Verify token length before adb signs it

Currently, a host running adb will sign a token of any length passed
to it by a device, effectively acting as a signing oracle. If the
ADB_VENDOR_KEYS environment variable is used to specify an additional
key to use, this behavior is not only unexpected, but probably also
unwanted. Further discussion can be found from this thread:

  http://www.metzdowd.com/pipermail/cryptography/2015-January/024423.html

This change adds a check to ensure token length matches TOKEN_SIZE
before it's signed, which prevents an attacker from signing longer
messages.

Change-Id: I7b2cc1f051941bf9b66e1c02980850bede501793

0 files changed, 0 insertions, 0 deletions