diff -r 6518b035a9df -r 03076907b58a libidav/utils.c
--- a/libidav/utils.c	Tue Mar 18 13:59:02 2014 +0100
+++ b/libidav/utils.c	Thu Jun 05 15:11:29 2014 +0200
@@ -32,6 +32,7 @@
 #include <string.h>
 #include <ucx/string.h>
 #include <ucx/buffer.h>
+#include <ucx/utils.h>
 #include <libxml/tree.h>
 #include <curl/curl.h>
 
@@ -40,8 +41,10 @@
 #include <openssl/evp.h>
 #include <openssl/bio.h>
 #include <openssl/buffer.h>
+#include <openssl/rand.h>
 
 #include "utils.h"
+#include "crypto.h"
 #include "webdav.h"
 
 
@@ -175,14 +178,21 @@
     return url.ptr;
 }
 
-void util_set_url(DavSession *sn, char *path) {
-    if(path) {
-        char *url = util_path_to_url(sn, path);
-        curl_easy_setopt(sn->handle, CURLOPT_URL, url);
-        free(url);
-    } else {
-        curl_easy_setopt(sn->handle, CURLOPT_URL, sn->base_url);
-    }
+void util_set_url(DavSession *sn, char *href) {
+    sstr_t base = sstr(sn->base_url);
+    sstr_t href_str = sstr(href);
+    
+    char *base_path = util_url_path(sn->base_url);
+    base.length -= strlen(base_path);
+    
+    sstr_t url;
+    url.length = base.length + href_str.length;
+    url.ptr = malloc(url.length + 1);
+    url.ptr[url.length] = '\0';
+    url = sstrncat(url, 2, base, href_str);
+    
+    curl_easy_setopt(sn->handle, CURLOPT_URL, url);
+    free(url.ptr);
 }
 
 char* util_path_to_url(DavSession *sn, char *path) {
@@ -200,7 +210,6 @@
     for(int i=0;i<ntk;i++) {
         sstr_t node = tks[i];
         if(node.length > 0) {
-            // TODO: implement file name encryption
             char *esc = curl_easy_escape(sn->handle, node.ptr, node.length);
             ucx_buffer_putc(url, '/');
             ucx_buffer_write(esc, 1, strlen(esc), url);
@@ -286,6 +295,51 @@
     return out;
 }
 
+char* util_encrypt_str(DavSession *sn, char *str, char *key) {
+    DavKey *k = dav_context_get_key(sn->context, key);
+    if(!k) {
+        // TODO: session error
+        return NULL;
+    }
+    
+    char *enc_str = aes_encrypt(str, k);
+    char *ret_str = dav_session_strdup(sn, enc_str);
+    free(enc_str);
+    return ret_str;
+}
+
+char* util_decrypt_str(DavSession *sn, char *str, char *key) {
+    DavKey *k = dav_context_get_key(sn->context, key);
+    if(!k) {
+        // TODO: session error
+        return NULL;
+    }
+    
+    char *dec_str = aes_decrypt(str, k);
+    char *ret_str = dav_session_strdup(sn, dec_str);
+    free(dec_str);
+    return ret_str;
+}
+
+char* util_random_str() {
+    unsigned char *str = malloc(25);
+    str[24] = '\0';
+    
+    sstr_t t = S(
+            "01234567890"
+            "abcdefghijklmnopqrstuvwxyz"
+            "ABCDEFGHIJKLMNOPQRSTUVWXYZ");
+    const unsigned char *table = (const unsigned char*)t.ptr;
+    
+    RAND_pseudo_bytes(str, 24);
+    for(int i=0;i<24;i++) {
+        int c = str[i] % t.length;
+        str[i] = table[c];
+    }
+    
+    return (char*)str;
+}
+
 /*
  * gets a substring from 0 to the appearance of the token
  * tokens are separated by space