
-	public WebDavLocatorFactory(String fsRoot, String httpRoot, Cryptor cryptor) {
-		super(httpRoot);
-		this.fsRoot = FileSystems.getDefault().getPath(fsRoot);
-		this.cryptor = cryptor;
-		cryptor.addSensitiveDataSwipeListener(this);
-	}
-
-	/**
-	 * @return Encrypted absolute paths on the file system.
-	 */
-	@Override
-	protected String getRepositoryPath(String resourcePath, String wspPath) {
-		String encryptedPath = pathCache.get(resourcePath);
-		if (encryptedPath == null) {
-			encryptedPath = encryptRepositoryPath(resourcePath);
-			pathCache.put(resourcePath, encryptedPath);
-		}
-		return encryptedPath;
-	}
-
-	private String encryptRepositoryPath(String resourcePath) {
-		if (resourcePath == null) {
-			return fsRoot.toString();
-		}
-		final String encryptedRepoPath = cryptor.encryptPath(resourcePath, FileSystems.getDefault().getSeparator().charAt(0), '/', this);
-		return fsRoot.resolve(encryptedRepoPath).toString();
-	}
-
-	/**
-	 * @return Decrypted path for use in URIs.
-	 */
-	@Override
-	protected String getResourcePath(String repositoryPath, String wspPath) {
-		String decryptedPath = pathCache.getKey(repositoryPath);
-		if (decryptedPath == null) {
-			decryptedPath = decryptResourcePath(repositoryPath);
-			pathCache.put(decryptedPath, repositoryPath);
-		}
-		return decryptedPath;
-	}
-
-	private String decryptResourcePath(String repositoryPath) {
-		final Path absRepoPath = FileSystems.getDefault().getPath(repositoryPath);
-		if (fsRoot.equals(absRepoPath)) {
-			return null;
-		} else {
-			final Path relativeRepositoryPath = fsRoot.relativize(absRepoPath);
-			final String resourcePath = cryptor.decryptPath(relativeRepositoryPath.toString(), FileSystems.getDefault().getSeparator().charAt(0), '/', this);
-			return resourcePath;
-		}
-	}
-
-	@Override
-	public DavResourceLocator createResourceLocator(String prefix, String workspacePath, String path, boolean isResourcePath) {
-		// we don't support workspaces
-		return super.createResourceLocator(prefix, "", path, isResourcePath);
-	}
-
-	@Override
-	public DavResourceLocator createResourceLocator(String prefix, String workspacePath, String resourcePath) {
-		// we don't support workspaces
-		return super.createResourceLocator(prefix, "", resourcePath);
-	}
-
-	@Override
-	public void swipeSensitiveData() {
-		pathCache.clear();
-	}
-
-	/* Cryptor I/O Support */
-
-	@Override
-	public void writePathSpecificMetadata(String encryptedPath, byte[] encryptedMetadata) throws IOException {
-		final Path metaDataFile = fsRoot.resolve(encryptedPath);
-		Files.write(metaDataFile, encryptedMetadata, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING, StandardOpenOption.DSYNC);
-	}
-
-	@Override
-	public byte[] readPathSpecificMetadata(String encryptedPath) throws IOException {
-		final Path metaDataFile = fsRoot.resolve(encryptedPath);
-		if (!Files.isReadable(metaDataFile)) {
-			return null;
-		} else {
-			return Files.readAllBytes(metaDataFile);
-		}
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/jackrabbit/WebDavResourceFactory.java

@@ -1,79 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.jackrabbit;
-
-import java.nio.file.Files;
-import java.nio.file.Path;
-
-import org.apache.jackrabbit.webdav.DavException;
-import org.apache.jackrabbit.webdav.DavMethods;
-import org.apache.jackrabbit.webdav.DavResource;
-import org.apache.jackrabbit.webdav.DavResourceFactory;
-import org.apache.jackrabbit.webdav.DavResourceLocator;
-import org.apache.jackrabbit.webdav.DavServletRequest;
-import org.apache.jackrabbit.webdav.DavServletResponse;
-import org.apache.jackrabbit.webdav.DavSession;
-import org.apache.jackrabbit.webdav.lock.LockManager;
-import org.apache.jackrabbit.webdav.lock.SimpleLockManager;
-import org.cryptomator.crypto.Cryptor;
-import org.cryptomator.webdav.jackrabbit.resources.EncryptedDir;
-import org.cryptomator.webdav.jackrabbit.resources.EncryptedFile;
-import org.cryptomator.webdav.jackrabbit.resources.NonExistingNode;
-import org.cryptomator.webdav.jackrabbit.resources.PathUtils;
-
-public class WebDavResourceFactory implements DavResourceFactory {
-
-	private final LockManager lockManager = new SimpleLockManager();
-	private final Cryptor cryptor;
-
-	public WebDavResourceFactory(Cryptor cryptor) {
-		this.cryptor = cryptor;
-	}
-
-	@Override
-	public DavResource createResource(DavResourceLocator locator, DavServletRequest request, DavServletResponse response) throws DavException {
-		final Path path = PathUtils.getPhysicalPath(locator);
-
-		if (Files.exists(path)) {
-			return createResource(locator, request.getDavSession());
-		} else if (DavMethods.METHOD_MKCOL.equals(request.getMethod())) {
-			return createDirectory(locator, request.getDavSession());
-		} else if (DavMethods.METHOD_PUT.equals(request.getMethod())) {
-			return createFile(locator, request.getDavSession());
-		} else {
-			return createNonExisting(locator, request.getDavSession());
-		}
-	}
-
-	@Override
-	public DavResource createResource(DavResourceLocator locator, DavSession session) throws DavException {
-		final Path path = PathUtils.getPhysicalPath(locator);
-
-		if (Files.isDirectory(path)) {
-			return createDirectory(locator, session);
-		} else if (Files.isRegularFile(path)) {
-			return createFile(locator, session);
-		} else {
-			return createNonExisting(locator, session);
-		}
-	}
-
-	private EncryptedFile createFile(DavResourceLocator locator, DavSession session) {
-		return new EncryptedFile(this, locator, session, lockManager, cryptor);
-	}
-
-	private EncryptedDir createDirectory(DavResourceLocator locator, DavSession session) {
-		return new EncryptedDir(this, locator, session, lockManager, cryptor);
-	}
-
-	private NonExistingNode createNonExisting(DavResourceLocator locator, DavSession session) {
-		return new NonExistingNode(this, locator, session, lockManager, cryptor);
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/jackrabbit/WebDavServlet.java

@@ -1,85 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.jackrabbit;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-
-import org.apache.jackrabbit.webdav.DavLocatorFactory;
-import org.apache.jackrabbit.webdav.DavResource;
-import org.apache.jackrabbit.webdav.DavResourceFactory;
-import org.apache.jackrabbit.webdav.DavSessionProvider;
-import org.apache.jackrabbit.webdav.WebdavRequest;
-import org.apache.jackrabbit.webdav.server.AbstractWebdavServlet;
-import org.cryptomator.crypto.Cryptor;
-
-public class WebDavServlet extends AbstractWebdavServlet {
-
-	private static final long serialVersionUID = 7965170007048673022L;
-	public static final String CFG_FS_ROOT = "oce.fs.root";
-	public static final String CFG_HTTP_ROOT = "oce.http.root";
-	private DavSessionProvider davSessionProvider;
-	private DavLocatorFactory davLocatorFactory;
-	private DavResourceFactory davResourceFactory;
-	private final Cryptor cryptor;
-
-	public WebDavServlet(final Cryptor cryptor) {
-		super();
-		this.cryptor = cryptor;
-	}
-
-	@Override
-	public void init(ServletConfig config) throws ServletException {
-		super.init(config);
-
-		davSessionProvider = new WebDavSessionProvider();
-
-		final String fsRoot = config.getInitParameter(CFG_FS_ROOT);
-		final String httpRoot = config.getInitParameter(CFG_HTTP_ROOT);
-		this.davLocatorFactory = new WebDavLocatorFactory(fsRoot, httpRoot, cryptor);
-
-		this.davResourceFactory = new WebDavResourceFactory(cryptor);
-	}
-
-	@Override
-	protected boolean isPreconditionValid(WebdavRequest request, DavResource resource) {
-		return !resource.exists() || request.matchesIfHeader(resource);
-	}
-
-	@Override
-	public DavSessionProvider getDavSessionProvider() {
-		return davSessionProvider;
-	}
-
-	@Override
-	public void setDavSessionProvider(DavSessionProvider davSessionProvider) {
-		this.davSessionProvider = davSessionProvider;
-	}
-
-	@Override
-	public DavLocatorFactory getLocatorFactory() {
-		return davLocatorFactory;
-	}
-
-	@Override
-	public void setLocatorFactory(DavLocatorFactory locatorFactory) {
-		this.davLocatorFactory = locatorFactory;
-	}
-
-	@Override
-	public DavResourceFactory getResourceFactory() {
-		return davResourceFactory;
-	}
-
-	@Override
-	public void setResourceFactory(DavResourceFactory resourceFactory) {
-		this.davResourceFactory = resourceFactory;
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/jackrabbit/resources/AbstractEncryptedNode.java

@@ -1,269 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.jackrabbit.resources;
-
-import java.io.IOException;
-import java.nio.file.AtomicMoveNotSupportedException;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.StandardCopyOption;
-import java.util.List;
-
-import org.apache.commons.io.FilenameUtils;
-import org.apache.jackrabbit.webdav.DavException;
-import org.apache.jackrabbit.webdav.DavResource;
-import org.apache.jackrabbit.webdav.DavResourceFactory;
-import org.apache.jackrabbit.webdav.DavResourceLocator;
-import org.apache.jackrabbit.webdav.DavServletResponse;
-import org.apache.jackrabbit.webdav.DavSession;
-import org.apache.jackrabbit.webdav.MultiStatusResponse;
-import org.apache.jackrabbit.webdav.lock.ActiveLock;
-import org.apache.jackrabbit.webdav.lock.LockInfo;
-import org.apache.jackrabbit.webdav.lock.LockManager;
-import org.apache.jackrabbit.webdav.lock.Scope;
-import org.apache.jackrabbit.webdav.lock.Type;
-import org.apache.jackrabbit.webdav.property.DavProperty;
-import org.apache.jackrabbit.webdav.property.DavPropertyName;
-import org.apache.jackrabbit.webdav.property.DavPropertyNameSet;
-import org.apache.jackrabbit.webdav.property.DavPropertySet;
-import org.apache.jackrabbit.webdav.property.PropEntry;
-import org.cryptomator.crypto.Cryptor;
-import org.cryptomator.webdav.exceptions.IORuntimeException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public abstract class AbstractEncryptedNode implements DavResource {
-
-	private static final Logger LOG = LoggerFactory.getLogger(AbstractEncryptedNode.class);
-	private static final String DAV_COMPLIANCE_CLASSES = "1, 2";
-
-	protected final DavResourceFactory factory;
-	protected final DavResourceLocator locator;
-	protected final DavSession session;
-	protected final LockManager lockManager;
-	protected final Cryptor cryptor;
-	protected final DavPropertySet properties;
-
-	protected AbstractEncryptedNode(DavResourceFactory factory, DavResourceLocator locator, DavSession session, LockManager lockManager, Cryptor cryptor) {
-		this.factory = factory;
-		this.locator = locator;
-		this.session = session;
-		this.lockManager = lockManager;
-		this.cryptor = cryptor;
-		this.properties = new DavPropertySet();
-		this.determineProperties();
-	}
-
-	@Override
-	public String getComplianceClass() {
-		return DAV_COMPLIANCE_CLASSES;
-	}
-
-	@Override
-	public String getSupportedMethods() {
-		return METHODS;
-	}
-
-	@Override
-	public boolean exists() {
-		final Path path = PathUtils.getPhysicalPath(this);
-		return Files.exists(path);
-	}
-
-	@Override
-	public String getDisplayName() {
-		final String resourcePath = getResourcePath();
-		final int lastSlash = resourcePath.lastIndexOf('/');
-		if (lastSlash == -1) {
-			return resourcePath;
-		} else {
-			return resourcePath.substring(lastSlash);
-		}
-	}
-
-	@Override
-	public DavResourceLocator getLocator() {
-		return locator;
-	}
-
-	@Override
-	public String getResourcePath() {
-		return locator.getResourcePath();
-	}
-
-	@Override
-	public String getHref() {
-		return locator.getHref(this.isCollection());
-	}
-
-	@Override
-	public long getModificationTime() {
-		final Path path = PathUtils.getPhysicalPath(this);
-		try {
-			return Files.getLastModifiedTime(path).toMillis();
-		} catch (IOException e) {
-			return -1;
-		}
-	}
-
-	protected abstract void determineProperties();
-
-	@Override
-	public DavPropertyName[] getPropertyNames() {
-		return getProperties().getPropertyNames();
-	}
-
-	@Override
-	public DavProperty<?> getProperty(DavPropertyName name) {
-		return getProperties().get(name);
-	}
-
-	@Override
-	public DavPropertySet getProperties() {
-		return properties;
-	}
-
-	@Override
-	public void setProperty(DavProperty<?> property) throws DavException {
-		getProperties().add(property);
-	}
-
-	@Override
-	public void removeProperty(DavPropertyName propertyName) throws DavException {
-		getProperties().remove(propertyName);
-	}
-
-	@Override
-	public MultiStatusResponse alterProperties(List<? extends PropEntry> changeList) throws DavException {
-		final DavPropertyNameSet names = new DavPropertyNameSet();
-		for (final PropEntry entry : changeList) {
-			if (entry instanceof DavProperty) {
-				final DavProperty<?> prop = (DavProperty<?>) entry;
-				this.setProperty(prop);
-				names.add(prop.getName());
-			} else if (entry instanceof DavPropertyName) {
-				final DavPropertyName name = (DavPropertyName) entry;
-				this.removeProperty(name);
-				names.add(name);
-			}
-		}
-		return new MultiStatusResponse(this, names);
-	}
-
-	@Override
-	public DavResource getCollection() {
-		if (locator.isRootLocation()) {
-			return null;
-		}
-
-		final String parentResource = FilenameUtils.getPath(locator.getResourcePath());
-		final DavResourceLocator parentLocator = locator.getFactory().createResourceLocator(locator.getPrefix(), locator.getWorkspacePath(), parentResource);
-		try {
-			return getFactory().createResource(parentLocator, session);
-		} catch (DavException e) {
-			throw new IllegalStateException("Unable to get parent resource with path " + parentLocator.getResourcePath(), e);
-		}
-	}
-
-	@Override
-	public void move(DavResource dest) throws DavException {
-		final Path src = PathUtils.getPhysicalPath(this);
-		final Path dst = PathUtils.getPhysicalPath(dest);
-		try {
-			// check for conflicts:
-			if (Files.exists(dst) && Files.getLastModifiedTime(dst).toMillis() > Files.getLastModifiedTime(src).toMillis()) {
-				throw new DavException(DavServletResponse.SC_CONFLICT, "File at destination already exists: " + dst.toString());
-			}
-
-			// move:
-			try {
-				Files.move(src, dst, StandardCopyOption.REPLACE_EXISTING, StandardCopyOption.ATOMIC_MOVE);
-			} catch (AtomicMoveNotSupportedException e) {
-				Files.move(src, dst, StandardCopyOption.REPLACE_EXISTING);
-			}
-		} catch (IOException e) {
-			LOG.error("Error moving file from " + src.toString() + " to " + dst.toString());
-			throw new IORuntimeException(e);
-		}
-	}
-
-	@Override
-	public void copy(DavResource dest, boolean shallow) throws DavException {
-		final Path src = PathUtils.getPhysicalPath(this);
-		final Path dst = PathUtils.getPhysicalPath(dest);
-		try {
-			// check for conflicts:
-			if (Files.exists(dst) && Files.getLastModifiedTime(dst).toMillis() > Files.getLastModifiedTime(src).toMillis()) {
-				throw new DavException(DavServletResponse.SC_CONFLICT, "File at destination already exists: " + dst.toString());
-			}
-
-			// copy:
-			try {
-				Files.copy(src, dst, StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING, StandardCopyOption.ATOMIC_MOVE);
-			} catch (AtomicMoveNotSupportedException e) {
-				Files.copy(src, dst, StandardCopyOption.COPY_ATTRIBUTES, StandardCopyOption.REPLACE_EXISTING);
-			}
-		} catch (IOException e) {
-			LOG.error("Error copying file from " + src.toString() + " to " + dst.toString());
-			throw new IORuntimeException(e);
-		}
-	}
-
-	@Override
-	public boolean isLockable(Type type, Scope scope) {
-		return true;
-	}
-
-	@Override
-	public boolean hasLock(Type type, Scope scope) {
-		return lockManager.getLock(type, scope, this) != null;
-	}
-
-	@Override
-	public ActiveLock getLock(Type type, Scope scope) {
-		return lockManager.getLock(type, scope, this);
-	}
-
-	@Override
-	public ActiveLock[] getLocks() {
-		final ActiveLock exclusiveWriteLock = getLock(Type.WRITE, Scope.EXCLUSIVE);
-		return new ActiveLock[] {exclusiveWriteLock};
-	}
-
-	@Override
-	public ActiveLock lock(LockInfo reqLockInfo) throws DavException {
-		return lockManager.createLock(reqLockInfo, this);
-	}
-
-	@Override
-	public ActiveLock refreshLock(LockInfo reqLockInfo, String lockToken) throws DavException {
-		return lockManager.refreshLock(reqLockInfo, lockToken, this);
-	}
-
-	@Override
-	public void unlock(String lockToken) throws DavException {
-		lockManager.releaseLock(lockToken, this);
-	}
-
-	@Override
-	public void addLockManager(LockManager lockmgr) {
-		throw new UnsupportedOperationException("Locks are managed");
-	}
-
-	@Override
-	public DavResourceFactory getFactory() {
-		return factory;
-	}
-
-	@Override
-	public DavSession getSession() {
-		return session;
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/jackrabbit/resources/EncryptedDir.java

@@ -1,178 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.jackrabbit.resources;
-
-import java.io.IOException;
-import java.nio.channels.SeekableByteChannel;
-import java.nio.file.DirectoryStream;
-import java.nio.file.FileVisitResult;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.SimpleFileVisitor;
-import java.nio.file.StandardOpenOption;
-import java.nio.file.attribute.BasicFileAttributes;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.jackrabbit.webdav.DavException;
-import org.apache.jackrabbit.webdav.DavResource;
-import org.apache.jackrabbit.webdav.DavResourceFactory;
-import org.apache.jackrabbit.webdav.DavResourceIterator;
-import org.apache.jackrabbit.webdav.DavResourceIteratorImpl;
-import org.apache.jackrabbit.webdav.DavResourceLocator;
-import org.apache.jackrabbit.webdav.DavServletResponse;
-import org.apache.jackrabbit.webdav.DavSession;
-import org.apache.jackrabbit.webdav.io.InputContext;
-import org.apache.jackrabbit.webdav.io.OutputContext;
-import org.apache.jackrabbit.webdav.lock.LockManager;
-import org.apache.jackrabbit.webdav.property.DavPropertyName;
-import org.apache.jackrabbit.webdav.property.DefaultDavProperty;
-import org.apache.jackrabbit.webdav.property.ResourceType;
-import org.cryptomator.crypto.Cryptor;
-import org.cryptomator.webdav.exceptions.DavRuntimeException;
-import org.cryptomator.webdav.exceptions.IORuntimeException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class EncryptedDir extends AbstractEncryptedNode {
-
-	private static final Logger LOG = LoggerFactory.getLogger(EncryptedDir.class);
-
-	public EncryptedDir(DavResourceFactory factory, DavResourceLocator locator, DavSession session, LockManager lockManager, Cryptor cryptor) {
-		super(factory, locator, session, lockManager, cryptor);
-	}
-
-	@Override
-	public boolean isCollection() {
-		return true;
-	}
-
-	@Override
-	public void addMember(DavResource resource, InputContext inputContext) throws DavException {
-		if (resource.isCollection()) {
-			this.addMemberDir(resource, inputContext);
-		} else {
-			this.addMemberFile(resource, inputContext);
-		}
-	}
-
-	private void addMemberDir(DavResource resource, InputContext inputContext) throws DavException {
-		final Path childPath = PathUtils.getPhysicalPath(resource);
-		try {
-			Files.createDirectories(childPath);
-		} catch (SecurityException e) {
-			throw new DavException(DavServletResponse.SC_FORBIDDEN, e);
-		} catch (IOException e) {
-			LOG.error("Failed to create subdirectory.", e);
-			throw new IORuntimeException(e);
-		}
-	}
-
-	private void addMemberFile(DavResource resource, InputContext inputContext) throws DavException {
-		final Path childPath = PathUtils.getPhysicalPath(resource);
-		SeekableByteChannel channel = null;
-		try {
-			channel = Files.newByteChannel(childPath, StandardOpenOption.WRITE, StandardOpenOption.CREATE);
-			cryptor.encryptFile(inputContext.getInputStream(), channel);
-		} catch (SecurityException e) {
-			throw new DavException(DavServletResponse.SC_FORBIDDEN, e);
-		} catch (IOException e) {
-			LOG.error("Failed to create file.", e);
-			throw new IORuntimeException(e);
-		} finally {
-			IOUtils.closeQuietly(channel);
-			IOUtils.closeQuietly(inputContext.getInputStream());
-		}
-	}
-
-	@Override
-	public DavResourceIterator getMembers() {
-		final Path dir = PathUtils.getPhysicalPath(this);
-		try {
-			final DirectoryStream<Path> directoryStream = Files.newDirectoryStream(dir, cryptor.getPayloadFilesFilter());
-			final List<DavResource> result = new ArrayList<>();
-
-			for (final Path childPath : directoryStream) {
-				final DavResourceLocator childLocator = locator.getFactory().createResourceLocator(locator.getPrefix(), locator.getWorkspacePath(), childPath.toString(), false);
-				final DavResource resource = factory.createResource(childLocator, session);
-				result.add(resource);
-			}
-			return new DavResourceIteratorImpl(result);
-		} catch (IOException e) {
-			LOG.error("Exception during getMembers.", e);
-			throw new IORuntimeException(e);
-		} catch (DavException e) {
-			LOG.error("Exception during getMembers.", e);
-			throw new DavRuntimeException(e);
-		}
-	}
-
-	@Override
-	public void removeMember(DavResource member) throws DavException {
-		final Path memberPath = PathUtils.getPhysicalPath(member);
-		try {
-			Files.walkFileTree(memberPath, new DeletingFileVisitor());
-		} catch (SecurityException e) {
-			throw new DavException(DavServletResponse.SC_FORBIDDEN, e);
-		} catch (IOException e) {
-			throw new IORuntimeException(e);
-		}
-	}
-
-	@Override
-	public void spool(OutputContext outputContext) throws IOException {
-		// do nothing
-	}
-
-	@Override
-	protected void determineProperties() {
-		final Path path = PathUtils.getPhysicalPath(this);
-		properties.add(new ResourceType(ResourceType.COLLECTION));
-		properties.add(new DefaultDavProperty<Integer>(DavPropertyName.ISCOLLECTION, 1));
-		if (Files.exists(path)) {
-			try {
-				final BasicFileAttributes attrs = Files.readAttributes(path, BasicFileAttributes.class);
-				properties.add(new DefaultDavProperty<Long>(DavPropertyName.CREATIONDATE, attrs.creationTime().toMillis()));
-				properties.add(new DefaultDavProperty<Long>(DavPropertyName.GETLASTMODIFIED, attrs.lastModifiedTime().toMillis()));
-			} catch (IOException e) {
-				LOG.error("Error determining metadata " + path.toString(), e);
-				// don't add any further properties
-			}
-		}
-	}
-
-	/**
-	 * Deletes all files and folders, it visits.
-	 */
-	private static class DeletingFileVisitor extends SimpleFileVisitor<Path> {
-
-		@Override
-		public FileVisitResult visitFile(Path file, BasicFileAttributes attributes) throws IOException {
-			if (attributes.isRegularFile()) {
-				Files.delete(file);
-			}
-			return FileVisitResult.CONTINUE;
-		}
-
-		@Override
-		public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException {
-			Files.delete(dir);
-			return FileVisitResult.CONTINUE;
-		}
-
-		@Override
-		public FileVisitResult visitFileFailed(Path file, IOException exc) throws IOException {
-			LOG.error("Failed to delete file " + file.toString(), exc);
-			return FileVisitResult.TERMINATE;
-		}
-
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/jackrabbit/resources/EncryptedFile.java

@@ -1,110 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.jackrabbit.resources;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.nio.channels.SeekableByteChannel;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.StandardOpenOption;
-import java.nio.file.attribute.BasicFileAttributes;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.jackrabbit.webdav.DavException;
-import org.apache.jackrabbit.webdav.DavResource;
-import org.apache.jackrabbit.webdav.DavResourceFactory;
-import org.apache.jackrabbit.webdav.DavResourceIterator;
-import org.apache.jackrabbit.webdav.DavResourceLocator;
-import org.apache.jackrabbit.webdav.DavSession;
-import org.apache.jackrabbit.webdav.io.InputContext;
-import org.apache.jackrabbit.webdav.io.OutputContext;
-import org.apache.jackrabbit.webdav.lock.LockManager;
-import org.apache.jackrabbit.webdav.property.DavPropertyName;
-import org.apache.jackrabbit.webdav.property.DefaultDavProperty;
-import org.cryptomator.crypto.Cryptor;
-import org.cryptomator.webdav.exceptions.IORuntimeException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class EncryptedFile extends AbstractEncryptedNode {
-
-	private static final Logger LOG = LoggerFactory.getLogger(EncryptedFile.class);
-
-	public EncryptedFile(DavResourceFactory factory, DavResourceLocator locator, DavSession session, LockManager lockManager, Cryptor cryptor) {
-		super(factory, locator, session, lockManager, cryptor);
-	}
-
-	@Override
-	public boolean isCollection() {
-		return false;
-	}
-
-	@Override
-	public void addMember(DavResource resource, InputContext inputContext) throws DavException {
-		throw new UnsupportedOperationException("Can not add member to file.");
-	}
-
-	@Override
-	public DavResourceIterator getMembers() {
-		throw new UnsupportedOperationException("Can not list members of file.");
-	}
-
-	@Override
-	public void removeMember(DavResource member) throws DavException {
-		throw new UnsupportedOperationException("Can not remove member to file.");
-	}
-
-	@Override
-	public void spool(OutputContext outputContext) throws IOException {
-		final Path path = PathUtils.getPhysicalPath(this);
-		if (Files.exists(path)) {
-			outputContext.setModificationTime(Files.getLastModifiedTime(path).toMillis());
-			SeekableByteChannel channel = null;
-			try {
-				channel = Files.newByteChannel(path, StandardOpenOption.READ);
-				outputContext.setContentLength(cryptor.decryptedContentLength(channel));
-				if (outputContext.hasStream()) {
-					cryptor.decryptedFile(channel, outputContext.getOutputStream());
-				}
-			} catch (EOFException e) {
-				LOG.warn("Unexpected end of stream (possibly client hung up).");
-			} catch (IOException e) {
-				LOG.error("Error reading file " + path.toString(), e);
-				throw new IORuntimeException(e);
-			} finally {
-				IOUtils.closeQuietly(channel);
-			}
-
-		}
-	}
-
-	@Override
-	protected void determineProperties() {
-		final Path path = PathUtils.getPhysicalPath(this);
-		if (Files.exists(path)) {
-			SeekableByteChannel channel = null;
-			try {
-				channel = Files.newByteChannel(path, StandardOpenOption.READ);
-				final Long contentLength = cryptor.decryptedContentLength(channel);
-				properties.add(new DefaultDavProperty<Long>(DavPropertyName.GETCONTENTLENGTH, contentLength));
-
-				final BasicFileAttributes attrs = Files.readAttributes(path, BasicFileAttributes.class);
-				properties.add(new DefaultDavProperty<Long>(DavPropertyName.CREATIONDATE, attrs.creationTime().toMillis()));
-				properties.add(new DefaultDavProperty<Long>(DavPropertyName.GETLASTMODIFIED, attrs.lastModifiedTime().toMillis()));
-			} catch (IOException e) {
-				LOG.error("Error determining metadata " + path.toString(), e);
-				throw new IORuntimeException(e);
-			} finally {
-				IOUtils.closeQuietly(channel);
-			}
-		}
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/jackrabbit/resources/NonExistingNode.java

@@ -1,65 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.jackrabbit.resources;
-
-import java.io.IOException;
-
-import org.apache.jackrabbit.webdav.DavException;
-import org.apache.jackrabbit.webdav.DavResource;
-import org.apache.jackrabbit.webdav.DavResourceFactory;
-import org.apache.jackrabbit.webdav.DavResourceIterator;
-import org.apache.jackrabbit.webdav.DavResourceLocator;
-import org.apache.jackrabbit.webdav.DavSession;
-import org.apache.jackrabbit.webdav.io.InputContext;
-import org.apache.jackrabbit.webdav.io.OutputContext;
-import org.apache.jackrabbit.webdav.lock.LockManager;
-import org.cryptomator.crypto.Cryptor;
-
-public class NonExistingNode extends AbstractEncryptedNode {
-
-	public NonExistingNode(DavResourceFactory factory, DavResourceLocator locator, DavSession session, LockManager lockManager, Cryptor cryptor) {
-		super(factory, locator, session, lockManager, cryptor);
-	}
-
-	@Override
-	public boolean exists() {
-		return false;
-	}
-
-	@Override
-	public boolean isCollection() {
-		throw new UnsupportedOperationException("Resource doesn't exist.");
-	}
-
-	@Override
-	public void spool(OutputContext outputContext) throws IOException {
-		throw new UnsupportedOperationException("Resource doesn't exist.");
-	}
-
-	@Override
-	public void addMember(DavResource resource, InputContext inputContext) throws DavException {
-		throw new UnsupportedOperationException("Resource doesn't exist.");
-	}
-
-	@Override
-	public DavResourceIterator getMembers() {
-		throw new UnsupportedOperationException("Resource doesn't exist.");
-	}
-
-	@Override
-	public void removeMember(DavResource member) throws DavException {
-		throw new UnsupportedOperationException("Resource doesn't exist.");
-	}
-
-	@Override
-	protected void determineProperties() {
-		// do nothing.
-	}
-
-}

main/core/src/main/java/org/cryptomator/webdav/jackrabbit/resources/PathUtils.java

@@ -1,31 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.webdav.jackrabbit.resources;
-
-import java.nio.file.FileSystems;
-import java.nio.file.Path;
-
-import org.apache.jackrabbit.webdav.DavResource;
-import org.apache.jackrabbit.webdav.DavResourceLocator;
-
-public final class PathUtils {
-
-	private PathUtils() {
-		throw new IllegalStateException("not instantiable");
-	}
-
-	public static Path getPhysicalPath(DavResource resource) {
-		return getPhysicalPath(resource.getLocator());
-	}
-
-	public static Path getPhysicalPath(DavResourceLocator locator) {
-		return FileSystems.getDefault().getPath(locator.getRepositoryPath());
-	}
-
-}

main/crypto-aes/src/main/java/org/cryptomator/crypto/aes256/Aes256Cryptor.java

@@ -1,446 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.crypto.aes256;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.nio.BufferOverflowException;
-import java.nio.ByteBuffer;
-import java.nio.CharBuffer;
-import java.nio.channels.SeekableByteChannel;
-import java.nio.file.DirectoryStream.Filter;
-import java.nio.file.Path;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-import java.util.UUID;
-import java.util.zip.CRC32;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.apache.commons.io.Charsets;
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang3.ArrayUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.cryptomator.crypto.AbstractCryptor;
-import org.cryptomator.crypto.CryptorIOSupport;
-import org.cryptomator.crypto.exceptions.DecryptFailedException;
-import org.cryptomator.crypto.exceptions.UnsupportedKeyLengthException;
-import org.cryptomator.crypto.exceptions.WrongPasswordException;
-import org.cryptomator.crypto.io.SeekableByteChannelInputStream;
-import org.cryptomator.crypto.io.SeekableByteChannelOutputStream;
-
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
-
-public class Aes256Cryptor extends AbstractCryptor implements AesCryptographicConfiguration, FileNamingConventions {
-
-	/**
-	 * PRNG for cryptographically secure random numbers. Defaults to SHA1-based number generator.
-	 * 
-	 * @see http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SecureRandom
-	 */
-	private static final SecureRandom SECURE_PRNG;
-
-	/**
-	 * Factory for deriveing keys. Defaults to PBKDF2/HMAC-SHA1.
-	 * 
-	 * @see PKCS #5, defined in RFC 2898
-	 * @see http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SecretKeyFactory
-	 */
-	private static final SecretKeyFactory PBKDF2_FACTORY;
-
-	/**
-	 * Defined in static initializer. Defaults to 256, but falls back to maximum value possible, if JCE isn't installed. JCE can be
-	 * installed from here: http://www.oracle.com/technetwork/java/javase/downloads/.
-	 */
-	private static final int AES_KEY_LENGTH;
-
-	/**
-	 * 
-	 */
-	private static final byte[] EMPTY_MASTER_KEY = new byte[MASTER_KEY_LENGTH];
-
-	/**
-	 * Jackson JSON-Mapper.
-	 */
-	private final ObjectMapper objectMapper = new ObjectMapper();
-
-	/**
-	 * The decrypted master key. Its lifecycle starts with {@link #randomData(int)} or {@link #encryptMasterKey(Path, CharSequence)}. Its
-	 * lifecycle ends with {@link #swipeSensitiveData()}.
-	 */
-	private final byte[] masterKey = Arrays.copyOf(EMPTY_MASTER_KEY, MASTER_KEY_LENGTH);
-
-	private static final int SIZE_OF_LONG = Long.SIZE / Byte.SIZE;
-	private static final int SIZE_OF_INT = Integer.SIZE / Byte.SIZE;
-
-	static {
-		try {
-			PBKDF2_FACTORY = SecretKeyFactory.getInstance(KEY_FACTORY_ALGORITHM);
-			SECURE_PRNG = SecureRandom.getInstance(PRNG_ALGORITHM);
-			final int maxKeyLen = Cipher.getMaxAllowedKeyLength(CRYPTO_ALGORITHM);
-			AES_KEY_LENGTH = (maxKeyLen >= 256) ? 256 : maxKeyLen;
-		} catch (NoSuchAlgorithmException e) {
-			throw new IllegalStateException("Algorithm should exist.", e);
-		}
-	}
-
-	/**
-	 * Fills the masterkey with new random bytes.
-	 */
-	public void randomizeMasterKey() {
-		SECURE_PRNG.setSeed(SECURE_PRNG.generateSeed(PRNG_SEED_LENGTH));
-		SECURE_PRNG.nextBytes(this.masterKey);
-	}
-
-	/**
-	 * Encrypts the current masterKey with the given password and writes the result to the given output stream.
-	 */
-	public void encryptMasterKey(OutputStream out, CharSequence password) throws IOException {
-		if (ArrayUtils.isEquals(this.masterKey, EMPTY_MASTER_KEY)) {
-			throw new IllegalStateException("Masterkey not yet initialized.");
-		}
-		try {
-			// derive key:
-			final byte[] userSalt = randomData(SALT_LENGTH);
-			final SecretKey userKey = pbkdf2(password, userSalt, PBKDF2_PW_ITERATIONS, AES_KEY_LENGTH);
-
-			// encrypt:
-			final byte[] iv = randomData(AES_BLOCK_LENGTH);
-			final Cipher encCipher = this.cipher(MASTERKEY_CIPHER, userKey, iv, Cipher.ENCRYPT_MODE);
-			byte[] encryptedUserKey = encCipher.doFinal(userKey.getEncoded());
-			byte[] encryptedMasterKey = encCipher.doFinal(this.masterKey);
-
-			// save encrypted masterkey:
-			final Key key = new Key();
-			key.setIterations(PBKDF2_PW_ITERATIONS);
-			key.setIv(iv);
-			key.setKeyLength(AES_KEY_LENGTH);
-			key.setMasterkey(encryptedMasterKey);
-			key.setSalt(userSalt);
-			key.setPwVerification(encryptedUserKey);
-			objectMapper.writeValue(out, key);
-		} catch (IllegalBlockSizeException | BadPaddingException ex) {
-			throw new IllegalStateException("Block size hard coded. Padding irrelevant in ENCRYPT_MODE. IV must exist in CBC mode.", ex);
-		}
-	}
-
-	/**
-	 * Reads the encrypted masterkey from the given input stream and decrypts it with the given password.
-	 * 
-	 * @throws DecryptFailedException If the decryption failed for various reasons (including wrong password).
-	 * @throws WrongPasswordException If the provided password was wrong. Note: Sometimes the algorithm itself fails due to a wrong
-	 *             password. In this case a DecryptFailedException will be thrown.
-	 * @throws UnsupportedKeyLengthException If the masterkey has been encrypted with a higher key length than supported by the system. In
-	 *             this case Java JCE needs to be installed.
-	 */
-	public void decryptMasterKey(InputStream in, CharSequence password) throws DecryptFailedException, WrongPasswordException, UnsupportedKeyLengthException, IOException {
-		byte[] decrypted = new byte[0];
-		try {
-			// load encrypted masterkey:
-			final Key key = objectMapper.readValue(in, Key.class);
-
-			// check, whether the key length is supported:
-			final int maxKeyLen = Cipher.getMaxAllowedKeyLength(CRYPTO_ALGORITHM);
-			if (key.getKeyLength() > maxKeyLen) {
-				throw new UnsupportedKeyLengthException(key.getKeyLength(), maxKeyLen);
-			}
-
-			// derive key:
-			final SecretKey userKey = pbkdf2(password, key.getSalt(), key.getIterations(), key.getKeyLength());
-
-			// check password:
-			final Cipher encCipher = this.cipher(MASTERKEY_CIPHER, userKey, key.getIv(), Cipher.ENCRYPT_MODE);
-			byte[] encryptedUserKey = encCipher.doFinal(userKey.getEncoded());
-			if (!Arrays.equals(key.getPwVerification(), encryptedUserKey)) {
-				throw new WrongPasswordException();
-			}
-
-			// decrypt:
-			final Cipher decCipher = this.cipher(MASTERKEY_CIPHER, userKey, key.getIv(), Cipher.DECRYPT_MODE);
-			decrypted = decCipher.doFinal(key.getMasterkey());
-
-			// everything ok, move decrypted data to masterkey:
-			final ByteBuffer masterKeyBuffer = ByteBuffer.wrap(this.masterKey);
-			masterKeyBuffer.put(decrypted);
-		} catch (IllegalBlockSizeException | BadPaddingException | BufferOverflowException ex) {
-			throw new DecryptFailedException(ex);
-		} catch (NoSuchAlgorithmException ex) {
-			throw new IllegalStateException("Algorithm should exist.", ex);
-		} finally {
-			Arrays.fill(decrypted, (byte) 0);
-		}
-	}
-
-	/**
-	 * Overwrites the {@link #masterKey} with zeros. As masterKey is a final field, this operation is ensured to work on its actual data.
-	 * Otherwise developers could accidentally just assign a new object to the variable.
-	 */
-	@Override
-	public void swipeSensitiveDataInternal() {
-		Arrays.fill(this.masterKey, (byte) 0);
-	}
-
-	private Cipher cipher(String cipherTransformation, SecretKey key, byte[] iv, int cipherMode) {
-		try {
-			final Cipher cipher = Cipher.getInstance(cipherTransformation);
-			cipher.init(cipherMode, key, new IvParameterSpec(iv));
-			return cipher;
-		} catch (InvalidKeyException ex) {
-			throw new IllegalArgumentException("Invalid key.", ex);
-		} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException ex) {
-			throw new IllegalStateException("Algorithm/Padding should exist and accept an IV.", ex);
-		}
-	}
-
-	private byte[] randomData(int length) {
-		final byte[] result = new byte[length];
-		SECURE_PRNG.setSeed(SECURE_PRNG.generateSeed(PRNG_SEED_LENGTH));
-		SECURE_PRNG.nextBytes(result);
-		return result;
-	}
-
-	private SecretKey pbkdf2(byte[] password, byte[] salt, int iterations, int keyLength) {
-		final char[] pw = new char[password.length];
-		try {
-			byteToChar(password, pw);
-			return pbkdf2(CharBuffer.wrap(pw), salt, iterations, keyLength);
-		} finally {
-			Arrays.fill(pw, (char) 0);
-		}
-	}
-
-	private SecretKey pbkdf2(CharSequence password, byte[] salt, int iterations, int keyLength) {
-		final int pwLen = password.length();
-		final char[] pw = new char[pwLen];
-		CharBuffer.wrap(password).get(pw, 0, pwLen);
-		try {
-			final KeySpec specs = new PBEKeySpec(pw, salt, iterations, keyLength);
-			final SecretKey pbkdf2Key = PBKDF2_FACTORY.generateSecret(specs);
-			final SecretKey aesKey = new SecretKeySpec(pbkdf2Key.getEncoded(), CRYPTO_ALGORITHM);
-			return aesKey;
-		} catch (InvalidKeySpecException ex) {
-			throw new IllegalStateException("Specs are hard-coded.", ex);
-		} finally {
-			Arrays.fill(pw, (char) 0);
-		}
-	}
-
-	private void byteToChar(byte[] source, char[] destination) {
-		if (source.length != destination.length) {
-			throw new IllegalArgumentException("char[] needs to be the same length as byte[]");
-		}
-		for (int i = 0; i < source.length; i++) {
-			destination[i] = (char) (source[i] & 0xFF);
-		}
-	}
-
-	private long crc32Sum(byte[] source) {
-		final CRC32 crc32 = new CRC32();
-		crc32.update(source);
-		return crc32.getValue();
-	}
-
-	@Override
-	public String encryptPath(String cleartextPath, char encryptedPathSep, char cleartextPathSep, CryptorIOSupport ioSupport) {
-		try {
-			final SecretKey key = this.pbkdf2(masterKey, EMPTY_SALT, PBKDF2_MASTERKEY_ITERATIONS, AES_KEY_LENGTH);
-			final String[] cleartextPathComps = StringUtils.split(cleartextPath, cleartextPathSep);
-			final List<String> encryptedPathComps = new ArrayList<>(cleartextPathComps.length);
-			for (final String cleartext : cleartextPathComps) {
-				final String encrypted = encryptPathComponent(cleartext, key, ioSupport);
-				encryptedPathComps.add(encrypted);
-			}
-			return StringUtils.join(encryptedPathComps, encryptedPathSep);
-		} catch (IllegalBlockSizeException | BadPaddingException | IOException e) {
-			throw new IllegalStateException("Unable to encrypt path: " + cleartextPath, e);
-		}
-	}
-
-	/**
-	 * Each path component, i.e. file or directory name separated by path separators, gets encrypted for its own.<br/>
-	 * Encryption will blow up the filename length due to aes block sizes and base32 encoding. The result may be too long for some old file
-	 * systems.<br/>
-	 * This means that we need a workaround for filenames longer than the limit defined in
-	 * {@link FileNamingConventions#ENCRYPTED_FILENAME_LENGTH_LIMIT}.<br/>
-	 * <br/>
-	 * In any case we will create the encrypted filename normally. For those, that are too long, we calculate a checksum. No
-	 * cryptographically secure hash is needed here. We just want an uniform distribution for better load balancing. All encrypted filenames
-	 * with the same checksum will then share a metadata file, in which a lookup map between encrypted filenames and short unique
-	 * alternative names are stored.<br/>
-	 * <br/>
-	 * These alternative names consist of the checksum, a unique id and a special file extension defined in
-	 * {@link FileNamingConventions#LONG_NAME_FILE_EXT}.
-	 */
-	private String encryptPathComponent(final String cleartext, final SecretKey key, CryptorIOSupport ioSupport) throws IllegalBlockSizeException, BadPaddingException, IOException {
-		final Cipher cipher = this.cipher(FILE_NAME_CIPHER, key, EMPTY_IV, Cipher.ENCRYPT_MODE);
-		final byte[] cleartextBytes = cleartext.getBytes(Charsets.UTF_8);
-		final byte[] encryptedBytes = cipher.doFinal(cleartextBytes);
-		final String encrypted = ENCRYPTED_FILENAME_CODEC.encodeAsString(encryptedBytes) + BASIC_FILE_EXT;
-
-		if (encrypted.length() > ENCRYPTED_FILENAME_LENGTH_LIMIT) {
-			final String crc32 = String.valueOf(crc32Sum(encrypted.getBytes()));
-			final String metadataFilename = crc32 + METADATA_FILE_EXT;
-			final LongFilenameMetadata metadata = this.getMetadata(ioSupport, metadataFilename);
-			final String alternativeFileName = crc32 + LONG_NAME_PREFIX_SEPARATOR + metadata.getOrCreateUuidForEncryptedFilename(encrypted).toString() + LONG_NAME_FILE_EXT;
-			this.storeMetadata(ioSupport, metadataFilename, metadata);
-			return alternativeFileName;
-		} else {
-			return encrypted;
-		}
-	}
-
-	@Override
-	public String decryptPath(String encryptedPath, char encryptedPathSep, char cleartextPathSep, CryptorIOSupport ioSupport) {
-		try {
-			final SecretKey key = this.pbkdf2(masterKey, EMPTY_SALT, PBKDF2_MASTERKEY_ITERATIONS, AES_KEY_LENGTH);
-			final String[] encryptedPathComps = StringUtils.split(encryptedPath, encryptedPathSep);
-			final List<String> cleartextPathComps = new ArrayList<>(encryptedPathComps.length);
-			for (final String encrypted : encryptedPathComps) {
-				final String cleartext = decryptPathComponent(encrypted, key, ioSupport);
-				cleartextPathComps.add(new String(cleartext));
-			}
-			return StringUtils.join(cleartextPathComps, cleartextPathSep);
-		} catch (IllegalBlockSizeException | BadPaddingException | IOException e) {
-			throw new IllegalStateException("Unable to decrypt path: " + encryptedPath, e);
-		}
-	}
-
-	/**
-	 * @see #encryptPathComponent(String, SecretKey, CryptorIOSupport)
-	 */
-	private String decryptPathComponent(final String encrypted, final SecretKey key, CryptorIOSupport ioSupport) throws IllegalBlockSizeException, BadPaddingException, IOException {
-		final String ciphertext;
-		if (encrypted.endsWith(LONG_NAME_FILE_EXT)) {
-			final String basename = StringUtils.removeEnd(encrypted, LONG_NAME_FILE_EXT);
-			final String crc32 = StringUtils.substringBefore(basename, LONG_NAME_PREFIX_SEPARATOR);
-			final String uuid = StringUtils.substringAfter(basename, LONG_NAME_PREFIX_SEPARATOR);
-			final String metadataFilename = crc32 + METADATA_FILE_EXT;
-			final LongFilenameMetadata metadata = this.getMetadata(ioSupport, metadataFilename);
-			ciphertext = metadata.getEncryptedFilenameForUUID(UUID.fromString(uuid));
-		} else if (encrypted.endsWith(BASIC_FILE_EXT)) {
-			ciphertext = StringUtils.removeEndIgnoreCase(encrypted, BASIC_FILE_EXT);
-		} else {
-			throw new IllegalArgumentException("Unsupported path component: " + encrypted);
-		}
-
-		final Cipher cipher = this.cipher(FILE_NAME_CIPHER, key, EMPTY_IV, Cipher.DECRYPT_MODE);
-		final byte[] encryptedBytes = ENCRYPTED_FILENAME_CODEC.decode(ciphertext);
-		final byte[] cleartextBytes = cipher.doFinal(encryptedBytes);
-		return new String(cleartextBytes, Charsets.UTF_8);
-	}
-
-	private LongFilenameMetadata getMetadata(CryptorIOSupport ioSupport, String metadataFile) throws IOException {
-		final byte[] fileContent = ioSupport.readPathSpecificMetadata(metadataFile);
-		if (fileContent == null) {
-			return new LongFilenameMetadata();
-		} else {
-			return objectMapper.readValue(fileContent, LongFilenameMetadata.class);
-		}
-	}
-
-	private void storeMetadata(CryptorIOSupport ioSupport, String metadataFile, LongFilenameMetadata metadata) throws JsonProcessingException, IOException {
-		ioSupport.writePathSpecificMetadata(metadataFile, objectMapper.writeValueAsBytes(metadata));
-	}
-
-	@Override
-	public Long decryptedContentLength(SeekableByteChannel encryptedFile) throws IOException {
-		final ByteBuffer sizeBuffer = ByteBuffer.allocate(SIZE_OF_LONG);
-		final int read = encryptedFile.read(sizeBuffer);
-		if (read == SIZE_OF_LONG) {
-			return sizeBuffer.getLong(0);
-		} else {
-			return null;
-		}
-	}
-
-	@Override
-	public Long decryptedFile(SeekableByteChannel encryptedFile, OutputStream plaintextFile) throws IOException {
-		// skip content size:
-		encryptedFile.position(SIZE_OF_LONG);
-
-		// read iv:
-		final ByteBuffer countingIv = ByteBuffer.allocate(AES_BLOCK_LENGTH);
-		final int read = encryptedFile.read(countingIv);
-		if (read != AES_BLOCK_LENGTH) {
-			throw new IOException("Failed to read encrypted file header.");
-		}
-
-		// derive secret key and generate cipher:
-		final SecretKey key = this.pbkdf2(masterKey, EMPTY_SALT, PBKDF2_MASTERKEY_ITERATIONS, AES_KEY_LENGTH);
-		final Cipher cipher = this.cipher(FILE_CONTENT_CIPHER, key, countingIv.array(), Cipher.DECRYPT_MODE);
-
-		// read content
-		final InputStream in = new SeekableByteChannelInputStream(encryptedFile);
-		final OutputStream cipheredOut = new CipherOutputStream(plaintextFile, cipher);
-		return IOUtils.copyLarge(in, cipheredOut);
-	}
-
-	@Override
-	public Long encryptFile(InputStream plaintextFile, SeekableByteChannel encryptedFile) throws IOException {
-		// truncate file
-		encryptedFile.truncate(0);
-
-		// use an IV, whose last 4 bytes store an integer used in counter mode and write initial value to file.
-		final ByteBuffer countingIv = ByteBuffer.wrap(randomData(AES_BLOCK_LENGTH));
-		countingIv.putInt(AES_BLOCK_LENGTH - SIZE_OF_INT, 0);
-
-		// derive secret key and generate cipher:
-		final SecretKey key = this.pbkdf2(masterKey, EMPTY_SALT, PBKDF2_MASTERKEY_ITERATIONS, AES_KEY_LENGTH);
-		final Cipher cipher = this.cipher(FILE_CONTENT_CIPHER, key, countingIv.array(), Cipher.ENCRYPT_MODE);
-
-		// skip 8 bytes (reserved for file size):
-		encryptedFile.position(SIZE_OF_LONG);
-
-		// write iv:
-		encryptedFile.write(countingIv);
-
-		// write content:
-		final OutputStream out = new SeekableByteChannelOutputStream(encryptedFile);
-		final OutputStream cipheredOut = new CipherOutputStream(out, cipher);
-		final Long actualSize = IOUtils.copyLarge(plaintextFile, cipheredOut);
-
-		// write filesize
-		final ByteBuffer actualSizeBuffer = ByteBuffer.allocate(SIZE_OF_LONG);
-		actualSizeBuffer.putLong(actualSize);
-		actualSizeBuffer.position(0);
-		encryptedFile.position(0);
-		encryptedFile.write(actualSizeBuffer);
-
-		return actualSize;
-	}
-
-	@Override
-	public Filter<Path> getPayloadFilesFilter() {
-		return new Filter<Path>() {
-			@Override
-			public boolean accept(Path entry) throws IOException {
-				return ENCRYPTED_FILE_GLOB_MATCHER.matches(entry);
-			}
-		};
-	}
-
-}

main/crypto-aes/src/main/java/org/cryptomator/crypto/aes256/AesCryptographicConfiguration.java

@@ -1,92 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.crypto.aes256;
-
-interface AesCryptographicConfiguration {
-
-	/**
-	 * Number of bytes used as seed for the PRNG.
-	 */
-	int PRNG_SEED_LENGTH = 16;
-
-	/**
-	 * Number of bytes of the master key. Should be the maximum possible AES key length to provide best security.
-	 */
-	int MASTER_KEY_LENGTH = 256;
-
-	/**
-	 * Number of bytes used as salt, where needed.
-	 */
-	int SALT_LENGTH = 8;
-
-	/**
-	 * 0-filled salt.
-	 */
-	byte[] EMPTY_SALT = new byte[SALT_LENGTH];
-
-	/**
-	 * Algorithm used for key derivation.
-	 */
-	String KEY_FACTORY_ALGORITHM = "PBKDF2WithHmacSHA1";
-
-	/**
-	 * Algorithm used for random number generation.
-	 */
-	String PRNG_ALGORITHM = "SHA1PRNG";
-
-	/**
-	 * Algorithm used for en/decryption.
-	 * 
-	 * @see http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#AlgorithmParameters
-	 */
-	String CRYPTO_ALGORITHM = "AES";
-
-	/**
-	 * Cipher specs for masterkey encryption.
-	 * 
-	 * @see http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#Cipher
-	 */
-	String MASTERKEY_CIPHER = "AES/CBC/PKCS5Padding";
-
-	/**
-	 * Cipher specs for file name encryption.
-	 * 
-	 * @see http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#Cipher
-	 */
-	String FILE_NAME_CIPHER = "AES/CBC/PKCS5Padding";
-
-	/**
-	 * Cipher specs for content encryption. Using CTR-mode for random access.
-	 * 
-	 * @see http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#Cipher
-	 */
-	String FILE_CONTENT_CIPHER = "AES/CTR/NoPadding";
-
-	/**
-	 * AES block size is 128 bit or 16 bytes.
-	 */
-	int AES_BLOCK_LENGTH = 16;
-
-	/**
-	 * 0-filled initialization vector.
-	 */
-	byte[] EMPTY_IV = new byte[AES_BLOCK_LENGTH];
-
-	/**
-	 * Number of iterations for key derived from user pw. High iteration count for better resistance to bruteforcing.
-	 */
-	int PBKDF2_PW_ITERATIONS = 1000;
-
-	/**
-	 * Number of iterations for key derived from masterkey. Low iteration count for better performance. No additional security is added by
-	 * high values.
-	 */
-	int PBKDF2_MASTERKEY_ITERATIONS = 1;
-
-}

main/crypto-aes/src/main/java/org/cryptomator/crypto/aes256/FileNamingConventions.java

@@ -1,61 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.crypto.aes256;
-
-import java.nio.file.FileSystems;
-import java.nio.file.PathMatcher;
-
-import org.apache.commons.codec.binary.Base32;
-import org.apache.commons.codec.binary.BaseNCodec;
-
-interface FileNamingConventions {
-
-	/**
-	 * Extension of masterkey files inside the root directory of the encrypted storage.
-	 */
-	String MASTERKEY_FILE_EXT = ".masterkey.json";
-
-	/**
-	 * How to encode the encrypted file names safely.
-	 */
-	BaseNCodec ENCRYPTED_FILENAME_CODEC = new Base32();
-
-	/**
-	 * Maximum length possible on file systems with a filename limit of 255 chars.<br/>
-	 * Also we would need a few chars for our file extension, so lets use {@value #ENCRYPTED_FILENAME_LENGTH_LIMIT}.
-	 */
-	int ENCRYPTED_FILENAME_LENGTH_LIMIT = 250;
-
-	/**
-	 * For plaintext file names <= {@value #ENCRYPTED_FILENAME_LENGTH_LIMIT} chars.
-	 */
-	String BASIC_FILE_EXT = ".aes";
-
-	/**
-	 * For plaintext file names > {@value #ENCRYPTED_FILENAME_LENGTH_LIMIT} chars.
-	 */
-	String LONG_NAME_FILE_EXT = ".lng.aes";
-
-	/**
-	 * Prefix in file names > {@value #ENCRYPTED_FILENAME_LENGTH_LIMIT} chars used to determine the corresponding metadata file.
-	 */
-	String LONG_NAME_PREFIX_SEPARATOR = "_";
-
-	/**
-	 * For metadata files for a certain group of files. The cryptor may decide what files to assign to the same group; hopefully using some
-	 * kind of uniform distribution for better load balancing.
-	 */
-	String METADATA_FILE_EXT = ".meta";
-
-	/**
-	 * Matches both, {@value #BASIC_FILE_EXT} and {@value #LONG_NAME_FILE_EXT} files.
-	 */
-	PathMatcher ENCRYPTED_FILE_GLOB_MATCHER = FileSystems.getDefault().getPathMatcher("glob:**/*{" + BASIC_FILE_EXT + "," + LONG_NAME_FILE_EXT + "}");
-
-}

main/crypto-aes/src/main/java/org/cryptomator/crypto/aes256/Key.java

@@ -1,67 +0,0 @@
-package org.cryptomator.crypto.aes256;
-
-import java.io.Serializable;
-
-import com.fasterxml.jackson.annotation.JsonPropertyOrder;
-
-@JsonPropertyOrder(value = { "salt", "iv", "iterations", "keyLength", "masterkey" })
-public class Key implements Serializable {
-
-	private static final long serialVersionUID = 8578363158959619885L;
-	private byte[] salt;
-	private byte[] iv;
-	private int iterations;
-	private int keyLength;
-	private byte[] pwVerification;
-	private byte[] masterkey;
-	
-	public byte[] getSalt() {
-		return salt;
-	}
-	
-	public void setSalt(byte[] salt) {
-		this.salt = salt;
-	}
-
-	public byte[] getIv() {
-		return iv;
-	}
-
-	public void setIv(byte[] iv) {
-		this.iv = iv;
-	}
-
-	public int getIterations() {
-		return iterations;
-	}
-
-	public void setIterations(int iterations) {
-		this.iterations = iterations;
-	}
-
-	public int getKeyLength() {
-		return keyLength;
-	}
-
-	public void setKeyLength(int keyLength) {
-		this.keyLength = keyLength;
-	}
-
-	public byte[] getPwVerification() {
-		return pwVerification;
-	}
-
-	public void setPwVerification(byte[] pwVerification) {
-		this.pwVerification = pwVerification;
-	}
-
-	public byte[] getMasterkey() {
-		return masterkey;
-	}
-
-	public void setMasterkey(byte[] masterkey) {
-		this.masterkey = masterkey;
-	}
-
-	
-}

main/crypto-aes/src/main/java/org/cryptomator/crypto/aes256/LongFilenameMetadata.java

@@ -1,49 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.crypto.aes256;
-
-import java.io.Serializable;
-import java.util.UUID;
-
-import org.apache.commons.collections4.BidiMap;
-import org.apache.commons.collections4.bidimap.DualHashBidiMap;
-
-import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
-
-class LongFilenameMetadata implements Serializable {
-
-	private static final long serialVersionUID = 6214509403824421320L;
-
-	@JsonDeserialize(as = DualHashBidiMap.class)
-	private BidiMap<UUID, String> encryptedFilenames = new DualHashBidiMap<>();
-
-	/* Getter/Setter */
-
-	public synchronized String getEncryptedFilenameForUUID(final UUID uuid) {
-		return encryptedFilenames.get(uuid);
-	}
-
-	public synchronized UUID getOrCreateUuidForEncryptedFilename(String encryptedFilename) {
-		UUID uuid = encryptedFilenames.getKey(encryptedFilename);
-		if (uuid == null) {
-			uuid = UUID.randomUUID();
-			encryptedFilenames.put(uuid, encryptedFilename);
-		}
-		return uuid;
-	}
-
-	public BidiMap<UUID, String> getEncryptedFilenames() {
-		return encryptedFilenames;
-	}
-
-	public void setEncryptedFilenames(BidiMap<UUID, String> encryptedFilenames) {
-		this.encryptedFilenames = encryptedFilenames;
-	}
-
-}

main/crypto-aes/src/main/java/org/cryptomator/crypto/exceptions/DecryptFailedException.java

@@ -1,9 +0,0 @@
-package org.cryptomator.crypto.exceptions;
-
-public class DecryptFailedException extends StorageCryptingException {
-	private static final long serialVersionUID = -3855673600374897828L;
-
-	public DecryptFailedException(Throwable t) {
-		super("Decryption failed.", t);
-	}
-}

main/crypto-aes/src/main/java/org/cryptomator/crypto/exceptions/StorageCryptingException.java

@@ -1,13 +0,0 @@
-package org.cryptomator.crypto.exceptions;
-
-public class StorageCryptingException extends Exception {
-	private static final long serialVersionUID = -6622699014483319376L;
-	
-	public StorageCryptingException(String string) {
-		super(string);
-	}
-	
-	public StorageCryptingException(String string, Throwable t) {
-		super(string, t);
-	}
-}

main/crypto-aes/src/main/java/org/cryptomator/crypto/exceptions/UnsupportedKeyLengthException.java

@@ -1,23 +0,0 @@
-package org.cryptomator.crypto.exceptions;
-
-public class UnsupportedKeyLengthException extends StorageCryptingException {
-	private static final long serialVersionUID = 8114147446419390179L;
-
-	private final int requestedLength;
-	private final int supportedLength;
-
-	public UnsupportedKeyLengthException(int length, int maxLength) {
-		super(String.format("Key length (%i) exceeds policy maximum (%i).", length, maxLength));
-		this.requestedLength = length;
-		this.supportedLength = maxLength;
-	}
-
-	public int getRequestedLength() {
-		return requestedLength;
-	}
-
-	public int getSupportedLength() {
-		return supportedLength;
-	}
-
-}

main/crypto-aes/src/main/java/org/cryptomator/crypto/exceptions/WrongPasswordException.java

@@ -1,9 +0,0 @@
-package org.cryptomator.crypto.exceptions;
-
-public class WrongPasswordException extends StorageCryptingException {
-	private static final long serialVersionUID = -602047799678568780L;
-
-	public WrongPasswordException() {
-		super("Wrong password.");
-	}
-}

main/crypto-aes/src/test/java/org/cryptomator/crypto/aes256/Aes256CryptorTest.java

@@ -1,155 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.crypto.aes256;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.nio.file.FileAlreadyExistsException;
-import java.nio.file.FileSystems;
-import java.nio.file.Files;
-import java.nio.file.NoSuchFileException;
-import java.nio.file.Path;
-import java.nio.file.StandardOpenOption;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.commons.io.FileUtils;
-import org.cryptomator.crypto.CryptorIOSupport;
-import org.cryptomator.crypto.exceptions.DecryptFailedException;
-import org.cryptomator.crypto.exceptions.UnsupportedKeyLengthException;
-import org.cryptomator.crypto.exceptions.WrongPasswordException;
-import org.junit.After;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-public class Aes256CryptorTest {
-
-	private Path tmpDir;
-	private Path masterKey;
-
-	@Before
-	public void prepareTmpDir() throws IOException {
-		final String tmpDirName = (String) System.getProperties().get("java.io.tmpdir");
-		final Path path = FileSystems.getDefault().getPath(tmpDirName);
-		tmpDir = Files.createTempDirectory(path, "oce-crypto-test");
-		masterKey = tmpDir.resolve("test" + Aes256Cryptor.MASTERKEY_FILE_EXT);
-	}
-
-	@After
-	public void dropTmpDir() throws IOException {
-		FileUtils.deleteDirectory(tmpDir.toFile());
-	}
-
-	/* ------------------------------------------------------------------------------- */
-
-	@Test(expected = IllegalStateException.class)
-	public void testUninitializedMasterKey() throws IOException {
-		final String pw = "asd";
-		final Aes256Cryptor cryptor = new Aes256Cryptor();
-		final OutputStream out = Files.newOutputStream(masterKey, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
-		cryptor.encryptMasterKey(out, pw);
-	}
-
-	@Test
-	public void testCorrectPassword() throws IOException, WrongPasswordException, DecryptFailedException, UnsupportedKeyLengthException {
-		final String pw = "asd";
-		final Aes256Cryptor cryptor = new Aes256Cryptor();
-		final OutputStream out = Files.newOutputStream(masterKey, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
-		cryptor.randomizeMasterKey();
-		cryptor.encryptMasterKey(out, pw);
-		cryptor.swipeSensitiveData();
-
-		final Aes256Cryptor decryptor = new Aes256Cryptor();
-		final InputStream in = Files.newInputStream(masterKey, StandardOpenOption.READ);
-		decryptor.decryptMasterKey(in, pw);
-	}
-
-	@Test(expected = WrongPasswordException.class)
-	public void testWrongPassword() throws IOException, DecryptFailedException, WrongPasswordException, UnsupportedKeyLengthException {
-		final String pw = "asd";
-		final Aes256Cryptor cryptor = new Aes256Cryptor();
-		final OutputStream out = Files.newOutputStream(masterKey, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
-		cryptor.randomizeMasterKey();
-		cryptor.encryptMasterKey(out, pw);
-		cryptor.swipeSensitiveData();
-
-		final String wrongPw = "foo";
-		final Aes256Cryptor decryptor = new Aes256Cryptor();
-		final InputStream in = Files.newInputStream(masterKey, StandardOpenOption.READ);
-		decryptor.decryptMasterKey(in, wrongPw);
-	}
-
-	@Test(expected = NoSuchFileException.class)
-	public void testWrongLocation() throws IOException, DecryptFailedException, WrongPasswordException, UnsupportedKeyLengthException {
-		final String pw = "asd";
-		final Aes256Cryptor cryptor = new Aes256Cryptor();
-		final OutputStream out = Files.newOutputStream(masterKey, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
-		cryptor.randomizeMasterKey();
-		cryptor.encryptMasterKey(out, pw);
-		cryptor.swipeSensitiveData();
-
-		final Path wrongMasterKey = tmpDir.resolve("notExistingMasterKey.json");
-		final Aes256Cryptor decryptor = new Aes256Cryptor();
-		final InputStream in = Files.newInputStream(wrongMasterKey, StandardOpenOption.READ);
-		decryptor.decryptMasterKey(in, pw);
-	}
-
-	@Test(expected = FileAlreadyExistsException.class)
-	public void testReInitialization() throws IOException {
-		final String pw = "asd";
-		final Aes256Cryptor cryptor = new Aes256Cryptor();
-		final OutputStream out = Files.newOutputStream(masterKey, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
-		cryptor.randomizeMasterKey();
-		cryptor.encryptMasterKey(out, pw);
-		cryptor.swipeSensitiveData();
-
-		final OutputStream outAgain = Files.newOutputStream(masterKey, StandardOpenOption.WRITE, StandardOpenOption.CREATE_NEW);
-		cryptor.encryptMasterKey(outAgain, pw);
-		cryptor.swipeSensitiveData();
-	}
-
-	@Test
-	public void testEncryptionOfFilenames() throws IOException {
-		final CryptorIOSupport ioSupportMock = new CryptoIOSupportMock();
-		final Aes256Cryptor cryptor = new Aes256Cryptor();
-		cryptor.randomizeMasterKey();
-
-		// short path components
-		final String originalPath1 = "foo/bar/baz";
-		final String encryptedPath1 = cryptor.encryptPath(originalPath1, '/', '/', ioSupportMock);
-		final String decryptedPath1 = cryptor.decryptPath(encryptedPath1, '/', '/', ioSupportMock);
-		Assert.assertEquals(originalPath1, decryptedPath1);
-
-		// long path components
-		final String str50chars = "aaaaaaaaaabbbbbbbbbbccccccccccddddddddddeeeeeeeeee";
-		final String originalPath2 = "foo/" + str50chars + str50chars + str50chars + str50chars + str50chars + "/baz";
-		final String encryptedPath2 = cryptor.encryptPath(originalPath2, '/', '/', ioSupportMock);
-		final String decryptedPath2 = cryptor.decryptPath(encryptedPath2, '/', '/', ioSupportMock);
-		Assert.assertEquals(originalPath2, decryptedPath2);
-	}
-
-	private static class CryptoIOSupportMock implements CryptorIOSupport {
-
-		private final Map<String, byte[]> map = new HashMap<>();
-
-		@Override
-		public void writePathSpecificMetadata(String encryptedPath, byte[] encryptedMetadata) {
-			map.put(encryptedPath, encryptedMetadata);
-		}
-
-		@Override
-		public byte[] readPathSpecificMetadata(String encryptedPath) {
-			return map.get(encryptedPath);
-		}
-
-	}
-
-}

main/crypto-api/src/main/java/org/cryptomator/crypto/AbstractCryptor.java

@@ -1,30 +0,0 @@
-package org.cryptomator.crypto;
-
-import java.util.HashSet;
-import java.util.Set;
-
-public abstract class AbstractCryptor implements Cryptor {
-
-	private final Set<SensitiveDataSwipeListener> swipeListeners = new HashSet<>();
-
-	@Override
-	public final void swipeSensitiveData() {
-		this.swipeSensitiveDataInternal();
-		for (final SensitiveDataSwipeListener sensitiveDataSwipeListener : swipeListeners) {
-			sensitiveDataSwipeListener.swipeSensitiveData();
-		}
-	}
-
-	protected abstract void swipeSensitiveDataInternal();
-
-	@Override
-	public final void addSensitiveDataSwipeListener(SensitiveDataSwipeListener listener) {
-		this.swipeListeners.add(listener);
-	}
-
-	@Override
-	public final void removeSensitiveDataSwipeListener(SensitiveDataSwipeListener listener) {
-		this.swipeListeners.remove(listener);
-	}
-
-}

main/crypto-api/src/main/java/org/cryptomator/crypto/Cryptor.java

@@ -1,77 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.crypto;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.nio.channels.SeekableByteChannel;
-import java.nio.file.DirectoryStream.Filter;
-import java.nio.file.Path;
-
-/**
- * Provides access to cryptographic functions. All methods are threadsafe.
- */
-public interface Cryptor extends SensitiveDataSwipeListener {
-
-	/**
-	 * Encrypts each plaintext path component for its own.
-	 * 
-	 * @param cleartextPath A relative path (UTF-8 encoded)
-	 * @param encryptedPathSep Path separator char like '/' used on local file system. Must not be null, even if cleartextPath is a sole
-	 *            file name without any path separators.
-	 * @param cleartextPathSep Path separator char like '/' used in webdav URIs. Must not be null, even if cleartextPath is a sole file name
-	 *            without any path separators.
-	 * @param metadataSupport Support object allowing the Cryptor to read and write its own metadata to the location of the encrypted file.
-	 * @return Encrypted path components concatenated by the given encryptedPathSep. Must not start with encryptedPathSep, unless the
-	 *         encrypted path is explicitly absolute.
-	 */
-	String encryptPath(String cleartextPath, char encryptedPathSep, char cleartextPathSep, CryptorIOSupport ioSupport);
-
-	/**
-	 * Decrypts each encrypted path component for its own.
-	 * 
-	 * @param encryptedPath A relative path (UTF-8 encoded)
-	 * @param encryptedPathSep Path separator char like '/' used on local file system. Must not be null, even if encryptedPath is a sole
-	 *            file name without any path separators.
-	 * @param cleartextPathSep Path separator char like '/' used in webdav URIs. Must not be null, even if encryptedPath is a sole file name
-	 *            without any path separators.
-	 * @param metadataSupport Support object allowing the Cryptor to read and write its own metadata to the location of the encrypted file.
-	 * @return Decrypted path components concatenated by the given cleartextPathSep. Must not start with cleartextPathSep, unless the
-	 *         cleartext path is explicitly absolute.
-	 */
-	String decryptPath(String encryptedPath, char encryptedPathSep, char cleartextPathSep, CryptorIOSupport ioSupport);
-
-	/**
-	 * @param metadataSupport Support object allowing the Cryptor to read and write its own metadata to the location of the encrypted file.
-	 * @return Content length of the decrypted file or <code>null</code> if unknown.
-	 */
-	Long decryptedContentLength(SeekableByteChannel encryptedFile) throws IOException;
-
-	/**
-	 * @return Number of decrypted bytes. This might not be equal to the encrypted file size due to optional metadata written to it.
-	 */
-	Long decryptedFile(SeekableByteChannel encryptedFile, OutputStream plaintextFile) throws IOException;
-
-	/**
-	 * @return Number of encrypted bytes. This might not be equal to the encrypted file size due to optional metadata written to it.
-	 */
-	Long encryptFile(InputStream plaintextFile, SeekableByteChannel encryptedFile) throws IOException;
-
-	/**
-	 * @return A filter, that returns <code>true</code> for encrypted files, i.e. if the file is an actual user payload and not a supporting
-	 *         metadata file of the {@link Cryptor}.
-	 */
-	Filter<Path> getPayloadFilesFilter();
-
-	void addSensitiveDataSwipeListener(SensitiveDataSwipeListener listener);
-
-	void removeSensitiveDataSwipeListener(SensitiveDataSwipeListener listener);
-
-}

main/crypto-api/src/main/java/org/cryptomator/crypto/CryptorIOSupport.java

@@ -1,23 +0,0 @@
-package org.cryptomator.crypto;
-
-import java.io.IOException;
-
-/**
- * Methods that may be called by the Cryptor when accessing a path.
- */
-public interface CryptorIOSupport {
-
-	/**
-	 * Persists encryptedMetadata to the given encryptedPath.
-	 * 
-	 * @param encryptedPath A relative path
-	 * @throws IOException
-	 */
-	void writePathSpecificMetadata(String encryptedPath, byte[] encryptedMetadata) throws IOException;
-
-	/**
-	 * @return Previously written encryptedMetadata stored at the given encryptedPath or <code>null</code> if no such file exists.
-	 */
-	byte[] readPathSpecificMetadata(String encryptedPath) throws IOException;
-
-}

main/crypto-api/src/main/java/org/cryptomator/crypto/SensitiveDataSwipeListener.java

@@ -1,11 +0,0 @@
-package org.cryptomator.crypto;
-
-public interface SensitiveDataSwipeListener {
-
-	/**
-	 * Removes sensitive data from memory. Depending on the data (e.g. for passwords) it might be necessary to overwrite the memory before
-	 * freeing the object.
-	 */
-	void swipeSensitiveData();
-
-}

main/crypto-api/src/main/java/org/cryptomator/crypto/io/SeekableByteChannelInputStream.java

@@ -1,90 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.crypto.io;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.ByteBuffer;
-import java.nio.channels.SeekableByteChannel;
-
-public class SeekableByteChannelInputStream extends InputStream {
-	private final SeekableByteChannel channel;
-	private volatile long markedPos = 0;
-
-	public SeekableByteChannelInputStream(SeekableByteChannel channel) {
-		this.channel = channel;
-	}
-
-	@Override
-	public int read() throws IOException {
-		final ByteBuffer buffer = ByteBuffer.allocate(1);
-		final int read = channel.read(buffer);
-		if (read == 1) {
-			return buffer.get(0);
-		} else {
-			return -1;
-		}
-	}
-
-	@Override
-	public int read(byte[] b, int off, int len) throws IOException {
-		final ByteBuffer buffer = ByteBuffer.wrap(b, off, len);
-		return channel.read(buffer);
-	}
-
-	@Override
-	public int available() throws IOException {
-		long available = channel.size() - channel.position();
-		if (available > Integer.MAX_VALUE) {
-			return Integer.MAX_VALUE;
-		} else {
-			return (int) available;
-		}
-	}
-
-	@Override
-	public long skip(long n) throws IOException {
-		final long pos = channel.position();
-		final long max = channel.size();
-		final long maxSkip = max - pos;
-		final long actualSkip = Math.min(n, maxSkip);
-		channel.position(channel.position() + actualSkip);
-		return actualSkip;
-	}
-
-	@Override
-	public void close() throws IOException {
-		channel.close();
-		super.close();
-	}
-
-	@Override
-	public synchronized void mark(int readlimit) {
-		try {
-			markedPos = channel.position();
-		} catch (IOException e) {
-			markedPos = 0;
-		}
-	}
-
-	@Override
-	public synchronized void reset() throws IOException {
-		channel.position(markedPos);
-	}
-
-	public synchronized void resetTo(long position) throws IOException {
-		channel.position(position);
-	}
-
-	@Override
-	public boolean markSupported() {
-		return true;
-	}
-
-}

main/crypto-api/src/main/java/org/cryptomator/crypto/io/SeekableByteChannelOutputStream.java

@@ -1,64 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2014 Sebastian Stenzel
- * This file is licensed under the terms of the MIT license.
- * See the LICENSE.txt file for more info.
- * 
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- ******************************************************************************/
-package org.cryptomator.crypto.io;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.nio.ByteBuffer;
-import java.nio.channels.SeekableByteChannel;
-
-public class SeekableByteChannelOutputStream extends OutputStream {
-
-	private final SeekableByteChannel channel;
-
-	public SeekableByteChannelOutputStream(SeekableByteChannel channel) {
-		this.channel = channel;
-	}
-
-	@Override
-	public void write(int b) throws IOException {
-		final byte actualByte = (byte) (b & 0x000000FF);
-		final ByteBuffer buffer = ByteBuffer.allocate(1);
-		buffer.put(actualByte);
-		channel.write(buffer);
-	}
-
-	@Override
-	public void write(byte[] b, int off, int len) throws IOException {
-		final ByteBuffer buffer = ByteBuffer.wrap(b, off, len);
-		channel.write(buffer);
-	}
-
-	@Override
-	public void close() throws IOException {
-		channel.close();
-	}
-
-	/**
-	 * @see SeekableByteChannel#truncate(long)
-	 */
-	public void truncate(long size) throws IOException {
-		channel.truncate(size);
-	}
-
-	/**
-	 * @see SeekableByteChannel#position()
-	 */
-	public long position() throws IOException {
-		return channel.position();
-	}
-
-	/**
-	 * @see SeekableByteChannel#position(long)
-	 */
-	public void position(long newPosition) throws IOException {
-		channel.position(newPosition);
-	}
-
-}

main/filesystem-api/.gitignore

@@ -0,0 +1,2 @@
+/target/
+/target/

main/filesystem-api/pom.xml

@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Copyright (c) 2015 Markus Kreusch
+  This file is licensed under the terms of the MIT license.
+  See the LICENSE.txt file for more info.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.cryptomator</groupId>
+		<artifactId>main</artifactId>
+		<version>1.0.3b</version>
+	</parent>
+	<artifactId>filesystem-api</artifactId>
+	<name>Cryptomator filesystem: API</name>
+
+	<dependencies>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>commons</artifactId>
+		</dependency>
+		
+		<!-- Guava -->
+		<dependency>
+			<groupId>com.google.guava</groupId>
+			<artifactId>guava</artifactId>
+		</dependency>
+
+		<!-- apache commons -->
+		<dependency>
+			<groupId>commons-io</groupId>
+			<artifactId>commons-io</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>commons-lang3</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>commons-collections4</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>commons-test</artifactId>
+		</dependency>
+	</dependencies>
+	
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.jacoco</groupId>
+				<artifactId>jacoco-maven-plugin</artifactId>
+			</plugin>
+		</plugins>
+	</build>
+</project>

main/filesystem-api/src/main/java/org/cryptomator/filesystem/Copier.java

@@ -0,0 +1,55 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.filesystem;
+
+import java.io.IOException;
+import java.io.UncheckedIOException;
+
+import com.google.common.io.ByteStreams;
+
+class Copier {
+
+	public static void copy(Folder source, Folder destination) {
+		assertFoldersAreNotNested(source, destination);
+
+		destination.delete();
+		destination.create();
+
+		source.files().forEach(sourceFile -> {
+			File destinationFile = destination.file(sourceFile.name());
+			sourceFile.copyTo(destinationFile);
+		});
+
+		source.folders().forEach(sourceFolder -> {
+			Folder destinationFolder = destination.folder(sourceFolder.name());
+			sourceFolder.copyTo(destinationFolder);
+		});
+	}
+
+	public static void copy(File source, File destination) {
+		try (OpenFiles openFiles = DeadlockSafeFileOpener.withReadable(source).andWritable(destination).open()) {
+			ReadableFile readable = openFiles.readable(source);
+			WritableFile writable = openFiles.writable(destination);
+			writable.truncate();
+			ByteStreams.copy(readable, writable);
+		} catch (IOException e) {
+			throw new UncheckedIOException(e);
+		}
+	}
+
+	private static void assertFoldersAreNotNested(Folder source, Folder destination) {
+		if (source.isAncestorOf(destination)) {
+			throw new IllegalArgumentException("Can not copy parent to child directory (src: " + source + ", dst: " + destination + ")");
+		}
+		if (destination.isAncestorOf(source)) {
+			throw new IllegalArgumentException("Can not copy child to parent directory (src: " + source + ", dst: " + destination + ")");
+		}
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/DeadlockSafeFileOpener.java

@@ -0,0 +1,69 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.filesystem;
+
+import static java.lang.String.format;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.SortedMap;
+import java.util.TreeMap;
+import java.util.function.Consumer;
+
+public class DeadlockSafeFileOpener {
+
+	public static DeadlockSafeFileOpener withReadable(File file) {
+		return new DeadlockSafeFileOpener().andReadable(file);
+	}
+
+	public static DeadlockSafeFileOpener withWritable(File file) {
+		return new DeadlockSafeFileOpener().andWritable(file);
+	}
+
+	private final SortedMap<File, Consumer<File>> filesWithOperation = new TreeMap<>();
+
+	private final Map<File, ReadableFile> readableFiles = new HashMap<>();
+	private final Map<File, WritableFile> writableFiles = new HashMap<>();
+
+	private DeadlockSafeFileOpener() {
+	}
+
+	public DeadlockSafeFileOpener andReadable(File file) {
+		if (filesWithOperation.put(file, this::openReadable) != null) {
+			throw new IllegalArgumentException(format("File %s already marked for opening", file));
+		}
+		return this;
+	}
+
+	public DeadlockSafeFileOpener andWritable(File file) {
+		if (filesWithOperation.put(file, this::openWritable) != null) {
+			throw new IllegalArgumentException(format("File %s already marked for opening", file));
+		}
+		return this;
+	}
+
+	private void openReadable(File file) {
+		readableFiles.put(file, file.openReadable());
+	}
+
+	private void openWritable(File file) {
+		writableFiles.put(file, file.openWritable());
+	}
+
+	public OpenFiles open() {
+		try {
+			filesWithOperation.forEach((file, openAction) -> openAction.accept(file));
+		} catch (RuntimeException e) {
+			OpenFiles.cleanup(readableFiles.values(), writableFiles.values());
+			throw e;
+		}
+		return new OpenFiles(readableFiles, writableFiles);
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/Deleter.java

@@ -0,0 +1,15 @@
+package org.cryptomator.filesystem;
+
+public class Deleter {
+
+	/**
+	 * Deletes all and only the content of a given {@link Folder} but <b>not</b> the folder itself.
+	 */
+	public static void deleteContent(Folder folder) {
+		if (folder.exists()) {
+			folder.folders().forEach(Folder::delete);
+			folder.files().forEach(File::delete);
+		}
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/File.java

@@ -0,0 +1,81 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Markus Kreusch
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ ******************************************************************************/
+package org.cryptomator.filesystem;
+
+import java.io.IOException;
+import java.io.UncheckedIOException;
+
+/**
+ * A {@link File} in a {@link FileSystem}.
+ * 
+ * @author Markus Kreusch
+ */
+public interface File extends Node, Comparable<File> {
+
+	static final int EOF = -1;
+
+	/**
+	 * <p>
+	 * Opens this file for reading.
+	 * <p>
+	 * An implementation guarantees, that per {@link FileSystem} and
+	 * {@code File} while a {@code ReadableFile} is open no {@link WritableFile}
+	 * can be open and vice versa. A {@link ReadableFile} is open when returned
+	 * from this method and not yet closed using {@link ReadableFile#close()}.
+	 * <br>
+	 * A limitation to the number of {@code ReadableFiles} is in general not
+	 * required but may be set by a specific implementation.
+	 * <p>
+	 * If a {@link WritableFile} for this {@code File} is open the invocation of
+	 * this method will block regarding the specified timeout.<br>
+	 * In addition implementations may block to lock the required IO resources
+	 * to read the file.
+	 * 
+	 * @return a {@link ReadableFile} to work with
+	 * @throws UncheckedIOException
+	 *             if an {@link IOException} occurs while opening the file, the
+	 *             file does not exist or is a directory
+	 */
+
+	ReadableFile openReadable() throws UncheckedIOException;
+
+	/**
+	 * <p>
+	 * Opens this file for writing.
+	 * <p>
+	 * If the file does not exist a new empty file is created.
+	 * <p>
+	 * An implementation guarantees, that per {@link FileSystem} and
+	 * {@code File} only one {@link WritableFile} is open at a time. A
+	 * {@code WritableFile} is open when returned from this method and not yet
+	 * closed using {@link WritableFile#close()} or
+	 * {@link WritableFile#delete()}.<br>
+	 * In addition while a {@code WritableFile} is open no {@link ReadableFile}
+	 * can be open and vice versa.
+	 * <p>
+	 * If a {@code Readable-} or {@code WritableFile} for this {@code File} is
+	 * open the invocation of this method will block regarding the specified
+	 * timeout.<br>
+	 * In addition implementations may block to lock the required IO resources
+	 * to read the file.
+	 * 
+	 * @return a {@link WritableFile} to work with
+	 * @throws UncheckedIOException
+	 *             if an {@link IOException} occurs while opening the file or
+	 *             the file is a directory
+	 */
+	WritableFile openWritable() throws UncheckedIOException;
+
+	default void copyTo(File destination) {
+		Copier.copy(this, destination);
+	}
+
+	/**
+	 * Moves this file including content to a new location specified by <code>destination</code>.
+	 */
+	void moveTo(File destination) throws UncheckedIOException;
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/FileSystem.java

@@ -0,0 +1,30 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Markus Kreusch
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ ******************************************************************************/
+package org.cryptomator.filesystem;
+
+import java.util.Optional;
+
+/**
+ * The root folder of a file system.
+ * 
+ * @author Markus Kreusch
+ */
+public interface FileSystem extends Folder {
+
+	/**
+	 * @return an empty {@link Optional} because a {@link FileSystem} represents
+	 *         the root {@link Folder} and thus does not have a parent
+	 */
+	@Override
+	default Optional<? extends Folder> parent() {
+		return Optional.empty();
+	}
+
+	Optional<Long> quotaUsedBytes();
+
+	Optional<Long> quotaAvailableBytes();
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/Folder.java

@@ -0,0 +1,145 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Markus Kreusch
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ ******************************************************************************/
+package org.cryptomator.filesystem;
+
+import java.io.IOException;
+import java.io.UncheckedIOException;
+import java.util.stream.Stream;
+
+/**
+ * A {@link Folder} in a {@link FileSystem}.
+ * 
+ * @author Markus Kreusch
+ */
+public interface Folder extends Node {
+
+	/**
+	 * <p>
+	 * Creates a {@link Stream} over all child nodes of this {@code Folder}.
+	 * <p>
+	 * <b>Note:</b> The {@link Stream} may be lazily populated and thus
+	 * {@link IOException IOExceptions} may occurs after this method returned.
+	 * In this case implementors should throw a {@link UncheckedIOException}
+	 * from any method that produces an {@link IOException}. Thus users should
+	 * expect {@link UncheckedIOException UncheckedIOExceptions} when invoking
+	 * methods on the returned {@code Stream}.
+	 * 
+	 * @return the created {@code Stream}
+	 * @throws UncheckedIOException
+	 *             if an {@link IOException} occurs while initializing the
+	 *             stream or the {@code Folder} does not exist
+	 */
+	Stream<? extends Node> children() throws UncheckedIOException;
+
+	/**
+	 * <p>
+	 * Returns the child {@link Node} in this directory of type {@link File}
+	 * with the specified name.
+	 * <p>
+	 * This operation always returns a {@link File} without checking if the file
+	 * exists or is a {@link Folder} instead.
+	 */
+	File file(String name) throws UncheckedIOException;
+
+	/**
+	 * Returns a file by resolving a path relative to this folder.
+	 * 
+	 * @param path A unix-style path, which is always relative to this folder, no matter if it starts with a slash or not. Path must not be empty.
+	 * @return File with the given path relative to this folder
+	 * @throws IllegalArgumentException
+	 *             if relativePath is empty
+	 */
+	default File resolveFile(String relativePath) throws UncheckedIOException, IllegalArgumentException {
+		return PathResolver.resolveFile(this, relativePath);
+	}
+
+	/**
+	 * <p>
+	 * Returns the child {@link Node} in this directory of type {@link Folder}
+	 * with the specified name.
+	 * <p>
+	 * This operation always returns a {@link Folder} without checking if the
+	 * folder exists or is a {@link File} instead.
+	 */
+	Folder folder(String name) throws UncheckedIOException;
+
+	/**
+	 * Returns a folder by resolving a path relative to this folder.
+	 * 
+	 * @param path A unix-style path, which is always relative to this folder, no matter if it starts with a slash or not. Path may be empty.
+	 * @return Folder with the given path relative to this folder. Returns <code>this</code> if path is empty.
+	 */
+	default Folder resolveFolder(String relativePath) throws UncheckedIOException {
+		return PathResolver.resolveFolder(this, relativePath);
+	}
+
+	/**
+	 * Creates the directory including all parent directories, if it doesn't
+	 * exist yet. No effect, if folder already exists.
+	 * 
+	 * @throws UncheckedIOException
+	 *             if an {@link IOException} occurs while creating the folder or
+	 *             one of its parents
+	 */
+	void create() throws UncheckedIOException;
+
+	/**
+	 * Recusively copies this directory and all its contents to (not into) the
+	 * given destination, creating nonexisting parent directories. If the target
+	 * exists it is deleted before performing the copy.
+	 * 
+	 * @param target
+	 *            Destination folder. Must not be a descendant of this folder.
+	 */
+	default void copyTo(Folder target) throws UncheckedIOException {
+		Copier.copy(this, target);
+	}
+
+	/**
+	 * Moves this directory and its contents to the given destination. If the
+	 * target exists it is deleted before performing the move.
+	 */
+	void moveTo(Folder target);
+
+	/**
+	 * @return the result of {@link #children()} filtered to contain only
+	 *         {@link File Files}
+	 */
+	default Stream<? extends File> files() throws UncheckedIOException {
+		return children() //
+				.filter(File.class::isInstance) //
+				.map(File.class::cast);
+	}
+
+	/**
+	 * @return the result of {@link #children()} filtered to contain only
+	 *         {@link Folder Folders}
+	 */
+	default Stream<? extends Folder> folders() throws UncheckedIOException {
+		return children() //
+				.filter(Folder.class::isInstance) //
+				.map(Folder.class::cast);
+	}
+
+	/**
+	 * Recursively checks whether this folder or any subfolder contains the
+	 * given node.
+	 * 
+	 * @param node
+	 *            Potential child, grandchild, ...
+	 * @return <code>true</code> if this folder is an ancestor of the node.
+	 */
+	default boolean isAncestorOf(Node node) {
+		if (!node.parent().isPresent()) {
+			return false;
+		} else if (node.parent().get().equals(this)) {
+			return true;
+		} else {
+			return this.isAncestorOf(node.parent().get());
+		}
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/FolderVisitor.java

@@ -0,0 +1,131 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.filesystem;
+
+import static java.lang.String.format;
+
+import java.util.function.Consumer;
+
+public class FolderVisitor {
+
+	private final Consumer<Folder> beforeFolderVisitor;
+	private final Consumer<Folder> afterFolderVisitor;
+	private final Consumer<File> fileVisitor;
+	private final Consumer<Node> nodeVisitor;
+	private final int maxDepth;
+
+	public FolderVisitor(FolderVisitorBuilder builder) {
+		this.beforeFolderVisitor = builder.beforeFolderVisitor;
+		this.afterFolderVisitor = builder.afterFolderVisitor;
+		this.fileVisitor = builder.fileVisitor;
+		this.nodeVisitor = builder.nodeVisitor;
+		this.maxDepth = builder.maxDepth;
+	}
+
+	public static FolderVisitorBuilder folderVisitor() {
+		return new FolderVisitorBuilder();
+	}
+
+	public FolderVisitor visit(Folder folder) {
+		return visit(folder, 0);
+	}
+
+	public FolderVisitor visit(File file) {
+		return visit(file, 0);
+	}
+
+	private FolderVisitor visit(Folder folder, int depth) {
+		beforeFolderVisitor.accept(folder);
+		nodeVisitor.accept(folder);
+		final int childDepth = depth + 1;
+		if (childDepth <= maxDepth) {
+			folder.folders().forEach(childFolder -> visit(childFolder, childDepth));
+			folder.files().forEach(childFile -> visit(childFile, childDepth));
+		}
+		afterFolderVisitor.accept(folder);
+		return this;
+	}
+
+	private FolderVisitor visit(File file, int depth) {
+		nodeVisitor.accept(file);
+		fileVisitor.accept(file);
+		return this;
+	}
+
+	public static class FolderVisitorBuilder {
+
+		private Consumer<Folder> beforeFolderVisitor = noOp();
+		private Consumer<Folder> afterFolderVisitor = noOp();
+		private Consumer<File> fileVisitor = noOp();
+		private Consumer<Node> nodeVisitor = noOp();
+		private int maxDepth = Integer.MAX_VALUE;
+
+		private FolderVisitorBuilder() {
+		}
+
+		public FolderVisitorBuilder beforeFolder(Consumer<Folder> beforeFolderVisitor) {
+			if (beforeFolderVisitor == null) {
+				throw new IllegalArgumentException("Vistior may not be null");
+			}
+			this.beforeFolderVisitor = beforeFolderVisitor;
+			return this;
+		}
+
+		public FolderVisitorBuilder afterFolder(Consumer<Folder> afterFolderVisitor) {
+			if (afterFolderVisitor == null) {
+				throw new IllegalArgumentException("Vistior may not be null");
+			}
+			this.afterFolderVisitor = afterFolderVisitor;
+			return this;
+		}
+
+		public FolderVisitorBuilder forEachFile(Consumer<File> fileVisitor) {
+			if (fileVisitor == null) {
+				throw new IllegalArgumentException("Vistior may not be null");
+			}
+			this.fileVisitor = fileVisitor;
+			return this;
+		}
+
+		public FolderVisitorBuilder forEachNode(Consumer<Node> nodeVisitor) {
+			if (nodeVisitor == null) {
+				throw new IllegalArgumentException("Vistior may not be null");
+			}
+			this.nodeVisitor = nodeVisitor;
+			return this;
+		}
+
+		public FolderVisitorBuilder withMaxDepth(int maxDepth) {
+			if (maxDepth < 0) {
+				throw new IllegalArgumentException(format("maxDepth must not be smaller 0 but was %d", maxDepth));
+			}
+			this.maxDepth = maxDepth;
+			return this;
+		}
+
+		public FolderVisitor visit(Folder folder) {
+			return build().visit(folder);
+		}
+
+		public FolderVisitor visit(File file) {
+			return build().visit(file);
+		}
+
+		public FolderVisitor build() {
+			return new FolderVisitor(this);
+		}
+
+		private static <T> Consumer<T> noOp() {
+			return ignoredParameter -> {
+			};
+		}
+
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/Node.java

@@ -0,0 +1,100 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Markus Kreusch
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ ******************************************************************************/
+package org.cryptomator.filesystem;
+
+import java.io.IOException;
+import java.io.UncheckedIOException;
+import java.time.Instant;
+import java.util.Optional;
+
+/**
+ * Represents a node, namely a {@link File} or {@link Folder}, in a
+ * {@link FileSystem}.
+ * <p>
+ * A node's identity (i.e. {@link #hashCode()} and {@link #equals(Object)}) depends on its parent node and its name (forming the node's path).
+ * These properties are meant to be immutable. This means that e.g. moving a node doesn't modify the node's identity but rather transfers properties to the destination node.
+ * 
+ * @author Markus Kreusch
+ * @see Folder
+ * @see File
+ */
+public interface Node {
+
+	String name() throws UncheckedIOException;
+
+	/**
+	 * @return Optional parent folder. No parent is present for the root node (see {@link FileSystem#parent()}).
+	 */
+	Optional<? extends Folder> parent() throws UncheckedIOException;
+
+	/**
+	 * @return <code>true</code> if the node exists.
+	 */
+	boolean exists() throws UncheckedIOException;
+
+	/**
+	 * <p>
+	 * Deletes the node if it exists.
+	 * <p>
+	 * Does nothing if the node does not exist.
+	 */
+	void delete() throws UncheckedIOException;
+
+	/**
+	 * <p>
+	 * Determines the last modified date of this node.
+	 * 
+	 * @returns the last modified date of the file
+	 */
+	Instant lastModified() throws UncheckedIOException;
+
+	/**
+	 * <p>
+	 * Sets the last modified date of the file.
+	 * 
+	 * @param lastModified the time to set as creation time
+	 */
+	void setLastModified(Instant lastModified) throws UncheckedIOException;
+
+	/**
+	 * <p>
+	 * Determines the creation time of this node.
+	 * <p>
+	 * Note: Getting the creation time may not be supported by all {@link FileSystem FileSystems}.
+	 * 
+	 * @returns the creation time of the file or {@link Optional#empty()} if not supported
+	 */
+	default Optional<Instant> creationTime() throws UncheckedIOException {
+		return Optional.empty();
+	}
+
+	/**
+	 * <p>
+	 * Sets the creation time of this node.
+	 * <p>
+	 * Setting the creation time may not be supported by all {@link FileSystem FileSystems}. If the {@code FileSystem} this {@code Node} belongs to does not support the
+	 * setting the creation time the behavior of this method is unspecified.
+	 * 
+	 * @param creationTime the time to set as creation time
+	 */
+	default void setCreationTime(Instant creationTime) throws UncheckedIOException {
+		throw new UncheckedIOException(new IOException("CreationTime not supported"));
+	}
+
+	/**
+	 * @return the {@link FileSystem} this Node belongs to
+	 */
+	default FileSystem fileSystem() {
+		return parent() //
+				.map(Node::fileSystem) //
+				.orElseGet(() -> (FileSystem) this);
+	}
+
+	default boolean belongsToSameFilesystem(Node other) {
+		return fileSystem() == other.fileSystem();
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/OpenFiles.java

@@ -0,0 +1,71 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.filesystem;
+
+import java.io.UncheckedIOException;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.stream.Stream;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class OpenFiles implements AutoCloseable {
+
+	private final static Logger LOG = LoggerFactory.getLogger(OpenFiles.class);
+
+	private final Map<File, ReadableFile> readableFiles;
+	private final Map<File, WritableFile> writableFiles;
+
+	public OpenFiles(Map<File, ReadableFile> readableFiles, Map<File, WritableFile> writableFiles) {
+		this.readableFiles = readableFiles;
+		this.writableFiles = writableFiles;
+	}
+
+	@Override
+	public void close() throws UncheckedIOException {
+		OpenFiles.cleanup(readableFiles.values(), writableFiles.values());
+	}
+
+	public ReadableFile readable(File file) {
+		return readableFiles.computeIfAbsent(file, fileNotOpenForReading -> {
+			throw new IllegalArgumentException(String.format("File %s is not open for reading", fileNotOpenForReading));
+		});
+	}
+
+	public WritableFile writable(File file) {
+		return writableFiles.computeIfAbsent(file, fileNotOpenForWriting -> {
+			throw new IllegalArgumentException(String.format("File %s is not open for writing", fileNotOpenForWriting));
+		});
+	}
+
+	static void cleanup(Collection<ReadableFile> readableFiles, Collection<WritableFile> writableFiles) {
+		Iterator<? extends AutoCloseable> iterator = Stream.concat(readableFiles.stream(), writableFiles.stream()).iterator();
+		UncheckedIOException firstException = null;
+		while (iterator.hasNext()) {
+			AutoCloseable openFile = iterator.next();
+			try {
+				openFile.close();
+			} catch (UncheckedIOException e) {
+				if (firstException == null) {
+					firstException = e;
+				} else {
+					firstException.addSuppressed(e);
+				}
+			} catch (Exception e) {
+				LOG.error("Unexpected exception during close on " + openFile.getClass().getSimpleName(), e);
+			}
+		}
+		if (firstException != null) {
+			throw firstException;
+		}
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/PathResolver.java

@@ -0,0 +1,112 @@
+package org.cryptomator.filesystem;
+
+import java.io.FileNotFoundException;
+import java.io.UncheckedIOException;
+import java.util.Arrays;
+import java.util.Iterator;
+
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.StringUtils;
+
+final class PathResolver {
+
+	private static final String DOT = ".";
+	private static final String DOTDOT = "..";
+
+	private PathResolver() {
+	}
+
+	/**
+	 * Resolves a relative path (separated by '/') to a folder, e.g.
+	 * <!-- @formatter:off -->
+	 * <table>
+	 * <thead>
+	 * <tr>
+	 * <th>dir</th>
+	 * <th>path</th>
+	 * <th>result</th>
+	 * </tr>
+	 * </thead>
+	 * <tbody>
+	 * <tr>
+	 * <td>/foo/bar</td>
+	 * <td>foo/bar</td>
+	 * <td>/foo/bar/foo/bar</td>
+	 * </tr>
+	 * <tr>
+	 * <td>/foo/bar</td>
+	 * <td>../baz</td>
+	 * <td>/foo/baz</td>
+	 * </tr>
+	 * <tr>
+	 * <td>/foo/bar</td>
+	 * <td>./foo/..</td>
+	 * <td>/foo/bar</td>
+	 * </tr>
+	 * <tr>
+	 * <td>/foo/bar</td>
+	 * <td>/</td>
+	 * <td>/foo/bar</td>
+	 * </tr>
+	 * <tr>
+	 * <td>/foo/bar</td>
+	 * <td></td>
+	 * <td>/foo/bar</td>
+	 * </tr>
+	 * <tr>
+	 * <td>/foo/bar</td>
+	 * <td>../../..</td>
+	 * <td>Exception</td>
+	 * </tr>
+	 * </tbody>
+	 * </table>
+	 * 
+	 * @param dir The directory from which to resolve the path.
+	 * @param relativePath The path relative to a given directory.
+	 * @return The folder with the given path relative to the given dir.
+	 */
+	public static Folder resolveFolder(Folder dir, String relativePath) {
+		final String[] fragments = StringUtils.split(relativePath, '/');
+		if (ArrayUtils.isEmpty(fragments)) {
+			return dir;
+		}
+		return resolveFolder(dir, Arrays.stream(fragments).iterator());
+	}
+
+	/**
+	 * Resolves a relative path (separated by '/') to a file. Besides returning a File, this method is identical to {@link #resolveFile(Folder, String)}.
+	 * 
+	 * @param dir The directory from which to resolve the path.
+	 * @param relativePath The path relative to a given directory.
+	 * @return The file with the given path relative to the given dir.
+	 * @throws IllegalArgumentException
+	 *             if relativePath is empty, as this path would resolve to the directory itself, which obviously can't be a file.
+	 */
+	public static File resolveFile(Folder dir, String relativePath) {
+		final String[] fragments = StringUtils.split(relativePath, '/');
+		if (ArrayUtils.isEmpty(fragments)) {
+			throw new IllegalArgumentException("Empty relativePath");
+		}
+		final Folder folder = resolveFolder(dir, Arrays.stream(fragments).limit(fragments.length - 1).iterator());
+		final String filename = fragments[fragments.length - 1];
+		return folder.file(filename);
+	}
+
+	private static Folder resolveFolder(Folder dir, Iterator<String> remainingPathFragments) {
+		if (!remainingPathFragments.hasNext()) {
+			return dir;
+		}
+		final String fragment = remainingPathFragments.next();
+		assert fragment.length() > 0 : "iterator must not contain empty fragments";
+		if (DOT.equals(fragment)) {
+			return resolveFolder(dir, remainingPathFragments);
+		} else if (DOTDOT.equals(fragment) && dir.parent().isPresent()) {
+			return resolveFolder(dir.parent().get(), remainingPathFragments);
+		} else if (DOTDOT.equals(fragment) && !dir.parent().isPresent()) {
+			throw new UncheckedIOException(new FileNotFoundException("Unresolvable path"));
+		} else {
+			return resolveFolder(dir.folder(fragment), remainingPathFragments);
+		}
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/ReadableFile.java

@@ -0,0 +1,57 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Markus Kreusch
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ ******************************************************************************/
+package org.cryptomator.filesystem;
+
+import java.io.IOException;
+import java.io.UncheckedIOException;
+import java.nio.ByteBuffer;
+import java.nio.channels.ReadableByteChannel;
+
+public interface ReadableFile extends ReadableByteChannel {
+
+	/**
+	 * <p>
+	 * Tries to fill the remaining space in the given byte buffer with data from
+	 * this readable bytes from the current position.
+	 * <p>
+	 * May read less bytes if the end of this readable bytes has been reached.
+	 * 
+	 * @param target
+	 *            the byte buffer to fill
+	 * @return the number of bytes actually read, or {@code -1} if the end of
+	 *         file has been reached
+	 * @throws UncheckedIOException
+	 *             if an {@link IOException} occurs while reading from this
+	 *             {@code ReadableBytes}
+	 */
+	@Override
+	int read(ByteBuffer target) throws UncheckedIOException;
+
+	/**
+	 * @return The current size of the file. This value is a snapshot and might have been changed by concurrent modifications.
+	 * @throws UncheckedIOException
+	 *             if an {@link IOException} occurs
+	 */
+	long size() throws UncheckedIOException;
+
+	/**
+	 * <p>
+	 * Fast-forwards or rewinds the file to the specified position.
+	 * <p>
+	 * Consecutive reads on the file will begin at the new position.
+	 * 
+	 * @param position
+	 *            the position to set the file to
+	 * @throws UncheckedIOException
+	 *             if an {@link IOException} occurs
+	 * 
+	 */
+	void position(long position) throws UncheckedIOException;
+
+	@Override
+	void close() throws UncheckedIOException;
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/WritableFile.java

@@ -0,0 +1,63 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Markus Kreusch
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ ******************************************************************************/
+package org.cryptomator.filesystem;
+
+import java.io.IOException;
+import java.io.UncheckedIOException;
+import java.nio.ByteBuffer;
+import java.nio.channels.WritableByteChannel;
+
+public interface WritableFile extends WritableByteChannel {
+
+	void truncate() throws UncheckedIOException;
+
+	/**
+	 * Writes the data in the given byte buffer to this readable bytes at the
+	 * current position.
+	 * 
+	 * @param source
+	 *            the byte buffer to use
+	 * @return the number of bytes written, always equal to
+	 *         {@code source.remaining()}
+	 * @throws UncheckedIOException
+	 *             if an {@link IOException} occurs while writing
+	 */
+	@Override
+	int write(ByteBuffer source) throws UncheckedIOException;
+
+	/**
+	 * <p>
+	 * Fast-forwards or rewinds the file to the specified position.
+	 * <p>
+	 * Consecutive writes on the file will begin at the new position.
+	 * <p>
+	 * If the position is set to a value greater than the current end of file
+	 * consecutive writes will write data to the given position. The value of
+	 * all bytes between this position and the previous end of file will be
+	 * unspecified.
+	 * 
+	 * @param position
+	 *            the position to set the file to
+	 * @throws UncheckedIOException
+	 *             if an {@link IOException} occurs
+	 */
+	void position(long position) throws UncheckedIOException;
+
+	/**
+	 * <p>
+	 * Closes this {@code WritableFile} which finally commits all operations
+	 * performed on it to the underlying file system.
+	 * <p>
+	 * After a {@code WritableFile} has been closed all other operations will
+	 * throw an {@link UncheckedIOException}.
+	 * <p>
+	 * Invoking this method on a {@link WritableFile} which has already been
+	 * closed does nothing.
+	 */
+	@Override
+	void close() throws UncheckedIOException;
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/delegating/DelegatingFile.java

@@ -0,0 +1,77 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.filesystem.delegating;
+
+import java.io.UncheckedIOException;
+import java.util.Optional;
+
+import org.cryptomator.filesystem.File;
+import org.cryptomator.filesystem.ReadableFile;
+import org.cryptomator.filesystem.WritableFile;
+
+public abstract class DelegatingFile<D extends DelegatingFolder<D, ?>> extends DelegatingNode<File>implements File {
+
+	private final D parent;
+
+	public DelegatingFile(D parent, File delegate) {
+		super(delegate);
+		this.parent = parent;
+	}
+
+	@Override
+	public Optional<D> parent() throws UncheckedIOException {
+		return Optional.of(parent);
+	}
+
+	@Override
+	public ReadableFile openReadable() throws UncheckedIOException {
+		return delegate.openReadable();
+	}
+
+	@Override
+	public WritableFile openWritable() throws UncheckedIOException {
+		return delegate.openWritable();
+	}
+
+	@Override
+	public void copyTo(File destination) {
+		if (getClass().equals(destination.getClass())) {
+			final File delegateDest = ((DelegatingFile<?>) destination).delegate;
+			delegate.copyTo(delegateDest);
+		} else {
+			delegate.copyTo(destination);
+		}
+	}
+
+	@Override
+	public void moveTo(File destination) {
+		if (getClass().equals(destination.getClass())) {
+			final File delegateDest = ((DelegatingFile<?>) destination).delegate;
+			delegate.moveTo(delegateDest);
+		} else {
+			throw new IllegalArgumentException("Can only move DelegatingFile to other DelegatingFile.");
+		}
+	}
+
+	@Override
+	public void delete() throws UncheckedIOException {
+		delegate.delete();
+	}
+
+	@Override
+	public int compareTo(File o) {
+		if (getClass().equals(o.getClass())) {
+			final File delegateOther = ((DelegatingFile<?>) o).delegate;
+			return delegate.compareTo(delegateOther);
+		} else {
+			return delegate.compareTo(o);
+		}
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/delegating/DelegatingFileSystem.java

@@ -0,0 +1,22 @@
+package org.cryptomator.filesystem.delegating;
+
+import java.util.Optional;
+
+import org.cryptomator.filesystem.FileSystem;
+import org.cryptomator.filesystem.Folder;
+
+public interface DelegatingFileSystem extends FileSystem {
+
+	Folder getDelegate();
+
+	@Override
+	default Optional<Long> quotaUsedBytes() {
+		return getDelegate().fileSystem().quotaUsedBytes();
+	}
+
+	@Override
+	default Optional<Long> quotaAvailableBytes() {
+		return getDelegate().fileSystem().quotaAvailableBytes();
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/delegating/DelegatingFolder.java

@@ -0,0 +1,100 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.filesystem.delegating;
+
+import java.io.UncheckedIOException;
+import java.util.Optional;
+import java.util.stream.Stream;
+
+import org.cryptomator.common.WeakValuedCache;
+import org.cryptomator.common.streams.AutoClosingStream;
+import org.cryptomator.filesystem.File;
+import org.cryptomator.filesystem.Folder;
+import org.cryptomator.filesystem.Node;
+
+public abstract class DelegatingFolder<D extends DelegatingFolder<D, F>, F extends DelegatingFile<D>> extends DelegatingNode<Folder>implements Folder {
+
+	private final D parent;
+	private final WeakValuedCache<Folder, D> folders = WeakValuedCache.usingLoader(this::newFolder);
+	private final WeakValuedCache<File, F> files = WeakValuedCache.usingLoader(this::newFile);
+
+	public DelegatingFolder(D parent, Folder delegate) {
+		super(delegate);
+		this.parent = parent;
+	}
+
+	@Override
+	public Optional<D> parent() throws UncheckedIOException {
+		return Optional.ofNullable(parent);
+	}
+
+	@Override
+	public Stream<? extends Node> children() throws UncheckedIOException {
+		return AutoClosingStream.from(Stream.concat(folders(), files()));
+	}
+
+	@Override
+	public Stream<D> folders() {
+		return delegate.folders().map(folders::get);
+	}
+
+	@Override
+	public Stream<F> files() throws UncheckedIOException {
+		return delegate.files().map(files::get);
+	}
+
+	@Override
+	public F file(String name) throws UncheckedIOException {
+		return files.get(delegate.file(name));
+	}
+
+	protected abstract F newFile(File delegate);
+
+	@Override
+	public D folder(String name) throws UncheckedIOException {
+		return folders.get(delegate.folder(name));
+	}
+
+	protected abstract D newFolder(Folder delegate);
+
+	@Override
+	public void create() throws UncheckedIOException {
+		if (exists()) {
+			return;
+		}
+		parent().ifPresent(p -> p.create());
+		delegate.create();
+	}
+
+	@Override
+	public void delete() {
+		delegate.delete();
+	}
+
+	@Override
+	public void copyTo(Folder destination) throws UncheckedIOException {
+		if (destination instanceof DelegatingFolder) {
+			final Folder delegateDest = ((DelegatingFolder<?, ?>) destination).delegate;
+			delegate.copyTo(delegateDest);
+		} else {
+			throw new IllegalArgumentException("Can only copy DelegatingFolder to other DelegatingFolder.");
+		}
+	}
+
+	@Override
+	public void moveTo(Folder destination) {
+		if (getClass().equals(destination.getClass())) {
+			final Folder delegateDest = ((DelegatingFolder<?, ?>) destination).delegate;
+			delegate.moveTo(delegateDest);
+		} else {
+			throw new IllegalArgumentException("Can only move DelegatingFolder to other DelegatingFolder.");
+		}
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/delegating/DelegatingNode.java

@@ -0,0 +1,78 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.filesystem.delegating;
+
+import java.io.UncheckedIOException;
+import java.time.Instant;
+import java.util.Optional;
+
+import org.cryptomator.filesystem.Node;
+
+public abstract class DelegatingNode<T extends Node> implements Node {
+
+	protected final T delegate;
+
+	public DelegatingNode(T delegate) {
+		if (delegate == null) {
+			throw new IllegalArgumentException("Delegate must not be null");
+		}
+		this.delegate = delegate;
+	}
+
+	@Override
+	public String name() throws UncheckedIOException {
+		return delegate.name();
+	}
+
+	@Override
+	public boolean exists() throws UncheckedIOException {
+		return delegate.exists();
+	}
+
+	@Override
+	public Instant lastModified() throws UncheckedIOException {
+		return delegate.lastModified();
+	}
+
+	@Override
+	public void setLastModified(Instant instant) throws UncheckedIOException {
+		delegate.setLastModified(instant);
+	}
+
+	@Override
+	public Optional<Instant> creationTime() throws UncheckedIOException {
+		return delegate.creationTime();
+	}
+
+	@Override
+	public void setCreationTime(Instant instant) throws UncheckedIOException {
+		delegate.setCreationTime(instant);
+	}
+
+	@Override
+	public int hashCode() {
+		return delegate.hashCode();
+	}
+
+	@Override
+	public boolean equals(Object obj) {
+		if (obj instanceof DelegatingNode) {
+			DelegatingNode<?> other = (DelegatingNode<?>) obj;
+			return this.delegate.equals(other.delegate);
+		} else {
+			return false;
+		}
+	}
+
+	@Override
+	public String toString() {
+		return "Delegate[" + delegate + "]";
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/delegating/DelegatingReadableFile.java

@@ -0,0 +1,49 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.filesystem.delegating;
+
+import java.io.UncheckedIOException;
+import java.nio.ByteBuffer;
+
+import org.cryptomator.filesystem.ReadableFile;
+
+public class DelegatingReadableFile implements ReadableFile {
+
+	private final ReadableFile delegate;
+
+	public DelegatingReadableFile(ReadableFile delegate) {
+		this.delegate = delegate;
+	}
+
+	@Override
+	public boolean isOpen() {
+		return delegate.isOpen();
+	}
+
+	@Override
+	public int read(ByteBuffer target) throws UncheckedIOException {
+		return delegate.read(target);
+	}
+
+	@Override
+	public long size() throws UncheckedIOException {
+		return delegate.size();
+	}
+
+	@Override
+	public void position(long position) throws UncheckedIOException {
+		delegate.position(position);
+	}
+
+	@Override
+	public void close() throws UncheckedIOException {
+		delegate.close();
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/delegating/DelegatingWritableFile.java

@@ -0,0 +1,49 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.filesystem.delegating;
+
+import java.io.UncheckedIOException;
+import java.nio.ByteBuffer;
+
+import org.cryptomator.filesystem.WritableFile;
+
+public class DelegatingWritableFile implements WritableFile {
+
+	final WritableFile delegate;
+
+	public DelegatingWritableFile(WritableFile delegate) {
+		this.delegate = delegate;
+	}
+
+	@Override
+	public boolean isOpen() {
+		return delegate.isOpen();
+	}
+
+	@Override
+	public void truncate() throws UncheckedIOException {
+		delegate.truncate();
+	}
+
+	@Override
+	public int write(ByteBuffer source) throws UncheckedIOException {
+		return delegate.write(source);
+	}
+
+	@Override
+	public void position(long position) throws UncheckedIOException {
+		delegate.position(position);
+	}
+
+	@Override
+	public void close() throws UncheckedIOException {
+		delegate.close();
+	}
+
+}

main/filesystem-api/src/main/java/org/cryptomator/filesystem/package-info.java

@@ -0,0 +1,13 @@
+/*******************************************************************************
+ * Copyright (c) 2015 Sebastian Stenzel and others.
+ * This file is licensed under the terms of the MIT license.
+ * See the LICENSE.txt file for more info.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+/**
+ * Defines a file system abstraction to allow access to real and virtual file
+ * systems through a common API.
+ */
+package org.cryptomator.filesystem;