Reserve enough space for GCM tag in TZ backend

Change-Id: I36f9718cfdc37f7fdac1e47fc056aeaabdeee242

diff --git a/src/manager/crypto/tz-backend/tz-context.cpp b/src/manager/crypto/tz-backend/tz-context.cpp
index 1359258..3cf5702 100644 (file)
--- a/src/manager/crypto/tz-backend/tz-context.cpp
+++ b/src/manager/crypto/tz-backend/tz-context.cpp
@@ -50,6 +50,9 @@ namespace {
 // whatever TA will return us.
 const uint32_t CIPHER_EXTRA_PADDING_SIZE = 16;
 
+// Maximum size of GCM tag in bytes.
+const size_t MAX_GCM_TAG_SIZE = 16;
+
 // Identifier of our TA
 const TEEC_UUID KEY_MANAGER_TA_UUID = KM_TA_UUID;
 
@@ -547,7 +550,7 @@ RawBuffer TrustZoneContext::finalizeGcmCipher(uint32_t opId,
        sIn.Serialize(inMemory);
 
        TZSerializer sOut;
-       sOut.Push(new TZSerializableBinary(data.size()));
+       sOut.Push(new TZSerializableBinary(MAX_GCM_TAG_SIZE, false));
        TrustZoneMemory outMemory(m_Context, sOut.GetSize(), TEEC_MEM_OUTPUT);
 
        TEEC_Operation op = makeOp(TEEC_VALUE_INOUT, inMemory, outMemory);