Validate IpSecAlgorithm Length

Improve the Validation of IpSecAlgorithm by
explicitly checking the length in addition to
the truncation length (previously an oversight).
In addition, we now check the lengths during
un-parceling, which will catch someone maliciously
manually building a parcel and passing it, bypassing
the checks in the constructor.

Bug: 68780091
Test: runtest -x IpSecAlgorithmTest.java
Change-Id: I8172762617264d34f47d5144336464510f07a701

tests/net/java/android/net/IpSecConfigTest.java

@@ -71,7 +71,7 @@ public class IpSecConfigTest {
         c.setAuthentication(
                 IpSecTransform.DIRECTION_OUT,
                 new IpSecAlgorithm(
-                        IpSecAlgorithm.AUTH_HMAC_SHA1,
+                        IpSecAlgorithm.AUTH_HMAC_MD5,
                         new byte[] {1, 2, 3, 4, 5, 6, 7, 8, 9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF, 0}));
         c.setSpiResourceId(IpSecTransform.DIRECTION_OUT, 1984);
         c.setEncryption(
@@ -82,7 +82,7 @@ public class IpSecConfigTest {
         c.setAuthentication(
                 IpSecTransform.DIRECTION_IN,
                 new IpSecAlgorithm(
-                        IpSecAlgorithm.AUTH_HMAC_SHA1,
+                        IpSecAlgorithm.AUTH_HMAC_MD5,
                         new byte[] {1, 2, 3, 4, 5, 6, 7, 8, 9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF, 1}));
         c.setSpiResourceId(IpSecTransform.DIRECTION_IN, 99);
         assertParcelingIsLossless(c);