+ std::size_t chunkSize = (fileSize > kEncryptionChunkMaxSize
+ ? kEncryptionChunkMaxSize : fileSize);
+
+ std::unique_ptr<unsigned char[]> inChunk(new unsigned char[chunkSize]);
+ std::size_t bytesRead = 0;
+
+ do {
+ bytesRead = ReadBytes(inChunk.get(), chunkSize, input);
+ if (0 != bytesRead) {
+ unsigned char* encrypted_data = nullptr;
+ size_t encrypted_size = 0;
+ // TODO(p.sikorski) check if it is Preloaded
+ int ret;
+ if (context_->request_mode.get() == common_installer::RequestMode::GLOBAL) {
+ ret = wae_encrypt_global_web_application(
+ context_->pkgid.get().c_str(),
+ context_->is_preload_request.get() ?
+ true : false,
+ inChunk.get(),
+ (size_t)bytesRead,
+ &encrypted_data,
+ &encrypted_size);
+ } else {
+ ret = wae_encrypt_web_application(
+ context_->uid.get(),
+ context_->pkgid.get().c_str(),
+ inChunk.get(),
+ (size_t)bytesRead,
+ &encrypted_data,
+ &encrypted_size);
+ }
+
+ if (WAE_ERROR_NONE != ret) {
+ LOG(ERROR) << "Error during encrypting:";
+ switch (ret) {
+ case WAE_ERROR_INVALID_PARAMETER:
+ LOG(ERROR) << "WAE_ERROR_INVALID_PARAMETER";
+ break;
+ case WAE_ERROR_PERMISSION_DENIED:
+ LOG(ERROR) << "WAE_ERROR_PERMISSION_DENIED";
+ break;
+ case WAE_ERROR_NO_KEY:
+ LOG(ERROR) << "WAE_ERROR_NO_KEY";
+ break;
+ case WAE_ERROR_KEY_MANAGER:
+ LOG(ERROR) << "WAE_ERROR_KEY_MANAGER";
+ break;
+ case WAE_ERROR_CRYPTO:
+ LOG(ERROR) << "WAE_ERROR_CRYPTO";
+ break;
+ case WAE_ERROR_UNKNOWN:
+ LOG(ERROR) << "WAE_ERROR_UNKNOWN";
+ break;
+ default:
+ LOG(ERROR) << "UNKNOWN";
+ break;
+ }
+ fclose(output);
+ fclose(input);
+ return false;
+ }
+
+ if (encrypted_size <= 0) {
+ LOG(ERROR) << "Encryption Failed using TrustZone";
+ fclose(output);
+ fclose(input);
+ return false;
+ }
+
+ std::stringstream toString;
+ toString << encrypted_size;
+
+ WriteBytes((unsigned char*)toString.str().c_str(), sizeof(int), output);
+ WriteBytes((unsigned char*)encrypted_data, encrypted_size, output);
+ free(encrypted_data);
+ }
+ inChunk.reset(new unsigned char[chunkSize]);
+
+ } while (!std::feof(input));
+
+ fclose(output);
+ fclose(input);
+
+ LOG(DEBUG) << "File encrypted successfully";
+ if (0 != unlink(src.string().c_str())) {